{"title":"Introduction to the Special Issue on the Lifecycle of IoT (In)security","authors":"Paul Shomo, Sebastián Echeverría, J. Sowell","doi":"10.1145/3569901","DOIUrl":null,"url":null,"abstract":"The editors of Digital Threats Research and Practice (DTRAP) are excited to bring readers this special issue on Internet of Things (IoT) security. Here, a diverse mixture of cybersecurity academics and industry practitioners have authored articles spanning vulnerabilities in encryption protocols, MAC-layer spoofing protection, shared IoT responsibility models, and industry issues around multimodal deployments. IoT security can be an alarming problem, as devices are often deeply embedded in our hospitals, vehicles, and infrastructure. IoT security is unique in that device manufacturers typically experience heavy downward cost-per-unit pressures, keeping the cybersecurity functionality in hardware and firmware scaled down as well. Heterogenous networks, hardware often leased in the cloud, and hyper-connected environments spanning multiple parties make cybersecurity a team sport. Today, shared responsibility models are a hot topic. The cloud industry has evolved well-defined security responsibilities between infrastructure providers, like Amazon, and tenant companies leasing infrastructure to deploy technologies within. Unfortunately, shared responsibility models around IoT ecosystems have been lacking. It is fitting that our first article, “Emerging Cybersecurity Capability Gaps in the Industrial Internet of Things: Overview and Research Agenda,” tackles the problem of a shared responsibility model in IoT. It presents an assessment of capability gaps based on a series of workshops with 100 expert participants. It presents comprehensive needs against the NIST framework and includes research that models the division of cybersecurity responsibility across the IoT device, network, and cloud resident data, impacting the full lifecycle. MAC-layer spoofing is a serious problem in wireless systems, and scaled-down IoT devices often lack any prevention and detection capabilities. “Randomized Moving Target Approach for MAC-layer Spoofing Detection and Prevention in IoT Systems” details a novel system combing signal-level device fingerprinting with the principles of Randomized Moving Target Defense (RMTD).","PeriodicalId":202552,"journal":{"name":"Digital Threats: Research and Practice","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Digital Threats: Research and Practice","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3569901","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The editors of Digital Threats Research and Practice (DTRAP) are excited to bring readers this special issue on Internet of Things (IoT) security. Here, a diverse mixture of cybersecurity academics and industry practitioners have authored articles spanning vulnerabilities in encryption protocols, MAC-layer spoofing protection, shared IoT responsibility models, and industry issues around multimodal deployments. IoT security can be an alarming problem, as devices are often deeply embedded in our hospitals, vehicles, and infrastructure. IoT security is unique in that device manufacturers typically experience heavy downward cost-per-unit pressures, keeping the cybersecurity functionality in hardware and firmware scaled down as well. Heterogenous networks, hardware often leased in the cloud, and hyper-connected environments spanning multiple parties make cybersecurity a team sport. Today, shared responsibility models are a hot topic. The cloud industry has evolved well-defined security responsibilities between infrastructure providers, like Amazon, and tenant companies leasing infrastructure to deploy technologies within. Unfortunately, shared responsibility models around IoT ecosystems have been lacking. It is fitting that our first article, “Emerging Cybersecurity Capability Gaps in the Industrial Internet of Things: Overview and Research Agenda,” tackles the problem of a shared responsibility model in IoT. It presents an assessment of capability gaps based on a series of workshops with 100 expert participants. It presents comprehensive needs against the NIST framework and includes research that models the division of cybersecurity responsibility across the IoT device, network, and cloud resident data, impacting the full lifecycle. MAC-layer spoofing is a serious problem in wireless systems, and scaled-down IoT devices often lack any prevention and detection capabilities. “Randomized Moving Target Approach for MAC-layer Spoofing Detection and Prevention in IoT Systems” details a novel system combing signal-level device fingerprinting with the principles of Randomized Moving Target Defense (RMTD).
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
