A Systematic Approach to Prioritize Vulnerabilities in IoT Deployments

Files
ALRAWI-DISSERTATION-2023.pdf (2.67 MB)
Author(s)
Alrawi, Omar
Advisor(s)
Antonakakis, Manos
Monrose, Fabian
Editor(s)
Associated Organization(s)
Organizational Unit
Organizational Unit
Series
Collections
Theses and Dissertations
Supplementary to:
Permanent Link
https://hdl.handle.net/1853/71988
Abstract
Prioritizing security measures provides a more strategic approach to protecting high-risk IoT devices vulnerable to cyberattacks. A comprehensive security evaluation can identify the most significant vulnerabilities and threats in IoT deployments. Toward improving the security of IoT deployments, this dissertation contributes a systematic and replicable approach that better prioritizes vulnerabilities in IoT deployments. We show that a systematic framework can identify more vulnerabilities in different components of an IoT deployment. We conducted a longitudinal security evaluation of IoT devices and showed how vulnerability exposures could increase the risk level of IoT deployments. We conducted a large-scale analysis of the IoT malware lifecycle to inform our risk assessment model with threat data. We demonstrated how the risk assessment model could prioritize high-risk devices based on vulnerabilities, exposure, and threats.
Sponsor
Date
2023-04-25
Extent
Resource Type
Text
Resource Subtype
Dissertation
Rights Statement
Rights URI