Security Threats and Risk Assessment of IoT System

doi:10.13190/j.jbupt.2017.s.030

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2017, Vol. 40 ›› Issue (s1): 135-139.doi: 10.13190/j.jbupt.2017.s.030

• Papers • Previous Articles Next Articles

Security Threats and Risk Assessment of IoT System

ZHAO Jian¹, WANG Rui¹, LI Zheng-min^2,3, LEI Min⁴, MA Min-yao⁵

1. School of Information Science and Technology, Northwest University, Xi'an 710127, China;
2. National Computer Network Emergency Response Technical Team/Coordination Center of China;Beijing 100029, China;
3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
4. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2016-05-30 Online:2017-09-28 Published:2017-09-28

Abstract

Abstract: Internet of things (IoT) system is a complex system, which faced with serious security challenges. Current risk evaluation method of IoT is qualitative but lack of quantitative assessment methods. Malicious attacks of IoT system are classified according to attack surface and attack point. Then a security analysis model using fuzzy comprehensive evaluation method is proposed bases on three elements of each attack, there are damage degree, occurrence probability and the complexity of reinforcement, which can be used as quantitative assessment methods of IoT system.

Key words: IoT security, security threat, risk assessment, fuzzy comprehensive evaluation

CLC Number:

ZHAO Jian, WANG Rui, LI Zheng-min, LEI Min, MA Min-yao. Security Threats and Risk Assessment of IoT System[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2017, 40(s1): 135-139.

[1]	YANG Hongyu, YUAN Haihang, ZHANG Liang. A Risk Assessment Method of Network Host Node with Host Importance [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(2): 16-21.
[2]	YANG Hong-yu, ZHANG Le, ZHANG Liang. An Information System Risk Assessment Method Based on Risk Propagation [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(4): 41-48.
[3]	LU Yi-qin, HUANG Jun-xian, CHENG Zhe, QIN Jian-cheng. A Multi-Index Mimic Voting Algorithm Based on Improved AHP-FCE Model [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(2): 8-13.
[4]	LI Xiao-hui, DU Yang-fan, SHI Xiao-zhu, YANG Xu. NLOS Ranging Error Compensation Algorithm Based on Fuzzy Association Channel Identification [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(1): 21-27.
[5]	LEI Min, LIU Xiao-ming, ZHANG Hong, WANG Mian, YANG Yu. Research on Security Threats and Risk Assessment of Web Information System [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(s1): 87-93.
[6]	GE Hai-hui, ZHENG Shi-hui, CHEN Tian-ping, YANG Yi-xian. Fuzzy Risk Assessment of Information Security Threat Scenario [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2013, 36(6): 89-92,107.
[7]	. Network Security Analysis Based on Host-Security-Group [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2012, 35(1): 19-23.
[8]	WU Huan, PAN Lin, WANG Xiao-zhen, XU Rong-sheng. A Risk Assessment Model Using Incomplete Attack Graphs Analysis [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(3): 57-61.
[9]	LuZhenbang,ZHOU Bo. Hierarchical Risk Assessment Based on Shapley Entropies and Choquet Integrals [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(6): 83-87.
[10]	XIAO Qian LUO Shou-Shan YANG Wen-Chuan ZHENG Kang-Feng. Secure Multi-Party Fuzzy Comprehensive Evaluation Model and Its Protocol [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(3): 5-9.
[11]	. Fuzzy Comprehensive Evaluation Based Loss Discrimination Algorithm in Wired/Wireless Hybrid Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(3): 60-64.

Security Threats and Risk Assessment of IoT System

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 11

Recommended Articles

Metrics

Comments