Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Xuanyu Duan,Mengmeng Ge,Triet Huynh Minh Le,Faheem Ullah,Shang Gao,Xuequan Lu,M. Ali Babar

DOI: https://doi.org/10.1109/prdc53464.2021.00016

2021-12-01

Abstract:Internet of Things (IoT) based applications face an increasing number of potential security risks, which need to be systematically assessed and addressed. Expert-based manual assessment of IoT security is a predominant approach, which is usually inefficient. To address this problem, we propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions for predicting vulnerability metrics. The predicted metrics are then input into a two-layered graphical security model, which consists of an attack graph at the upper layer to present the network connectivity and an attack tree for each node in the network at the bottom layer to depict the vulnerability information. This security model automatically assesses the security of the IoT network by capturing potential attack paths. We evaluate the viability of our approach using a proof-of-concept smart building system model which contains a variety of real-world IoT devices and poten-tial vulnerabilities. Our evaluation of the proposed framework demonstrates its effectiveness in terms of automatically predicting the vulnerability metrics of new vulnerabilities with more than 90% accuracy, on average, and identifying the most vulnerable attack paths within an IoT network. The produced assessment results can serve as a guideline for cybersecurity professionals to take further actions and mitigate risks in a timely manner.

Hongyu Yang,Haihang Yuan,Liang Zhang,Yang, Hongyu

DOI: https://doi.org/10.1007/s11036-023-02198-4

2023-08-11

Mobile Networks and Applications

Abstract:With the rapid development and widespread application of the Internet of things (IoT), how to comprehensively and effectively evaluate the risk of the host in the IoT is of great significance. In the existing methods of evaluating IoT hosts based on attack graphs, the calculation of atomic attack probability and the asset value is unreasonable, and the impact of the association relationship between hosts on the risk value of the host is not considered. Aiming at the above problems, an IoT host risk assessment method based on an attack graph is proposed. First, the host-based attack graph is established according to the topology of the IoT, and then the vulnerability atomic attack probability and path attack probability are quantified according to multiple attribute values. After that, the improved weighted betweenness index is calculated from the perspective of the topology of the host-based attack graph. Furthermore, the asset value index weight is calculated by using the intercriteria correlation (CRITIC) method, and the host asset value is calculated according to the expert scoring results. Finally, the host risk is calculated according to the host attack probability, vulnerability impact value, the host improved weighted betweenness index, and the host asset value. The experimental results show that this method can evaluate the host risk in the IoT environment from a more comprehensive and reasonable point of view. The standard deviation of the host risk value is 0.09, which is increased by 25%, 13.9%, and 16.9% respectively compared with the asset correlation graph method, markov attack graph method and adjacency matrix method. This method facilitates the differentiation of the host's subsequent risk disposal priority.

computer science, information systems,telecommunications, hardware & architecture

Xiang Chen,Changlin Yang,Yuhong Nan,Zibin Zheng

DOI: https://doi.org/10.1109/jiot.2024.3506976

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:IoT systems are increasingly widespread across various fields. Concurrently, vulnerabilities in IoT devices are continuously emerging, potentially leading to severe consequences such as information leakage, system failure, or even resource abuse. For IoT system developers, understanding the characteristics of these critical vulnerabilities is crucial for safeguarding the security of IoT systems. However, existing studies on IoT vulnerabilities have not specifically focused on such severe or critical vulnerabilities, i.e., high-risk vulnerabilities. Moreover, previous works analyzed IoT vulnerabilities based on unofficial information sources, such as online reports, GitHub issues, or open-sourced projects. To fill this gap, this paper presents the first large-scale empirical study on high-risk IoT vulnerabilities based on the well-known vulnerability data source, i.e., the National Vulnerability Database (NVD), which is maintained by the U.S. government. We constructed a database consisting of 1,739 IoT-related vulnerabilities archived over the last two decades (from 1999 to 2023), including 1,076 high-risk vulnerabilities for analysis. We classified the high-risk vulnerabilities into four categories, consisting of 25 different weakness types. We further collected 11 detection tools and summarized their capabilities in detecting IoT vulnerabilities. Our study sheds lights on new findings and insights for developers to secure the IoT system.

ruijuan zheng,mingchuan zhang,qingtao wu,chunlei yang,wangyang wei,dan zhang,zhengchao ma

DOI: https://doi.org/10.11591/telkomnika.v11i2.2030

2013-01-01

Abstract:In terms of Internet of Things (IOT) system with the possibility criterion of fuzziness and randomness security risk, we qualitatively analyze the security risk level of IOT security scene by describing generalization metrics the potential impact and likelihood of occurrence of every major threat scenarios. On this basis, we proposed self-assessment algorithm of IOT security risk, adopting three-dimensional normal cloud model integrated consideration of risk indicators, researching the multi-rule mapping relationship between the qualitative input of safety indicators and the quantitative reasoning of self-assessment. Finally, we build security risk assessment simulation platform, and verify the validity and accuracy of the algorithm in the premise of substantiating the risk level and the safety criterion domain. DOI: http://dx.doi.org/10.11591/telkomnika.v11i2.2030

Xinbo Ban,Ming Ding,Shigang Liu,Chao Chen,Jun Zhang

DOI: https://doi.org/10.1007/978-3-031-23020-2_15

2022-01-01

Abstract:The introduction of the Internet of Things (IoT) ecosystem into public and private sectors has markedly changed the way people live, work, and entertain through integrating the digital system with the physical world. However, the production of new scenarios and architectures in IoT ecosystems introduces previously unknown security threats due to the vulnerabilities in the IoT software. Since various vulnerabilities lead to unexpected consequences in different parts of the IoT ecosystem, we propose 'security domain' to categorize the origin of the threats properly, including 'physical device', 'operation rule', and 'communication'. The research community has conducted a significant amount of work in the area of vulnerability discovery by utilizing 'code intelligence', representing code analysis techniques based on different types of code. With the focus on the security domains, we review recent representative work published in the dominant time to investigate the emerging research. Also, we summarize the research methodology commonly adopted in this fast-growing area. In consonance with the phases of the research methodology, each paper that discovers IoT vulnerabilities is comprehensively studied. Challenges and future work in this area have been discussed as well.

Jason R. C. Nurse,Sadie Creese,David De Roure

DOI: https://doi.org/10.48550/arXiv.1811.03290

2018-11-08

Cryptography and Security

Abstract:Information security risk assessment methods have served us well over the past two decades. They have provided a tool for organizations and governments to use in protecting themselves against pertinent risks. As the complexity, pervasiveness, and automation of technology systems increases and cyberspace matures, particularly with the Internet of Things (IoT), there is a strong argument that we will need new approaches to assess risk and build trust. The challenge with simply extending existing assessment methodologies to IoT systems is that we could be blind to new risks arising in such ecosystems. These risks could be related to the high degrees of connectivity present or the coupling of digital, cyber-physical, and social systems. This article makes the case for new methodologies to assess risk in this context that consider the dynamics and uniqueness of the IoT while maintaining the rigor of best practice in risk assessment.

Alan Raveling,Yanzhen Qu

DOI: https://doi.org/10.24018/ejece.2023.7.4.546

2023-07-12

European Journal of Electrical Engineering and Computer Science

Abstract:This paper has examined the application of the Common Vulnerability Scoring System applied to operational technology or industrial control system-based cybersecurity controls and demonstrated that the unique considerations and aspects of these environments are more accurately captured when compared against a traditional IT based evaluation. Multiple business drivers are compelling consumer goods manufacturers to augment and connect their manufacturing systems bringing with it increases in potential for experiencing a cybersecurity incident [1]. While other business verticals are able to utilize cybersecurity standards and control documents tailored for their industry, manufacturers do not have a set of materials that directly correlate to the operational technology environments in which their systems reside [2]. Cybersecurity practitioners face additional challenges in developing an understanding of the severity of the risks within these environments due to the lack of current quantifiable methods of evaluating the risks. The findings from this research provide cybersecurity practitioners with a repeatable and extensible method to derive the operational risk present to an organization due to the technologies and business strategies employed in the pursuit of business objectives.

Jason R.C. Nurse,Petar Radanliev,Sadie Creese,David De Roure

DOI: https://doi.org/10.1049/cp.2018.0001

2018-06-28

Abstract:Security risk assessment methods have served us well over the last two decades. As the complexity, pervasiveness and automation of technology systems increases, particularly with the Internet of Things (IoT), there is a convincing argument that we will need new approaches to assess risk and build system trust. In this article, we report on a series of scoping workshops and interviews with industry professionals (experts in enterprise systems, IoT and risk) conducted to investigate the validity of this argument. Additionally, our research aims to consult with these professionals to understand two crucial aspects. Firstly, we seek to identify the wider concerns in adopting IoT systems into a corporate environment, be it a smart manufacturing shop floor or a smart office. Secondly, we investigate the key challenges for approaches in industry that attempt to effectively and efficiently assess cyber-risk in the IoT.

Cryptography and Security,Computers and Society,Networking and Internet Architecture

Binbin Zhao,Shouling Ji,Wei-Han Lee,Changting Lin,Haiqin Weng,Jingzheng Wu,Pan Zhou,Liming Fang,Raheem Beyah

DOI: https://doi.org/10.1109/tdsc.2020.3037908

2020-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The Internet of Things (IoT) has become ubiquitous and greatly affected peoples' daily lives. With the increasing development of IoT devices, the corresponding security issues are becoming more and more challenging. Such a severe security situation raises the following questions that need urgent attention: What are the primary security threats that IoT devices face currently? How do vendors and users deal with these threats? In this article, we aim to answer these critical questions through a large-scale systematic study. Specifically, we perform a ten-month-long empirical study on the vulnerability of 1,362,906 IoT devices varying from six types. The results show sufficient evidence that N-days vulnerability is seriously endangering the IoT devices: 385,060 (28.25 percent) devices suffer from at least one N-days vulnerability. Moreover, 2669 of these vulnerable devices may have been compromised by botnets. We further reveal the massive differences among five popular IoT search engines: Shodan [1], Censys [2], [3], Zoomeye [4], Fofa [5], and NTI [6]. To study whether vendors and users adopt defenses against the threats, we measure the security of MQTT [7] servers, and identify that 12740 (88 percent) MQTT servers have no password protection. Our analysis can serve as an important guideline for investigating the security of IoT devices, as well as advancing the development of a more secure environment for IoT systems.

He Wen

DOI: https://doi.org/10.48550/arXiv.2306.08631

2023-06-15

Abstract:Cyberattacks on industrial control systems (ICS) have been drawing attention in academia. However, this has not raised adequate concerns among some industrial practitioners. Therefore, it is necessary to identify the vulnerable locations and components in the ICS and investigate the attack scenarios and techniques. This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) and applies it to a continuous stirred tank reactor (CSTR) model. The results show the physical system levels of ICS have the highest severity once cyberattacked, and controllers, workstations, and human-machine interface are the crucial components in the cyberattack and defense.

Cryptography and Security,Artificial Intelligence

Zhe Liu,Zehao Jin,Chenhan Shangguan

DOI: https://doi.org/10.1371/journal.pone.0256881

IF: 3.7

2021-09-08

PLoS ONE

Abstract:The Internet of Things (IoT) technology is widely used and has been improved in research. However, due to the extensiveness of IoT technology, the heterogeneity and diversity of the device structure, the number of attacks against IoT has increased dramatically, so we need a method that can effectively and actively determine safety. Considering the diversity of the terminal structure of IoT, a security method for the IoT terminal based on structural balance, method objectivity, and reliability is currently a challenging task. This paper introduces the idea of rate of change in mathematics into trust analysis, and forms three attribute sets based on trust interval and rate of change: discrete interval, change range, and change frequency. By calculating the above attributes of the entity’s trust value, the entity’s trust situation is obtained, and an overall assessment of the terminal entity’s trust situation is made from the three levels of completeness, accuracy and objectivity. Under the premise of reducing encryption and other means, the above method can evaluate the trust state of the IoT terminal from the perspective of the data, and this evaluation method can provide a basis for the judgment of the IoT terminal more objectively and accurately.

multidisciplinary sciences

CHEN Wei-hua,JIANG Quan-yuan,CAO Yi-jia,HAN Zhen-xiang

DOI: https://doi.org/10.3321/j.issn:1000-3673.2005.04.004

2005-01-01

Abstract:Based on probability theory the risk theory was applied to the vulnerability assessment of power system. Here, the power system was defined as a vulnerable system and a set of risk indices to assess the power system vulnerability and corresponding algorithm were built, thus the defects of traditional determinsistic security assessment method, which cannot satisfy the requirement of electricity market and complicated power grid, could be overcome. On this basis, a risk theory and risk indices based power system vulnerability assessment software was developed. Taking the New England test system for example, the effectiveness and advanced property of the presented method were proved.

Lei Zhu,Menghao Li,N Metawa

DOI: https://doi.org/10.1016/j.ipm.2021.102692

2021-11-01

Abstract:With accelerating global economic integration processes, the financial risk early warning requirements for companies are becoming higher and higher. This study discusses the financial risk evaluation Z-Score Model for intelligent IoT-based enterprises. The financial risk early warning system of an IoT company is made up of four parts: alarm source analysis, Z-Score Model analysis, and main financial ratio analysis. Among them, the police source analysis is the premise and important guarantee for the operation of the system overall. After analyzing the internal and external risk factors from different sources in combination with the annual and industry reports of the IoT company, we found that the main risk sources IoT companies face focus on external legal risk, industry competition risk (mainly affected by the external environment), and external tenant credit risk (dominated by their own characteristics). Based on analysis of police sources, a Z-Score Model analysis for IoT companies can be carried out. Z-Score Model analysis is the core of the new financial risk early warning system of IoT companies; therefore, an IoT company's long-term solvency is weak. Any IoT company should be committed to diversifying investments and to carefully selecting investment projects. This study may prove helpful for IoT companies in reducing the probability of crises and developing in a healthy and orderly way.

computer science, information systems,information science & library science

Xing Liu,Cheng Qian,William Grant Hatcher,Hansong Xu,Weixian Liao,Wei Yu

DOI: https://doi.org/10.1109/access.2019.2920763

IF: 3.9

2019-01-01

IEEE Access

Abstract:The widespread adoption of the Internet of Things (IoT) technologies has drastically increased the breadth and depth of attack surfaces in networked systems, providing new mechanisms for the intrusion. In the context of smart-world critical infrastructures and cyber-physical systems, the rapid adoption of the IoT systems and infrastructures without thorough consideration for the risks and vulnerabilities has the potential for catastrophic damage to the privacy, safety, and security of individuals and corporations. While the IoT systems have the potential to increase productivity, accountability, traceability, and efficiency, their potential weaknesses are also more abundant. In this paper, we provide critical consideration of the security of the IoT systems as applied to smart-world critical infrastructures. Particularly, we carry out a detailed assessment of vulnerabilities in IoT-based critical infrastructures from the perspectives of applications, networking, operating systems, software, firmware, and hardware. In addition, we highlight the three key critical infrastructure IoT-based cyber-physical systems, namely the smart transportation, smart manufacturing, and smart grid. Moreover, we provide a broad collection of attack examples upon each of the key applications. Furthermore, we introduce a case study, in which we assess the impacts of potential attacks on critical IoT-based systems, using the smart transportation system as an example. Finally, we provide a set of best practices and address the necessary steps to enact countermeasures for any generic IoT-based critical infrastructure system.

Miao Yu,Jianwei Zhuge,Ming Cao,Zhiwei Shi,Lin Jiang

DOI: https://doi.org/10.3390/fi12020027

2020-01-01

Future Internet

Abstract:With the prosperity of the Internet of Things (IoT) industry environment, the variety and quantity of IoT devices have grown rapidly. IoT devices have been widely used in smart homes, smart wear, smart manufacturing, smart cars, smart medical care, and many other life-related fields. With it, security vulnerabilities of IoT devices are emerging endlessly. The proliferation of security vulnerabilities will bring severe risks to users’ privacy and property. This paper first describes the research background, including IoT architecture, device components, and attack surfaces. We review state-of-the-art research on IoT device vulnerability discovery, detection, mitigation, and other related works. Then, we point out the current challenges and opportunities by evaluation. Finally, we forecast and discuss the research directions on vulnerability analysis techniques of IoT devices.

Wei Xie,Yikun Jiang,Yong Tang,Yuanming Gao,Ning Ding

DOI: https://doi.org/10.1109/icpads.2017.00104

2017-01-01

Abstract:With the development of Internet of Things(IoT), more and more smart devices are connected into the Internet. The security and privacy issues of IoT devices have received increasingly academic and industrial attentions. Vulnerability detection is the key technology to protect IoT devices from zeroday attacks. However, traditional methods and tools of vulnerability detection cannot be directly used in analyzing IoT firmware. This paper firstly reviews related works on vulnerability detection in IoT firmware, previous researches are classified into four types i.e. static analysis, symbolic execution, fuzzing on emulators and comprehensive testing. Then, this paper points out that the specificity of vulnerability detection in IoT firmware is to detect logical flaws in embedded binaries which are built on the MIPS architecture. Finally, this paper proposes a method based on fuzzing and static analysis to detect authentication bypass flaws in IoT embedded binary servers. The proposed method is proved to be effective by verifying known CVEs as well as discovering unknown ones.

Ruijuan Zheng,Mingchuan Zhang,Qingtao Wu,Wangyang Wei,Chunlei Yang

DOI: https://doi.org/10.6138/jit.2015.16.7.20150304

2015-01-01

Abstract:Around autonomic assessment problem of security risk, considering the high hybrid and heterogeneity of Internet of Things (IOT, for short), the potential influence and occurrence possibility of each main threat is described, evaluated and measured in accordance with fuzziness and randomicity of IOT security index. By which, the security risk grade and system tolerance degree of hybrid IOT security scene with incremental deployment characteristics is qualitatively analyzed. Multidimensional Normal Cloud is adopted to make synthesis of risk indicators, and the autonomic assessment strategy of security risk is constructed. On the basis of above work, transmission multi-rules mapping between qualitative input of security risk and quantitative inference of assessment rules is researched, autonomic inference rules and the optimization strategy are proposed. At last, the effectiveness, autonomy and accuracy of the proposed approach are verified by simulations.

Timothy Kieras,Muhammad Junaid Farooq,Quanyan Zhu

DOI: https://doi.org/10.48550/arXiv.2003.12363

2020-03-21

Abstract:Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.

Cryptography and Security,Systems and Control

Haojie Ji,Haiyang Yu,Yinghui Wang,Jing Peng

DOI: https://doi.org/10.1061/9780784483565.148

2021-01-01

Abstract:Automobile intelligent driving systems and communication services bring the widespread application of information technology and network technology. Meanwhile, there are increasing number of exploitable security vulnerabilities and risks in modern vehicles. These risks may cause serious consequences such as casualties and property losses for drivers. Risk assessment is an important activity in the life cycle of automobile cybersecurity and can provide a guarantee for the formation of correct cybersecurity requirements of products. Considering the current wide recognition standard for threat analysis and risk assessment, this paper proposes a systematic risk assessment method for automotive cybersecurity combined with risk assessment use cases. Finally, a typical use case of security-related component IVI is applied to illustrate the proposed risk assessment method and analysis process of cybersecurity assessment results.