The security of IOT from the perspective of the observability of complex networks

Abstract

The Internet of Things (IOT) is based on the computer Internet, using RFID, wireless data communication and other technologies to construct a network covering everything in the world. It contains numerous entities such as sensors, processors, transmitters and actuators, meanwhile the interactions of which are complicated. These characteristics of IOT are consistent with those of the complex network. Motivated by this, this paper comprehends the security issue of IOT from the sight of the observability of complex network and regards the ability of reconstruction as a security threat to IOT network. We try to identify the minimum vertices whose data could reconstruct the whole data of network, in other words, we need to implement additional protective measures on these vertices to enhance the security of IOT network. By analyzing the topology of IOT network, an identification strategy is adopted and the corresponding algorithm is proposed to identify the minimum protection vertices.

1. Introduction

Now, we live in an era where the Internet of Things is all around us, from mobile terminals like smartphones and wearable devices [1], smart home facilities like temperature controller [2], automatism curtain, and robot vacuum cleaner, industrial systems [3,4] like supply chain management and safety production management, intelligent transportation like vehicle networking [5] and intelligent traffic scheduling. One-sentence understanding of the Internet of Things is connecting all things to the Internet through sensing equipment to realize information exchange, intelligent identification and management. This requires giving each object the intelligence and connectivity to collect, process and transmit data [6]. No matter the smart dust advocating the interconnection of various sensor devices [7,8], the RFID IOT advocating the unique identification of all items [9], or the data ubiquitous aggregation IOT advocating the precise marking on each piece of data [10], all deal with immense amounts of data, along with the close association of industry, military, energy, transportation, logistics and all crucially important fields, the security issues of IOT are of great value and deserve much attention [[11], [12], [13]].

It is requested that the hardware, software and data in IOT are protected and free from accidental or malicious damage, tampering and theft. However due to the vulnerability of Internet, the complexity of network environment, the openness of wireless channels, the lack of monitoring unmanned equipment and so on, the security requirements are difficult to meet. The types of potential attacks include the physical attack, the data eavesdropping and analysis, the unauthorized access [14], the replay attack [15], the Dos attack and the malicious code attack [16]. Specifically, in the perception layer, the sensing devices are numerous in quantity and variety, and their own security protection is weak, simultaneously most of which are deployed at the unmonitored locations, the attackers are relatively easy to access to them [17]. In the transport layer, the malware has a large number of entries in wireless network and sensor network environment, so it needs to apply the IPsec, firewall, tunnel services, digital signatures and certificates to enhance the security [18]. In the application layer, the loopholes will affect the system itself, the support software, the network service software, the network router and the firewall [19].

As mentioned before, there are numerous entities such as sensors, processors, transmitters and actuators in IOT and the interactions of which are complicated. These characteristics are consistent with those of complex networks, so it is possible to study the IOT from the perspective of complex network. A large number of research results on complex network has been obtained in different fields such as the Internet, the communication network [20], the traffic network [21], the power grid [22], the social network [23], etc., which are all closely related to our lives. And the research interest involves the synchronization, state estimation, topology identification [24], fault diagnosis [25], virus spreading [26], multi-agents [27], Big Data [28], network game [29] and so on. In a manner of speaking, it covers almost all of aspects of the network. So, the theoretical framework and methods for complex networks provide a new idea in analyzing the IoT network [30].

The controllability and observability are fundamental issues in most complex networks [[31], [32], [33], [34], [35]], and the observability of network concerns the ability to reconstruct the whole states using the partial measured outputs. For a IOT network, if someone could place some sensors onto the partial processors, transmitters or steal the data of partial sensors, it is possible to reconstruct more data or even the whole data of the IOT network. Inspired by this, the concept of network observability is applied to study the security issue of IOT networks in this work. We introduce the IOT network onto a directed graph and try to identify the minimum vertices for implementing additional protective measures to enhance the security of IOT network, by analyzing its topology, an identification strategy that maximizing the number of pm-rSCCs (the definition sees Section 3) which contain unmatched vertices in a maximum matching is adopted. Then the corresponding algorithm is proposed and demonstrated by simulations.

The rest of the paper is organized as follows. Section 2 describes the main problem studied in this work. In Section 3, an identification strategy is adopted and the corresponding algorithm is proposed. In Section 4, a numerical example is given to validate the theoretical results. Finally, Section 5 concludes the paper and discusses the further research interests.

2. Problem statement

As mentioned above, it could study the IOT network from the perspective of the complex network. For an existing IOT, we could introduce it onto a directed graph $G=\left(V,E\right)$, where the entities in IOT are regarded as the vertices and the interactions between these entities are regarded as the links in the IOT network. Concretely, $V=\left\{1,\cdots ,n\right\}$ is the vertex set and $E=\left\{\left(j,i\right)|\text{vertex}i\text{transmits}\text{information}\text{to}\text{vertex}j\right\}$ is the edge set. In Fig. 1(a), there are four vertices in a simple IOT network.

Fig. 1.

A simple example of IOT network. (a) The vertices are marked in white circles and the interactions are marked by black arrows; (b) The bipartite representation and its maximum matching where the matched vertices are marked by grey and the matching edges are marked by red.

According to the observability concept of complex network, it could reconstruct the whole information of the network only by information of partial vertices. So, it only needs to place sensors onto the partial vertices or steal the data of partial vertices in the sensor network, then the data of the whole IOT network could be obtained by reconstruction, and just few vertices are needed for reconstruction in the large-scale real networks in general. Inspired by this, we try to identify the minimum vertices for reconstructing the IOT network in this paper, and then we could implement additional protective measures on these vertices to enhance the security of IOT network. Here, we also called these vertices as the protection vertices.

Here we recall some graph-theoretic concepts.

Definition 1

For a directed graph, a maximum matching is a largest subset of edges which do not share common starting vertices or ending vertices.

The maximum matching $M$ of $G=\left(V,E\right)$ could be determined by its bipartite representation $B\left(V^{+},V^{-},E^{\prime }\right)$ where $V^{+}$ and $V^{-}$ denote the starting and ending vertices sets respectively, and $E^{\prime }=\left\{\left(j^{+},i^{-}\right)|\left(j,i\right)\in E\right\}$. In a maximum matching, a vertex is matched if it is an ending vertex of an edge in the matching and the others are unmatched vertices (see Fig. 1(b), vertices 1, 2, 3 are matched vertices). A maximum matching is called a perfect matching if every vertex is matched.

Definition 2

For a directed graph, a Strongly Connected Component (SCC) is a subgraph where there is a directed path from each vertex to every other vertex.

Further, a SCC is a root SCC (rSCC) if it has no incoming edges to its vertices from other vertices.

3. Main results

In this section, the strategy of identifying the minimum protection vertices is discussed, then the corresponding algorithm is proposed and analyzed.

3.1. Identification strategy

According to the Minimum Inputs Theorem [36] and the duality between the controllability and the observability, it should set sensors to measure the unmatched vertices to guarantee the network is observable. Here, these vertices are called sensor vertices (According to the security considerations in this paper, the sensor vertices are also the protection vertices). If the maximum matching of this rSCC is perfect, there exist no sensor vertices, whereas by definition, a rSCC is overall inaccessible, so we also need to measure it and a random vertex of which to be measured is enough. Here we called a rSCC which has perfect matching as a pm-rSCC (see Fig. 1, vertices 1, 2 and edges $\left(1,2\right)$, $\left(2,1\right)$ form a pm-rSCC). In this paper, we concentrate on the identification of the minimum protection vertices with the pm-rSCC existing in the IOT network.

With a goal of minimizing the number of protection vertices, the number of additional measured vertices should be minimized. While there exists an unmatched vertex in a pm-rSCC, there is no need to additionally set a sensor for this pm-rSCC. Consequently, the identification strategy in this paper is maximizing the number of pm-rSCCs which contain unmatched vertices in a maximum matching. For example, in Fig. 2, in the first kind of maximum matching, there exist no unmatched vertices in the pm-rSCC formed by vertices 1, 2 and edges $\left(1,2\right)$, $\left(2,1\right)$ , so we need to choose the vertex 1 or 2 as an additional protection vertex, the number of protection vertices is 3. While in the second kind of maximum matching, vertex 1 is unmatched, so we just choose the unmatched vertices as the protection vertices, the number of protection vertices is 2.

Remark 1

For a directed graph, its maximum matching is not unique in the vast majority of cases. Therefore, we could choose an appropriate maximum matching to conform with the adopted identification strategy.

Fig. 2.

An illustration of the adopted identification strategy. In the first kind of maximum matching, vertices 1, 3, 5 are protection vertices. In the second kind of maximum matching, vertices 1, 5 are protection vertices. The second kind of maximum matching conforms with the adopted identification strategy.

3.2. Algorithm design and analysis

According to the identification strategy mentioned in Section 3.1, we try to force the vertices in pm-rSCCs as the unmatched vertices, as long as one vertex in a pm-rSCC could be an unmatched vertex in a maximum matching, the number of protection vertices will decrease by one, hence an Algorithm is proposed. Some initial preparations are as follows: Compute an initial maximum matching $M$ of $G=\left(V,E\right)$, and obtain the pm-rSCCs by applying twice depth-first searches, denoted by ${\eta }_1,\dots ,{\eta }_{\beta }$ where $S=\left\{1,\dots ,\beta \right\}$.

Algorithm.

Identify the set of minimum protection vertices of an IOT network.

Input: $M$, $B\left(V^{+},V^{-},E^{\prime }\right)$, ${\eta }_1,\dots ,{\eta }_{\beta }$

Output: Set of protection vertices $V^{protection}$

1: $V^{temp}=\left\{\right\}$;

2: for all $\lambda \in {\eta }_1\cup \cdots \cup {\eta }_{\beta }-V^{temp}$

3: Compute a maximum matching $M^{\lambda }$ with $B\left(V^{+},V^{-},E^{\prime }-\left\{\left(\nu ,\lambda \right):\nu \in V\right\}\right)$, obtaining the unmatched vertices set $V^{\lambda }$;

4:  if $\left|M\right|==\left|M^{\lambda }\right|$ where $\lambda \in {\eta }_s$

5:  $V^{temp}=V^{temp}\cup {\eta }_s$;

6: $S=S-\left\{s\right\}$;

7: $E^{\prime }=E^{\prime }-\left\{\left(\nu ,\lambda \right):\nu \in V\right\}$;

8: $V^{protection}=V^{\lambda }$;

9:  else $V^{temp}=V^{temp}\cup \lambda$;

10: end if

11: end for

12: for all $s\in S$

13:  Randomly choose a vertex $\lambda$ from ${\eta }_s$ and $V^{protection}=V^{protection}\cup \lambda$;

14: end

Now, we will explain the process of obtaining the minimum protection vertices of the IOT network with an illustrative example shown in Fig. 3. In this simple IOT network, there exist 3 p.m.-rSCCs which contain vertices 1 and 4, vertices 2 and 3, vertices 7 and 8 respectively. In the initial situation (see Fig. 3(a)), the matching edges are marked by red and the unmatched vertices are vertices 5 and 9. Here there are no pm-rSCCs which contain unmatched vertices, so randomly choose a vertex from each pm-rSCC, specifically, vertices 1, 2, 7 are chosen as the additional sensor vertices, here $V^{protection}=\left\{1,2,5,7,9\right\}$. Now it's time to execute the Algorithm, the initial data is $\left|M\right|=7$, $V^{temp}=\left\{\right\}$, $S=\left\{1,2,3\right\}$. Select $\lambda =1$ from ${\eta }_1$ and remove the edge $\left(4,1\right)$ in $B\left(V^{+},V^{-},E^{\prime }\right)$, now the maximum matching $\left|M^1\right|=7==\left|M\right|$, so $V^{temp}=\left\{1,4\right\}$, $S=\left\{2,3\right\}$, the edge $\left(2,1\right)$ is definitely removed, $V^1=\left\{1,9\right\}$, if we stop at this moment and choose vertices 2, 7 as the additional sensor vertices, $V^{protection}=\left\{1,2,7,9\right\}$ (see Fig. 3(b)). Now execute the next loop, select $\lambda =2$ from ${\eta }_2$ and remove the edge $\left(3,2\right)$ in $B\left(V^{+},V^{-},E^{\prime }\right)$, now the maximum matching $\left|M^2\right|=6\ne \left|M\right|$, $V^{temp}=\left\{1,2,4\right\}$ (see Fig. 3(c)), so execute the next loop, select $\lambda =3$ from ${\eta }_2$ and remove the edge $\left(2,3\right)$ in $B\left(V^{+},V^{-},E^{\prime }\right)$, now the maximum matching $\left|M^3\right|=6\ne \left|M\right|$, $V^{temp}=\left\{1,2,3,4\right\}$ (see Fig. 3(d)). So continue the next loop, select $\lambda =7$ from ${\eta }_3$ and remove the edge $\left(8,7\right)$ in $B\left(V^{+},V^{-},E^{\prime }\right)$, now the maximum matching $\left|M^7\right|=7==\left|M\right|$, so $V^{temp}=\left\{1,2,3,4,7,8\right\}$, $S=\left\{2\right\}$, the edge $\left(8,7\right)$ is definitely removed, $V^7=\left\{1,7\right\}$, and at this moment the steps (1)–(11) have been completed, $V^{protection}=\left\{1,7\right\}$, and then choose the vertex 2 from ${\eta }_2$, the final $V^{protection}=\left\{1,2,7\right\}$ (steps (12)–(14)), which is shown in Fig. 3(e). Through the Algorithm, the number of protection vertices decrease from 5 to 3, as well as the minimum number of protection vertices.

Remark 2

The main process of the Algorithm is calculating multi maximum matchings, whose time complexity is $\sum _{s=1}^{\beta }\left|{\eta }_s\right|O\left(\sqrt{\left|V\right|}\left|E\right|\right)$. And the time complexity of the other processes is constant complexity.

Fig. 3.

An illustration of obtaining the minimum protection vertices. (a) The initial situation; (b)–(e) The execution of the Algorithm.

4. Simulations

Here, the IOT network for simulation still uses the example in Fig. 3. Simultaneously, in order to verify the reconstruction of the protection vertices, each vertex is given the following discrete dynamic:

$${\mathbf{x}}_{i,k+1}=\mathbf{A}{\mathbf{x}}_{i,k}$$ (1)

where $\mathbf{A}=\left[\begin{array}{ccc}0& 0& 0\\ 2.1& 0& 0\\ -1.6& 0& 0\end{array}\right]$ is the system matrix of the vertex, each vertex state is denoted as ${\mathbf{x}}_{i,k}={\left(x_{i1,k},x_{i2,k},x_{i3,k}\right)}^T\in R^3$, $i=1,\dots ,9$. And then the IOT network could be formulated as follows:

$${\mathbf{x}}_{i,k+1}=\mathbf{A}{\mathbf{x}}_{i,k}+\sum _{j=1}^9{d}_{ij}\mathbf{\Gamma }{\mathbf{x}}_{j,k}$$ (2)

where $\mathbf{\Gamma }={\mathbf{I}}_3$ is the inner connecting matrix, $\mathbf{D}={\left(d_{ij}\right)}_{9\times 9}$ denotes the network topology.

From the previous results, vertices 1, 2 and 7 are protection vertices, so the output could be formulated as follows:

$${\mathbf{y}}_{i,k}={\mathbf{C}}_i{\mathbf{x}}_{i,k}$$ (3)

where ${\mathbf{C}}_i$ denotes the output matrix, and ${\mathbf{C}}_i={\mathbf{I}}_3$ for $i=1,2,7$, ${\mathbf{C}}_i=\mathbf{O}$ for else, $\mathbf{O}$ is a zero matrix of suitable dimension. Then equations (2), (3) could be rewritten as follows:

$$\begin{array}{l}{\mathbf{X}}_{k+1}={\mathbf{A}}^{*}{\mathbf{X}}_k\\ {\mathbf{Y}}_k={\mathbf{C}}^{*}{\mathbf{X}}_k\end{array}$$ (4)

where ${\mathbf{X}}_k={\left({{\mathbf{x}}_{1,k}}^T,\dots ,{{\mathbf{x}}_{9,k}}^T\right)}^T$, ${\mathbf{A}}^{*}={\mathbf{I}}_9\otimes \mathbf{A}+\mathbf{D}\otimes \mathbf{\Gamma }$, ${\mathbf{C}}^{*}=\left[\begin{array}{ccccccccc}{\mathbf{I}}_3& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}\\ \mathbf{O}& {\mathbf{{\rm I}}}_3& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}\\ \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& \mathbf{O}& {\mathbf{I}}_3& \mathbf{O}& \mathbf{O}\end{array}\right]$.

Then an observer for this network is built as follows:

$$\begin{array}{l}{\hat{\mathbf{X}}}_{k+1}={\mathbf{A}}^{*}{\hat{\mathbf{X}}}_k-\mathbf{L}\left({\hat{\mathbf{Y}}}_k-{\mathbf{Y}}_k\right)\\ {\hat{\mathbf{Y}}}_k={\mathbf{C}}^{*}{\hat{\mathbf{X}}}_k\end{array}$$ (5)

where ${\hat{\mathbf{X}}}_k$ and ${\hat{\mathbf{Y}}}_k$ denote the states and outputs of the observer respectively, $\mathbf{L}$ is the observer gain. Then the observation errors could be obtained:

$${\mathbf{E}}_{k+1}={\hat{\mathbf{X}}}_{k+1}-{\mathbf{X}}_k=\left({\mathbf{A}}^{*}-\mathbf{L}{\mathbf{C}}^{*}\right){\mathbf{E}}_k$$ (6)

Define a Lyapunov function as follows:

$$V_k={\mathbf{E}}_k^T\mathbf{P}{\mathbf{E}}_k$$ (7)

Differentiating $V_k$ gives

$$\Delta V_k=V_{k+1}-V_k={\mathbf{E}}_{k+1}^T\mathbf{P}{\mathbf{E}}_{k+1}-{\mathbf{E}}_k^T\mathbf{P}{\mathbf{E}}_k={\mathbf{E}}_k^T{\left({\mathbf{A}}^{*}-\mathbf{L}{\mathbf{C}}^{*}\right)}^T\mathbf{P}\left({\mathbf{A}}^{*}-\mathbf{L}{\mathbf{C}}^{*}\right){\mathbf{E}}_k-{\mathbf{E}}_k^T\mathbf{P}{\mathbf{E}}_k={\mathbf{E}}_k^T\left({{\mathbf{A}}^{*}}^T\mathbf{P}{\mathbf{A}}^{*}-{{\mathbf{A}}^{*}}^T\mathbf{PL}{\mathbf{C}}^{*}-{{\mathbf{C}}^{*}}^T{\mathbf{L}}^T\mathbf{P}{\mathbf{A}}^{*}+{{\mathbf{C}}^{*}}^T{\mathbf{L}}^T\mathbf{PL}{\mathbf{C}}^{*}-\mathbf{P}\right){\mathbf{E}}_k$$ (8)

According to the Lyapunov stability theory, system (6) is asymptotically stable if $\Delta V_k<0$, that is

$${{\mathbf{A}}^{*}}^T\mathbf{P}{\mathbf{A}}^{*}-{{\mathbf{A}}^{*}}^T\mathbf{PL}{\mathbf{C}}^{*}-{{\mathbf{C}}^{*}}^T{\mathbf{L}}^T\mathbf{P}{\mathbf{A}}^{*}+{{\mathbf{C}}^{*}}^T{\mathbf{L}}^T\mathbf{PL}{\mathbf{C}}^{*}-\mathbf{P}<0$$ (9)

Then the observer gain $\mathbf{L}$ could be obtained by solving the inequation (9), here $\mathbf{L}\in R^{27\times 9}$, due to its large size, the concrete value is omitted.

Shown in Fig. 4, it is apparent that all observation errors converge to zero finally, implying it just needs the data of 3 vertices that the data of the whole IOT network could be reconstructed. Consequently, it is necessary to implement additional protective measures on these vertices to enhance the security of the whole IOT network.

Fig. 4.

The observation errors in each vertex.

5. Conclusion

In this paper, from the perspective of the observability of complex networks, we study the security of IOT network. The observability of complex networks is converted into the ability to reconstruct the whole data of the IOT network from the data of partial vertices. By analyzing the topology of IOT network, an identification strategy that maximizing the number of pm-rSCCs which contain unmatched vertices in a maximum matching is adopted. Then a corresponding algorithm is proposed and demonstrated by simulations that the algorithm proposed is effective.

The structure of IOT is quite complicated in practice, and in this work, the structure is simplified. The actual IOT networks may possess the multilayer structure, community structure and so on. Hence it faces more challenges to investigate the more complicated IOT network.

Data availability

No data was used for the research described in the article.

CRediT authorship contribution statement

Xu Wu: Writing – review & editing, Writing – original draft, Funding acquisition, Formal analysis. Zhengjun Jing: Supervision, Conceptualization. Xinwei Wang: Visualization, Software.

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.