Abstract
Nowadays, there are different kinds of public knowledge bases for cyber security vulnerability and threat intelligence which can be used for IoT security threat analysis. However, the heterogeneity of these knowledge bases and the complexity of the IoT environments make network security situation awareness and threat assessment difficult. In this paper, we integrate vulnerabilities, weaknesses, affected platforms, tactics, attack techniques, and attack patterns into a coherent set of links. In addition, we propose an IoT security ontology model, namely, the IoT Security Threat Ontology (IoTSTO), to describe the elements of IoT security threats and design inference rules for threat analysis. This IoTSTO expands the current knowledge domain of cyber security ontology modeling. In the IoTSTO model, the proposed multi-source knowledge reasoning method can perform the following tasks: assess the threats of the IoT environment, automatically infer mitigations, and separate IoT nodes that are subject to specific threats. The method above provides support to security managers in their deployment of security solutions. This paper completes the association of current public knowledge bases for IoT security and solves the semantic heterogeneity of multi-source knowledge. In this paper, we reveal the scope of public knowledge bases and their interrelationships through the multi-source knowledge reasoning method for IoT security. In conclusion, the paper provides a unified, extensible, and reusable method for IoT security analysis and decision making.
Highlights
With the development of the Internet of Things (IoT), the massive deployment ofIoT devices and the popularization of IoT technology have facilitated people’s lives [1].As many organizations transform their devices to adopt IoT-connected technologies, it is estimated that there will be more than 40 billion IoT devices by 2027, with the potential value of the IoT going up to USD 11 trillion by 2025 [2]
Industrial control network devices do have security risks such as those affecting the security of software and hardware on the transmission link and the blurring of network protection boundaries, but they are exposed to new threats such as a stepping attack, data sniffing, blockage, and eavesdropping within the IoT Cloud platform service
The amount of knowledge is huge and the structure of the knowledge is different; The crawled multi-source heterogeneous knowledge is integrated into a unified graph database; The integrated data are mapped into the proposed ontology model through instance mapping, and the generated instances are integrated into the ontology repository; The inference engine perceives and separates the abnormalities based on the instances repository and the user-defined inference rules to achieve the goal of automatically responding to threats
Summary
IoT devices and the popularization of IoT technology have facilitated people’s lives [1]. The integration of industrial control devices and network technology into the IoT environment eliminates the internal and external security boundaries of the industrial environment. This paper proposes a multi-source knowledge reasoning method for IoT security. We model an ontology to describe the elements of IoT security threats and design inference rules for threat analysis This method can perceive the security status within the IoT environment and automatically infers mitigations to improve the threat response capability of the system. The framework expands the current knowledge domain of network security ontology modeling and can provide a wider sense of security status; This paper proposes a reasoning method based on the multi-source knowledge of IoT security, which can perceive highly vulnerable platforms in the IoT environment and automatically respond to threats.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
