Fault tree analysis-based risk quantification of smart homes

2017 2nd International Conference on Information Technology (INCIT) Pub Date : 2017-11-01 DOI:10.1109/INCIT.2017.8257865

Chanoksuda Wongvises, A. Khurat, Doudou Fall, S. Kashihara

{"title":"Fault tree analysis-based risk quantification of smart homes","authors":"Chanoksuda Wongvises, A. Khurat, Doudou Fall, S. Kashihara","doi":"10.1109/INCIT.2017.8257865","DOIUrl":null,"url":null,"abstract":"A smart home is a new enabling innovative appliance domain that is developed from the rapid growth of the Internet of Things. Despite its popularity and evident usefulness for human beings, smart homes have numerous security issues that originate from the heterogeneous, wide-scale and complex structure of the Internet of Things. It is obvious that a risk assessment is needed in order to ensure the security of smart homes. We propose a security risk quantification technique that permits to have a measure of the level of security of a given smart home based on the ‘things’ that it is composed of. Our method is based on Fault Tree Analysis which is the de-facto tool used in mission-critical systems. At first, we generated an exhaustive security tree based on the general architecture of a smart home. Afterwards, we evaluated our proposal in a use case of successful attacks on a light bulb system that functions through the ZigBee protocol. We were able to demonstrate that the risk of a successful attack in that system is very high given the same conditions.","PeriodicalId":405827,"journal":{"name":"2017 2nd International Conference on Information Technology (INCIT)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 2nd International Conference on Information Technology (INCIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INCIT.2017.8257865","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

A smart home is a new enabling innovative appliance domain that is developed from the rapid growth of the Internet of Things. Despite its popularity and evident usefulness for human beings, smart homes have numerous security issues that originate from the heterogeneous, wide-scale and complex structure of the Internet of Things. It is obvious that a risk assessment is needed in order to ensure the security of smart homes. We propose a security risk quantification technique that permits to have a measure of the level of security of a given smart home based on the ‘things’ that it is composed of. Our method is based on Fault Tree Analysis which is the de-facto tool used in mission-critical systems. At first, we generated an exhaustive security tree based on the general architecture of a smart home. Afterwards, we evaluated our proposal in a use case of successful attacks on a light bulb system that functions through the ZigBee protocol. We were able to demonstrate that the risk of a successful attack in that system is very high given the same conditions.

查看原文本刊更多论文

基于故障树分析的智能家居风险量化

智能家居是伴随着物联网的快速发展而发展起来的一个全新的赋能创新家电领域。尽管智能家居的普及和对人类的明显有用性，但由于物联网的异构、大规模和复杂结构，智能家居存在许多安全问题。显然，为了确保智能家居的安全，需要进行风险评估。我们提出了一种安全风险量化技术，允许基于它所组成的“事物”来衡量给定智能家居的安全水平。我们的方法是基于故障树分析，这是在关键任务系统中使用的事实工具。首先，我们根据智能家居的一般架构生成了一个详尽的安全树。之后，我们在一个成功攻击通过ZigBee协议运行的灯泡系统的用例中评估了我们的建议。我们能够证明，在相同的条件下，该系统被成功攻击的风险非常高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 2nd International Conference on Information Technology (INCIT)

自引率

0.00%

发文量