北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2017, Vol. 40 ›› Issue (s1): 135-139.doi: 10.13190/j.jbupt.2017.s.030

• 论文 • 上一篇    下一篇

物联网系统安全威胁和风险评估

赵健1, 王瑞1, 李正民2,3, 雷敏4, 马敏耀5   

  1. 1. 西北大学 信息科学与技术学院, 西安 710127;
    2. 国家计算机网络应急技术处理协调中心, 北京 100029;
    3. 中国科学院 信息工程研究所, 北京 100093;
    4. 北京邮电大学 信息安全中心, 北京 100876
  • 收稿日期:2016-05-30 出版日期:2017-09-28 发布日期:2017-09-28
  • 作者简介:赵健(1973-),男,教授,硕士生导师,E-mail:zjctec@nwu.edu.cn.
  • 基金资助:
    国家自然科学基金项目(61310306028);国家重点研发计划课题项目(2016YFF0204001)

Security Threats and Risk Assessment of IoT System

ZHAO Jian1, WANG Rui1, LI Zheng-min2,3, LEI Min4, MA Min-yao5   

  1. 1. School of Information Science and Technology, Northwest University, Xi'an 710127, China;
    2. National Computer Network Emergency Response Technical Team/Coordination Center of China;Beijing 100029, China;
    3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
    4. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2016-05-30 Online:2017-09-28 Published:2017-09-28

PDF

228

摘要: 物联网系统存在诸多安全隐患,当前的物联网系统评估分析方法是定性的分析评估方法,缺乏量化的评估分析方法. 列出物联网系统面临的攻击,将攻击按照攻击面和攻击点进行分类,根据每种安全威胁的危害程度、发生概率以及补救措施的复杂程度,利用模糊综合评价法进行分析,构建一个安全分析的模型,从而可对物联网系统进行定量的分析,实现了物联网系统的安全量化评估.

关键词: 物联网系统安全, 安全威胁, 风险评估, 模糊综合评价

Abstract: Internet of things (IoT) system is a complex system, which faced with serious security challenges. Current risk evaluation method of IoT is qualitative but lack of quantitative assessment methods. Malicious attacks of IoT system are classified according to attack surface and attack point. Then a security analysis model using fuzzy comprehensive evaluation method is proposed bases on three elements of each attack, there are damage degree, occurrence probability and the complexity of reinforcement, which can be used as quantitative assessment methods of IoT system.

Key words: IoT security, security threat, risk assessment, fuzzy comprehensive evaluation

中图分类号: 

版权所有 © 2018 《北京邮电大学学报》编辑部 京ICP备14033833号     在线人数:今日访问 当前在线 总访问

通信地址:北京市海淀区西土城路10号北京邮电大学195信箱    邮编:100876    电话:(010)62281995    QQ:307514248    微博    留言    电子邮箱:byxb@bupt.edu.cn