With the popularity of the Internet of Things on the rise, sensor networks have become essential parts of traditional Information and Communication Technology (ICT) infrastructures in a wide variety of applications. However, their increasing complexity, inter-connectivity, and pervasive implementation, exposes these infrastructures to a large variety of security threats. As a result, practical security analysis needs to be performed to evidentiate the possible vulnerable points in IoT infrastructures.
In this work we consider a typical architecture of a data aggregation platform with publish-subscribe support composed of interconnected sensor and ICT infrastructures. We present a comprehensive threat analysis by considering the availability, integrity, and confidentiality security objectives. We describe the experimental results of a case study performed on a real, laboratory-scale implementation of an IoT-based application. Finally, we demonstrate that modern IoT-based software are susceptible to cyber attacks that use traditional attack vectors and recently reported vulnerabilities, e.g., Heartbleed and Shellshock.
—Sensor Data Aggregation Heterogeneous Infrastructures Threat Analysis Attack Tree
Birincil Dil | İngilizce |
---|---|
Bölüm | Makaleler |
Yazarlar | |
Yayımlanma Tarihi | 29 Eylül 2015 |
Gönderilme Tarihi | 30 Ocak 2016 |
Yayımlandığı Sayı | Yıl 2015 Cilt: 4 Sayı: 3 |