Challenges for Security Assessment of Enterprises in the IoT Era

Mathov, Yael; Agmon, Noga; Shabtai, Asaf; Puzis, Rami; Tippenhauer, Nils Ole; Elovici, Yuval

doi:10.48550/arxiv.1906.10922

Cited by 3 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is likely to enable more practical simulation and algorithmic learning. Furthermore, most reviewed studies use simulations or testbeds for evaluation [7], [13], [14], [15], [16], [20], [21], [23], [26], [29], [33], [35], [37], [39], [44], [51], [54], [67] instead of real-world IoT networks.…”

Section: Discussion and Future Directionsmentioning

confidence: 99%

See 1 more Smart Citation

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

et al. 2023

View full text Add to dashboard Cite

Vulnerability assessment in industrial IoT networks is critical due to the evolving nature of the domain and the increasing complexity of security threats. This study aims to address the existing gaps in the literature by conducting a comprehensive survey on the use of attack graphs for vulnerability assessment in IoT networks. Attack graphs serve as a valuable cybersecurity tool for modeling and analyzing potential attack scenarios on systems, networks, or applications. The survey covers the research conducted between 2016 and 2021(34 peer-reviewed journal articles and 28 conference papers), identifying and categorizing the main methodologies and technologies employed in generating and analyzing attack graphs. In this review, core modeling techniques for IoT vulnerability assessment are highlighted, such as Markov Decision Processes (MDP), Feature Pyramid Networks (FPN), K-means clustering, and logistic regression models, along with other techniques involving genetic algorithms like fast-forward (FF), contingent fast-forwards (CFF), advanced reinforcement-learning algorithms, and HARMs models. The evaluation of the performance of these attack graph models using IoT networks or devices as case studies is also emphasized. This survey provides valuable insights into the state-of-the-art attack graph techniques for IoT network vulnerability assessment, identifying various applications, performances, research opportunities, and challenges. As a reference source, it serves to inform academicians and practitioners interested in leveraging attack graphs for IoT network vulnerability assessment and guides future research directions in this area.INDEX TERMS Attack graph, the Internet of Things, network vulnerabilities, vulnerability assessment.

show abstract

Section: Discussion and Future Directionsmentioning

confidence: 99%

“…Mathov et al [29] propose three novel ideas that address and overcome using attack graphs for vulnerability assessment. The authors review the require solutions when using attack graphs to model and analyze enterprise networks with IoT devices.…”

Section: B Graph Analyses and Formulation Of Security Propertiesmentioning

confidence: 99%

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Over the years, various methods have been developed as a means of evaluating the security risks associated with the IoT. Among those methods, IoT attack graphs [44], [45], [46] provide a comprehensive view of attacks, and can assist in identifying multi-hop high-risk attack paths in a large-scale environment. A different objective was addressed in [47], where the authors aimed at quantifying the ease of IoT-related attack execution.…”

Section: Risk Assessment In the Iotmentioning

confidence: 99%

Responses to AHP-style questionnaires regarding the publication "D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks"

Benatar¹,

Biton²,

Shabtai³

2020

View full text Add to dashboard Cite

IoT devices are known to be vulnerable to various cyber-attacks, such as data exfiltration and the execution of flooding attacks as part of a DDoS attack. When it comes to detecting such attacks using network traffic analysis, it has been shown that some attack scenarios are not always equally easy to detect if they involve different IoT models. That is, when targeted at some IoT models, a given attack can be detected rather accurately, while when targeted at others the same attack may result in too many false alarms. In this research, we attempt to explain this variability of IoT attack detectability and devise a risk assessment method capable of addressing a key question: how easy is it for an anomaly-based network intrusion detection system to detect a given cyber-attack involving a specific IoT model? In the process of addressing this question we (a) investigate the predictability of IoT network traffic, (b) present a novel taxonomy for IoT attack detection which also encapsulates traffic predictability aspects, (c) propose an expertbased attack detectability estimation method which uses this taxonomy to derive a detectability score (termed 'D-Score') for a given combination of IoT model and attack scenario, and (d) empirically evaluate our method while comparing it with a datadriven method.

show abstract

“…multi-step attacks that can combine attack steps exploiting human, physical, or cyber vulnerabilities in combination. The security analysis of such systems cannot be done from one perspective alone but must consider the physical context of the system, its cyber resources and connections, and the humans that use or operate it [10]. Threat models for hybrid systems must be able to represent attack scenarios that exploit the interplay between the human, physical, and cyber aspects of the system.…”

Section: Introductionmentioning

confidence: 99%

A Hybrid Threat Model for Smart Systems

Valenza

Karafili

Steiner

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Cyber-physical systems and their smart components have a pervasive presence in all our daily activities. Unfortunately, identifying the potential threats and issues in these systems and selecting enough protection is challenging given that such environments combine human, physical and cyber aspects to the system design and implementation. Current threat models and analysis do not take into consideration all three aspects of the analyzed system, how they can introduce new vulnerabilities or protection measures to each other. In this work, we introduce a novel threat model for cyber-physical systems that combines the cyber, physical, and human aspects. Our model represents the system's components relations and security properties by taking into consideration these three aspects. Together with the threat model we also propose a threat analysis method that allows understanding the security state of the system's components. The threat model and the threat analysis have been implemented into an automatic tool, called TAMELESS, that automatically analyzes threats to the system, verifies its security properties, and generates a graphical representation, useful for security architects to identify the proper prevention/mitigation solutions. We show and prove the use of our threat model and analysis with three cases studies from different sectors.

show abstract

Challenges for Security Assessment of Enterprises in the IoT Era

Cited by 3 publications

References 0 publications

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

Responses to AHP-style questionnaires regarding the publication "D-Score: An Expert-Based Method for Assessing the Detectability of IoT-Related Cyber-Attacks"

A Hybrid Threat Model for Smart Systems

Contact Info

Product

Resources

About