Threat model for securing internet of things (IoT) network at device-level

Syed Rizvi, Ryan Pipetti, Nicholas McIntyre, Jonathan Todd, Iyonna Williams

Research output: Contribution to journalArticlepeer-review

40 Scopus citations


The Internet of Things (IoT) creates a theoretical bridge between end-users and the digital world. The IoT embodies a massive group of interconnected computing devices embedded with software, processors, and sensors capable of exchanging and transmitting data over a network infrastructure. IoT technology has become prevalent among central domains such as healthcare, commerce, and home. However, the IoT can often be thought of as a double-edged sword, in that it both assists with advancements in the respective fields and poses a potential risk. The rapid expansion of the IoT raises concern, in many cases, security tends to lag behind innovation in the global marketplace. Moreover, the United States government has not established stringent regulations that oversee IoT devices. Our research analyzes critical devices and the associated vulnerabilities and highlights the need for implementation of rigorous security controls. Furthermore, our research evaluates attack vectors for IoT devices that encompass three central domains, including healthcare, commerce, and home. A synopsis of our contributions include identification of vulnerabilities at the device-level; investigation of security threats created due to known vulnerabilities; application of appropriate security controls to closeout vulnerabilities and minimize the possibility of a threat occurring. Finally, specifically tailored case studies, designed to illustrate how our recommendations can be used to mitigate threats.

Original languageEnglish (US)
Article number100240
JournalInternet of Things (Netherlands)
StatePublished - Sep 2020

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Science Applications
  • Information Systems
  • Software
  • Hardware and Architecture
  • Computer Science (miscellaneous)
  • Management of Technology and Innovation
  • Engineering (miscellaneous)


Dive into the research topics of 'Threat model for securing internet of things (IoT) network at device-level'. Together they form a unique fingerprint.

Cite this