A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.

Saved in:
Bibliographic Details
Title: A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.
Authors: JAISWAL, SHRUTI1 dce.shruti@gmail.com, BANSAL, HIMANI1 singal.himani@gmail.com, SHIVHARE, SHIV NARESH2 shiv827@gmail.com, SHRIVASTAVA, GULSHAN2 gulshanstv@gmail.com
Source: Scalable Computing: Practice & Experience. Sep2025, Vol. 26 Issue 5, p2165-2183. 19p.
Subjects: Constraint algorithms, Smart cities, Security systems, Internet of things, Asset management
Abstract: The popularity of Internet of Things (IoT) devices has surged due to their applications in diverse areas such as e-Health, smart vehicles, and smart cities. However, the rapid deployment of these devices has led to an exponential increase in security attacks targeting IoT systems, making security a prime concern for the community. Securing IoT-based systems is challenging because the devices involved are often resource-constrained. Providing security to these systems requires a thorough understanding of their specific security needs, along with a systematic security engineering approach. Previous research lacks a systematic methodology for identifying and implementing security requirements. Therefore, there is a growing demand for a structured approach to identify security requirements, select appropriate algorithms, and ensure their effective implementation. While existing studies have extensively explored IoT security threats, they fall short of offering a structured method to comprehensively address these threats. This paper proposes a comprehensive security engineering framework that systematically identifies security threats by analyzing assets present over various layers of IoT system, considering their diverse roles. It includes creating repositories to identify potential vulnerabilities and applicable threats. Once threats are identified, they are evaluated for their severity level based on risk analysis. Following this, the framework focuses on designing the security solutions, where we proposed to add two new security services namely trust and data freshness besides the existing security services, algorithms are selected to mitigate threats by considering the domain and constraints of the devices involved. Ultimately, the security of the entire system is validated to ensure robustness. Throughout this process, we have developed comprehensive repositories for asset management, vulnerability-threat mapping, and algorithm-threat matching to help identify and analyze security needs and recommend algorithms for implementation. [ABSTRACT FROM AUTHOR]
Copyright of Scalable Computing: Practice & Experience is the property of Scalable Computing: Practice & Experience and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Description
Abstract:The popularity of Internet of Things (IoT) devices has surged due to their applications in diverse areas such as e-Health, smart vehicles, and smart cities. However, the rapid deployment of these devices has led to an exponential increase in security attacks targeting IoT systems, making security a prime concern for the community. Securing IoT-based systems is challenging because the devices involved are often resource-constrained. Providing security to these systems requires a thorough understanding of their specific security needs, along with a systematic security engineering approach. Previous research lacks a systematic methodology for identifying and implementing security requirements. Therefore, there is a growing demand for a structured approach to identify security requirements, select appropriate algorithms, and ensure their effective implementation. While existing studies have extensively explored IoT security threats, they fall short of offering a structured method to comprehensively address these threats. This paper proposes a comprehensive security engineering framework that systematically identifies security threats by analyzing assets present over various layers of IoT system, considering their diverse roles. It includes creating repositories to identify potential vulnerabilities and applicable threats. Once threats are identified, they are evaluated for their severity level based on risk analysis. Following this, the framework focuses on designing the security solutions, where we proposed to add two new security services namely trust and data freshness besides the existing security services, algorithms are selected to mitigate threats by considering the domain and constraints of the devices involved. Ultimately, the security of the entire system is validated to ensure robustness. Throughout this process, we have developed comprehensive repositories for asset management, vulnerability-threat mapping, and algorithm-threat matching to help identify and analyze security needs and recommend algorithms for implementation. [ABSTRACT FROM AUTHOR]
ISSN:18951767
DOI:10.12694/scpe.v26i5.4909