Vulnerabilities analysis and security assessment framework for the Internet of Things

    Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedingspeer-review

    9 Citations (Scopus)

    Abstract

    The security of the Internet of Things (IoT) is increasingly recognized as a major concern. IoT technology has matured in recent years; however, the same cannot be said for the security of these devices. Despite their efficacy, IoT devices are not secure and are open to vulnerabilities that need to be addressed. The challenge here is to secure the data that IoT devices hold from the external objects or an attack within its network that can hinder the development and put the data at risk. The objective of this research is to investigate the architecture of various IoT systems and to use them to identify the common key components that need to be assessed to minimize the security gap in IoT systems. Based on the current literature a framework is proposed to assess the known vulnerabilities of IoT systems. Currently, there is no standard framework that can be used to assess the security of IoT devices, due to varied constraint in the interconnection of these devices. This research focuses on outlining the vulnerabilities that exist in IoT devices and how these can be assessed using the security assessment framework. It lays the foundation on how this framework evaluates each vulnerability of an IoT System and what can be done to reduce these existing vulnerabilities. The proposed framework provides accurate and realistic assessment outcomes by considering the threats and avoiding the involvement of external factors that can put the assessment process at risk. This framework is designed to combine with other frameworks such as ISO/IEC 27000, COBIT 5, ANSI/ISA 62443, and NIST SP 800-53.

    Original languageEnglish
    Title of host publicationProceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019
    Place of PublicationPiscataway, NJ
    PublisherIEEE, Institute of Electrical and Electronics Engineers
    Pages22-29
    Number of pages8
    Volume1
    ISBN (Electronic)9781728126005
    DOIs
    Publication statusPublished - 1 May 2019
    Event2019 Cybersecurity and Cyberforensics Conference, CCC 2019 - Melbourne, Australia
    Duration: 7 May 20198 May 2019

    Publication series

    NameProceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019

    Conference

    Conference2019 Cybersecurity and Cyberforensics Conference, CCC 2019
    Country/TerritoryAustralia
    CityMelbourne
    Period7/05/198/05/19

    Bibliographical note

    Publisher Copyright:
    © 2019 IEEE.

    Fingerprint

    Dive into the research topics of 'Vulnerabilities analysis and security assessment framework for the Internet of Things'. Together they form a unique fingerprint.

    Cite this