AI-enabled IoT penetration testing: state-of-the-art and research challenges

被引:13
作者
Greco, Claudia [1 ]
Fortino, Giancarlo [1 ]
Crispo, Bruno [2 ]
Choo, Kim-Kwang Raymond [3 ]
机构
[1] Univ Calabria, Dept Informat Modeling Elect & Syst Engn DIMES, Arcavacata Di Rende, CS, Italy
[2] Univ Trento, Dept Informat Engn & Comp Sci DISI, Trento, Italy
[3] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX USA
来源
ENTERPRISE INFORMATION SYSTEMS | 2023年 / 17卷 / 09期
关键词
AI; IoT security; penetration testing; internet of things; Industry; 4; 0; edge computing; SECURITY; FRAMEWORK; INTERNET; THREATS; ISSUES; THINGS; EDGE;
D O I
10.1080/17517575.2022.2130014
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Internet of Things (IoT) is gaining importance as its applications are found in many critical infrastructure sectors (e.g., Industry 4.0, healthcare, transportation, and commercial facilities). This reinforces the importance of investigating the security risks associated with IoT deployment. Hence, in this paper, we perform a comprehensive review of the literature on penetration testing of IoT devices and systems. Specifically, a total of 99 articles published between 2015 and 2021 was reviewed to identify existing and potential IoT penetration testing applications and proposed approaches. We finally provide recent advances of AI-enabled penetration testing methods that can notably be performed at the network edge.
引用
收藏
页数:25
相关论文
共 123 条
[1]  
Abdalla PeshrawAhmed., 2020, 2020 8 INT S DIGITAL, P1
[2]   Web-based Attacks to Discover and Control Local IoT Devices [J].
Acar, Gunes ;
Huang, Danny Yuxing ;
Li, Frank ;
Narayanan, Arvind ;
Feamster, Nick .
PROCEEDINGS OF THE 2018 WORKSHOP ON IOT SECURITY AND PRIVACY (IOT S&P '18), 2018, :29-35
[3]   A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security [J].
Al-Garadi, Mohammed Ali ;
Mohamed, Amr ;
Al-Ali, Abdulla Khalid ;
Du, Xiaojiang ;
Ali, Ihsan ;
Guizani, Mohsen .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2020, 22 (03) :1646-1685
[4]   SoK: Security Evaluation of Home-Based IoT Deployments [J].
Alrawi, Omar ;
Lever, Chaz ;
Antonakakis, Manos ;
Monrose, Fabian .
2019 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2019), 2019, :1362-1380
[5]  
Alshahrani H., 2018, 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT), P1, DOI [10.1109/LISAT.2018.8378035, DOI 10.1109/LISAT.2018.8378035]
[6]   A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities [J].
Alshamrani, Adel ;
Myneni, Sowmya ;
Chowdhary, Ankur ;
Huang, Dijiang .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2019, 21 (02) :1851-1877
[7]   Requirements and Recommendations for IoT/IIoT Models to automate Security Assurance through Threat Modelling, Security Analysis and Penetration Testing [J].
Ankele, Ralph ;
Marksteiner, Stefan ;
Nahrgang, Kai ;
Vallant, Heribert .
14TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2019), 2019,
[8]  
[Anonymous], 2010, 2010 INT C BROADBAND, DOI DOI 10.1109/BWCCA.2010.85
[9]   Hacking NHS Pacemakers: A Feasibility Study [J].
Beavers, Jake L. ;
Faulks, Michael ;
Marchang, Jims .
PROCEEDINGS OF 2019 IEEE 12TH INTERNATIONAL CONFERENCE ON GLOBAL SECURITY, SAFETY AND SUSTAINABILITY (ICGS3-2019), 2019, :34-40
[10]   Penetration testing framework for smart contract Blockchain [J].
Bhardwaj, Akashdeep ;
Shah, Syed Bilal Hussian ;
Shankar, Achyut ;
Alazab, Mamoun ;
Kumar, Manoj ;
Gadekallu, Thippa Reddy .
PEER-TO-PEER NETWORKING AND APPLICATIONS, 2021, 14 (05) :2635-2650
12345678910