How Secure Is Your IoT Network?

12/28/2019
by   Josh Payne, et al.
0

The proliferation of IoT devices in smart homes, hospitals, and enterprise networks is widespread and continuing to increase in a superlinear manner. With this unprecedented growth, how can one assess the security of an IoT network holistically? In this article, we explore two dimensions of security assessment, using vulnerability information of IoT devices and their underlying components (compositional security scores) and SIEM logs captured from the communications and operations of such devices in a network (dynamic activity metrics) to propose the notion of an attack circuit. These measures are used to evaluate the security of IoT devices and the overall IoT network, demonstrating the effectiveness of attack circuits as practical tools for computing security metrics (exploitability, impact, and risk to confidentiality, integrity, and availability) of heterogeneous networks. We propose methods for generating attack circuits with input/output pairs constructed from CVEs using natural language processing (NLP) and with weights computed using standard security scoring procedures, as well as efficient optimization methods for evaluating attack circuits. Our system provides insight into possible attack paths an adversary may utilize based on their exploitability, impact, or overall risk. We have performed experiments on IoT networks to demonstrate the efficacy of the proposed techniques.

READ FULL TEXT
research
06/26/2019

Challenges for Security Assessment of Enterprises in the IoT Era

For years, attack graphs have been an important tool for security assess...
research
09/09/2021

Automated Security Assessment for the Internet of Things

Internet of Things (IoT) based applications face an increasing number of...
research
04/11/2019

Deployment Optimization of IoT Devices through Attack Graph Analysis

The Internet of things (IoT) has become an integral part of our life at ...
research
11/15/2019

Thesis Deployment Optimization of IoT Devices through Attack Graph Analysis

The Internet of things (IoT) has become an integral part of our life at ...
research
05/14/2021

Consumer, Commercial and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

Internet of Things (IoT) devices are becoming ubiquitous in our lives, w...
research
06/07/2022

A Secure and Trusted Mechanism for Industrial IoT Network using Blockchain

Industrial Internet-of-Things (IIoT) is a powerful IoT application which...
research
08/19/2022

A Pragmatic Methodology for Blind Hardware Trojan Insertion in Finalized Layouts

A potential vulnerability for integrated circuits (ICs) is the insertion...

Please sign up or login with your details

Forgot password? Click here to reset