CROSS: a framework for cyber risk optimisation in smart homes
Zhang, Yunxiao, Malacaria, Pasquale, Loukas, George ORCID: 0000-0003-3559-5182 and Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 (2023) CROSS: a framework for cyber risk optimisation in smart homes. Computers and Security, 130:103250. pp. 1-15. ISSN 0167-4048 (doi:https://doi.org/10.1016/j.cose.2023.103250)
|
PDF (VoR)
41498_PANAOUSIS_CROSS_A_framework_for_cyber_risk_optimisation_in_smart_homes.pdf - Published Version Available under License Creative Commons Attribution. Download (1MB) | Preview |
Abstract
This work introduces a decision support framework, called Cyber Risk Optimiser for Smart homeS (CROSS), which advises both smart home users and smart home service providers on how to select an optimal portfolio of cyber security controls to counteract cyber attacks in a smart home including traditional cyber attacks and adversarial machine learning attacks. CROSS is based on a multi-objective bi-level two-stage optimisation. In stage-one optimisation, the problem is modelled as a multi-leader-follower game that considers both security and economic objectives, where the provider selects a security portfolio to protect both itself and its users, while rational attackers target the weakest path. Stage-two optimisation is a Stackelberg security game that focuses on additional user security controls under the remit of smart home users. While CROSS can potentially be applied to other similar use cases, in this paper, our aim is to address threats against artificial intelligence (AI) applications as the use of AI in smart Internet of Things (IoT) devices introduces new cyber threats to home environments. Specifically, we have implemented and assessed CROSS in a smart heating use case in a prototypical AI-enabled IoT environment that combines characteristics and vulnerabilities currently present on existing commercial off-the-shelf (COTS) devices, demonstrating the selection of optimal decisions.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | smart home security; mathematical optimisation; security controls; IoT; artificial intelligence |
Subjects: | Q Science > Q Science (General) Q Science > QA Mathematics Q Science > QA Mathematics > QA76 Computer software |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
Last Modified: | 17 May 2024 14:18 |
URI: | http://gala.gre.ac.uk/id/eprint/41498 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year