Risk Assessment Method of IoT Host Based on Attack Graph

With the rapid development and widespread application of the Internet of things (IoT), how to comprehensively and effectively evaluate the risk of the host in the IoT is of great significance. In the existing methods of evaluating IoT hosts based on attack graphs, the calculation of atomic attack probability and the asset value is unreasonable, and the impact of the association relationship between hosts on the risk value of the host is not considered. Aiming at the above problems, an IoT host risk assessment method based on an attack graph is proposed. First, the host-based attack graph is established according to the topology of the IoT, and then the vulnerability atomic attack probability and path attack probability are quantified according to multiple attribute values. After that, the improved weighted betweenness index is calculated from the perspective of the topology of the host-based attack graph. Furthermore, the asset value index weight is calculated by using the intercriteria correlation (CRITIC) method, and the host asset value is calculated according to the expert scoring results. Finally, the host risk is calculated according to the host attack probability, vulnerability impact value, the host improved weighted betweenness index, and the host asset value. The experimental results show that this method can evaluate the host risk in the IoT environment from a more comprehensive and reasonable point of view. The standard deviation of the host risk value is 0.09, which is increased by 25%, 13.9%, and 16.9% respectively compared with the asset correlation graph method, markov attack graph method and adjacency matrix method. This method facilitates the differentiation of the host's subsequent risk disposal priority.