Cyber Security Threats to IoT Applications and Service Domains

Tweneboah-Koduah, Samuel; Skouby, Knud Erik; Tadayoni, Reza

doi:10.1007/s11277-017-4434-6

Cited by 103 publications

(40 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For example, smart health deals with highly personalized data and requires high-level security and privacy protection [38]. Since many IoT applications may be owned by third-party service providers, cyberattacks on these applications may affect the security of other interrelated applications [39].…”

Section: Cybersecurity At the Application Layermentioning

confidence: 99%

Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management

Lee

2020

Future Internet

145

View full text Add to dashboard Cite

Along with the growing threat of cyberattacks, cybersecurity has become one of the most important areas of the Internet of Things (IoT). The purpose of IoT cybersecurity is to reduce cybersecurity risk for organizations and users through the protection of IoT assets and privacy. New cybersecurity technologies and tools provide potential for better IoT security management. However, there is a lack of effective IoT cyber risk management frameworks for managers. This paper reviews IoT cybersecurity technologies and cyber risk management frameworks. Then, this paper presents a four-layer IoT cyber risk management framework. This paper also applies a linear programming method for the allocation of financial resources to multiple IoT cybersecurity projects. An illustration is provided as a proof of concept.

show abstract

Section: Cybersecurity At the Application Layermentioning

confidence: 99%

Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management

Lee

2020

Future Internet

145

View full text Add to dashboard Cite

show abstract

“…Similarly, Frustaci et al [29] and Neshenko et al [52] presented a taxonomy of the IoT security issues based on the perception, transportation, and application. Tweneboah-Koduah et al [67] analyzed the taxonomy of various security issues, whereas Ge at al. [30] devised an IoT security model consisting of five phases (namely data processing, security model generation, security visualization, security analysis, and model updates).…”

Section: Related Workmentioning

confidence: 99%

Static analysis for discovering IoT vulnerabilities

Ferrara

Mandal

Cortesi

et al. 2020

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

The Open Web Application Security Project (OWASP), released the “OWASP Top 10 Internet of Things 2018” list of the high-priority security vulnerabilities for IoT systems. The diversity of these vulnerabilities poses a great challenge toward development of a robust solution for their detection and mitigation. In this paper, we discuss the relationship between these vulnerabilities and the ones listed by OWASP Top 10 (focused on Web applications rather than IoT systems), how these vulnerabilities can actually be exploited, and in which cases static analysis can help in preventing them. Then, we present an extension of an industrial analyzer (Julia) that already covers five out of the top seven vulnerabilities of OWASP Top 10, and we discuss which IoT Top 10 vulnerabilities might be detected by the existing analyses or their extension. The experimental results present the application of some existing Julia’s analyses and their extension to IoT systems, showing its effectiveness of the analysis of some representative case studies.

show abstract

“…The most complete classification of the IoT attack vectors is described in [13], referring to the IoT ecosystem as a Web3 or Web of Things phenomenon, where four main categories are provided: Device, Application Service, Network, Web Interface and Data integrity. Developing a cyber security solution targeting to protect all of the identified vectors is a very challenging and crucial task.…”

Section: Advancements In Iot Cyber Security Monitoringmentioning

confidence: 99%

GHOST - Safe-Guarding Home IoT Environments with Personalised Real-Time Risk Control

Collen

Nijdam

Augusto-Gonzalez³

et al. 2018

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract. We present the European research project GHOST, (Safeguarding home IoT environments with personalised real-time risk control), which challenges the traditional cyber security solutions for the IoT by proposing a novel reference architecture that is embedded in an adequately adapted smart home network gateway, and designed to be vendor-independent. GHOST proposes to lead a paradigm shift in consumer cyber security by coupling usable security with transparency and behavioural engineering.

show abstract

Cyber Security Threats to IoT Applications and Service Domains

Cited by 103 publications

References 6 publications

Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management

Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management

Static analysis for discovering IoT vulnerabilities

GHOST - Safe-Guarding Home IoT Environments with Personalised Real-Time Risk Control

Contact Info

Product

Resources

About