{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T21:05:18Z","timestamp":1767992718049,"version":"3.49.0"},"reference-count":23,"publisher":"SAGE Publications","issue":"5","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Fundamental Research Program of Shanxi Province","award":["20210302123131"],"award-info":[{"award-number":["20210302123131"]}]},{"name":"Fundamental Research Program of Shanxi Province","award":["20210302124395"],"award-info":[{"award-number":["20210302124395"]}]}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["International Journal of Distributed Sensor Networks"],"published-print":{"date-parts":[[2022,5]]},"abstract":"<jats:p> Device vulnerabilities emerge one after another in the Internet of thing environment, the attackers attack vulnerabilities on several low-level devices simultaneously by multi-step attack method to trigger the vulnerabilities on other high-level devices to damage or control the information system. Considering the correlation between device vulnerabilities, we proposed a method based on attack graph to evaluate vulnerability risk in order to ensure Internet of thing network security. First, according to the type, version, and other relevant information of device vulnerabilities in the Internet of thing environment, hidden Markov model can be used to model the association between device states. Second, analyze the possible attacks on the vulnerabilities on the device, and generate the attack graph according to the correlation between the device states and the relevant information of the vulnerabilities in the device. Finally, the vulnerabilities are objectively and accurately evaluated according to the attack graph. The experiments results show that the proposed method can map the relationship between devices more accurately and objectively and improve the efficiency and accuracy of the vulnerability evaluation. <\/jats:p>","DOI":"10.1177\/15501329221097817","type":"journal-article","created":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T09:11:13Z","timestamp":1651914673000},"page":"155013292210978","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":7,"title":["Vulnerability association evaluation of Internet of thing devices based on attack graph"],"prefix":"10.1177","volume":"18","author":[{"given":"Yao","family":"Ma","sequence":"first","affiliation":[{"name":"Taiyuan University of Technology, Taiyuan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5039-4381","authenticated-orcid":false,"given":"Yuting","family":"Wu","sequence":"additional","affiliation":[{"name":"Taiyuan University of Technology, Taiyuan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dan","family":"Yu","sequence":"additional","affiliation":[{"name":"Taiyuan University of Technology, Taiyuan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lv","family":"Ding","sequence":"additional","affiliation":[{"name":"Taiyuan University of Technology, Taiyuan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1000-1109","authenticated-orcid":false,"given":"Yongle","family":"Chen","sequence":"additional","affiliation":[{"name":"Taiyuan University of Technology, Taiyuan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"179","published-online":{"date-parts":[[2022,5,7]]},"reference":[{"issue":"2","key":"bibr1-15501329221097817","first-page":"288","volume":"16","author":"Periyasamy K","year":"2019","journal-title":"Int Arab J Inform Technol"},{"key":"bibr2-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2012.252"},{"key":"bibr3-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2021.3062700"},{"key":"bibr4-15501329221097817","first-page":"1","volume":"34","author":"Jin J","year":"2019","journal-title":"J Catastrophol"},{"key":"bibr5-15501329221097817","volume-title":"Proceedings of the 2020 39th Chinese control conference (CCC)","author":"Feng Y"},{"key":"bibr6-15501329221097817","unstructured":"Zhang J. Vulnerability analysis of false data injection attacks on supervisory control and data acquisition and phasor measurement units, Arizona State University, 2017, https:\/\/keep.lib.asu.edu\/_flysystem\/fedora\/c7\/187545\/Zhang_asu_0010E_17567.pdf"},{"key":"bibr7-15501329221097817","volume-title":"Proceedings of the 2019 international conference on computer communication and informatics (ICCCI)","author":"Musa T"},{"key":"bibr8-15501329221097817","volume-title":"Proceedings of the MILCOM 2011: military communications conference","author":"Collins MP."},{"key":"bibr9-15501329221097817","volume-title":"Proceedings of the 2015 international conference on intelligent information hiding and multimedia signal processing (IIH-MSP)","author":"Xianghui Z"},{"key":"bibr10-15501329221097817","unstructured":"Liu D, Honor\u00e9 A, Chatterjee S, et al. Powering hidden Markov model by neural network based generative models, 2019, https:\/\/www.researchgate.net\/publication\/336550686_Powering_Hidden_Markov_Model_by_Neural_Network_based_Generative_Models"},{"key":"bibr11-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1007\/s11222-021-10032-8"},{"key":"bibr12-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-020-03513-6"},{"issue":"2","key":"bibr13-15501329221097817","first-page":"145","volume":"16","author":"Zhang SW","year":"2015","journal-title":"J Inform Eng Univ"},{"key":"bibr14-15501329221097817","volume-title":"Proceedings of the 2018 IEEE 4th international conference on computer and communications (ICCC)","author":"Wang S"},{"key":"bibr15-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(21)00065-9"},{"key":"bibr16-15501329221097817","volume-title":"Proceedings of the 2017 18th IEEE\/ACIS international conference on software engineering, artificial intelligence, networking and parallel\/distributed computing (SNPD)","author":"Treetippayaruk S"},{"key":"bibr17-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2805690"},{"key":"bibr18-15501329221097817","first-page":"1838","volume":"41","author":"Yang Y","year":"2019","journal-title":"J Electron Inform Technol"},{"key":"bibr19-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1007\/s11859-018-1307-0"},{"key":"bibr20-15501329221097817","volume-title":"Proceedings of the 2013 international conference on anti-counterfeiting, security and identification (ASID)","author":"Yi S"},{"key":"bibr21-15501329221097817","doi-asserted-by":"publisher","DOI":"10.1109\/TMI.2019.2927289"},{"key":"bibr22-15501329221097817","doi-asserted-by":"crossref","unstructured":"Chu Z, Zhang J, Kosut O, et al. Vulnerability assessment of N-1 reliable power systems to false data injection attacks, 2019, https:\/\/researchain.net\/archives\/pdf\/Vulnerability-Assessment-Of-N-1-Reliable-Power-Systems-To-False-Data-Injection-Attacks-3522732","DOI":"10.1109\/SmartGridComm47815.2020.9302956"},{"key":"bibr23-15501329221097817","doi-asserted-by":"crossref","unstructured":"Noury Z, Rezaei M. Deep-CAPTCHA: a deep learning based CAPTCHA solver for vulnerability assessment, 2020, https:\/\/arxiv.org\/pdf\/2006.08296.pdf","DOI":"10.31219\/osf.io\/km35b"}],"container-title":["International Journal of Distributed Sensor Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/15501329221097817","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/journals.sagepub.com\/doi\/full-xml\/10.1177\/15501329221097817","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/journals.sagepub.com\/doi\/pdf\/10.1177\/15501329221097817","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T09:11:31Z","timestamp":1651914691000},"score":1,"resource":{"primary":{"URL":"http:\/\/journals.sagepub.com\/doi\/10.1177\/15501329221097817"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5]]},"references-count":23,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2022,5]]}},"alternative-id":["10.1177\/15501329221097817"],"URL":"https:\/\/doi.org\/10.1177\/15501329221097817","relation":{},"ISSN":["1550-1329","1550-1477"],"issn-type":[{"value":"1550-1329","type":"print"},{"value":"1550-1477","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5]]}}}