Cyber Threat Intelligence for the Internet of Things

This book reviews IoT-centric vulnerabilities from a multidimensional perspective by elaborating on IoT attack vectors, their impacts on well-known security objectives, attacks which exploit such vulnerabilities, coupled with their corresponding remediation methodologies. This book further highlights the severity of the IoT problem at large, through disclosing incidents of Internet-scale IoT exploitations, while putting forward a preliminary prototype and associated results to aid in the IoT mitigation objective. Moreover, this book summarizes and discloses findings, inferences, and open challenges to inspire future research addressing theoretical and empirical aspects related to the imperative topic of IoT security.
At least 20 billion devices will be connected to the Internet in the next few years. Many of these devices transmit critical and sensitive system and personal data in real-time. Collectively known as the Internet of Things (IoT), this marketrepresents a $267 billion per year industry. As valuable as this market is, security spending on the sector barely breaks 1%. Indeed, while IoT vendors continue to push more IoT devices to market, the security of these devices has often fallen in priority, making them easier to exploit. This drastically threatens the privacy of the consumers and the safety of mission-critical systems.
This book is intended for cybersecurity researchers and advanced-level students in computer science. Developers and operators working in this field, who are eager to comprehend the vulnerabilities of the Internet of Things (IoT) paradigm and understand the severity of accompanied security issues will also be interested in this book.

Introduces a unique taxonomy by emphasizing and discussing IoT vulnerabilities in the context of various, previously unanalyzed dimensions Proposes and evaluates an innovative approach to infer, characterize and attribute unsolicited Internet-scale IoT devices by correlating passive and the results of active empirical measurements Presents a web-based platform, which is capable of aggregating data from multiple sources and promptly generating relevant intelligence, while requiring minimal human interaction Reports the alarming number of compromised IoT devices related to smart home appliances, critical infrastructure, and automated control sectors

Autorentext
Dr. Bou-Harb, Ph.D., CISSP received the Ph.D. degree in computer science from Concordia University, Montreal, Canada. He was a visiting research scientist at Carnegie Mellon University (CMU), Pittsburgh, PA, USA, in 2015-2016. He joined the Department of Computer Science at Florida Atlantic University (FAU) as an Assistant Professor of cyber security and data analytics in 2016. He is currently an Associate Professor and the Associate Director of The Cyber Center For Security and Analytics at the Department of Information Systems and Cyber Security at the University of Texas at San Antonio (UTSA). He is also a research scientist at the National Cyber Forensic and Training Alliance (NCFTA) of Canada. His current research interests are in the areas of operational cyber security, attacks' detection and characterization, Internet measurements, and cyber security for critical infrastructure.

Nataliia Neshenko, PMP, PMI-ACP, FCCA is a Ph.D. candidate, concentrating in the field of operational cybersecurity, including attack detection and characterization, risk assessment methodologies, Internet of Things, and visual data mining and analysis. She is a recipient of the Best Paper Award at the 2017 IEEE International Symposium on Personal Indoor and Mobile Radio Communications. She also has over 16 years of project management experience in the field of business optimization in finance and IT.

Inhalt
Introduction.- Taxonomy of IoT Vulnerabilities.- Towards Inferring IoT Maliciousness.- Generating and sharing IoT-centric Cyber Threat Intelligence.- Concluding Remarks and Future Perspective.-