Vulnerabilities analysis and security assessment framework for the internet of things

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedings

Abstract

The security of the Internet of Things (IoT) is increasingly recognized as a major concern. IoT technology has matured in recent years; however, the same cannot be said for the security of these devices. Despite their efficacy, IoT devices are not secure and are open to vulnerabilities that need to be addressed. The challenge here is to secure the data that IoT devices hold from the external objects or an attack within its network that can hinder the development and put the data at risk. The objective of this research is to investigate the architecture of various IoT systems and to use them to identify the common key components that need to be assessed to minimize the security gap in IoT systems. Based on the current literature a framework is proposed to assess the known vulnerabilities of IoT systems. Currently, there is no standard framework that can be used to assess the security of IoT devices, due to varied constraint in the interconnection of these devices. This research focuses on outlining the vulnerabilities that exist in IoT devices and how these can be assessed using the security assessment framework. It lays the foundation on how this framework evaluates each vulnerability of an IoT System and what can be done to reduce these existing vulnerabilities. The proposed framework provides accurate and realistic assessment outcomes by considering the threats and avoiding the involvement of external factors that can put the assessment process at risk. This framework is designed to combine with other frameworks such as ISO/IEC 27000, COBIT 5, ANSI/ISA 62443, and NIST SP 800-53.

Original languageEnglish
Title of host publicationProceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages22-29
Number of pages8
ISBN (Electronic)9781728126005
DOIs
Publication statusPublished - 1 May 2019
Event2019 Cybersecurity and Cyberforensics Conference, CCC 2019 - Melbourne, Australia
Duration: 7 May 20198 May 2019

Publication series

NameProceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019

Conference

Conference2019 Cybersecurity and Cyberforensics Conference, CCC 2019
CountryAustralia
CityMelbourne
Period7/05/198/05/19

Fingerprint Dive into the research topics of 'Vulnerabilities analysis and security assessment framework for the internet of things'. Together they form a unique fingerprint.

Cite this