Internet-of-Things Security and Vulnerabilities: Taxonomy, Challenges, and Practice
作者: Kejun Chen , Shuai Zhang , Zhikun Li , Yi Zhang , Qingxu Deng
DOI: 10.1007/S41635-017-0029-7
关键词:
摘要: Recent years have seen rapid development and deployment of Internet-of-Things (IoT) applications in a diversity application domains. This has resulted creation new (e.g., vehicle networking, smart grid, wearables) as well advancement, consolidation, transformation various traditional domains medical automotive). One upshot this scale is the emergence critical threats to security privacy: it getting increasingly easier for an adversary break into application, make unusable, or steal sensitive information data. paper provides summary IoT attacks develops taxonomy classification based on domain underlying system architecture. We also discuss some key characteristics that difficult develop robust architectures applications.
springer.com
sci-hub.se 参考文章(63)
Erwa Qin, Yoanna Long, Chenghong Zhang, Lihua Huang, Cloud Computing and the Internet of Things: Technology Innovation in Automobile Service Human Interface and the Management of Information. Information and Interaction for Health, Safety, Mobility and Complex Environments. pp. 173- 180 ,(2013) , 10.1007/978-3-642-39215-3_21
Hovav Shacham, Karl Koscher, Alexei Czeskis, Franziska Roesner, Brian Kantor, Damon McCoy, Tadayoshi Kohno, Stefan Savage, Danny Anderson, Stephen Checkoway, Comprehensive experimental analyses of automotive attack surfaces usenix security symposium. pp. 6- 6 ,(2011)
Sajjan Shiva, Chris Simmons, Dipankar Dasgupta, Qishi Wu, Charles Ellis, AVOIDIT: A Cyber Attack Taxonomy CTIT technical reports series. ,(2009)
Steve Hanna, Rolf Rolles, Andrés Molina-Markham, Pongsin Poosankam, Jeremiah Blocki, Kevin Fu, Dawn Song, Take two software updates and see me in the morning: the case for software security evaluations of medical devices HealthSec'11 Proceedings of the 2nd USENIX conference on Health security and privacy. pp. 6- 6 ,(2011)
Sven Bugiel, Ahmad-Reza Sadeghi, Stephan Heuser, Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies usenix security symposium. pp. 131- 146 ,(2013)
Guofei Gu, Zhemin Yang, Yuhong Nan, Shunfan Zhou, Min Yang, XiaoFeng Wang, UIPicker: user-input privacy identification in mobile applications usenix security symposium. pp. 993- 1008 ,(2015)
Md. Mahmud Hossain, Maziar Fotouhi, Ragib Hasan, Towards an Analysis of Security Issues, Challenges, and Open Problems in the Internet of Things world congress on services. pp. 21- 28 ,(2015) , 10.1109/SERVICES.2015.12
John R. Douceur, The Sybil Attack international workshop on peer to peer systems. pp. 251- 260 ,(2002) , 10.1007/3-540-45748-8_24
Dorottya Papp, Zhendong Ma, Levente Buttyan, Embedded systems security: Threats, vulnerabilities, and attack taxonomy conference on privacy security and trust. pp. 145- 152 ,(2015) , 10.1109/PST.2015.7232966
Melanie R. Rieback, Aikaterini Mitrokotsa, Andrew S. Tanenbaum, Classification of RFID Attacks international workshop on rfid technology. pp. 73- 86 ,(2008)