Towards a Generic Model for Risk Analysis of the Internet of Things (IoT)
The Internet of Things (IoT) has spurred the interaction of a multitude of smart physical objects with the existing cyber world. These connected “things” leverage heterogeneous protocols, diverse capabilities and complex environmental interdependencies, which have reshaped their risk profiles throug...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
National University of Sciences and Technology, Islamabad
2016-12-01
|
| Series: | NUST Journal of Engineering Sciences |
| Online Access: | https://journals.nust.edu.pk/index.php/njes/article/view/280 |
| _version_ | 1797860921197985792 |
|---|---|
| author | Mujahid Mohsin Zahid Anwar Farhat Zaman |
| author_facet | Mujahid Mohsin Zahid Anwar Farhat Zaman |
| author_sort | Mujahid Mohsin |
| collection | DOAJ |
| description | The Internet of Things (IoT) has spurred the interaction of a multitude of smart physical objects with the existing cyber world. These connected “things” leverage heterogeneous protocols, diverse capabilities and complex environmental interdependencies, which have reshaped their risk profiles through introduction of novel threat vectors. In this paper, we present a formal framework to model and analyze the security risks linked with generic IoT systems. The approach uses existing and widely-accepted Web Ontology Language (OWL) based ontologies, by extending them with IoT-specific concepts and populating them with IoT instances. Risk assessment, quantification and selection of viable mitigation techniques is carried out automatically with the help of rule-based constraints and queries applied over OWL knowledgebase. The practicality and effectiveness of the approach is verified through implementation and evaluation over realistic IoT systems. |
| first_indexed | 2024-04-09T21:53:42Z |
| format | Article |
| id | doaj.art-fb22ef79586844ebb840d4d59ffdab01 |
| institution | Directory Open Access Journal |
| issn | 2070-9900 2411-6319 |
| language | English |
| last_indexed | 2024-04-09T21:53:42Z |
| publishDate | 2016-12-01 |
| publisher | National University of Sciences and Technology, Islamabad |
| record_format | Article |
| series | NUST Journal of Engineering Sciences |
| spelling | doaj.art-fb22ef79586844ebb840d4d59ffdab012023-03-24T11:38:08ZengNational University of Sciences and Technology, IslamabadNUST Journal of Engineering Sciences2070-99002411-63192016-12-019210.24949/njes.v9i2.280Towards a Generic Model for Risk Analysis of the Internet of Things (IoT)Mujahid MohsinZahid AnwarFarhat ZamanThe Internet of Things (IoT) has spurred the interaction of a multitude of smart physical objects with the existing cyber world. These connected “things” leverage heterogeneous protocols, diverse capabilities and complex environmental interdependencies, which have reshaped their risk profiles through introduction of novel threat vectors. In this paper, we present a formal framework to model and analyze the security risks linked with generic IoT systems. The approach uses existing and widely-accepted Web Ontology Language (OWL) based ontologies, by extending them with IoT-specific concepts and populating them with IoT instances. Risk assessment, quantification and selection of viable mitigation techniques is carried out automatically with the help of rule-based constraints and queries applied over OWL knowledgebase. The practicality and effectiveness of the approach is verified through implementation and evaluation over realistic IoT systems. https://journals.nust.edu.pk/index.php/njes/article/view/280 |
| spellingShingle | Mujahid Mohsin Zahid Anwar Farhat Zaman Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) NUST Journal of Engineering Sciences |
| title | Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) |
| title_full | Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) |
| title_fullStr | Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) |
| title_full_unstemmed | Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) |
| title_short | Towards a Generic Model for Risk Analysis of the Internet of Things (IoT) |
| title_sort | towards a generic model for risk analysis of the internet of things iot |
| url | https://journals.nust.edu.pk/index.php/njes/article/view/280 |
| work_keys_str_mv | AT mujahidmohsin towardsagenericmodelforriskanalysisoftheinternetofthingsiot AT zahidanwar towardsagenericmodelforriskanalysisoftheinternetofthingsiot AT farhatzaman towardsagenericmodelforriskanalysisoftheinternetofthingsiot |