A Threat Modelling Approach to Analyze and Mitigate Botnet Attacks in Smart Home Use Case

TL;DR

This paper presents a threat modeling approach using STRIDE and VAST to identify and mitigate botnet threats in IoT smart home systems, enhancing security during the design phase.

Contribution

It introduces a novel threat modeling methodology specifically tailored for IoT smart homes to proactively address botnet attack vulnerabilities.

Findings

Identified development and application-level threats in smart home IoT systems.

Mapped threats to specific botnet attack vectors.

Proposed mitigation techniques for all identified threats.

Abstract

Despite the surging development and utilization of IoT devices, the security of IoT devices is still in infancy. The security pitfalls of IoT devices have made it easy for hackers to take over IoT devices and use them for malicious activities like botnet attacks. With the rampant emergence of IoT devices, botnet attacks are surging. The botnet attacks are not only catastrophic for IoT device users but also for the rest of the world. Therefore, there is a crucial need to identify and mitigate the possible threats in IoT devices during the design phase. Threat modelling is a technique that is used to identify the threats in the earlier stages of the system design activity. In this paper, we propose a threat modelling approach to analyze and mitigate the botnet attacks in an IoT smart home use case. The proposed methodology identifies the development-level and application-level threats in smart home use case using STRIDE and VAST threat modelling methods. Moreover, we reticulate the identified threats with botnet attacks. Finally, we propose the mitigation techniques for all identified threats including the botnet threats.