scholarly journals Let the Cat Out of the Bag: Popular Android IoT Apps under Security Scrutiny

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 513
Author(s):  
Efstratios Chatzoglou ◽  
Georgios Kambourakis ◽  
Christos Smiliotopoulos
Keyword(s):  
Real Life ◽  
Significant Degree ◽  
Security And Privacy ◽  
End User ◽  
Security Controls ◽  
Attack Surface ◽  
Iot Devices ◽  
Privacy Breaches ◽  
The Impact ◽  
Privacy Issues

The impact that IoT technologies have on our everyday life is indisputable. Wearables, smart appliances, lighting, security controls, and others make our life simpler and more comfortable. For the sake of easy monitoring and administration, such devices are typically accompanied by smartphone apps, which are becoming increasingly popular, and sometimes are even required to operate the device. Nevertheless, the use of such apps may indirectly magnify the attack surface of the IoT device itself and expose the end-user to security and privacy breaches. Therefore, a key question arises: do these apps curtail their functionality to the minimum needed, and additionally, are they secure against known vulnerabilities and flaws? In seek of concrete answers to the aforesaid question, this work scrutinizes more than forty chart-topping Android official apps belonging to six diverse mainstream categories of IoT devices. We attentively analyse each app statically, and almost half of them dynamically, after pairing them with real-life IoT devices. The results collected span several axes, namely sensitive permissions, misconfigurations, weaknesses, vulnerabilities, and other issues, including trackers, manifest data, shared software, and more. The short answer to the posed question is that the majority of such apps still remain susceptible to a range of security and privacy issues, which in turn, and at least to a significant degree, reflects the general proclivity in this ecosystem.

scholarly journals Emprical Study of Iot Solution for The Security Threats In Real Life Scenario: State of The Art

2018 ◽  
Vol 7 (2.19) ◽  
pp. 26
Author(s):  
C Bala Murugan ◽  
S Koteeswaran
Keyword(s):  
Architectural Design ◽  
Real Life ◽  
Security And Privacy ◽  
Security Threats ◽  
Privacy And Security ◽  
Security Issues ◽  
Iot Devices ◽  
State Of Affairs ◽  
Privacy Issues ◽  
Open Issues

IoT technology and applications represents security as a significant issue for facilitating the tremendous implementation.     Devoid of IoTs technology ensures the device level confidentiality, privacy and authenticity. The applicable users are not going to     undertake answers for security in IoT in huge scale. The earlier stage deployments of IoT devices are primarily based on RFIDs         technology which results in simplest, security solutions inside the principal been devised in an advert hoc manner [8]. This brings the fact that such deployments were typically vertically incorporated, with all additives beneath the manage of a single administrative entity. In the angle of an IoT eco-system, in which unique person may be worried in a given software state of affairs. One person owing the      physical operations of  sensors, one stakeholder deals with the statistics and processing them and other numerous stakeholders supplies different services based totally on such statistics to the customers. This leads to numerous variety of safety demanding situations and security for the IoT. In this paper, we address the revisited security issues and discuss the critical safety protection conditions of Internet of Things era into a mainstream. To support this, the three key problems requiring cutting-edge techniques includes are data               confidentiality, privacy and trust.In this review, we presented net factors with architectural design goals of IoT. We surveyed security and privacy issues in IoTs. Also the discussion on several open issues based on the privacy and security is addressed. Many real time applications of IoTs in real life treats the security issues of IoT as a main factor. Thus the IoT of complicated security issues have been anticipated the researchers to address. 

scholarly journals Fog computing security and privacy issues, open challenges, and blockchain solution: An overview

2021 ◽  
Vol 11 (6) ◽  
pp. 5081
Author(s):  
Yehia Ibrahim Alzoubi ◽  
Ahmad Al-Ahmad ◽  
Ashraf Jaradat
Keyword(s):  
Fog Computing ◽  
Security Requirements ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Security Vulnerabilities ◽  
Blockchain Technology ◽  
Security Challenges ◽  
Iot Devices ◽  
The Impact ◽  
Privacy Issues

<span lang="EN-US">Due to the expansion growth of the IoT devices, Fog computing was proposed to enhance the low latency IoT applications and meet the distribution nature of these devices. However, Fog computing was criticized for several privacy and security vulnerabilities. This paper aims to identify and discuss the security challenges for Fog computing. It also discusses blockchain technology as a complementary mechanism associated with Fog computing to mitigate the impact of these issues. The findings of this paper reveal that blockchain can meet the privacy and security requirements of fog computing; however, there are several limitations of blockchain that should be further investigated in the context of Fog computing.</span>

Digital Government and Individual Privacy

2011 ◽  
pp. 133-148
Author(s):  
Patrick R. Mullen
Keyword(s):  
Personal Information ◽  
Personal Privacy ◽  
Potential Threat ◽  
Digital Government ◽  
Security Controls ◽  
Individual Privacy ◽  
The Government ◽  
Policies And Programs ◽  
The Impact ◽  
Privacy Issues

The growth of the Internet and digital government has dramatically increased the Federal government’s ability to collect, analyze, and disclose personal information about many private aspects of citizens’ lives. Personal information once available only on paper to a limited number of people is now instantly retrievable anywhere in the world by anyone with a computer and an Internet connection. Over time, there has also been a declining level of trust by Americans in government, and currently, many perceive the government as a potential threat to their privacy. Given these forces at work in our society, one should not be surprised to read the results of surveys that show privacy as a top concern of citizens in the 21st century. If citizens do not believe that the government is adequately protecting the privacy of their individual information, they may be less willing to provide this information. Such reluctance could compromise the ability of government to collect important information necessary to develop, administer and evaluate the impact of various policies and programs. Privacy issues discussed in this chapter include challenges regarding (1) protecting personal privacy; (2) ensuring confidentiality of data collected; and (3) implementing appropriate security controls. Perspectives on privacy and stewardship responsibilities of agencies are also discussed.

Theoretical Analysis and Experimental Study

2013 ◽  
Vol 5 (2) ◽  
pp. 66-82
Author(s):  
Eralda Caushaj ◽  
Huirong Fu ◽  
Ishwar Sethi ◽  
Haissam Badih ◽  
Dion Watson ◽  
...  
Keyword(s):  
Cellular Network ◽  
Real Life ◽  
Text Messages ◽  
Cellular Communication ◽  
Security And Privacy ◽  
The Internet ◽  
Security Attacks ◽  
Daily Lives ◽  
Voice Communication ◽  
Privacy Issues

The importance of wireless cellular communication in our daily lives has grown considerably in the last decade. The smartphones are widely used nowadays, besides voice communication; the authors routinely use them to access the internet, conduct monetary transactions, send text messages and query a lot of useful information regarding the location of specific places of interest. The use of smartphones in their day-to-day communication raises many unresolved security and privacy issues. In this paper they identify relevant security attacks in Wireless Cellular Network. The authors conduct experiments in four different platforms such as Iphone, Android, Windows and Blackberry. The packets captured through Wireshark for approximately 24 minutes, giving them a lot of information regarding security and privacy issues involving the users. A lot of useful apps installed and used by the end-users have serious issues in terms of privacy and the information exposed. Which is the better platform comparing all four and what exactly do they expose from the user’s information? What are the threats and countermeasures that the users should be aware of? The aim of the authors’ paper is to give answers to the above questions based on the data captured by conducting real-life scenarios.

A Survey of Authentication Schemes in the Internet of Things

2019 ◽  
Vol 6 (1) ◽  
pp. 15-30 ◽  
Author(s):  
Yasmine Labiod ◽  
Abdelaziz Amara Korba ◽  
Nacira Ghoualmi-Zine
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
Security And Privacy ◽  
The Internet ◽  
Privacy And Security ◽  
Depth Study ◽  
Authentication Schemes ◽  
Iot Devices ◽  
Privacy Issues ◽  
The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Security and Privacy Issues in Wireless Networks

2020 ◽  
Author(s):  
Nurul Fatini Azhar ◽  
Qi Jie Ngoo ◽  
Tae Hyun Kim ◽  
Kohei Dozono ◽  
Fatima tuz Zahra
Keyword(s):  
Wireless Networks ◽  
Fog Computing ◽  
Security And Privacy ◽  
Ddos Attacks ◽  
Vehicle To Grid ◽  
Network Location ◽  
Security Issues ◽  
Privacy Laws ◽  
Iot Devices ◽  
Privacy Issues

Communication between devices has transitioned from wired to unwired. Wireless networks have been in use widely around the globe since the advent of smartphones, IoT devices and other technologies that are compatible with wireless mode of communication. At the same time security issues have also increased in such communication methods. The aim of this paper is to propose security and privacy issues of the wireless networks and present them through comprehensive surveys. In context of security issues, there are 2 typical DDoS attacks - HTTP flood and SYN flood. Other than DDoS attacks, there are several other threats to wireless networks. One of the most prevalent include security issues in Internet of Things. In terms of privacy issues in a wireless network, location-based applications, individual data, cellular network and V2G (Vehicle to Grid) network are surveyed. The survey is hosted using questionnaire and responses of 70 participants is recorded. It is observed from the survey results that many groups of people lack the knowledge of security and privacy of wireless technologies and networks despite their increased use, however, students are relatively more aware and have strong knowledge of those issues. It is concluded from the results that an effective solution to these problems can be hosting campaigns for spreading the security and privacy laws to help the groups of people who are lagging behind in this domain of knowledge become more aware. A unique solution is also presented to overcome the security issues which include implementation of detection and mitigation techniques, implementing Blockchain in the IoT devices and implementing fog computing solutions. The unique solutions to overcome the privacy issues are proposed in the form of a privacy approach from the LBS server between pairs of users to increase the implementation of DSPM and blockchain as a solution.

scholarly journals Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-13 ◽  
Author(s):  
Dilara Acarali ◽  
Muttukrishnan Rajarajan ◽  
Nikos Komninos ◽  
B. B. Zarpelão
Keyword(s):  
Real Life ◽  
Influential Factors ◽  
Propagation Model ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Wireless Sensor Nodes ◽  
Processing Power ◽  
The Monte Carlo Method ◽  
Attack Surface ◽  
The Impact

The propagation approach of a botnet largely dictates its formation, establishing a foundation of bots for future exploitation. The chosen propagation method determines the attack surface and, consequently, the degree of network penetration, as well as the overall size and the eventual attack potency. It is therefore essential to understand propagation behaviours and influential factors in order to better secure vulnerable systems. Whilst botnet propagation is generally well studied, newer technologies like IoT have unique characteristics which are yet to be thoroughly explored. In this paper, we apply the principles of epidemic modelling to IoT networks consisting of wireless sensor nodes. We build IoT-SIS, a novel propagation model which considers the impact of IoT-specific characteristics like limited processing power, energy restrictions, and node density on the formation of a botnet. Focusing on worm-based propagation, this model is used to explore the dynamics of spread using numerical simulations and the Monte Carlo method to discuss the real-life implications of our findings.

Application and Security Issues in Cloud Computing

2019 ◽  
Vol 8 (4) ◽  
pp. 3440-3443
Keyword(s):  
Cloud Computing ◽  
Research Work ◽  
Data Access ◽  
Data Recovery ◽  
Security And Privacy ◽  
End User ◽  
Data Confidentiality ◽  
Platform As A Service ◽  
Security Issues ◽  
Privacy Issues

Cloud computing is attaining a pace for resolving complex computing problems. It is basically an abstracted layer of technology which has three service models: Infrastructure as a Service (IaaS), (Software as a Service) SaaS and (Platform as a Service) PaaS, which provide infrastructure, software and a platform to end-user. On the contrary, there are lots of issues which include energy efficiency, cloud integrity, data recovery, backup, etc. Security and privacy issues like data confidentiality and integrity are the most critical ones. This paper highlights the security issues related to data stored and data access from back end (service provider). It collates each and every application related to cloud and available techniques to resolve some issues. Very less research work has been done on applications and security issues of cloud computing together. This article is an analysis of cloud computing applications and security issues as it is used to a great extent. In future this paper will help research community to grab information regarding applications and techniques to resolve the issues related to Cloud computing.

Privacy Dangers of Wearables and the Internet of Things

2016 ◽  
pp. 379-402 ◽  
Author(s):  
Scott Amyx
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Security And Privacy ◽  
Employee Privacy ◽  
Privacy Concerns ◽  
Business Operations ◽  
Managerial Implications ◽  
Iot Devices ◽  
Privacy Issues ◽  
The Internet Of Things

This chapter identifies concerns about, and the managerial implications of, data privacy issues related to wearables and the IoT; it also offers some enterprise solutions to the complex concerns arising from the aggregation of the massive amounts of data derived from wearables and IoT devices. Consumer and employee privacy concerns are elucidated, as are the problems facing managers as data management and security become an important part of business operations. The author provides insight into how companies are currently managing data as well as some issues related to data security and privacy. A number of suggestions for improving the approach to data protection and addressing concerns about privacy are included. This chapter also examines trending issues in the areas of data protection and the IoT, and contains thought-provoking discussion questions pertaining to business, wearables/IoT data, and privacy issues.

Sign in / Sign up

Export Citation Format

Share Document