Work item:
|
TR.st-iot
|
Subject/title:
|
Technical Report: Security threat scenarios in Internet of Things
|
Status:
|
Under study
|
Approval process:
|
Agreement
|
Type of work item:
|
Technical report
|
Version:
|
New
|
Equivalent number:
|
-
|
Timing:
|
2025-08 (Medium priority)
|
Liaison:
|
ITU-T SG20, ITU-D SG2
|
Supporting members:
|
Brazil, United States
|
Summary:
|
The Internet of Things (IoT) applications span from smart homes and wearable devices to industrial machinery and healthcare systems, offering convenience, efficiency, and improved decision-making capabilities. However, the rapid proliferation of IoT devices brings forth heightened security concerns. The interconnected nature and vast network of devices create potential vulnerabilities, making them attractive targets for cyberattacks. It's crucial to comprehend common attacks such as distributed denial-of-service (DDoS), man-in-the-middle (MitM), and device spoofing, among others, to fortify IoT systems. Understanding these threats is essential to implement robust security measures, encryption protocols, and regular software updates, safeguarding the integrity, confidentiality, and availability of IoT networks and the data they handle.
This technical report focuses on common security attacks that usually threaten Internet of Things devices and applications. This document presents a description for 31 attacks common to IoT scenarios. For each attack, there is a brief description, a simple figure, and possible mitigations. Furthermore, there is also a rating considering the STRIDE threat model and the Common Vulnerability Score System (CVSS).
|
Comment:
|
-
|
Reference(s):
|
|
|
Historic references:
|
Contact(s):
|
|
ITU-T A.5 justification(s): |
|
|
|
First registration in the WP:
2024-03-12 09:32:31
|
Last update:
2024-09-18 09:22:59
|
|