Dublin Core The Dublin Core metadata element set is common to all Omeka records, including items, files, and collections. For more information see, http://dublincore.org/documents/dces/. Title A name given to the resource Book Chapter Book Chapter Faculty Publications- Book Chapter Dublin Core The Dublin Core metadata element set is common to all Omeka records, including items, files, and collections. For more information see, http://dublincore.org/documents/dces/. Title A name given to the resource A Gradational Approach for Auditing IoT Security Vulnerability: Case Study of Smart Home Devices Description An account of the resource The world is experiencing a rapid convergence of physical and cyber systems, as objects used in day-to-day life are connected over the Internet. These Internet of Things (IoT) devices are mass produced, but ensure its usage in routine life. The impact of IoT in human life ranges from simple household equipment to life-critical devices. Owing to the diversity, both in application and nature, the security on these devices and their applications has become a major concern. In spite of having many security frameworks and compliance regulations, attacks on IoTs are exponentially growing. A handful of security frameworks are available for ensuring the security, there are very few frameworks proposed for auditing the security. Confidentiality, Integrity and Availability, which are the pillars of security in IoT, are found missing or found to have been implemented with flaws. An IoT security audit is one good solution that has proven a success in the literature but challenging as the high-level standards cannot be applied to low-level devices and applications. In addition, the challenges of audits include heterogeneity of IoT and lack of expert resources. IoT and related products reached market very quickly before it could be subjected to the complete audit procedures or, in other words, the time taken for a new IoT device or application to be developed is much less than the time taken for developing a security audit mechanism. Hence, to enable an efficient security auditing of IoT devices, a definite and dynamic framework is needed that can propose feasible policies, automatic collection and analysis of audit data and tailor-made procedures for risk assessment, risk control and risk mitigation. This chapter focuses on the auditing of security vulnerability in IoT devices. A gradational methodology is proposed for extracting the feasible security checks from leading standards and guidelines in the IoT domain. To exploit its efficiency, the proposed method is applied to a smart home with IoT enabled devices. Performance metrics such as efficiency, accuracy, and scalability are evaluated. The experiments were carried out in a simulated environment with IoT devices. The results were highly satisfying as the proposed method could do efficient and accurate auditing for seven hundred smart homes in a time of less than fifteen minutes. 2025 Taylor &amp; Francis Group, LLC. Creator An entity primarily responsible for making the resource Rajagopal M.; Ramkumar S. Source A related resource from which the described resource is derived Internet of Things Vulnerabilities and Recovery Strategies, pp. 87-101. Publisher An entity responsible for making the resource available CRC Press Date A point or period of time associated with an event in the lifecycle of the resource 2024-01-01 Identifier An unambiguous reference to the resource within a given context <a href="https://doi.org/10.1201/9781003474838-6" target="_blank" rel="noreferrer noopener">https://doi.org/10.1201/9781003474838-6</a> <br /><br /><a href="https://www.scopus.com/inward/record.uri?eid=2-s2.0-85199159509&amp;doi=10.1201%2F9781003474838-6&amp;partnerID=40&amp;md5=86524daad059099942887a08a6d7ee2b" target="_blank" rel="noreferrer noopener">https://www.scopus.com/inward/record.uri?eid=2-s2.0-85199159509&amp;doi=10.1201%2f9781003474838-6&amp;partnerID=40&amp;md5=86524daad059099942887a08a6d7ee2b</a> Rights Information about rights held in and over the resource Restricted Access Relation A related resource ISBN: 978-104002562-8; 978-103247331-4 Format The file format, physical medium, or dimensions of the resource Online Language A language of the resource English Type The nature or genre of the resource Book chapter Coverage The spatial or temporal topic of the resource, the spatial applicability of the resource, or the jurisdiction under which the resource is relevant Rajagopal M., Lean Operations and Systems, School of Business and Management, CHRIST (Deemed to be University), Karnataka, Bangalore, India; Ramkumar S., Department of Computer Science, School of Sciences, CHRIST (Deemed to be University), Karnataka, Bangalore, India