Universiti Teknologi Malaysia Institutional Repository

The Internet of Things network penetration testing model using attack graph analysis

Almazrouei, Omar and Magalingam, Pritheega (2022) The Internet of Things network penetration testing model using attack graph analysis. In: 6th International Symposium on Multidisciplinary Studies and Innovative Technologies, ISMSIT 2022, 20 October 2022 - 22 October 2022, Ankara, Turkey.

Full text not available from this repository.

Official URL: http://dx.doi.org/10.1109/ISMSIT56059.2022.9932758


Penetration testing (pen-testing) is one of the most effective approaches to increase the security level of information systems. Although pen-testing is a very popular approach, the process requires a significant investment of time and extensive financial resources. Existing pen-testing models have focused heavily on handling IoT security breaches and improving attack path analysis. However, they have their limitations as they are too general and unable to detect multi-stage, multi-host, or zero-day vulnerabilities in IoT devices. In this proposed study, an algorithm is developed to generate all attack paths for vulnerable IoT devices. The techniques to optimize the attack paths are defined. A second algorithm is developed to identify the criticality of the paths, nodes, and vulnerabilities before it is used to optimize the target graphs. The developed model is expected to be an end-to-end, accurate, flexible, and automatic pen-testing model using attack graphs for detecting all possible paths that can be used by an attacker to penetrate the target system.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:attack graph, IoT, penetration testing
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisions:Razak School of Engineering and Advanced Technology
ID Code:98928
Deposited By: Yanti Mohd Shah
Deposited On:08 Feb 2023 17:25
Last Modified:08 Feb 2023 17:25

Repository Staff Only: item control page