Towards a conceptual framework of OSH risk management in smart working environments based on smart PPE, ambient intelligence and the Internet of Things technologies.
In this paper we propose an ontology-based framework for the Internet of Things (IoT) to safeguard against Advanced Persistent Threats (APTs). The framework grasps the understanding of attack kill-chain, leveraged attack patterns and vulnerabilities and aligns them with network semantics to gauge their applicability on IoT systems. Followed by that, it automatically infers efficient solutions for changing attack tactics by performing cost-benefit analysis of viable countermeasures through rule-based ontology reasoning. Our work leverages existing ontologies of well-known Cyber Threat Intelligence (CTI) standards by extending them with new concepts and aligning with a novel IoT ontology. The framework automatically extracts relevant information from XML-based threat feeds, populates it as ontology instances and maps it with IoT configurations to perform the desired reasoning. The practicality of approach has been illustrated by evaluating a sample IoT network against a variety of real-world APTs.