Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

Comprehensive Information Security Evaluation Model Based on Multi-Level Decomposition Feedback for IoT

Jinxin Zuo1, 3, Yueming Lu1, 3, *, Hui Gao2, 3, Ruohan Cao2, 3, Ziyv Guo2, 3, Jim Feng4

1 School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, 100876, China.
2 School of Information and Communication Engineering, Beijing University of Posts and Telecommunications, Beijing, 100876, China.
3 Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing, 100876, China.
4 Amphenol Global Interconnect Systems, San Jose, CA 95131, USA.

* Corresponding Author: Yueming Lu. Email: email.

Computers, Materials & Continua 2020, 65(1), 683-704. https://doi.org/10.32604/cmc.2020.010793

Abstract

The development of the Internet of Things (IoT) calls for a comprehensive information security evaluation framework to quantitatively measure the safety score and risk (S&R) value of the network urgently. In this paper, we summarize the architecture and vulnerability in IoT and propose a comprehensive information security evaluation model based on multi-level decomposition feedback. The evaluation model provides an idea for information security evaluation of IoT and guides the security decision maker for dynamic protection. Firstly, we establish an overall evaluation indicator system that includes four primary indicators of threat information, asset, vulnerability, and management, respectively. It also includes eleven secondary indicators of system protection rate, attack detection rate, confidentiality, availability, controllability, identifiability, number of vulnerabilities, vulnerability hazard level, staff organization, enterprise grading and service continuity, respectively. Then, we build the core algorithm to enable the evaluation model, wherein a novel weighting technique is developed and a quantitative method is proposed to measure the S&R value. Moreover, in order to better supervise the performance of the proposed evaluation model, we present four novel indicators includes residual risk, continuous conformity of residual risk, head-to-tail consistency and decrease ratio, respectively. Simulation results show the advantages of the proposed model in the evaluation of information security for IoT.

Keywords


Cite This Article

J. Zuo, Y. Lu, H. Gao, R. Cao, Z. Guo et al., "Comprehensive information security evaluation model based on multi-level decomposition feedback for iot," Computers, Materials & Continua, vol. 65, no.1, pp. 683–704, 2020.

Citations




cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2286

    View

  • 1633

    Download

  • 0

    Like

Share Link