Bulletin of Networking, Computing, Systems, and Software

As the amount of Internet of Things (IoT) connected devices is expected to be more than 75 billion worldwide by 2025, these IoT systems such as smart devices, smartphones as well as computer systems become vulnerable to possible security breaches in various forms of cyber-attacks including hacking, phishing, etc., and the impact of actual attacks also continues to be expanded. Hence, the security concerns of establishing a new defense framework are of paramount importance for the IoT. The idea of Moving Target Defense (MTD) is giving uncertainties and difficulties to adversaries by shuffling or randomizing variants or attributes that can be possibly exposed as vulnerabilities of a target system. In this research, we first propose a framework for adopting MTD concept as a proactive defense approach to protect IoT systems with the aim of establishing the method of MTDs and developing the mechanisms of research for continuous IoT systems. We then discuss two feasible, existing MTD techniques: IP address shuffling and code diversification. Considering the security of the IoT, we believe this is an essential first step towards investigating whether or not the application of MTDs are effective for future use.

IoT security; moving target defense; diversification