Adaptive edge security framework for dynamic IoT security policies in diverse environments

IF 4.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2024-09-21 DOI:10.1016/j.cose.2024.104128
Malka N. Halgamuge , Dusit Niyato
{"title":"Adaptive edge security framework for dynamic IoT security policies in diverse environments","authors":"Malka N. Halgamuge ,&nbsp;Dusit Niyato","doi":"10.1016/j.cose.2024.104128","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid expansion of Internet of Things (IoT) technologies has introduced significant cybersecurity challenges, particularly at the network edge where IoT devices operate. Traditional security policies designed for static environments fall short of addressing the dynamic, heterogeneous, and resource-constrained nature of IoT ecosystems. Existing dynamic security policy models lack versatility and fail to fully integrate comprehensive risk assessments, regulatory compliance, and AI/ML (artificial intelligence/machine learning)-driven adaptability. We develop a novel adaptive edge security framework that dynamically generates and adjusts security policies for IoT edge devices. Our framework integrates a dynamic security policy generator, a conflict detection and resolution in policy generator, a bias-aware risk assessment system, a regulatory compliance analysis system, and an AI-driven adaptability integration system. This approach produces tailored security policies that adapt to changes in the threat landscape, regulatory requirements, and device statuses. Our study identifies critical security challenges in diverse IoT environments and demonstrates the effectiveness of our framework through simulations and real-world scenarios. We found that our framework significantly enhances the adaptability and resilience of IoT security policies. Our results demonstrate the potential of AI/ML integration in creating responsive and robust security measures for IoT ecosystems. The implications of our findings suggest that dynamic and adaptive security frameworks are essential for protecting IoT devices against evolving cyber threats, ensuring compliance with regulatory standards, and maintaining the integrity and availability of IoT services across various applications.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104128"},"PeriodicalIF":4.8000,"publicationDate":"2024-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004334","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The rapid expansion of Internet of Things (IoT) technologies has introduced significant cybersecurity challenges, particularly at the network edge where IoT devices operate. Traditional security policies designed for static environments fall short of addressing the dynamic, heterogeneous, and resource-constrained nature of IoT ecosystems. Existing dynamic security policy models lack versatility and fail to fully integrate comprehensive risk assessments, regulatory compliance, and AI/ML (artificial intelligence/machine learning)-driven adaptability. We develop a novel adaptive edge security framework that dynamically generates and adjusts security policies for IoT edge devices. Our framework integrates a dynamic security policy generator, a conflict detection and resolution in policy generator, a bias-aware risk assessment system, a regulatory compliance analysis system, and an AI-driven adaptability integration system. This approach produces tailored security policies that adapt to changes in the threat landscape, regulatory requirements, and device statuses. Our study identifies critical security challenges in diverse IoT environments and demonstrates the effectiveness of our framework through simulations and real-world scenarios. We found that our framework significantly enhances the adaptability and resilience of IoT security policies. Our results demonstrate the potential of AI/ML integration in creating responsive and robust security measures for IoT ecosystems. The implications of our findings suggest that dynamic and adaptive security frameworks are essential for protecting IoT devices against evolving cyber threats, ensuring compliance with regulatory standards, and maintaining the integrity and availability of IoT services across various applications.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
适用于多样化环境中动态物联网安全策略的自适应边缘安全框架
物联网(IoT)技术的快速发展带来了巨大的网络安全挑战,尤其是在物联网设备运行的网络边缘。为静态环境设计的传统安全策略无法应对物联网生态系统的动态、异构和资源受限等特性。现有的动态安全策略模型缺乏多功能性,未能充分整合全面的风险评估、监管合规性和人工智能/机器学习(AI/ML)驱动的适应性。我们开发了一种新型自适应边缘安全框架,可为物联网边缘设备动态生成和调整安全策略。我们的框架集成了动态安全策略生成器、策略生成器中的冲突检测和解决、偏差感知风险评估系统、法规合规性分析系统和人工智能驱动的适应性集成系统。这种方法可生成量身定制的安全策略,以适应威胁环境、监管要求和设备状态的变化。我们的研究确定了不同物联网环境中的关键安全挑战,并通过模拟和真实场景展示了我们框架的有效性。我们发现,我们的框架大大增强了物联网安全策略的适应性和弹性。我们的研究结果表明,人工智能/移动语言的整合在为物联网生态系统创建反应灵敏、稳健的安全措施方面具有潜力。我们的研究结果表明,动态和自适应安全框架对于保护物联网设备免受不断变化的网络威胁、确保符合监管标准以及在各种应用中维护物联网服务的完整性和可用性至关重要。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
Beyond the sandbox: Leveraging symbolic execution for evasive malware classification Trust my IDS: An explainable AI integrated deep learning-based transparent threat detection system for industrial networks PdGAT-ID: An intrusion detection method for industrial control systems based on periodic extraction and spatiotemporal graph attention Dynamic trigger-based attacks against next-generation IoT malware family classifiers Assessing cybersecurity awareness among bank employees: A multi-stage analytical approach using PLS-SEM, ANN, and fsQCA in a developing country context
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1