PROCESS MODEL FOR ENSURING THE SECURE FUNCTIONING OF INTERNET OF THINGS DEVICES BASED ON A HEURISTIC SEARCH ALGORITHM

Abstract

The proliferation of Internet of Things (IoT) devices in modern critical infrastructures has brought new challenges related to their secure functioning. Traditional cybersecurity mechanisms such as firewalls, antivirus software, and intrusion detection/prevention systems are often ineffective in IoT environments due to device heterogeneity, limited computing capabilities, decentralized control, and physical vulnerability of nodes. To address these challenges, the paper proposes a process model for ensuring the secure functioning of IoT devices, utilizing a heuristic search algorithm to optimize device deployment with minimal security risk. The proposed model is structured as a multi-stage data processing pipeline that encompasses the full decision-making lifecycle: from gathering network data and identifying vulnerabilities, to generating attack graphs, simulating deployment scenarios, assessing risk, and selecting the optimal deployment strategy. The core of the model is a heuristic-based optimization mechanism (DFBnB – Depth-First Branch and Bound), which efficiently searches a large decision space structured as a binary tree of deployment options. Each deployment scenario dynamically modifies the attack graph, allowing the model to evaluate security risks in real time based on parameters such as the number and length of attack paths, the presence of vulnerabilities, and the privilege escalation potential. Two optimization goals are considered: full deployment of all IoT devices with minimal risk, and maximization of deployed devices without increasing existing risk indicators. The model formalizes these goals using objective functions and integrates real-time heuristics for effective pruning of suboptimal solutions. Experimental validation was conducted using a simulated organizational network with the set of hosts and IoT devices, under various placement scenarios. The results demonstrated that the heuristic approach significantly reduces computation time compared to full search, while maintaining a high level of network security. The optimized deployments preserved core network resilience and enabled safe integration of devices without increasing security risks. Overall, this research offers a scalable and adaptable framework for secure IoT deployment, which can serve as the foundation for intelligent, risk-aware security management in dynamic and heterogeneous network environments.