%0 Conference Proceedings
%T Security auditing of internet of things devices in a smart home
%+ Concordia University [Montreal]
%+ Bosch Security and Safety Systems
%+ Computer Security Division (NIST)
%A Majumdar, Suryadipta
%A Bastos, Daniel
%A Singhal, Anoop
%Z Part 4: Novel Applications
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B 17th IFIP International Conference on Digital Forensics (DigitalForensics)
%C Virtual, China
%Y Gilbert Peterson
%Y Sujeet Shenoi
%I Springer International Publishing
%3 Advances in Digital Forensics XVII
%V AICT-612
%P 213-234
%8 2021-02-01
%D 2021
%R 10.1007/978-3-030-88381-2_11
%K Internet of Things
%K security auditing
%K formal verification
%Z Computer Science [cs]Conference papers
%X Attacks on the Internet of Things are increasing. Unfortunately, transparency and accountability that are paramount to securing Internet of Things devices are either missing or implemented in a questionable manner. Security auditing is a promising solution that has been applied with success in other domains. However, security auditing of Internet of Things devices is challenging because the high-level security recommendations provided by standards and best practices are not readily applicable to auditing low-level device data such as sensor readings, logs and configurations. Additionally, the heterogeneous nature of Internet of Things devices and their resource constraints increase the complexity of the auditing process. Therefore, enabling the security auditing of Internet of Things devices requires the definition of actionable security policies, collection and processing of audit data, and specification of appropriate audit procedures.This chapter focuses on the security auditing of Internet of Things devices. It presents a methodology for extracting actionable security rules from existing security standards and best practices and conducting security audits of Internet of Things devices. The methodology is applied to devices in a smart home environment, and its efficiency and scalability are evaluated.
%G English
%2 https://inria.hal.science/hal-03764368/document
%2 https://inria.hal.science/hal-03764368/file/522103_1_En_11_Reference.pdf
%L hal-03764368
%U https://inria.hal.science/hal-03764368
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-DF
%~ IFIP-WG11-9
%~ IFIP-AICT-612