Smart Attacks on the Integrity of the Internet of Things: Avoiding Detection by Employing Game Theory

George Margelis, Robert Piechocki, Theo Tryfonas, Paul Thomas

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

3 Citations (Scopus)
382 Downloads (Pure)


The Internet of Things (IoT) is expected to connect billions of devices, that will interact with their physical environment through sensors or actuators. The measurements created from these sensors have varying levels of precision, leading to measurements that follow a distribution, whose variance presents an additional challenge for the employed security schemes. In this work we assume a smart attacker would attempt to mask his attack in the inherent uncertainty of the measurements, and attempt to manipulate the distribution of measurements as covertly as possible to affect the final meaningful value that the system would result in. We employ Game Theory to examine the best strategies to slowly corrupt the integrity of an IoT network, similar to ETSI's Low Throughput Networks (LTN). We examine the extent of the changes that can be made to the distribution without assuming a priori knowledge of it by the attacker, for different scenarios and compromisation patterns. To the best of our knowledge this is the first attempt to examine the limits of the compromise that could be applied by a smart attacker on an IoT/LTN-type network without triggering outlier-alarms, and can be applied in the design of better targeted defensive measures.
Original languageEnglish
Title of host publication2016 IEEE Global Communications Conference (GLOBECOM 2016)
Subtitle of host publicationProceedings of a meeting held 4-8 December 2016, Washington, DC, USA
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages6
ISBN (Electronic)9781509013289
ISBN (Print)9781509013296
Publication statusPublished - May 2017


  • Game Theory
  • integrity
  • WSN
  • IoT
  • Detection
  • hellinger distance

Cite this