Cyber Value At Risk Model for IoT Ecosystems

• URL: http://arxiv.org/abs/2504.17054v1
• Date: Wed, 23 Apr 2025 19:03:17 GMT
• Title: Cyber Value At Risk Model for IoT Ecosystems
• Authors: Goksel Kucukkaya, Murat Ozer, Emrah Ugurlu,
• Abstract summary: The Internet of Things (IoT) presents unique cybersecurity challenges due to its interconnected nature and diverse application domains.<n>This paper explores the application of Cyber Value-at-Risk (Cy-VaR) models to assess and mitigate cybersecurity risks in IoT environments.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The Internet of Things (IoT) presents unique cybersecurity challenges due to its interconnected nature and diverse application domains. This paper explores the application of Cyber Value-at-Risk (Cy-VaR) models to assess and mitigate cybersecurity risks in IoT environments. Cy-VaR, rooted in Value at Risk principles, provides a framework to quantify the potential financial impacts of cybersecurity incidents. Initially developed to evaluate overall risk exposure across scenarios, our approach extends Cy-VaR to consider specific IoT layers: perception, network, and application. Each layer encompasses distinct functionalities and vulnerabilities, from sensor data acquisition (perception layer) to secure data transmission (network layer) and application-specific services (application layer). By calculating Cy- VaR for each layer and scenario, organizations can prioritize security investments effectively. This paper discusses methodologies and models, including scenario-based Cy-VaR and layer-specific risk assessments, emphasizing their application in enhancing IoT cybersecurity resilience.

Related papers

• A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments [55.60375624503877]
  Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data.<n>This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements.<n>We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services.
  arXiv  Detail & Related papers  (2025-02-22T03:46:50Z)
• SoK: Unifying Cybersecurity and Cybersafety of Multimodal Foundation Models with an Information Theory Approach [58.93030774141753]
  Multimodal foundation models (MFMs) represent a significant advancement in artificial intelligence. This paper conceptualizes cybersafety and cybersecurity in the context of multimodal learning. We present a comprehensive Systematization of Knowledge (SoK) to unify these concepts in MFMs, identifying key threats.
  arXiv  Detail & Related papers  (2024-11-17T23:06:20Z)
• SecCodePLT: A Unified Platform for Evaluating the Security of Code GenAI [47.11178028457252]
  We develop SecCodePLT, a unified and comprehensive evaluation platform for code GenAIs' risks. For insecure code, we introduce a new methodology for data creation that combines experts with automatic generation. For cyberattack helpfulness, we construct samples to prompt a model to generate actual attacks, along with dynamic metrics in our environment.
  arXiv  Detail & Related papers  (2024-10-14T21:17:22Z)
• AI security and cyber risk in IoT systems [9.461216629856853]
  We present a dependency model tailored to the context of current challenges in data strategies. The model can be used for cyber risk estimation and assessment and generic risk impact assessment.
  arXiv  Detail & Related papers  (2024-10-11T18:54:02Z)
• EARBench: Towards Evaluating Physical Risk Awareness for Task Planning of Foundation Model-based Embodied AI Agents [53.717918131568936]
  Embodied artificial intelligence (EAI) integrates advanced AI models into physical entities for real-world interaction.<n>Foundation models as the "brain" of EAI agents for high-level task planning have shown promising results.<n>However, the deployment of these agents in physical environments presents significant safety challenges.<n>This study introduces EARBench, a novel framework for automated physical risk assessment in EAI scenarios.
  arXiv  Detail & Related papers  (2024-08-08T13:19:37Z)
• "Glue pizza and eat rocks" -- Exploiting Vulnerabilities in Retrieval-Augmented Generative Models [74.05368440735468]
  Retrieval-Augmented Generative (RAG) models enhance Large Language Models (LLMs) In this paper, we demonstrate a security threat where adversaries can exploit the openness of these knowledge bases.
  arXiv  Detail & Related papers  (2024-06-26T05:36:23Z)
• Dynamic Vulnerability Criticality Calculator for Industrial Control Systems [0.0]
  This paper introduces an innovative approach by proposing a dynamic vulnerability criticality calculator. Our methodology encompasses the analysis of environmental topology and the effectiveness of deployed security mechanisms. Our approach integrates these factors into a comprehensive Fuzzy Cognitive Map model, incorporating attack paths to holistically assess the overall vulnerability score.
  arXiv  Detail & Related papers  (2024-03-20T09:48:47Z)
• Generative AI for Secure Physical Layer Communications: A Survey [80.0638227807621]
  Generative Artificial Intelligence (GAI) stands at the forefront of AI innovation, demonstrating rapid advancement and unparalleled proficiency in generating diverse content. In this paper, we offer an extensive survey on the various applications of GAI in enhancing security within the physical layer of communication networks. We delve into the roles of GAI in addressing challenges of physical layer security, focusing on communication confidentiality, authentication, availability, resilience, and integrity.
  arXiv  Detail & Related papers  (2024-02-21T06:22:41Z)
• Assessing Risks and Modeling Threats in the Internet of Things [0.0]
  We develop an IoT attack taxonomy that describes the adversarial assets, adversarial actions, exploitable vulnerabilities, and compromised properties that are components of any IoT attack. We use this IoT attack taxonomy as the foundation for designing a joint risk assessment and maturity assessment framework. The usefulness of this IoT framework is highlighted by case study implementations in the context of multiple industrial manufacturing companies.
  arXiv  Detail & Related papers  (2021-10-14T23:36:00Z)
• Automated Security Assessment for the Internet of Things [6.690766107366799]
  We propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions. This security model automatically assesses the security of the IoT network by capturing potential attack paths.
  arXiv  Detail & Related papers  (2021-09-09T04:42:24Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.