TY  - EJOU
AU  - Yun, Tae-hyeon 
AU  - Min, Moohong 

TI  - MITRE ATT\&CK-Driven Threat Analysis for Edge-IoT Environment and a Quantitative Risk Scoring Model
T2  - Computer Modeling in Engineering \& Sciences

PY  - 2025
VL  - 145
IS  - 2
SN  - 1526-1506

AB  - The dynamic, heterogeneous nature of Edge computing in the Internet of Things (Edge-IoT) and Industrial IoT (IIoT) networks brings unique and evolving cybersecurity challenges. This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework by MITRE and introduces a lightweight, data-driven scoring model that enables rapid identification and prioritization of attacks. Inspired by the Factor Analysis of Information Risk model, our proposed scoring model integrates four key metrics: Common Vulnerability Scoring System (CVSS)-based severity scoring, Cyber Kill Chain–based difficulty estimation, Deep Neural Networks-driven detection scoring, and frequency analysis based on dataset prevalence. By aggregating these indicators, the model generates comprehensive risk profiles, facilitating actionable prioritization of threats. Robustness and stability of the scoring model are validated through non-parametric correlation analysis using Spearman’s and Kendall’s rank correlation coefficients, demonstrating consistent performance across diverse scenarios. The approach culminates in a prioritized attack ranking that provides actionable guidance for risk mitigation and resource allocation in Edge-IoT/IIoT security operations. By leveraging real-world data to align MITRE ATT&CK techniques with CVSS metrics, the framework offers a standardized and practically applicable solution for consistent threat assessment in operational settings. The proposed lightweight scoring model delivers rapid and reliable results under dynamic cyber conditions, facilitating timely identification of attack scenarios and prioritization of response strategies. Our systematic integration of established taxonomies with data-driven indicators strengthens practical risk management and supports strategic planning in next-generation IoT deployments. Ultimately, this work advances adaptive threat modeling for Edge/IIoT ecosystems and establishes a robust foundation for evidence-based prioritization in emerging cyber-physical infrastructures.
KW  - MITRE ATT&CK; edge environment; IoT; threat analysis; quantitative analysis; deep neural network; CVSS; risk assessment; scoring model

DO  - 10.32604/cmes.2025.072357