{"title":"Framework to measure and reduce the threat surface area for smart home devices","authors":"Akashdeep Bhardwaj, Keshav Kaushik, Vishal Dagar, Manoj Kumar","doi":"10.1007/s43674-023-00062-2","DOIUrl":null,"url":null,"abstract":"<div><p>Threat surface area for the Internet of Things is calculated as the sum of security vulnerabilities or the weakness and gaps in protection efforts for the device, operating systems, associated software applications, and the local infrastructure. This aggregates all the known and unknown threats that can potentially expose the device, logs, data, and hosted applications. By reducing the exposed elements of the device surface, the device vulnerabilities can decrease the exposed threat surface area. This research presents a new framework first to map the devices in the ecosystem, measure the potential threat surface area from the exposure indicators for each layer and then determine the threat vectors for device compromise to calculate the maturity and severity levels. The authors propose new metrics to reassess and re-calculate the maturity and severity levels. Based on the new metrics, newly exposed threat surface elements provide a new security perspective beneficial for stakeholders involved in design, implementation, and security ecosystem of smart devices.</p></div>","PeriodicalId":72089,"journal":{"name":"Advances in computational intelligence","volume":"3 4","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Advances in computational intelligence","FirstCategoryId":"1085","ListUrlMain":"https://link.springer.com/article/10.1007/s43674-023-00062-2","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Threat surface area for the Internet of Things is calculated as the sum of security vulnerabilities or the weakness and gaps in protection efforts for the device, operating systems, associated software applications, and the local infrastructure. This aggregates all the known and unknown threats that can potentially expose the device, logs, data, and hosted applications. By reducing the exposed elements of the device surface, the device vulnerabilities can decrease the exposed threat surface area. This research presents a new framework first to map the devices in the ecosystem, measure the potential threat surface area from the exposure indicators for each layer and then determine the threat vectors for device compromise to calculate the maturity and severity levels. The authors propose new metrics to reassess and re-calculate the maturity and severity levels. Based on the new metrics, newly exposed threat surface elements provide a new security perspective beneficial for stakeholders involved in design, implementation, and security ecosystem of smart devices.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
