IOT Security Challenges and Measures to Mitigate:              Novel Perspectives

Security is always at the forefront of developing technologies. One can seldom go a week without hearing of a new data breach or hacking attempt from various groups around the world, often taking advantage of a simple flaw in a system’s architecture. The Internet of Things (IoT) is one of these developing technologies which may be at risk of such attacks. IoT devices are becoming more and more prevalent in everyday life. From keeping track of an individual’s health, to suggesting meals from items available in an individual’s fridge, these technologies are taking a much larger role in the personal lives of their users. With this in mind, how is security being considered in the development of these technologies? Are these devices that monitor individual’s personal lives just additional vectors for potential data theft? Throughout this survey, various approaches to the development of security systems concerning IoT devices in the home will be discussed, compared, and contrasted in the hope of providing an ideal solution to the problems this technology may produce.

Download Full-text

A survey on approaches to the protection of personal data gathered by IoT devices

10.7287/peerj.preprints.26473v2 ◽

2018 ◽

Author(s):

Henry Tranter

Keyword(s):

Internet Of Things ◽

Personal Data ◽

The Internet ◽

Ideal Solution ◽

Security Systems ◽

Personal Lives ◽

Is Security ◽

The World ◽

Iot Devices ◽

The Internet Of Things

Security is always at the forefront of developing technologies. One can seldom go a week without hearing of a new data breach or hacking attempt from various groups around the world, often taking advantage of a simple flaw in a system’s architecture. The Internet of Things (IoT) is one of these developing technologies which may be at risk of such attacks. IoT devices are becoming more and more prevalent in everyday life. From keeping track of an individual’s health, to suggesting meals from items available in an individual’s fridge, these technologies are taking a much larger role in the personal lives of their users. With this in mind, how is security being considered in the development of these technologies? Are these devices that monitor individual’s personal lives just additional vectors for potential data theft? Throughout this survey, various approaches to the development of security systems concerning IoT devices in the home will be discussed, compared, and contrasted in the hope of providing an ideal solution to the problems this technology may produce.

Download Full-text

Internet of Things (IoT) Security and Privacy

Powering the Internet of Things With 5G Networks - Advances in Wireless Technologies and Telecommunication ◽

10.4018/978-1-5225-2799-2.ch010 ◽

2018 ◽

pp. 247-267

Author(s):

Muawya N. Al Dalaien ◽

Ameur Bensefia ◽

Salam A. Hoshang ◽

Abdul Rahman A. Bathaqili

Keyword(s):

Internet Of Things ◽

Security And Privacy ◽

The Internet ◽

Privacy Concern ◽

Computing Systems ◽

Iot Security ◽

Privacy Issues ◽

The Internet Of Things ◽

Security Concern ◽

The Way

In recent years the Internet of Things (IoT) has rapidly become a revolutionary technological invention causing significant changes to the way both corporate computing systems, and even household gadgets and appliances, are designed and manufactured. The aim of this chapter is to highlight the security and privacy issues that may affect the evolution of IoT technology. The privacy issues are discussed from customer perspectives: first, the IoT privacy concern where the privacy debates on IoT and the IoT privacy that reflected from users' perspective based on the examination of previous researches results. In addition, the different architectures for IoT are discussed. Finally, the chapter discusses the IoT security concern by collecting, analyzing and presenting the major IoT security concerns in the literature as well as providing some potential solutions to these concerns.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

IoT Security Configurability with Security-by-Contract

Sensors ◽

10.3390/s19194121 ◽

2019 ◽

Vol 19 (19) ◽

pp. 4121 ◽

Cited By ~ 6

Author(s):

Alberto Giaretta ◽

Nicola Dragoni ◽

Fabio Massacci

Keyword(s):

Internet Of Things ◽

Fog Computing ◽

Holistic Approach ◽

The Internet ◽

Iot Security ◽

Iot Devices ◽

Work First ◽

The Internet Of Things

Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descriptions, failing to list provided and required services. To answer this problem, we envision a future where IoT devices carry behavioural contracts and Fog nodes store network policies. One requirement is that contract consistency must be easy to prove. Moreover, contracts must be easy to verify against network policies. In this paper, we propose to combine the security-by-contract (S × C) paradigm with Fog computing to secure IoT devices. Following our previous work, first we formally define the pillars of our proposal. Then, by means of a running case study, we show that we can model communication flows and prevent information leaks. Last, we show that our contribution enables a holistic approach to IoT security, and that it can also prevent unexpected chains of events.

Download Full-text

Defining the IoT

Proceedings of the International Conference on Business Excellence ◽

10.2478/picbe-2018-0013 ◽

2018 ◽

Vol 12 (1) ◽

pp. 118-128 ◽

Cited By ~ 3

Author(s):

Dan-Radu Berte

Keyword(s):

Internet Of Things ◽

Smart Home ◽

Economies Of Scale ◽

The Internet ◽

Clear Understanding ◽

Everyday Objects ◽

The Media ◽

Iot Devices ◽

Definition Of ◽

The Internet Of Things

Abstract IoT, or the Internet of Things, has been in use since circa 1999. It defines a next chapter in the evolution of the Internet where computing devices embedded in everyday objects are able to send and receive data themselves. In recent years miniaturization and economies of scale brought a boon of new devices to the consumer and enterprise market, prompting Gartner to predict over 20bln live IoT devices by 2020. However, the definition of IoT is loose and, for the purpose of predicting trends or discussing security, formulating a clear understanding of the term is crucial. In fact, Internet of Things is a term only mostly used by the media, academia and the industry. Customers in the consumer space refer to the technologies by their benefit describing term of “Smart Home”. A quick analysis of this gap shows how it’s entirely possible no knowledge permeates the business and market worlds because of the incompatible terms used. As more devices, OSes and heterogeneous platforms entrench the concept of a new digital lifestyle, the new “Digital Kingdom” opens its doors to radical disruption, such as the latest massive Mirai and Reaper attacks. Our ability to correctly define the IoT, it’s platforms and components, should lead to better market dynamics and better preparedness, as one can’t secure something that can’t be defined. This paper proposes to further understand the IoT by exploring available definitions, reiterating misuse and equivocal perception, concluding with a more suiting, contemporary definition.

Download Full-text

New Methodology and Checklist of Wi-Fi Connected and App-Controlled IoT-Based Consumer Market Smart Home Devices

Electronic Imaging ◽

10.2352/issn.2470-1173.2020.3.mobmu-275 ◽

2020 ◽

Vol 2020 (3) ◽

pp. 276-1-276-15

Author(s):

Franziska Schwarz ◽

Klaus Schwarz ◽

Reiner Creutzburg

Keyword(s):

Internet Of Things ◽

Web Application ◽

Smart Home ◽

Test Procedure ◽

The Internet ◽

Web Application Security ◽

Iot Devices ◽

The Many ◽

Precarious Situation ◽

The Internet Of Things

Since its invention, the Internet has changed the world, but above all, it has connected people. With the advent of the Internet of Things, the Internet connects things today much more than people do. A large part of the Internet of Things consists of IoT controlled Smart Home devices. The Internet of Things and the Smart Home have become an increasingly important topic in recent years. The growing popularity of Smart Home devices such as Smart TVs, Smart Door Locks, Smart Light Bulbs, and others is causing a rapid increase in vulnerable areas. In the future, many IoT devices could be just as many targets. The many new and inexperienced manufacturers and the absence of established uniform standards also contribute to the precarious situation. Therefore, new methods are needed to sensitize and detect these threats. In this paper, different existing approaches like those of the National Institute of Standards and Technology (NIST) and the Open Web Application Security Project (OWASP) are combined with concepts of this work like the Smart Home Device Life Cycle. In the context of this paper, a universal 31-page question-based test procedure is developed that can be applied to any Smart Home device. Based on this new, innovative security checklist, the communication between device, app, and the manufacturer's servers, as well as the firmware of IoT devices, can be analyzed and documented in detail. In the course of this paper, also a handout in the abbreviated form will be created, which serves the same purpose.

Download Full-text

Privacy Dangers of Wearables and the Internet of Things

Identity Theft ◽

10.4018/978-1-5225-0808-3.ch018 ◽

2016 ◽

pp. 379-402 ◽

Cited By ~ 1

Author(s):

Scott Amyx

Keyword(s):

Data Protection ◽

Data Privacy ◽

Security And Privacy ◽

Employee Privacy ◽

Privacy Concerns ◽

Business Operations ◽

Managerial Implications ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

This chapter identifies concerns about, and the managerial implications of, data privacy issues related to wearables and the IoT; it also offers some enterprise solutions to the complex concerns arising from the aggregation of the massive amounts of data derived from wearables and IoT devices. Consumer and employee privacy concerns are elucidated, as are the problems facing managers as data management and security become an important part of business operations. The author provides insight into how companies are currently managing data as well as some issues related to data security and privacy. A number of suggestions for improving the approach to data protection and addressing concerns about privacy are included. This chapter also examines trending issues in the areas of data protection and the IoT, and contains thought-provoking discussion questions pertaining to business, wearables/IoT data, and privacy issues.

Download Full-text

Key Management Scheme for Internet of Things Using an Elliptic Curve

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8637 ◽

2020 ◽

Vol 17 (1) ◽

pp. 115-121 ◽

Cited By ~ 1

Author(s):

Soram Ranbir Singh ◽

Khan Kumar Ajoy

Keyword(s):

Internet Of Things ◽

Key Management ◽

The Internet ◽

Reference Architecture ◽

Iot Security ◽

International Conference ◽

Management Scheme ◽

Security Challenges ◽

Business Opportunities ◽

Iot Devices

With the advancements in wireless internet technology, a new computing ecosystem, the Internet of Things(IoT), has ushered in numerous devices in many areas in our life as well as in industries. The IoT is a computing notion that describes a scenario in which objects we use everyday are accessible using the internet and can be controlled from anywhere (Kung, Y.F., et al., 2018. Home Monitoring System Based Internet of Things. 2018 IEEE International Conference on Applied System Invention (ICASI), April; IEEE. pp.325–327; Singh, S. and Singh, N., 2015. Internet of Things (IoT): Security Challenges, Business Opportunities and Reference Architecture for E-Commerce. 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), October; IEEE. pp.1577–1581). It could comprise devices with sensors to gather and broadcast data over the Internet (Singh, S. and Singh, N., 2015. Internet of Things (IoT): Security Challenges, Business Opportunities and Reference Architecture for E-Commerce. 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), October; IEEE. pp.1577–1581). As per report of the research firm Gartner, the number of IoT objects will surpass 11.2 billion by 2018, and 20.4 billion by 2020. By 2020, the IoT industries will make revenue of almost 3 trillion US Dollars. As IoT devices are largely used in various areas of importance, it will definitely bring a lot of interests to hackers. It is worthwhile to quote here that hackers took away more than Rs 78 crore by hacking into router of Cosmos Bank based in Pune by duplicating debit cards in August, 2018. They carried out about 12 thousand unethical transactions worth Rs 78 crore in 28 countries. Hence, it is necessary to consider data privacy so that we can protect the data with limited system resource and technology. This paper proposes a new key management scheme with entity authentication for IoT devices. The proposed scheme uses modified Tate pairing. The presented scheme is apposite for IoT devices such as sensor networks due to their lower computational requirements.

Download Full-text

Towards Privacy Preserving IoT Environments: A Survey

Wireless Communications and Mobile Computing ◽

10.1155/2018/1032761 ◽

2018 ◽

Vol 2018 ◽

pp. 1-15 ◽

Cited By ~ 18

Author(s):

Mohamed Seliem ◽

Khalid Elgazzar ◽

Kasem Khalil

Keyword(s):

Resource Constraints ◽

The Internet ◽

Application Layer ◽

Smart Services ◽

Privacy Concerns ◽

User Adoption ◽

Privacy Issues ◽

The Internet Of Things ◽

Exchange Data

The Internet of Things (IoT) is a network of Internet-enabled devices that can sense, communicate, and react to changes in their environment. Billions of these computing devices are connected to the Internet to exchange data between themselves and/or their infrastructure. IoT promises to enable a plethora of smart services in almost every aspect of our daily interactions and improve the overall quality of life. However, with the increasing wide adoption of IoT, come significant privacy concerns to lose control of how our data is collected and shared with others. As such, privacy is a core requirement in any IoT ecosystem and is a major concern that inhibits its widespread user adoption. The ultimate source of user discomfort is the lack of control over personal raw data that is directly streamed from sensors to the outside world. In this survey, we review existing research and proposed solutions to rising privacy concerns from a multipoint of view to identify the risks and mitigations. First, we provide an evaluation of privacy issues and concerns in IoT systems due to resource constraints. Second, we describe the proposed IoT solutions that embrace a variety of privacy concerns such as identification, tracking, monitoring, and profiling. Lastly, we discuss the mechanisms and architectures for protecting IoT data in case of mobility at the device layer, infrastructure/platform layer, and application layer.

Download Full-text