Automated microsegmentation for lateral movement prevention in industrial Internet of Things (IIoT).

Arifeen, Murshedul; Petrovski, Andrei; Petrovski, Sergei

doi:10.1109/SIN54109.2021.9699232

Automated microsegmentation for lateral movement prevention in industrial Internet of Things (IIoT).

Arifeen, Murshedul; Petrovski, Andrei; Petrovski, Sergei

Authors

Mr DIPTO ARIFEEN d.arifeen@rgu.ac.uk
Research Student

Andrei Petrovski

Sergei Petrovski

Contributors

Naghmeh Moradpoor
Editor

Atilla El�i
Editor

Andrei Petrovski
Editor

Abstract

The integration of the IoT network with the Operational Technology (OT) network is increasing rapidly. However, this incorporation of IoT devices into the OT network makes the industrial control system vulnerable to various cyber threats. Hacking an IoT device at the network edge, an attacker can move laterally to compromise the main control server and manipulate the whole control system of the industrial infrastructure. In this paper, we have proposed an automated Micro-segmentation (MS) model based on Machine Learning (ML) algorithms to reduce the lateral movement of an attacker or malware. The proposed model generates the micro-segments based on network traffic and blocks the malicious traffic at each segment. We have taken UNSW-NB15 and IoTID20 datasets for our experiments. Experimental results show that after generating micro-segments and separating the normal traffic, the model limits redundant links and blocks malicious traffic. Limiting the usage of redundant links reduces the lateral movement or spreading of malware. We also considered the deterministic epidemic model to analyze the device infection rate due to lateral movement or malware propagation.

Citation

ARIFEEN, M., PETROVSKI, A. and PETROVSKI, S. 2021. Automated microsegmentation for lateral movement prevention in industrial Internet of Things (IIot). In Moradpoor, N., Elçi, A. and Petrovski, A. (eds.) Proceedings of 14th International conference on Security of information and networks 2021 (SIN 2021), 15-17 December 2021, [virtual conference]. Piscataway: IEEE [online], article 28. Available from: https://doi.org/10.1109/SIN54109.2021.9699232

Presentation Conference Type	Conference Paper (published)
Conference Name	14th International conference on Security of information and networks 2021 (SIN 2021)
Start Date	Dec 15, 2021
End Date	Dec 17, 2021
Acceptance Date	Dec 7, 2021
Online Publication Date	Feb 10, 2022
Publication Date	Dec 17, 2021
Deposit Date	Feb 11, 2022
Publicly Available Date	Feb 11, 2022
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Peer Reviewed	Peer Reviewed
Book Title	Proceedings of the 14th International conference on Security of information and networks 2021 (SIN 2021)
ISBN	9781728192666
DOI	https://doi.org/10.1109/SIN54109.2021.9699232
Keywords	Internet of Things; Micro-segmentation; Security; Lateral movement; Machine learning
Public URL	https://rgu-repository.worktribe.com/output/1592299

Files

ARIFEEN 2021 Automated microsegmentation (AAM) (419 Kb)
PDF

Copyright Statement
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.