An empirical analysis of evolutionary computing approaches for IoT security assessment

Abstract

The Internet of Things (IoT) strategy enables physical objects to easily produce, receive, and exchange data. IoT devices are getting more common in our daily lives, with diverse applications ranging from consumer sector to industrial and commercial systems. The rapid expansion and widespread use of IoT devices highlight the critical significance of solid and effective cybersecurity standards across the device development life cycle. Therefore, if vulnerability is exploited directly affects the IoT device and the applications. In this paper we investigated and assessed the various real-world critical IoT attacks/vulnerabilities that have affected IoT deployed in the commercial, industrial and consumer sectors since 2010. Subsequently, we evoke the vulnerabilities or type of attack, exploitation techniques, compromised security factors, intensity of vulnerability and impacts of the expounded real-world attacks/vulnerabilities. We first categorise how each attack affects information security parameters, and then we provide a taxonomy based on the security factors that are affected. Next, we perform a risk assessment of the security parameters that are encountered, using two well-known multi-criteria decision-making (MCDM) techniques namely Fuzzy-Analytic Hierarchy Process (F-AHP) and Fuzzy-Analytic Network Process (F-ANP) to determine the severity of severely impacted information security measures.