Evaluating the Future Device Security Risk Indicator for Hundreds of IoT Devices

TL;DR

This study evaluates the effectiveness of the SAFER framework's prediction algorithms in estimating future security risks of IoT devices based on historical vulnerability data, demonstrating high accuracy and practical utility.

Contribution

It assesses the predictive capability of SAFER algorithms for IoT device risks using a large dataset, confirming their reliability for network security management.

Findings

SAFER predicts future risks for 91% of IoT devices.

The framework effectively identifies devices at high risk.

Predictive models can aid in proactive security measures.

Abstract

IoT devices are present in many, especially corporate and sensitive, networks and regularly introduce security risks due to slow vendor responses to vulnerabilities and high difficulty of patching. In this paper, we want to evaluate to what extent the development of future risk of IoT devices due to new and unpatched vulnerabilities can be predicted based on historic information. For this analysis, we build on existing prediction algorithms available in the SAFER framework (prophet and ARIMA) which we evaluate by means of a large data-set of vulnerabilities and patches from 793 IoT devices. Our analysis shows that the SAFER framework can predict a correct future risk for 91% of the devices, demonstrating its applicability. We conclude that this approach is a reliable means for network operators to efficiently detect and act on risks emanating from IoT devices in their networks.