A Knowledge-Based IoT Security Checker
The widespread diffusion of ubiquitous and smart devices is radically changing the environment surrounding the users and brought to the definition of a new ecosystem called Internet of Things (IoT). Users are connected anywhere anytime, and can continuously monitor and interact with the external environment. While devices are becoming more and more powerful and efficient (e.g., using protocols like zigbee, LTE, 5G), their security is still in its infancy. Such devices, as well as the edge network providing connectivity, become the target of security attacks without their owners being aware of the risks they are exposed to. In this paper we present IoT Security Checker, a solution for IoT security assessment coping with the most relevant IoT security issues. We also provide some preliminary analysis showing how the IoT Security Checker can be used for verifying the security of an IoT system.
This project was partly supported by the program “piano sostegno alla ricerca 2015-17” funded by Università degli Studi di Milano.
- 1.Al-Alami, H., Hadi, A., Al-Bahadili, H.: Vulnerability scanning of IoT devices in Jordan using Shodan. In: Proceedings of IT-DREPS 2017, pp. 1–6 (2017). https://doi.org/10.1109/IT-DREPS.2017.8277814
- 2.Anisetti, M., Ardagna, C.A., Damiani, E., Gaudenzi, F., Veca, R.: Toward security and performance certification of open stack. In: Proceedings of IEEE CLOUD 2015, June 2015. https://doi.org/10.1109/CLOUD.2015.81
- 3.Anisetti, M., Ardagna, C., Damiani, E., Gaudenzi, F.: A semi-automatic and trustworthy scheme for continuous cloud service certification. IEEE TSC (2017)Google Scholar
- 6.Kumar, N., Madhuri, J., ChanneGowda, M.: Review on security and privacy concerns in Internet of Things. In: Proceedings of ICIOT 2017, pp. 1–5 (2017). https://doi.org/10.1109/ICIOTA.2017.8073640
- 7.Markowsky, L., Markowsky, G.: Scanning for vulnerable devices in the Internet of Things. In: Proceedings of IEEE IDAAC 2015, vol. 1, pp. 463–467, September 2015. https://doi.org/10.1109/IDAACS.2015.7340779
- 8.Matherly, J.: The Complete Guide to Shodan: Collect. Analyze. Visualize. Kindle Publisher (2016)Google Scholar
- 9.Samtani, S., Yu, S., Zhu, H., Patton, M., Matherly, J., Chen, H.: Identifying supervisory control and data acquisition (SCADA) devices and their vulnerabilities on the Internet of Things (IoT): a text mining approach. IEEE Intell. Syst., 1 (2018). https://doi.org/10.1109/MIS.2018.111145022CrossRefGoogle Scholar
- 10.Seralathan, Y., et al.: IoT security vulnerability: a case study of a web camera. In: Proceedings of ICACT 2018, pp. 172–177, February 2018. https://doi.org/10.23919/ICACT.2018.8323686
- 11.Visoottiviseth, V., Akarasiriwong, P., Chaiyasart, S., Chotivatunyu, S.: PENTOS: penetration testing tool for Internet of Thing devices. In: Proceedings of IEEE TENCON 2017, pp. 2279–2284 (2017). https://doi.org/10.1109/TENCON.2017.8228241
- 12.Williams, R., McMahon, E., Samtani, S., Patton, M., Chen, H.: Identifying vulnerabilities of consumer Internet of Things (IoT) devices: a scalable approach. In: Proceedings of IEEE ISI 2017, pp. 179–181 (2017). https://doi.org/10.1109/ISI.2017.8004904
- 13.Zhao, K., Ge, L.: A survey on the Internet of Things security. In: Proceedings of CIS 2013, pp. 663–667 (2013). https://doi.org/10.1109/CIS.2013.145