This presentation is about Internet of Things(IoT), it's characteristics, technologies that uses IoT, Security issues, Threats & Countermeasures, applications of IoT etc.
5. Key Characteristics
• Intelligence: Intelligence in IoT is only
concerned as means of interaction
between devices
• Connectivity: Connectivity empowers
Internet of Things by bringing together
everyday objects.
• Dynamic Nature: The primary activity of
Internet of Things is to collect data from
its environment, this is achieved with the
dynamic changes that take place around
the devices.
6. Key Characteristics
• Sensing: Sensing technologies provide the
means to create capabilities that reflect a
true awareness of the physical world and the
people in it.
• Heterogeneity: Ability to interact with
other devices/platform through different
networks.
• Security: Secures data from external world.
7. Technologies Used
• Interoperability standards
1. Sensors
2. Network & applications own ability
• Wireless protocols
1. Range of connectivity
2. Networking topology
8. • BLE - Bluetooth Low Energy & BS - Bluetooth Smart
1. Frequency: 2.4GHz
2. Range: less than 150m
3. Data Rates: 1Mbps
• Zigbee
1. Frequency: 2.4GHz
2. Range: Less than 100m
3. Data Rates: 250kbps
Technologies Used
9. • LPWAN
1. Low range
2. Low power
• WiFi
1. Frequency: 2.4GHz
2. Range: Approximately 50m
3. Data Rates: Up to 1Gbps
Technologies Used
10. • Cellular
1. Frequency: 900, 1800, 1900, 2100MHz
2. Range: 35km max for GSM, 200km max for HSPA
3. Data Rates: Less than 170kps GPRS, less than
384kbps EDGE, less than 2Mbps UMTS,
less than 10Mbps HSP, 3-10Mbps LTE
Technologies Used
13. • Embedded system market:
• Old Software:
• Typical attack:
1. MAN
2. DOS/DDOS
Unpatchable IoT and Necessity
14. Threats & Countermeasures
• Insecure Web Interface
1. Weak Default Credentials
2. SQL – Injection
3. Session Management
• Countermeasures:
1. Changing default username/password during setup
2. Ensuring credentials are not exposed in internal or
external network traffic.
3. Account locking after 3 – 5 failed attempts.
15. • Insecure Network Authorization
1. Vulnerable Services
2. Exploitable UDP Services
3. Denial-of-Service(DoS)
• Countermeasures:
1. Ensuring Services are not vulnerable to DoS attacks.
2. Ensuring only necessary ports are exposed and available.
3. Ensuring network ports are not exposed to the internet .
Threats & Countermeasures
16. • Insecure Software/Firmware
1. Encryption Not Used to Fetch Updates
2. Update File not Encrypted
3. Firmware Contains Sensitive Information
• Countermeasures:
1. Ensuring device update ability.
2. Ensuring update file is encrypted as well as the
connection.
3. Ensuring update does not expose sensitive data.
Threats & Countermeasures