Detecting dynamic security threats in multi-component IoT systems

Isaac Shrestha, Matthew L. Hale

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The rising ubiquity of the Internet of Things (IoT) has heralded a new era of increasingly prolific and damaging IoT-centric security threat vectors. Fast-paced market demand for multi-featured IoT products urge companies, and their software engineers, to bring products to market quickly, often at the cost of security. Lack of proper security threat analysis tooling during development, testing, and release cycles exacerbate security concerns. In this paper, we augment a security threat analysis tool to use audit hooks, open-source information capture components, and machine learning techniques to profile dynamic wearable and IoT operations spanning multiple components during execution. Our tool encourages data-drive threat identification and analysis approaches that can help software engineers perform dynamic testing and threat analysis to mitigate code-level vulnerabilities that lead to attacks in IoT applications. Our approach is evaluated by means of a case study involving a system evaluation across several common attack vectors.

Original languageEnglish (US)
Title of host publicationProceedings of the 52nd Annual Hawaii International Conference on System Sciences, HICSS 2019
EditorsTung X. Bui
PublisherIEEE Computer Society
Pages7146-7155
Number of pages10
ISBN (Electronic)9780998133126
StatePublished - 2019
Event52nd Annual Hawaii International Conference on System Sciences, HICSS 2019 - Maui, United States
Duration: Jan 8 2019Jan 11 2019

Publication series

NameProceedings of the Annual Hawaii International Conference on System Sciences
Volume2019-January
ISSN (Print)1530-1605

Conference

Conference52nd Annual Hawaii International Conference on System Sciences, HICSS 2019
Country/TerritoryUnited States
CityMaui
Period1/8/191/11/19

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint

Dive into the research topics of 'Detecting dynamic security threats in multi-component IoT systems'. Together they form a unique fingerprint.

Cite this