Advertisement

A Knowledge-Based IoT Security Checker

  • Marco Anisetti
  • Rasool Asal
  • Claudio Agostino Ardagna
  • Lorenzo Comi
  • Ernesto Damiani
  • Filippo GaudenziEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11339)

Abstract

The widespread diffusion of ubiquitous and smart devices is radically changing the environment surrounding the users and brought to the definition of a new ecosystem called Internet of Things (IoT). Users are connected anywhere anytime, and can continuously monitor and interact with the external environment. While devices are becoming more and more powerful and efficient (e.g., using protocols like zigbee, LTE, 5G), their security is still in its infancy. Such devices, as well as the edge network providing connectivity, become the target of security attacks without their owners being aware of the risks they are exposed to. In this paper we present IoT Security Checker, a solution for IoT security assessment coping with the most relevant IoT security issues. We also provide some preliminary analysis showing how the IoT Security Checker can be used for verifying the security of an IoT system.

Notes

Acknowledgements

This project was partly supported by the program “piano sostegno alla ricerca 2015-17” funded by Università degli Studi di Milano.

References

  1. 1.
    Al-Alami, H., Hadi, A., Al-Bahadili, H.: Vulnerability scanning of IoT devices in Jordan using Shodan. In: Proceedings of IT-DREPS 2017, pp. 1–6 (2017).  https://doi.org/10.1109/IT-DREPS.2017.8277814
  2. 2.
    Anisetti, M., Ardagna, C.A., Damiani, E., Gaudenzi, F., Veca, R.: Toward security and performance certification of open stack. In: Proceedings of IEEE CLOUD 2015, June 2015.  https://doi.org/10.1109/CLOUD.2015.81
  3. 3.
    Anisetti, M., Ardagna, C., Damiani, E., Gaudenzi, F.: A semi-automatic and trustworthy scheme for continuous cloud service certification. IEEE TSC (2017)Google Scholar
  4. 4.
    Ardagna, C.A., Damiani, E., Schütte, J., Stephanow, P.: A case for IoT security assurance. In: Di Martino, B., Li, K.-C., Yang, L.T., Esposito, A. (eds.) Internet of Everything. IT, pp. 175–192. Springer, Singapore (2018).  https://doi.org/10.1007/978-981-10-5861-5_8CrossRefGoogle Scholar
  5. 5.
    Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017).  https://doi.org/10.1109/MC.2017.201CrossRefGoogle Scholar
  6. 6.
    Kumar, N., Madhuri, J., ChanneGowda, M.: Review on security and privacy concerns in Internet of Things. In: Proceedings of ICIOT 2017, pp. 1–5 (2017).  https://doi.org/10.1109/ICIOTA.2017.8073640
  7. 7.
    Markowsky, L., Markowsky, G.: Scanning for vulnerable devices in the Internet of Things. In: Proceedings of IEEE IDAAC 2015, vol. 1, pp. 463–467, September 2015.  https://doi.org/10.1109/IDAACS.2015.7340779
  8. 8.
    Matherly, J.: The Complete Guide to Shodan: Collect. Analyze. Visualize. Kindle Publisher (2016)Google Scholar
  9. 9.
    Samtani, S., Yu, S., Zhu, H., Patton, M., Matherly, J., Chen, H.: Identifying supervisory control and data acquisition (SCADA) devices and their vulnerabilities on the Internet of Things (IoT): a text mining approach. IEEE Intell. Syst., 1 (2018).  https://doi.org/10.1109/MIS.2018.111145022CrossRefGoogle Scholar
  10. 10.
    Seralathan, Y., et al.: IoT security vulnerability: a case study of a web camera. In: Proceedings of ICACT 2018, pp. 172–177, February 2018.  https://doi.org/10.23919/ICACT.2018.8323686
  11. 11.
    Visoottiviseth, V., Akarasiriwong, P., Chaiyasart, S., Chotivatunyu, S.: PENTOS: penetration testing tool for Internet of Thing devices. In: Proceedings of IEEE TENCON 2017, pp. 2279–2284 (2017).  https://doi.org/10.1109/TENCON.2017.8228241
  12. 12.
    Williams, R., McMahon, E., Samtani, S., Patton, M., Chen, H.: Identifying vulnerabilities of consumer Internet of Things (IoT) devices: a scalable approach. In: Proceedings of IEEE ISI 2017, pp. 179–181 (2017).  https://doi.org/10.1109/ISI.2017.8004904
  13. 13.
    Zhao, K., Ge, L.: A survey on the Internet of Things security. In: Proceedings of CIS 2013, pp. 663–667 (2013).  https://doi.org/10.1109/CIS.2013.145

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Marco Anisetti
    • 1
  • Rasool Asal
    • 2
  • Claudio Agostino Ardagna
    • 1
  • Lorenzo Comi
    • 1
  • Ernesto Damiani
    • 1
    • 3
  • Filippo Gaudenzi
    • 1
    Email author
  1. 1.DI – Università degli Studi di MilanoMilanItaly
  2. 2.British TelecommunicationsLondonUK
  3. 3.Centre on Cyber-Physical SystemsKhalifa UniversityAbu DhabiUAE

Personalised recommendations