Security for IoT | ScienceGate

The Internet of Things or IoT is billions of physical devices connected to the Internet. Its main premise is simply an extended type of connection, which can then be used as a basis for all kinds of functions. IoT describes a network of physical objects - "things" that are built into sensors, software and other technologies to connect and communicate with other devices and systems over the Internet. Problems of system protection, including the use of IoT devices are studied by many scientists and specialists in this field, but in today's world, not every manufacturer is ready to declare vulnerabilities and general insecurity of their products (devices). Throughout the IoT environment, from manufacturers to users, there are still many IoT security issues, such as manufacturing standards, update management, physical hardening, user knowledge and awareness. This article examines the vulnerabilities of the Internet of Things. The analysis of information transfer technologies of IoT devices (in particular ZigBee, Signfox and Bluetooth) is carried out. The most common threats that a user may encounter have been identified and analyzed. It is also established that usually not only the manufacturer poses a threat to the security of IoT devices. There are also a number of tips for users who want to reduce the risk of data leakage associated with vulnerabilities in the Internet of Things. Unfortunately, it is not uncommon for such devices to be incorrectly set up, used and stored. Extremely common is the user's refusal to update the software, which in turn leaves open those vulnerabilities that the manufacturer is trying to fix. The main purpose of the article is to determine the causes of security threats to the Internet of Things, by analyzing data transmission technologies, analysis of the threats themselves, identifying the most critical of them and ways to reduce the risk of data theft

Download Full-text

Cybersecurity and the Internet of Things

Zagadnienia Informacji Naukowej - Studia Informacyjne ◽

10.36702/zin.301 ◽

2016 ◽

Vol 54 (2(108)) ◽

pp. 22-36

Author(s):

Christopher Biedermann

Keyword(s):

Internet Of Things ◽

The Internet ◽

Security Threats ◽

Cyber Attack ◽

Security Issues ◽

Risk Approach ◽

Key Issues ◽

Iot Devices ◽

High Level ◽

The Internet Of Things

PURPOSE/THESIS: The purpose of this paper is to use a recent cyber-attack to highlight the current state of readiness of Internet of Things (IoT) technologies with regard to security vulnerabilities as well as fundamental – in the author’s opinion – changes that will need to take place within these industries and technologies to mitigate the overall cybersecurity risk. APPROACH/METHODS: The analysis of the findings from numerous existing published security studies. RESULTS AND CONCLUSIONS: The following conclusions were reached: (1) in the world becoming more and more interconnected through the web enabled devices (IoT devices), new forms of security threats have been developed; (2) at present IoT devices introduce a high level of vulnerability; (3) many of these risks may be mitigated with already existing technologies; (4) however, due to the fragmented and heterogeneous nature of the IoT devices, the implementation of even basic levels of security is more challenging than in the case of traditional Internet connected devices (e.g. personal computers); (5) the industry needs to face and address three key issues that will in turn help to mitigate the unique security threats posed by IoT devices, namely: the drive towards open standards, the industry cooperation and consolidation, and the improvement of consumer awareness. ORIGINALITY/VALUE: The value of the research is to highlight the security issues related to the Internet of Things and propose solutions that must be implemented to increase the level of security awareness within the IoT environment.

Download Full-text

Anomaly Detection in IoT Frameworks Using Machine Learning

Applied Approach to Privacy and Security for the Internet of Things - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-2444-2.ch004 ◽

2020 ◽

pp. 88-112

Author(s):

Phidahunlang Chyne ◽

Parag Chatterjee ◽

Sugata Sanyal ◽

Debdatta Kandar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Anomaly Detection ◽

Physical World ◽

The Internet ◽

Network Transport ◽

Machine Learning Model ◽

The World ◽

Iot Devices ◽

The Internet Of Things

Rapid advancements in hardware programming and communication innovations have encouraged the development of internet-associated sensory devices that give perceptions and information measurements from the physical world. According to the internet of things (IoT) analytics, more than 100 IoT devices across the world connect to the internet every second, which in the coming years will sharply increase the number of IoT devices by billions. This number of IoT devices incorporates new dynamic associations and does not totally replace the devices that were purchased before yet are not utilized any longer. As an increasing number of IoT devices advance into the world, conveyed in uncontrolled, complex, and frequently hostile conditions, securing IoT frameworks displays various challenges. As per the Eclipse IoT Working Group's 2017 IoT engineer overview, security is the top worry for IoT designers. To approach the challenges in securing IoT devices, the authors propose using unsupervised machine learning model at the network/transport level for anomaly detection.

Download Full-text

A survey on approaches to the protection of personal data gathered by IoT devices

10.7287/peerj.preprints.26473 ◽

2018 ◽

Author(s):

Henry Tranter

Keyword(s):

Internet Of Things ◽

Personal Data ◽

The Internet ◽

Ideal Solution ◽

Security Systems ◽

Personal Lives ◽

Is Security ◽

The World ◽

Iot Devices ◽

The Internet Of Things

Security is always at the forefront of developing technologies. One can seldom go a week without hearing of a new data breach or hacking attempt from various groups around the world, often taking advantage of a simple flaw in a system’s architecture. The Internet of Things (IoT) is one of these developing technologies which may be at risk of such attacks. IoT devices are becoming more and more prevalent in everyday life. From keeping track of an individual’s health, to suggesting meals from items available in an individual’s fridge, these technologies are taking a much larger role in the personal lives of their users. With this in mind, how is security being considered in the development of these technologies? Are these devices that monitor individual’s personal lives just additional vectors for potential data theft? Throughout this survey, various approaches to the development of security systems concerning IoT devices in the home will be discussed, compared, and contrasted in the hope of providing an ideal solution to the problems this technology may produce.

Download Full-text

A survey on approaches to the protection of personal data gathered by IoT devices

10.7287/peerj.preprints.26473v2 ◽

2018 ◽

Author(s):

Henry Tranter

Keyword(s):

Internet Of Things ◽

Personal Data ◽

The Internet ◽

Ideal Solution ◽

Security Systems ◽

Personal Lives ◽

Is Security ◽

The World ◽

Iot Devices ◽

The Internet Of Things

Security is always at the forefront of developing technologies. One can seldom go a week without hearing of a new data breach or hacking attempt from various groups around the world, often taking advantage of a simple flaw in a system’s architecture. The Internet of Things (IoT) is one of these developing technologies which may be at risk of such attacks. IoT devices are becoming more and more prevalent in everyday life. From keeping track of an individual’s health, to suggesting meals from items available in an individual’s fridge, these technologies are taking a much larger role in the personal lives of their users. With this in mind, how is security being considered in the development of these technologies? Are these devices that monitor individual’s personal lives just additional vectors for potential data theft? Throughout this survey, various approaches to the development of security systems concerning IoT devices in the home will be discussed, compared, and contrasted in the hope of providing an ideal solution to the problems this technology may produce.

Download Full-text

COSMOS: Collaborative, Seamless and Adaptive Sentinel for the Internet of Things

Sensors ◽

10.3390/s19071492 ◽

2019 ◽

Vol 19 (7) ◽

pp. 1492 ◽

Cited By ~ 6

Author(s):

Pantaleone Nespoli ◽

David Useche Pelaez ◽

Daniel Díaz López ◽

Félix Gómez Mármol

Keyword(s):

Internet Of Things ◽

Real World ◽

Smart Devices ◽

Raspberry Pi ◽

The Internet ◽

Security Issues ◽

Dynamic Scenario ◽

Computer Based ◽

Iot Devices ◽

The Internet Of Things

The Internet of Things (IoT) became established during the last decade as an emerging technology with considerable potentialities and applicability. Its paradigm of everything connected together penetrated the real world, with smart devices located in several daily appliances. Such intelligent objects are able to communicate autonomously through already existing network infrastructures, thus generating a more concrete integration between real world and computer-based systems. On the downside, the great benefit carried by the IoT paradigm in our life brings simultaneously severe security issues, since the information exchanged among the objects frequently remains unprotected from malicious attackers. The paper at hand proposes COSMOS (Collaborative, Seamless and Adaptive Sentinel for the Internet of Things), a novel sentinel to protect smart environments from cyber threats. Our sentinel shields the IoT devices using multiple defensive rings, resulting in a more accurate and robust protection. Additionally, we discuss the current deployment of the sentinel on a commodity device (i.e., Raspberry Pi). Exhaustive experiments are conducted on the sentinel, demonstrating that it performs meticulously even in heavily stressing conditions. Each defensive layer is tested, reaching a remarkable performance, thus proving the applicability of COSMOS in a distributed and dynamic scenario such as IoT. With the aim of easing the enjoyment of the proposed sentinel, we further developed a friendly and ease-to-use COSMOS App, so that end-users can manage sentinel(s) directly using their own devices (e.g., smartphone).

Download Full-text

Smart Internet of Things (IoT) Applications

Handbook of Research on Implementation and Deployment of IoT Projects in Smart Cities - Advances in Civil and Industrial Engineering ◽

10.4018/978-1-5225-9199-3.ch003 ◽

2019 ◽

pp. 33-42

Author(s):

Rahul Verma

Keyword(s):

Internet Of Things ◽

Cyber Physical Systems ◽

Security And Privacy ◽

Smart Device ◽

The Internet ◽

Iot Applications ◽

Individual Concepts ◽

The World ◽

Iot Devices ◽

The Internet Of Things

The internet of things (IoT) is the new buzzword in technological corridors with most technology companies announcing a smart device of sorts that runs on internet of things (IoT). Cities around the world are getting “smarter” every day through the implementation of internet of things (IoT) devices. Cities around the world are implementing individual concepts on their way to becoming smart. The services are automated and integrated end to end using internet of things (IoT) devices. The chapter presents an array of internet of things (IoT) applications. Also, cyber physical systems are becoming more vulnerable since the internet of things (IoT) attacks are common and threatening the security and privacy of such systems. The main aim of this chapter is to bring more research in the application aspects of smart internet of things (IoT).

Download Full-text

Addressing Security Issues of the Internet of Things Using Physically Unclonable Functions

Research Anthology on Blockchain Technology in Business, Healthcare, Education, and Government ◽

10.4018/978-1-7998-5351-0.ch020 ◽

2021 ◽

pp. 333-350

Author(s):

Ishfaq Sultan ◽

Mohammad Tariq Banday

Keyword(s):

Internet Of Things ◽

Hardware Implementation ◽

Hardware Security ◽

The Internet ◽

Huge Number ◽

Security Issues ◽

Physically Unclonable Functions ◽

Iot Devices ◽

The Internet Of Things

The spatial ubiquity and the huge number of employed nodes monitoring the surroundings, individuals, and devices makes security a key challenge in IoT. Serious security apprehensions are evolving in terms of data authenticity, integrity, and confidentiality. Consequently, IoT requires security to be assured down to the hardware level, as the authenticity and the integrity need to be guaranteed in terms of the hardware implementation of each IoT node. Physically unclonable functions recreate the keys only while the chip is being powered on, replacing the conventional key storage which requires storing information. Compared to extrinsic key storage, they are able to generate intrinsic keys and are far less susceptible against physical attacks. Physically unclonable functions have drawn considerable attention due to their ability to economically introduce hardware-level security into individual silicon dice. This chapter introduces the notion of physically unclonable functions, their scenarios for hardware security in IoT devices, and their interaction with traditional cryptography.

Download Full-text

Blockchain With the Internet of Things

Advances in Information Security, Privacy, and Ethics - Enabling Blockchain Technology for Secure Networking and Communications ◽

10.4018/978-1-7998-5839-3.ch009 ◽

2021 ◽

pp. 202-228

Author(s):

Kamalendu Pal

Keyword(s):

Information Systems ◽

Internet Of Things ◽

Manufacturing Industry ◽

The Internet ◽

Enterprise Information ◽

Privacy And Security ◽

Security Issues ◽

Iot Applications ◽

Iot Devices ◽

The Internet Of Things

The internet of things (IoT) is ushering a new age of technology-driven automation of information systems into the manufacturing industry. One of the main concerns with IoT systems is the lack of privacy and security preserving schemes for controlling access and ensuring the safety of the data. Many security issues arise because of the centralized architecture of IoT-based information systems. Another concern is the lack of appropriate authentication and access control schemes to moderate the access to information generated by the IoT devices in the manufacturing industry. Hence, the question that arises is how to ensure the identity of the manufacturing machinery or the communication nodes. This chapter presents the advantages of blockchain technology to secure the operation of the modern manufacturing industry in a trustless environment with IoT applications. The chapter reviews the challenges and threats in IoT applications and how integration with blockchain can resolve some of the manufacturing enterprise information systems (EIS).

Download Full-text

A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things

ACM Transactions on Internet of Things ◽

10.1145/3466721 ◽

2021 ◽

Vol 2 (4) ◽

pp. 1-23

Author(s):

Morshed Chowdhury ◽

Biplob Ray ◽

Sujan Chowdhury ◽

Sutharshan Rajasegarar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Network Traffic ◽

The Internet ◽

Traffic Data ◽

Lossy Networks ◽

Insider Attack ◽

Iot Devices ◽

The Impact ◽

The Internet Of Things

Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack , that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.

Download Full-text