A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.

Saved in:
Bibliographic Details
Title: A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.
Authors: JAISWAL, SHRUTI1 dce.shruti@gmail.com, BANSAL, HIMANI1 singal.himani@gmail.com, SHIVHARE, SHIV NARESH2 shiv827@gmail.com, SHRIVASTAVA, GULSHAN2 gulshanstv@gmail.com
Source: Scalable Computing: Practice & Experience. Sep2025, Vol. 26 Issue 5, p2165-2183. 19p.
Subjects: Constraint algorithms, Smart cities, Security systems, Internet of things, Asset management
Abstract: The popularity of Internet of Things (IoT) devices has surged due to their applications in diverse areas such as e-Health, smart vehicles, and smart cities. However, the rapid deployment of these devices has led to an exponential increase in security attacks targeting IoT systems, making security a prime concern for the community. Securing IoT-based systems is challenging because the devices involved are often resource-constrained. Providing security to these systems requires a thorough understanding of their specific security needs, along with a systematic security engineering approach. Previous research lacks a systematic methodology for identifying and implementing security requirements. Therefore, there is a growing demand for a structured approach to identify security requirements, select appropriate algorithms, and ensure their effective implementation. While existing studies have extensively explored IoT security threats, they fall short of offering a structured method to comprehensively address these threats. This paper proposes a comprehensive security engineering framework that systematically identifies security threats by analyzing assets present over various layers of IoT system, considering their diverse roles. It includes creating repositories to identify potential vulnerabilities and applicable threats. Once threats are identified, they are evaluated for their severity level based on risk analysis. Following this, the framework focuses on designing the security solutions, where we proposed to add two new security services namely trust and data freshness besides the existing security services, algorithms are selected to mitigate threats by considering the domain and constraints of the devices involved. Ultimately, the security of the entire system is validated to ensure robustness. Throughout this process, we have developed comprehensive repositories for asset management, vulnerability-threat mapping, and algorithm-threat matching to help identify and analyze security needs and recommend algorithms for implementation. [ABSTRACT FROM AUTHOR]
Copyright of Scalable Computing: Practice & Experience is the property of Scalable Computing: Practice & Experience and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Links:
  – Type: pdflink
Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 186692664
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22JAISWAL%2C+SHRUTI%22">JAISWAL, SHRUTI</searchLink><relatesTo>1</relatesTo><i> dce.shruti@gmail.com</i><br /><searchLink fieldCode="AR" term="%22BANSAL%2C+HIMANI%22">BANSAL, HIMANI</searchLink><relatesTo>1</relatesTo><i> singal.himani@gmail.com</i><br /><searchLink fieldCode="AR" term="%22SHIVHARE%2C+SHIV+NARESH%22">SHIVHARE, SHIV NARESH</searchLink><relatesTo>2</relatesTo><i> shiv827@gmail.com</i><br /><searchLink fieldCode="AR" term="%22SHRIVASTAVA%2C+GULSHAN%22">SHRIVASTAVA, GULSHAN</searchLink><relatesTo>2</relatesTo><i> gulshanstv@gmail.com</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Scalable+Computing%3A+Practice+%26+Experience%22">Scalable Computing: Practice & Experience</searchLink>. Sep2025, Vol. 26 Issue 5, p2165-2183. 19p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Constraint+algorithms%22">Constraint algorithms</searchLink><br /><searchLink fieldCode="DE" term="%22Smart+cities%22">Smart cities</searchLink><br /><searchLink fieldCode="DE" term="%22Security+systems%22">Security systems</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+of+things%22">Internet of things</searchLink><br /><searchLink fieldCode="DE" term="%22Asset+management%22">Asset management</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: The popularity of Internet of Things (IoT) devices has surged due to their applications in diverse areas such as e-Health, smart vehicles, and smart cities. However, the rapid deployment of these devices has led to an exponential increase in security attacks targeting IoT systems, making security a prime concern for the community. Securing IoT-based systems is challenging because the devices involved are often resource-constrained. Providing security to these systems requires a thorough understanding of their specific security needs, along with a systematic security engineering approach. Previous research lacks a systematic methodology for identifying and implementing security requirements. Therefore, there is a growing demand for a structured approach to identify security requirements, select appropriate algorithms, and ensure their effective implementation. While existing studies have extensively explored IoT security threats, they fall short of offering a structured method to comprehensively address these threats. This paper proposes a comprehensive security engineering framework that systematically identifies security threats by analyzing assets present over various layers of IoT system, considering their diverse roles. It includes creating repositories to identify potential vulnerabilities and applicable threats. Once threats are identified, they are evaluated for their severity level based on risk analysis. Following this, the framework focuses on designing the security solutions, where we proposed to add two new security services namely trust and data freshness besides the existing security services, algorithms are selected to mitigate threats by considering the domain and constraints of the devices involved. Ultimately, the security of the entire system is validated to ensure robustness. Throughout this process, we have developed comprehensive repositories for asset management, vulnerability-threat mapping, and algorithm-threat matching to help identify and analyze security needs and recommend algorithms for implementation. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Scalable Computing: Practice & Experience is the property of Scalable Computing: Practice & Experience and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=186692664
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.12694/scpe.v26i5.4909
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 19
        StartPage: 2165
    Subjects:
      – SubjectFull: Constraint algorithms
        Type: general
      – SubjectFull: Smart cities
        Type: general
      – SubjectFull: Security systems
        Type: general
      – SubjectFull: Internet of things
        Type: general
      – SubjectFull: Asset management
        Type: general
    Titles:
      – TitleFull: A NOVEL IOT FRAMEWORK FOR IDENTIFYING AND MITIGATING SECURITY THREATS.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: JAISWAL, SHRUTI
      – PersonEntity:
          Name:
            NameFull: BANSAL, HIMANI
      – PersonEntity:
          Name:
            NameFull: SHIVHARE, SHIV NARESH
      – PersonEntity:
          Name:
            NameFull: SHRIVASTAVA, GULSHAN
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 09
              Text: Sep2025
              Type: published
              Y: 2025
          Identifiers:
            – Type: issn-print
              Value: 18951767
          Numbering:
            – Type: volume
              Value: 26
            – Type: issue
              Value: 5
          Titles:
            – TitleFull: Scalable Computing: Practice & Experience
              Type: main
ResultId 1