An attack tree based risk evaluation approach for the internet of things

Waqar Asif, Indranil Ghosh Ray, Muttukrishnan Rajarajan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Internet of Things (IoTs) are being widely used for a large number of use case scenarios, where a wide range of devices, with different computational resources, are marshalled for the purpose of a certain mission goal. The unique combination of these devices and the nature of sensitive information that they hold poses a large number of risks where the risks are highly dependant upon the type of devices and the type of attacks that an adversary can launch. In this work, we propose an attack tree model to evaluate the user's privacy risks associated with an IoT eco system. We evaluate the potential risks based on varying attack attributes, the probable considerations/preferences of an adversary and the varying computational resources available on a device. The proposed model identifies the probability of risk associated with each attack scenario and thus benefits an analyst in identifying which attack is more likely of the use case scenario.
Original languageEnglish
Title of host publicationIOT '18: Proceedings of the 8th International Conference on the Internet of Things
PublisherACME
Pages1–8
ISBN (Electronic)9781450365642
DOIs
Publication statusPublished - 15 Oct 2018
Externally publishedYes
Event8th International Conference on the Internet of Things, {IOT} 2018 - Santa Barbara, United States
Duration: 15 Oct 201818 Oct 2018

Conference

Conference8th International Conference on the Internet of Things, {IOT} 2018
Country/TerritoryUnited States
CitySanta Barbara
Period15/10/201818/10/2018

Fingerprint

Dive into the research topics of 'An attack tree based risk evaluation approach for the internet of things'. Together they form a unique fingerprint.

Cite this