An approach to choosing protection mechanisms for personal Internet of Things devices based on a mathematical model with two criteria

Knyazev Maxim Andreevich ORCID: 0009-0007-3931-7442 Postgraduate student; Department of Information Security ; MIREA – Russian Technological University, Institute of Artificial Intelligence 78 Vernadsky Ave., Moscow, 119454, Russia maxiknyaz@mail.ru Shabrova Anna Sergeevna ORCID: 0009-0009-1675-1558 Student; Department of Information Security; Bauman Moscow State Technical University 5, 2nd Baumanskaya str., building 4, Moscow, 105005, Russia shabrova.anna.2410@list.ru

Kryuchkov Andrey Andreevich ORCID: 0009-0002-4750-6204 Senior Lecturer; Department of Information Security; MIREA – Russian Technological University 78 Vernadsky Ave., Moscow, 119454, Russia kryuchkov_a@mirea.ru

introduction

In the modern world, one of the most dynamically developing areas is the Internet of Things (IoT) ^[1]. Most average users regularly interact with portable smart devices, ranging from fitness trackers to headphones with wireless data transmission. Such devices belong to the class of personal Internet of Things (PIoT) ^[2]. The number of brands under which they are developed and distributed is growing rapidly. Despite the advantages ^[3], IoT and PIoT devices retain a number of vulnerabilities, thereby creating opportunities for various types of attacks, which underscores the need to develop effective security methods.

The approach proposed in this article to choosing protection mechanisms for personal Internet of Things devices may be useful for conducting further research in the field of protection of such devices, as well as for reviewing and modernizing existing approaches to ensuring the security of data processed within PIoT systems.

The purpose of the research is to develop a methodology for ensuring the security of portable devices, in particular, and Internet of Things devices in general.

THE CURRENT STATE OF INFORMATION SECURITY IN THE SEGMENT OF PERSONAL INTERNET OF THINGS DEVICES

The relevance of the current study is due to the rapid growth in the number of PIoT devices, which contributes to an increase in the number of potential threats to users' personal data and the expansion of a variety of methods and technologies used to carry out attacks on similar classes and systems of devices ^[4]. In modern realities, there is a need for continuous updating and strengthening of security measures for portable smart devices in order to protect consumers from existing and newly identified threats ^[5].

An IoT Analytics study conducted in 2023 demonstrated a 21.5% increase in spending by manufacturers of consumer electronics in the Internet of Things segment compared to the previous year, which was also accompanied by an increase in incidents involving PIoT devices^[1]. According to Statista forecasts, by 2030 the number of smart devices will exceed 29 billion^[2]. According to an Omdia study from February 2024, the number of IoT devices with eSIM technology has already exceeded 1 billion, and most of them belong to the segment of the personal Internet of Things. It is expected that by 2030 their number will increase by more than 3.5 times, reaching about 13% of the total number of Internet of Things devices^[3]. Consumer demand for smart devices is growing by 18% annually^[4].

Research in the field of IoT and PIoT security confirms the need to develop new integrated approaches to security and create a legal framework for regulating this segment. HP experts who conducted research on the security of Internet of Things devices in 2014 concluded that there are no fully secure IoT systems, and the devices themselves are vulnerable to targeted attacks^[5]. In October 2017, the European Commission proposed mandatory certification for Internet of Things devices to make it more difficult for hackers to create botnets based on them^[6]. In 2023, Kaspersky Digital Footprint Intelligence analysts recorded more than 700 offers on the darknet for conducting DDoS attacks using IoT botnets, as well as services for hacking IoT devices and selling malicious software^[7].

In January 2020, the UK government published a bill aimed at protecting IoT devices^[8]. Minister of Digital Technologies Matt Workman noted that this act obliges manufacturers to take into account the actions of intruders to protect the privacy and security of users. In 2022, the United Kingdom became the first country to adopt a law^[9] on the safety of consumer IoT devices. Similar bills are being considered in Russia, China, and the United States. In the European Union, comprehensive work on the modernization of existing legislation regulating IoT and PIoT is planned for 2024^[10].

The studies and draft laws outlined above indicate an increased interest in the IoT issue both from experts in the field of information security and from the position of government agencies in the context of legal regulation of this area ^[6].

ENSURING THE SECURITY OF PERSONAL INTERNET OF THINGS DEVICES

In the modern realities of the market, the main focus in the development of consumer electronics, including smart devices, is carried out by commercial enterprises, the main purpose of which is financial gain and profit increment. In these conditions, optimal management of their own resources is an important need for manufacturing companies, which must also be taken into account when ensuring the security of IoT and PIoT devices.

The authors of the article are convinced that in addition to the obvious need for legal regulation of the IoT segment through the formation of a competent legislative framework, it is impossible to exclude the most effective allocation of existing organizational resources for the implementation of protection mechanisms for manufactured devices. It is assumed that the requirements of the legislation should be met when developing a list of affordable and universal protection mechanisms in order to optimize the time, financial and intellectual costs allocated for their provision and integration.

Based on this factor, the authors solved the following tasks of the research approach to ensuring the security of PIoT devices:

- criteria for evaluating protection mechanisms have been defined;

- the analysis and collection of data on the developed device is carried out;

- a threat and intruder model has been formed;

- protection mechanisms are defined;

- a ranking of protection mechanisms was carried out in accordance with the criteria introduced;

- the highest priority protection mechanisms have been implemented.

These tasks include ensuring security from the current legislation and optimizing the process of selecting protection mechanisms for PIoT devices by developing a mathematical model for determining protection mechanisms with criteria for the complexity of implementation and universality of protection mechanisms ^[7]. In the context under consideration, the use of these two criteria ^[8] is due to the most accurate and broad coverage, as well as the definition of optimal and effective protection mechanisms in the case when it is possible to assert the correctness and completeness of the parameters set by the developer during the construction of a mathematical model. Let's look at each task in more detail.

CRITERIA FOR SELECTING PROTECTION MECHANISMS

The main criteria for the priority of protection mechanisms can be determined by:

- versatility of the protection mechanism;

- the complexity of the mechanism implementation.

The versatility of the protection mechanism reflects its ability to simultaneously meet the requirements of a larger number of protection measures. The complexity of the implementation of each mechanism is assessed in comparison with previously defined mechanisms, since this indicator is an exclusively subjective value.

In order to further rank the mechanisms, it is proposed to use the dialog method when selecting a combination of mechanisms to ensure security within the limits of the cost and resource protection parameters of the organization developing personal Internet of Things devices.

DEVICE ANALYSIS AND THREAT AND INTRUDER MODELING

The next solvable task of ensuring the security of PIoT and IoT devices is to conduct a preliminary analysis of the device under study. As part of this analysis, it is necessary to take into account such tactical and technical characteristics of IoT devices as a family of microcontrollers that act as the main control element of the system, auxiliary modules and expansion boards that are the most vulnerable components of IoT devices, as well as software components and libraries, the study of which can provide important information about possible vulnerabilities of the device software.

One of the most common families of microcontrollers chosen by developers of IoT solutions are STM32 and ARM Cortex-M0. Having information about the architecture of the system's control elements can provide information about potential hardware vulnerabilities and how to exploit them. For example, vulnerabilities related to debugging interfaces and memory protection mechanisms are known in STM32 microcontrollers ^[9].

Additional modules of the device, such as Bluetooth, Wi-Fi, NFC and other receiving and transmitting devices, can serve as entry points for intruders into the system. Currently, there are known vulnerabilities in Bluetooth Low Energy technology that allow data interception with subsequent unauthorized access ^[10].

Software, firmware versions, and libraries used are among the most informative sources of information about existing security flaws in a PIoT device. The use of outdated or vulnerable versions of libraries can lead to the exploitation of Heartbleed in OpenSSL and other known vulnerabilities ^[11].

The next task is to form a threat and intruder model. Based on the methodological document^[11], the threat model should include:

- Description of the system;

- Identification of potential threats;

- Classification of the violator;

- Identifying potential vulnerabilities;

- Ways to implement threats;

- Assessment of the consequences of violating information security properties;

- Assessment of the consequences of a violation of the normal mode of operation.

Most of the information collected at the first stage of the proposed approach is necessary to form a threat model, which is officially regulated by the regulatory authority in the field of information security, the FSTEC^[12], in order to further describe the threats for each individual level of the system.

Based on the threats and classification of the attacker defined in the threat and intruder model, it is necessary to form protection mechanisms. It is worth clarifying that the protection mechanisms are not protective measures existing under the Order of the FSTEC of Russia No. 21 dated 02/18/2013^[13]. Information security measures determine the type and method of protection, while the protection mechanism implies a specific approach to security.

Thus, based on the security method defined by the protection measure, a mechanism should be proposed that can fully meet its requirements, depending on the functionality and concept of the Internet of Things device being developed.

The approach to security proposed by the authors implies the definition of protection mechanisms directly by experts of the organization developing Internet of Things devices. This is due to the fact that it is impossible to propose universal, specific mechanisms, since their definition directly depends on the functional and other features of the product being produced, as well as on the information contained in the threat model and the intruder. At the same time, it is important to understand that this process can have a positive impact on the universality of protection, since the same mechanism can overlap more than one measure at the same time. It also opens up the possibility to identify several mechanisms for the implementation of a single measure, with further selection of the most effective one through a mathematical model.

A MATHEMATICAL MODEL FOR DETERMINING PROTECTION MECHANISMS

The next task is to develop a mathematical model for evaluating protection mechanisms based on a system of two criteria, which reduces the subjectivity factor in decision-making and ensures a rational allocation of the manufacturer's resources. The model takes into account the effectiveness of protection mechanisms in countering threats and the complexity of their implementation.

It is proposed to introduce the following sets:

1. – a set of protection mechanisms that can be compared with the protection measures from the threat model to ensure the security of the device. The elements of this set are necessary for further determining the complexity of implementing protection mechanisms and assessing the likelihood of preventing a potential attack on the device.;

2. – Multiple security threats identified in the threat model. Based on the elements of this set, an assessment of the damage to the user of the device is performed.;

3. – A variety of developer resources that are necessary to determine and evaluate the security capabilities of the device;

4. There are many factors that require the implementation of certain protection mechanisms.

The following parameters are entered for sets:

1. – assessment of damage to the user of the IoT device in case of successful implementation of the mth threat.

2. – the probability (or possibility) of the appearance of the jth attack (threat realization) on the IoT device.

3. – the probability (or possibility from the point of view of fuzzy sets) of preventing the jth attack (threat realization) using the nth mechanism.

4. – numerical estimation of the complexity of the implementation of the nth mechanism.

5. – numerical assessment of the possibilities for the implementation of the nth mechanism.

6. – the maximum "amount" of l-th resources (financial, technical, human, professional, temporary, intellectual) that the developer is willing to allocate to ensure the security of the IoT device.

7. is a Boolean matrix specifying the factors of the need to implement a certain mechanism to implement a protection measure from the threat model and the intruder: if the nth mechanism ensures the fulfillment of the kth factor of the need for implementation, otherwise.

The complexity of the implementation of each protection mechanism is assessed based on the expert assessment of the development team. An assessment of the possibilities for implementing protection mechanisms is carried out for each resource from the set of developer resources. The maximum amount of resources is set by the developer and reflects the maximum amount of each resource that the organization is willing to allocate to ensure the security of the device.

Let's introduce a logical variable such that if the nth mechanism is used for protection, otherwise. As a result, a vector is formed .

It is proposed to introduce the following conditions, which are set for the entered criteria:

1. The universality assessment is a measurement of the ability of a protection mechanism to simultaneously meet multiple protection measures.:

(1)

This criterion must be maximized.

2. The complexity of the implementation of the protection mechanisms used:

. (2)

This criterion should be minimized.

At the same time, restrictions are introduced:

- for the use of resources:

(3)

- the factors of the need to implement the mechanism (implementation of protection measures from the threat model and the intruder):

. (4)

The limitation on the use of resources (3) exists for the reason that it is an estimate of the amount of resource required to implement the mechanism, and it is the maximum amount of this resource that is available to the developer. This condition ensures that the total cost of the selected protection mechanisms will not exceed the available resources.

The restriction on the fulfillment of the factors of the need to implement the mechanism (4) implies that for each factor from the set representing the requirement for the protection mechanism, at least one mechanism must be involved to ensure the fulfillment of this factor. This condition is necessary to ensure that all security measures defined in the threat and intruder model are met.

Thus, the Boolean programming problem is solved with two quality indicators, where the first indicator is nonlinear, the second is defined as linear, and the constraints are linear. We will form a system of criteria for further optimization.:

. (5)

The resulting system appears to be a solution to the process of ranking protection mechanisms by prioritizing them.

CALCULATION OF THE PRIORITY INDICATORS OF PROTECTION MECHANISMS

For further ranking of protection mechanisms, taking into account the established system of criteria (5), it is necessary to determine their "weight". In order to calculate this parameter, it is proposed to normalize the weights of the criteria so that their sum is equal to one. This is necessary to ensure the uniform and comparable impact of each criterion on the choice of protection mechanisms.

The first step in determining the numerical values of the criteria is to record the number of protection measures from the threat model and the intruder performed by each of the proposed mechanisms. Examples of comparing measures from the threat model with protection mechanisms are shown in the Table. 1. The designations used to identify protection measures comply with the requirements defined in FSTEC RF Order No. 21 dated 02/18/2013^[14]:

- UPD.6: Limit the number of unsuccessful attempts to access the information system. The measure is aimed at preventing password brute force and unauthorized access.;

- UPDATE 8: Notifying the user upon successful login about the previous access to the information system. The measure is aimed at informing the user about the login facts.;

- AUD.4: Registration of security events. The measure provides for recording security-related events for subsequent response and analysis.;

- ROOM 7: Security monitoring. The measure includes constant monitoring of the security status of the information system for timely detection and prevention of incidents.

The measures under consideration are used to assess the universality of protection mechanisms – their ability to simultaneously meet the requirements of several protection measures.

Table 1. Number of protection measures performed by individual mechanisms

After determining the quantitative indicator of universality, it is necessary to assess the complexity of the implementation of each protection mechanism. This parameter is purely subjective and should provide for the individual capabilities of the development team and the available resources. When determining the score, it is recommended to use a 10-point scale for the greatest clarity of the indicator, which allows you to accurately assess the complexity in the context of the individual characteristics of the organization. The maximum score is assigned to the most comprehensive and comprehensive protection mechanism in the generated list. An example of estimates of the complexity of protection mechanisms is presented in Table 2.

Table 2. Comparison of the complexity assessment with the mechanism on a 10-point scale

RANKING OF PROTECTION MECHANISMS

The final stage is the ranking of protection mechanisms in accordance with the previously defined parameters of the priority criteria using the generated mathematical model. To do this, the "weights" of the indicators are normalized according to the complexity of the implementation and the universality of the protection mechanisms: all weights are summed up, after which each criterion value is divided by the resulting amount. An example of the formation of criteria values is presented in Table 3.

Table 3. Values of criteria for protection mechanisms

The values are calculated in such a way that the total weight of all criteria defined in the model, as well as the overall assessment of available protection mechanisms for each individual criterion, are modulo one. In this case, two criteria with the same weights of 0.5 are considered.

After the calculations have been performed, the priority of each protection mechanism can be determined for their subsequent ranking according to the following formula:

(6)

where is the weight of the criterion for the universality of the protection mechanism, is the weight of the criterion for the complexity of the implementation of the protection mechanism, is the value of the evaluation of the universality of the mechanism, is the value of the evaluation of the complexity of the implementation of the mechanism.

The calculation of priorities for protection mechanisms in this example gives the following values::

,

,

.

The hierarchy table of mechanisms based on their priority for the example given in the article is as follows (Table 4).

Table 4. List of protection mechanisms according to priority indicators

The data obtained as a result of this calculation is unique for each product and organization, as it directly depends on the threat model and the intruder, as well as on the amount of resources available in the developer company.

RESEARCH RESULTS AND THEIR DISCUSSION

As a result of the research, an approach to ensuring the security of personal Internet of Things devices based on a mathematical model with two criteria has been developed.: the universality of the protection mechanism and the complexity of the implementation. The use of this approach makes it possible to identify and rank protection mechanisms, optimizing their choice taking into account resource constraints and the specifics of the device being developed.

An analysis of the results showed that the proposed approach effectively solves the problem of optimizing the choice of protection mechanisms. The use of a mathematical model makes it possible to evaluate each mechanism according to specified criteria, reducing the subjectivity factor in the decision-making process ^[12]. The ranking of protection mechanisms ensures a balanced allocation of resources, which is especially important for commercial organizations.

However, it should be borne in mind that the accuracy and effectiveness of the model depend on the correctness of the initial data and the adequacy of the selected criteria. In the future, it is advisable to expand the set of criteria and develop standardized evaluation methods, which will improve the accuracy of the model and adapt it to different types of devices and operating conditions. Special attention should be paid to the implementation of protection mechanisms based on machine learning algorithms. In the context of the growing complexity of network threats and the increasing volume of data processed in PIoT systems, there is a need to develop adaptive and flexible methods for detecting abnormal behavior during various attacks ^[13]. Also, given that the Bluetooth Low Energy (BLE) protocol is one of the most popular for portable devices ^[14], it is important to work out in detail the list of protection mechanisms specifically for this wireless technology ^[15].

The proposed approach to the choice of protection mechanisms for personal Internet of Things devices can help improve the security of user smart devices, ensuring a rational allocation of resources and minimizing the risks of compromising information systems.

ACKNOWLEDGEMENTS / GRATITUDE

The authors express their sincere gratitude to Candidate of Technical Sciences, A.V. Korolkov for his critical approach and prompt involvement in the process of editing the research results / The authors express their sincere gratitude to Ph.D. in Technical Sciences A.V. Korolkov for his critical approach and prompt involvement in the process of editing the research results.

^[1] State of IoT – Spring 2023. https://iot-analytics.com/product/state-of-iot-spring-2023/

^[2] Number of Internet of Things (IoT) connected devices worldwide from 2019 to 2023, with forecasts from 2022 to 2030. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/

^[3] Omdia: New Omdia research shows eSIM installed base in IoT to top 3.6 billion by 2030. https://omdia.tech.informa.com/pr/2024/feb/new-omdia-research-shows-esim-installed-base-in-iot-to-top-3-point-6-billion-by-2030

^[4] Internet of Things, IoT, M2M global market. https://www.tadviser.ru/index.php/Статья:Internet_all,_IoT,_M2M_(world market)

^[5] HP Discovers Common Vulnerabilities in 10 IoT Devices. https://www.eweek.com/security/hp-discovers-common-vulnerabilities-in-10-iot-devices/

^[6] Improving Internet of Things Device Certification with Policy-based Management. https://publications.jrc.ec.europa.eu/repository/handle/JRC106530

^[7] DDoS, ransomware, miners: Kaspersky Lab analyzed the cyber threat landscape for the Internet of Things. https://www.kaspersky.ru/about/press-releases/2023_ddos-programmy-vymogateli-majnery-laboratoriya-kasperskogo-proanalizirovala-landshaft-kiberugroz-dlya-interneta-veshej

^[8] Government to strengthen security of Internet-connected products. https://www.gov.uk/government/news/government-to-strengthen-security-of-internet-connected-products

^[9] Product Security and Telecommunications Infrastructure Act 2022. https://www.legislation.gov.uk/ukpga/2022/46/part/1/enacted

^[10] IoT Cybersecurity: regulating the Internet of Things. https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/inspired/iot-regulations

^[11] "Methodological document. Methodology for assessing information security threats" (approved by the FSTEC of Russia on 02/05/2021) https://fstec.ru/dokumenty/vse-dokumenty/spetsialnye-normativnye-dokumenty/metodicheskij-dokument-ot-5-fevralya-2021-g

^[12] FSTEC of Russia Order No. 21 dated 02/18/2013 "On Approval of the Composition and Content of Organizational and Technical Measures to ensure the Security of Personal Data during their Processing in Personal Data Information Systems". https://fstec.ru/dokumenty/vse-dokumenty/spetsialnye-normativnye-dokumenty/metodicheskij-dokument-ot-5-fevralya-2021-g

^[13] FSTEC of Russia Order No. 21 dated 02/18/2013 "On Approval of the Composition and Content of Organizational and Technical Measures to ensure the Security of Personal Data during their Processing in Personal Data Information Systems". https://fstec.ru/dokumenty/vse-dokumenty/spetsialnye-normativnye-dokumenty/metodicheskij-dokument-ot-5-fevralya-2021-g

^[14] FSTEC of Russia Order No. 21 dated 02/18/2013 "On Approval of the Composition and Content of Organizational and Technical Measures to ensure the Security of Personal Data during their Processing in Personal Data Information Systems". https://fstec.ru/dokumenty/vse-dokumenty/spetsialnye-normativnye-dokumenty/metodicheskij-dokument-ot-5-fevralya-2021-g