Abstract
The security of the Internet of Things (IoT) is increasingly recognized as a major concern. IoT technology has matured in recent years; however, the same cannot be said for the security of these devices. Despite their efficacy, IoT devices are not secure and are open to vulnerabilities that need to be addressed. The challenge here is to secure the data that IoT devices hold from the external objects or an attack within its network that can hinder the development and put the data at risk. The objective of this research is to investigate the architecture of various IoT systems and to use them to identify the common key components that need to be assessed to minimize the security gap in IoT systems. Based on the current literature a framework is proposed to assess the known vulnerabilities of IoT systems. Currently, there is no standard framework that can be used to assess the security of IoT devices, due to varied constraint in the interconnection of these devices. This research focuses on outlining the vulnerabilities that exist in IoT devices and how these can be assessed using the security assessment framework. It lays the foundation on how this framework evaluates each vulnerability of an IoT System and what can be done to reduce these existing vulnerabilities. The proposed framework provides accurate and realistic assessment outcomes by considering the threats and avoiding the involvement of external factors that can put the assessment process at risk. This framework is designed to combine with other frameworks such as ISO/IEC 27000, COBIT 5, ANSI/ISA 62443, and NIST SP 800-53.
Original language | English |
---|---|
Title of host publication | Proceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019 |
Place of Publication | Piscataway, NJ |
Publisher | IEEE, Institute of Electrical and Electronics Engineers |
Pages | 22-29 |
Number of pages | 8 |
Volume | 1 |
ISBN (Electronic) | 9781728126005 |
DOIs | |
Publication status | Published - 1 May 2019 |
Event | 2019 Cybersecurity and Cyberforensics Conference, CCC 2019 - Melbourne, Australia Duration: 7 May 2019 → 8 May 2019 |
Publication series
Name | Proceedings - 2019 Cybersecurity and Cyberforensics Conference, CCC 2019 |
---|
Conference
Conference | 2019 Cybersecurity and Cyberforensics Conference, CCC 2019 |
---|---|
Country/Territory | Australia |
City | Melbourne |
Period | 7/05/19 → 8/05/19 |
Bibliographical note
Publisher Copyright:© 2019 IEEE.