# Challenges for Security Assessment of Enterprises in the IoT Era

**Authors:** Yael Mathov, Noga Agmon, Asaf Shabtai, Rami Puzis, Nils Ole, Tippenhauer, Yuval Elovici

arXiv: 1906.10922 · 2019-06-27

## TL;DR

This paper reviews the challenges of using attack graphs for enterprise security assessment in the IoT era and proposes new ideas to address these issues.

## Contribution

It identifies key challenges of applying attack graphs to IoT-integrated enterprise networks and introduces novel countermeasures.

## Key findings

- Identified specific challenges in modeling IoT devices with attack graphs
- Proposed new countermeasures to improve security assessment accuracy
- Highlighted the need for adapted tools for IoT environments

## Abstract

For years, attack graphs have been an important tool for security assessment of enterprise networks, but IoT devices, a new player in the IT world, might threat the reliability of this tool. In this paper, we review the challenges that must be addressed when using attack graphs to model and analyze enterprise networks that include IoT devices. In addition, we propose novel ideas and countermeasures aimed at addressing these challenges.

---
Source: https://tomesphere.com/paper/1906.10922