Wireless Communications and Mobile Computing / 2018 / Article / Tab 1

Research Article

Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM

Table 1

Relations between event categories, vulnerability categories and attack surfaces on IoT ecosystems.

IoT Vulnerabilities Event CategoriesIoT Attack Surfaces

Lack of controls to avoid username enumeration

Lack of two-factor auth for critical functions

Lack of control against DoS attacks

IoT service contains Insecure 3r party components

Use of weak password

Lack of an account lockout after multiple failed attempts

Unencrypted network services allowing eavesdropping

Lack of controls against manipulation of the code execution flow

Storage location for updates files is writable

Lack of control for device console access

Update sent without encryption

Storage Media is physically unprotected

Possible Firmware and data extraction

Fail in the implementation of encryption mechanisms

Remote update is done without security controls

Lack of controls to avoid command injection

Acronym and event categories: E0, request exceptions; E1, authentication exceptions; E2, input exceptions; E3, access control exceptions; E4, session exceptions; E5, ecosystem member exceptions; E6, Device Access Events; E7, admin mode events; E8, honey trap exceptions; E9, command injection exceptions; E10, reputation exceptions. acronym and IoT attack surfaces: S0, mobile application; S1, cloud web interface; S2, device web interface; S3, admin interface; S4, local data storage; S5, Device firmware; S6, device network services; S7, update mechanism; S8, device physical interfaces.

We are committed to sharing findings related to COVID-19 as quickly as possible. We will be providing unlimited waivers of publication charges for accepted research articles as well as case reports and case series related to COVID-19. Review articles are excluded from this waiver policy. Sign up here as a reviewer to help fast-track new submissions.