Computing Security Scores for IoT Device Vulnerabilities

Syed Rizvi, Nicholas McIntyre, Jungwoo Ryoo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In today's computing edge, security and data privacy is considered as one of the most critical aspects that hinders the wide spread adoption of large-scale Internet of Things (IoT) devices. Therefore, being able to understand the device-level vulnerabilities and determine the security level of a certain device is crucial for their acceptance. Motivated with this, we compute the security score for each common vulnerability of IoT devices within three primary IoT domains (i.e., healthcare, commerce, and home-automation) using the National Institute of Standards and Technology (NIST) Common Vulnerability Scoring System (CVSS) method. Specifically, IoT devices within these primary domains are isolated and analyzed for common vulnerabilities to generate quantitative and qualitative scores using the CVSS exploitability, impact, and scope metrics. The finding of this research work will empower different stakeholders (e.g., risk analysts, IT departments, or any individual user) with the ability to understand the security risks associated with the IoT devices.

Original languageEnglish (US)
Title of host publicationProceedings - 2019 International Conference on Software Security and Assurance, ICSSA 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages52-59
Number of pages8
ISBN (Electronic)9781728159126
DOIs
StatePublished - Jul 2019
Event5th International Conference on Software Security and Assurance, ICSSA 2019 - St. Polten, Austria
Duration: Jul 25 2019Jul 26 2019

Publication series

NameProceedings - 2019 International Conference on Software Security and Assurance, ICSSA 2019

Conference

Conference5th International Conference on Software Security and Assurance, ICSSA 2019
CountryAustria
CitySt. Polten
Period7/25/197/26/19

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Computing Security Scores for IoT Device Vulnerabilities'. Together they form a unique fingerprint.

Cite this