A Process Mining Tool for Supporting IoT Security

International audienceThe development of the Internet has been characterized by a growing interest for the Internet-of-Things (IoT). In particular, connected devices are integrated to other Internet resources (such as cloud resources) to elaborate value-added services. However, they pose important challenges with respect to security management due to their heterogeneity, their distribution , and their limited resources. In this demonstration, we present a process mining toool for supporting IoT security. This tool is capable to automate the detection of misbehaviours and attacks in large and heterogeneous IoT infrastructures, based on process mining techniques combined with normalization and clustering data pre-processing. We detail the different building blocks of this tool provided into a docker container, and illustrate its operations with different scenarios

A Process Mining Approach for Supporting IoT Predictive Security

International audienceThe growing interest for the Internet-of-Things (IoT) is supported by the large-scale deployment of sensors and connected objects. These ones are integrated with other Internet resources in order to elaborate more complex and value-added systems and applications. While important efforts have been done for their protection, security management is a major challenge for these systems, due to their complexity, their heterogeneity and the limited resources of their devices. In this paper we introduce a process mining approach for detecting misbehaviors in such systems. It permits to characterize the behavioral models of IoT-based systems and to detect potential attacks, even in the case of heterogenous protocols and platforms. We then describe and formalize its underlying architecture and components, and detail a proof-of-concept prototype. Finally, we evaluate the performance of this solution through extensive experiments based on real industrial datasets

Comparative Assessment of Process Mining for Supporting IoT Predictive Security

International audienceThe growth of the Internet-of-Things (IoT) has been characterized by the large-scale deployment of sensors and connected objects. These ones are integrated with other Internet resources in order to elaborate more complex systems and applications. Security management is a major challenge for these systems due to their complexity, their heterogeneity and the limited resources of their devices. In this paper we evaluate the exploitability and performance of a process mining approach for detecting misbehaviors in such systems. We describe the considered architecture and detail its operation, from the generation of behavioral models to the detection of potential attacks. We formalize several alternative commonly-used detection methods, including elliptic envelope, support-vector machine, local outlier factor, and isolation forest techniques. After presenting a proofof-concept prototype, we quantify comparatively the benefits and limits of our process mining solution combined with data preprocessing, through extensive experiments based on different industrial datasets

Microservice security: a systematic literature review

International audienceMicroservices is an emerging paradigm for developing distributed systems. With their widespread adoption, more and more work investigated the relation between microservices and security. Alas, the literature on this subject does not form a well-defined corpus : it is spread over many venues and composed of contributions mainly addressing specific scenarios or needs. In this work, we conduct a systematic review of the field, gathering 290 relevant publications—at the time of writing, the largest curated dataset on the topic. We analyse our dataset along two lines: (a) quantitatively, through publication metadata, which allows us to chart publication outlets, communities, approaches, and tackled issues; (b) qualitatively, through 20 research questions used to provide an aggregated overview of the literature and to spot gaps left open. We summarise our analyses in the conclusion in the form of a call for action to address the main open challenges