University: Tech - AI Course - Paper Review: IoT Security Analysis

Verified

Added on 2021/06/15

AI Summary

This report is a review of the paper "A framework for automating security analysis of the internet of things" by Mengmeng G, et al. The paper addresses the increasing threats in cyberspace, particularly within the Internet of Things (IoT), by proposing a graphical security model for assessing and modeling IoT security. It aims to develop a framework for IoT assessment, create a graphical model for computing attack scenarios, and formally define the framework. The study evaluates the framework using scenarios like wearable healthcare, smart homes, and environment monitoring, building upon previous research by Ge and Kim. The review highlights the paper's strengths in capturing attack paths within heterogeneous IoT networks but notes the absence of a mobility model. The framework involves phases like security modeling generation, data processing, security analysis, and visualization, including a security evaluator and model generator. The analysis allows decision-makers to identify network vulnerabilities and assess defense mechanisms, ultimately contributing to mitigating the impact of potential attacks. The paper's findings offer valuable insights into securing IoT networks.

PAPER REVIEW
Review of the paper titled “A framework for automating security analysis of the internet of things”
by Mengmeng G, et al.
Student’s Name:
Professor’s Name:
Course:
Date:
The increasing use of the cyber space has posed major threats. It is therefore significant to come
up with various ways of curbing the threat posed. The threats include cyber terrorism, viruses, malware,
attacks and several others (Li, et al. 2014). The Internet of Things (IoT) has therefore made the various
physical objects to become addressable, reachable and locatable within the virtual world. There are
several objects that exists in the physical world that connects to the internet. The IoT is therefore expected
to contains billions of different objects that keeps on communicating with each other. The objects include
laptops and computers as well as other physical devices. The technologies and heterogeneity of the
devices that are used in the provision of services has a grave impact on management and operations of
IoT devices (Osseiran, et al. 2014). Therefore, major attacks and threats are facing IoT that effects its
functionality. This paper was therefore intended to curb the threats and attack and provide adequate
security to IoT. The paper incorporates the use of graphical security model in assessing and modelling
security of IoT.
The main problems that the paper is meant to resolve is coming up with a framework for the
assessment and modelling of the IoT, developing a graphical model aimed at computing the attack
scenarios, as well as formally defining the framework used. Finally, the paper uses different security
metrics in its analysis and consequently evaluates the framework using three different scenarios that
include wearable healthcare monitoring, a smart home, and environment monitoring. The closely related
study that had been carried out was done by Ge and Kim in the year 2015. This study designed the
framework used and incorporated a two-layer geographical security model referred to as the HARM to
assist in finding the potential attack scenarios (Ziegeldorf, et al. 2014). However, this paper established
the extended HARM that has the ability of capturing attack paths within the heterogeneous IoT networks.
As long as the network reachability information and vulnerability information is provided, the framework
has the ability of capturing the attack. Nevertheless, a major challenge with this paper is the fact that it
lacks a mobility model. The movement of the devices influences the changing network and so the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

PAPER REVIEW
mobility model should have been designed to facilitate capturing of the node movement within the
network.
The paper has discussed framework for the graphically modelling and the assessment of IoT
security that are in five phases including security modelling generation, data processing, security analysis,
security visualization, as well as model updates. The study has come up with security evaluator and
security model generator. The security model generator is meant to create IoT network that is based on
node vulnerability information and reachability information; it further makes analysis of the networks by
the use of different security metrics. The paper has introduced three different networks existing in three
different scenarios that include healthcare monitoring, smart home, and environmental sensing and an
evaluation carried out. Indeed, from the analysis of the results in the paper, the person making decisions
regarding internet security has the ability of establishing the most vulnerable part of the whole network as
well as assessing the efficiency of the various defense mechanisms. Finally, its allows the person to
choose the most appropriate way of protecting the network. This paper is therefore a major milestone in
the mitigation of the impact of the potential attacks.

PAPER REVIEW
References
Li Q, Niu H, Papathanassiou A. & Wu, G. (2014). 5G network capacity: key elements and
technologies. IEEE Vehicular Technology Magazine 9(1):71–78.
Mengmeng G, Jin, B. H., Walter, G. & Dong, S. K. (2017). A framework for automating security analysis
of the internet of things.” Journal of Network and Computer Applications 83, 12–27.
Osseiran A, Boccardi F, Braun V, Katsutoshi K, Patrick M, Michal M, Olav Q, Malte S, Hans s,
Hidekazu T, Hugo T, Mikko A. U, Bogdan T. & Mikael S. (2014). Scenarios for 5G mobile and
wireless communications: the vision of the METIS project. IEEE Communications
Magazine 52(5):26–35.
Ziegeldorf J. H, Morchon O. G. & Wehrle K. (2014). Privacy in the Internet of Things: threats and
challenges. Security and Communication Networks 7(12):2728–2742.