Assessing risks and threats with layered approach to Internet of Things security


Creative Commons License

AYDOS M., Vural Y., TEKEREK A.

MEASUREMENT & CONTROL, cilt.52, ss.338-353, 2019 (SCI-Expanded) identifier identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 52
  • Basım Tarihi: 2019
  • Doi Numarası: 10.1177/0020294019837991
  • Dergi Adı: MEASUREMENT & CONTROL
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Sayfa Sayıları: ss.338-353
  • Anahtar Kelimeler: Internet of things, information security, threats, vulnerabilities, security model, CYBER-PHYSICAL SYSTEMS, INDUSTRIAL INTERNET, CHALLENGES, TAXONOMY, PRIVACY
  • Gazi Üniversitesi Adresli: Evet

Özet

Internet of Things is the next-generation Internet network created by intelligent objects with software and sensors, employed in a wide range of fields such as automotive, construction, health, textile, education and transportation. With the advent of Industry 4.0, Internet of Things has been started to be used and it has led to the emergence of innovative business models. The processing and production capabilities of Internet of Things objects in hidden and critical data provide great advantages for the next generation of Internet. However, the integrated features of Internet of Things objects cause vulnerabilities in terms of security, making them the target of cyber threats. In this study, a security model which offers an integrated risk-based Internet of Things security approach for the Internet of Things vulnerabilities while providing detailed information about Internet of Things and the types of attacks targeting Internet of Things is proposed. In addition, in this study, the vulnerabilities of Internet of Things were explained by classifying attack types threatening the physical layer, network layer, data processing layer and application layer. Moreover, the risk-based security model has been proposed by examining the vulnerabilities and threats of smart objects that generate the Internet of Things. The proposed Internet of Things model is a holistic security model that separately evaluates the Internet of Things layers against vulnerabilities and threats based on the risk-level approach.