multiple layers of fuzzy logic to quantify vulnerabilies in iot
Mohammad Shojaeshafiei, Letha Etzkorn, and Michael Anderson
TL;DR
This paper introduces a multi-layered fuzzy logic approach to quantify vulnerabilities in IoT networks, specifically applied to the Department of Transportation, addressing ambiguities in existing security assessment methods.
Contribution
It proposes a novel multi-layered fuzzy logic method combined with GQM for quantifying IoT vulnerabilities, integrating security standards and requirements engineering.
Findings
Effective quantification of vulnerabilities in DOT IoT systems.
Enhanced accuracy over traditional vulnerability assessment methods.
Framework adaptable to other IoT security contexts.
Abstract
Quantifying vulnerabilities of network systems has been a highly controversial issue in the fields of network security and IoT. Much research has been conducted on this purpose; however, these have many ambiguities and uncertainties. In this paper, we investigate the quantification of vulnerability in the Department of Transportation (DOT) as our proof of concept. We initiate the analysis of security requirements, using Security Quality Requirements Engineering (SQUARE) for security requirements elicitation. Then we apply published security standards such as NIST SP-800 and ISO 27001 to map our security factors and sub-factors. Finally, we propose our Multi-layered Fuzzy Logic (MFL) approach based on Goal question Metrics (GQM) to quantify network security and IoT (Mobile Devices) vulnerability in DOT.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Software Engineering Techniques and Practices · Software System Performance and Reliability