Multi-Source Knowledge Reasoning for Data-Driven IoT Security

Zhang, Shuqin; Bai, Guangyao; Li, Hong; Li, Peipei; Zhang, Minzhi; Li, Shujun

doi:10.3390/s21227579

Cited by 11 publications

(11 citation statements)

References 27 publications

(42 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wu et al expressed the relationships of attack scenarios in the SWRL rules and assessed potential threats by inferring vulnerabilities and their induced attacks [10]. Similarly, Zhang et al revealed the implicit relation based on the inference rules to discover vulnerable platforms in the IoT environments [18]. To some extent, ontology-based reasoning methods cannot meet the demands of cost computing and rule generation complexity when instances increase.…”

Section: Reasoning-based Security Analysismentioning

confidence: 99%

“…Algorithm 1: Continued ( 16) remove the last elements from cur_p_rela and cur_p_ent (17) end if (18) for each entity adj_ent and relation adj_rela adjacent to cur_ent do (19) if adj_ent is not in cur_p_ent then (20) DFS_SIM (adj_rela, adj_ent, cur_p_rela, cur_p_ent, p_vec, cur_sim, cur_len, e t , max_p_len, q_r_vec, cri_p_set) (21) end if (22) end for (23) remove the last elements from cur_p_rela and cur_p_ent (24) end function…”

Section: Algorithm 1: Critical Relation Path Depth-first Search With ...mentioning

confidence: 99%

See 1 more Smart Citation

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

Wang¹,

Huo²,

Zhang³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

Section: Reasoning-based Security Analysismentioning

confidence: 99%

Section: Algorithm 1: Critical Relation Path Depth-first Search With ...mentioning

confidence: 99%

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

Wang¹,

Huo²,

Zhang³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

“…Related ATT&CK Attack Technology. ATT&CK abstractly describes a framework composed of sequential attack tactics, each of which covers abundant attack techniques [43]. ATT&CK framework can help organizations predict the adversary's attack behavior, gain a comprehensive understanding of the attack techniques that attackers may use, and provide mitigation measures.…”

Section: Cyber Threat Intelligence-automated Assessment Model (Tiam)mentioning

confidence: 99%

An Automatic Assessment Method of Cyber Threat Intelligence Combined with ATT&CK Matrix

Zhang

Chen

Bai

et al. 2022

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

With the occurrence of cyber security incidents, the value of threat intelligence is coming to the fore. Timely extracting Indicator of Compromise (IOC) from cyber threat intelligence can quickly respond to threats. However, the sparse text in public threat intelligence scatters useful information, which makes it challenging to assess unstructured threat intelligence. In this paper, we proposed Cyber Threat Intelligence Automated Assessment Model (TIAM), a method to automatically assess highly sparse threat intelligence from multiple dimensions. TIAM implemented automatic classification of threat intelligence based on feature extraction, defined assessment criteria to quantify the value of threat intelligence, and combined ATT&CK to identify attack techniques related to IOC. Finally, we associated the identified IOCs, ATT&CK techniques, and intelligence quantification results. The experimental results shown that TIAM could better assess threat intelligence and help security managers to obtain valuable cyber threat intelligence.

show abstract

“…Other papers have proposed IoT metrics for hardware, software, network, quality requirements, security requirements, etc. An example of the latter is the study by Zhang et al (2021) who proposed the IoT Security Threat Ontology (IoTSTO) as an IoT security ontology model to describe the elements of IoT security threats and threat analysis rules. Their model assists security managers in deploying IoT security solutions.…”

Section: Introductionmentioning

confidence: 99%

Systematic Literature Review of Iot Metrics

Moulla¹,

Mnkandla²,

Abran³

2023

acs

View full text Add to dashboard Cite

The Internet of Things (IoT) touches almost every aspect of modern society and has changed the way people live, work, travel and, do business. Because of its importance, it is essential to ensure that an IoT system is performing well, as desired and expected, and that this can be assessed and managed with an adequate set of IoT performance metrics. The aim of this study was to systematically inventory and classifies recent studies that have investigated IoT metrics. We conducted a literature review based on studies published between January 2010 and December 2021 using a set of five research questions (RQs) on the current knowledge bases for IoT metrics. A total of 158 IoT metrics were identified and classified into 12 categories according to the different parts and aspects of an IoT system. To cover the overall performance of an IoT system, the 12 categories were organized into an ontology. The findings results show that the category of network metrics was the most discussed in 43% of the studies and, with the highest number of metrics at 37%. This study can provide guidelines for researchers and practitioners in selecting metrics for IoT systems and valuable insights into areas for improvement and optimization.

show abstract

Multi-Source Knowledge Reasoning for Data-Driven IoT Security

Cited by 11 publications

References 27 publications

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

Critical Relation Path Aggregation-Based Industrial Control Component Exploitable Vulnerability Reasoning

An Automatic Assessment Method of Cyber Threat Intelligence Combined with ATT&CK Matrix

Systematic Literature Review of Iot Metrics

Contact Info

Product

Resources

About