Abstract
Current intelligent devices in Home Internet, such as routers and cameras, have suffered malicious attacks from hackers. Therefore, security for Home Internet appears particularly significant. In order to have a quantitative evaluation of security defense ability of Home Internet system, this paper proposes an improved vulnerability scoring method on Home Internet based on Information Security Technology Security Vulnerability Classification Guide. Compared to original scoring method which is mainly based on Internet, this improved scoring performs differently. It’s aimed to have a quantitative evaluation on security defense effectiveness of Home Internet system: higher vulnerability score indicates higher threaten degree and relatively weak defense ability. In this paper, the Home Internet system takes dynamically-enabled defense technology (randomly changes system status) to make defense. Through calculating vulnerability scores before and after random changes of system status, this paper succeeds in making a quantitative evaluation on security defense ability of Home Internet system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Yang, Y., et al.: General theory of security and a study case in internet of things. IEEE Internet Things J. 4(2), 1 (2016)
Verma, H., Jain, M., Goel, K., Virkram, A., Verma, G.: Smart home system based on Internet of Things. In: 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom), pp. 2073–2075. IEEE, 31 October 2016
Salamat, B., Jackson, T., Wagner, G., et al.: Runtime defense against code injection attacks using replicated execution. IEEE Trans. Dependable Secure Comput. 8(4), 588–601 (2011)
Lin, Y., Quan, Y.: Dynamially-Enabled Cyberspace Defense, 1st edn. The People’s Posts and Telecommunications Press (Posts & Telecom Press), Beijing (2016). pp. 214–215
Liu, Y., Hu, S., Ho, T.-Y.: Vulnerability assessment and defense technology for smart home cybersecurity considering pricing cyberattacks. In: Computer-Aided Design (ICCAD), pp. 183-190. IEEE, 08 January 2015
Antunes, N., Vieira, M.: Defending against Web Application Vulnerabilities. Computer 45(2), 66–72 (2011)
Liu, Q., Zhang, Y., Zhang, Y., et al.: Research on key technologies of security vulnerability classification. J. Commun. (s1), 79–87 (2012)
Srivatsa, M., Liu, L.: Vulnerabilities and security threats in structured overlay networks: a quantitative analysis. In: 2004 20th Annual Computer Security Applications Conference. IEEE, pp. 252–261 (2005)
Li, X., Chang, X., John, A.B., et al.: A novel approach for software vulnerability classification. In: 2017 Annual Reliability and Maintainability Symposium (RAMS), pp. 1–7. IEEE, 30 March 2017
Jin, S., Wang, Y., Cui, X., et al.: A review of classification method for network vulnerability. In: IEEE International Conference on System, Man and Cybernetics (SMC), pp. 1171–1175. IEEE, 04 December 2009
Acknowledgements
We would like to thank all anonymous reviewers for their helpful advice and comments. This work is supported by the CCF-Venustech Hongyan Research Initiative (2016-009), PAPD fund and the CICAEET fund.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Wang, T., Lei, M., Chen, J., Deng, S., Yang, Y. (2017). Dynamically-Enabled Defense Effectiveness Evaluation in Home Internet Based on Vulnerability Analysis. In: Sun, X., Chao, HC., You, X., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2017. Lecture Notes in Computer Science(), vol 10603. Springer, Cham. https://doi.org/10.1007/978-3-319-68542-7_71
Download citation
DOI: https://doi.org/10.1007/978-3-319-68542-7_71
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68541-0
Online ISBN: 978-3-319-68542-7
eBook Packages: Computer ScienceComputer Science (R0)