Thesis topic:
Defending against phishing attacks in IoT systems
- Supervisor: Abasi-Amefon Obot Affia
- contact: amefon.affia@ut.ee
- Phishing in the IoT environment significantly impacts organizations, individuals, and the government. According to Gartner, organizations have suffered losses of millions due to phishing attacks on various devices hosting and using their applications, and government institutions have been compromised. From the individual customer’s perspective, it will be difficult for them to rely on IoT devices again. Specifically, with the projected adoption of autonomous driving vehicles and other intelligent transport systems, an adequate defense against phishing attacks is crucial.
The goal of this study is to explore the IoT system attack surface for phishing attacks by analyzing its perception, network, and application layers, evaluate the security risk impact on the IoT users, and propose countermeasures. The research should cover possible phishing attacks requiring technical and non-technical subterfuge.
- Note: This topic can be adapted specifically for autonomous/connected vehicle systems and can be tested/evaluated with the help of the Autonomous Vehicle Lab.
- References
- 1. Abroshan, H., Devos, J., Poels, G., & Laermans, E. (2017, September). Phishing attacks root causes. In International Conference on Risks and Security of Internet and Systems (pp. 187-202). Springer, Cham.
- 2. Affia, A. A. O., Matulevičius, R., & Nolte, A. (2019, October). Security risk management in cooperative intelligent transportation systems: a systematic literature review. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" (pp. 282-300). Springer, Cham.
- 3. Abbas, S. G., Vaccari, I., Hussain, F., Zahid, S., Fayyaz, U. U., Shah, G. A., ... & Cambiaso, E. (2021). Identifying and mitigating phishing attack threats in IoT use cases using a threat modelling approach. Sensors, 21(14), 4816.