This document discusses security issues in Internet of Things (IoT). It begins with an introduction to IoT, explaining how IoT works and its key features such as connectivity, analytics, integration and artificial intelligence. It then discusses security layers in IoT, including perception, network, application and support layers. It outlines common security threats at each layer like eavesdropping, denial of service attacks, and malware. The document also covers IoT security challenges, advantages and disadvantages of IoT.
Internet of Things means every household or handy device which is used to make our world easy and better and connected with IP which transmit some data.
This slide covers IOT description, OWASP Top 10 2014 & its recommendations.
We did not predict the Internet, the Web, social networking, Facebook, Twitter, millions of apps for smart-phones, etc. New research problems arise due to the large scale of devices, the connection of the physical and cyber worlds, the openness of the systems of systems, and continuing problems of privacy and security. It is hoped that there is more cooperation between the research communities in order to solve the myriad of problems sooner as well as to avoid re-inventing the wheel when a particular community solves a problem.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
Internet of Things means every household or handy device which is used to make our world easy and better and connected with IP which transmit some data.
This slide covers IOT description, OWASP Top 10 2014 & its recommendations.
We did not predict the Internet, the Web, social networking, Facebook, Twitter, millions of apps for smart-phones, etc. New research problems arise due to the large scale of devices, the connection of the physical and cyber worlds, the openness of the systems of systems, and continuing problems of privacy and security. It is hoped that there is more cooperation between the research communities in order to solve the myriad of problems sooner as well as to avoid re-inventing the wheel when a particular community solves a problem.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
The IoT Era Begins
Components of IoT-Enabled Things
IoT Reference model
IoT Security
IoT Security & Privacy Req. defined by ITU-T
An IoT Security Framework
IoT Security Challenges
Internet of Things - Liability
IoT security tools
Internet of things are exploding. This whitepaper would help product developers to understand the Security and Privacy issues, their impact and a recommendation for embedding the best practices during PDLC.
Internet of Things (IoT) will enable dramatic society transformation. This seminar presents an introduction to the IoT and explains why IoT Security is important.
Then it presents security issues in wireless sensor networks that constitute a main ingredient of IoT.
Seminar given at Centre Tecnològic de Telecomunicacions de Catalunya (CTTC) on 28 January 2015.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Helpful survey for researchers and students who are intended to investigate in the Internet of things field in term of security and privacy side. This survey has general overview in security issues with the solutions addressed these issues.
The Internet of Things (IoT), sometimes referred to as the Internet of Objects, IoT is basically a complex network that seamlessly connects people and things together through the Internet. Theoretically, anything that can be connected (smart watches, cars, homes, thermostats, vending machines, servers…) and will be connected in the near future using sensors and RFID tags. This allows connected objects to continuously send data over the Web and from anywhere. The first time the term was used in 1999 by Kevin Ashton, the creator of the RFID standard.
An overview of security and privacy challenges that must be faced and solved when creating new Things for the Internet of Things. We discussed why are Things inherently insecure together with examples of attack vectors and learned some risk mitigation strategies. We realized why should users be wary of Things violating their privacy and gained awareness of upcoming EU privacy legislation that affects providers of IoT-based solutions. Talk given at Pixels Camp 2017, Lisbon.
IOT is the new emerging technology with equal good and bads.This technology can be even misused by hackers and attackers . so there comes the concept of IOT Forensics to identify,collect and analyse the data on the IOT device
Forensics on the Internet of Things plays a vital role in the development of a much more secured IoT environment as the compromised nodes can be easily discovered so as the hacker who has done it.
The Internet of Things (IoT) offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues. Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses.
The internet of things (io t) : IoT academy AnkitThakkar46
The Internet of things (IoT) is a system of interrelated computing devices, mechanical and digital machines provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
The IoT Era Begins
Components of IoT-Enabled Things
IoT Reference model
IoT Security
IoT Security & Privacy Req. defined by ITU-T
An IoT Security Framework
IoT Security Challenges
Internet of Things - Liability
IoT security tools
Internet of things are exploding. This whitepaper would help product developers to understand the Security and Privacy issues, their impact and a recommendation for embedding the best practices during PDLC.
Internet of Things (IoT) will enable dramatic society transformation. This seminar presents an introduction to the IoT and explains why IoT Security is important.
Then it presents security issues in wireless sensor networks that constitute a main ingredient of IoT.
Seminar given at Centre Tecnològic de Telecomunicacions de Catalunya (CTTC) on 28 January 2015.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Helpful survey for researchers and students who are intended to investigate in the Internet of things field in term of security and privacy side. This survey has general overview in security issues with the solutions addressed these issues.
The Internet of Things (IoT), sometimes referred to as the Internet of Objects, IoT is basically a complex network that seamlessly connects people and things together through the Internet. Theoretically, anything that can be connected (smart watches, cars, homes, thermostats, vending machines, servers…) and will be connected in the near future using sensors and RFID tags. This allows connected objects to continuously send data over the Web and from anywhere. The first time the term was used in 1999 by Kevin Ashton, the creator of the RFID standard.
An overview of security and privacy challenges that must be faced and solved when creating new Things for the Internet of Things. We discussed why are Things inherently insecure together with examples of attack vectors and learned some risk mitigation strategies. We realized why should users be wary of Things violating their privacy and gained awareness of upcoming EU privacy legislation that affects providers of IoT-based solutions. Talk given at Pixels Camp 2017, Lisbon.
IOT is the new emerging technology with equal good and bads.This technology can be even misused by hackers and attackers . so there comes the concept of IOT Forensics to identify,collect and analyse the data on the IOT device
Forensics on the Internet of Things plays a vital role in the development of a much more secured IoT environment as the compromised nodes can be easily discovered so as the hacker who has done it.
The Internet of Things (IoT) offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues. Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses.
The internet of things (io t) : IoT academy AnkitThakkar46
The Internet of things (IoT) is a system of interrelated computing devices, mechanical and digital machines provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
“The Internet of Things (IoT) is a system of
interrelated computing devices, mechanical and
digital machines, objects, animals or people that
are provided with unique identifiers and the
ability to transfer data over a network without
requiring human-to-human or
human-to-computer interaction.”
12 IoT Cyber Security Threats to Avoid - CyberHive.pdfonline Marketing
As IoT (Internet of Things) devices weave into the fabric of our daily lives, from smart thermostats to connected cars, the need for robust IoT cyber security measures has never been more pressing. Let’s dive into 12 IoT cyber security threats that pose significant risks and offer guidance on navigating these digital waters safely. please visit: https://www.cyberhive.com/insights/12-iot-cyber-security-threats-to-avoid/
IoT References:
https://www.techrepublic.com/article/how-to-secure-your-iot-devices-from-botnets-and-other-threats/
https://www.peerbits.com/blog/biggest-iot-security-challenges.html
https://www.bankinfosecurity.asia/securing-iot-devices-challenges-a-11138
https://www.sumologic.com/blog/iot-security/
https://news.ihsmarkit.com/press-release/number-connected-iot-devices-will-surge-125-billion-2030-ihs-markit-says
https://cdn.ihs.com/www/pdf/IoT_ebook.pdf
https://go.armis.com/hubfs/Buyers%E2%80%99%20Guide%20to%20IoT%20Security%20-Final.pdf
https://www.techrepublic.com/article/smart-farming-how-iot-robotics-and-ai-are-tackling-one-of-the-biggest-problems-of-the-century/
Video Resources:What is the Internet of Things (IoT) and how can we secure it?
https://www.youtube.com/watch?v=H_X6IP1-NDc
What is the problem with IoT security? - Gary explains
https://www.youtube.com/watch?v=D3yrk4TaIQQ
What are the Challenges of IoT Security?
IoT has many of the same security challenges that other systems have. There are, however, some challenges that are unique to IoT.
1. Embedded Passwords. Embedding passwords in IoT devices make it easy for remote support technicians to access devices for troubleshooting and simplifies the installation of multiple devices. Of course, it also simplifies access to devices for malicious purposes.
2. Lack of device authentication. Allowing IoT devices access to the network without authenticating opens the network to unknown and unauthorized devices. Rogue devices can serve as an entry point for attacks or even as a source of attacks.
3. Patching and upgrading. Some IoT devices do not provide a simple (or any) means to patch or upgrade software. This results in many IoT devices with vulnerabilities continuing to be in use.
4. Physical hardening. Physical access to IoT devices can introduce risk if those devices are not hardened against physical attack. Such an attack may not be intended to damage the device, but rather to extract information. Simply removing a microSD memory card to read its contents can give an attacker private data, as well as information such as embedded passwords that may allow access to other devices.
5. Outdated components. When vulnerabilities are discovered in hardware or software components of IoT devices, it can be difficult and expensive for manufacturers or users to update or replace them. As with patches, this results in many IoT devices with vulnerabilities continuing to be used.
6. Device monitoring and management. IoT devices do not always have a unique identifier that facilitates asset tracking, monitoring, and management. IT personnel do not necessarily consider IoT devices among the hosts that they monitor and manage. Asset tracking systems sometimes neglect to include IoT devices, so they sit on the network without being managed or monitored.
Most of these issues can be attributed to security being an afterthought (if a thought at all) in the design and manufacturing of IoT devices. Even tho ...
Internet of things (IoT) Architecture Security AnalysisDaksh Raj Chopra
This Document Briefly summarizes the Security and Privacy Concern Evaluation of Internet of Things (IoT)’s Three Domain Architecture. The Security implementation challenges faced
by IoT devices are addressed along with newly Added Requirement for these devices. The Architecture which we will be using throughout our analysis is explained so as to a novice
user. We will summarize the possible attacks and countermeasures for each and every domain followed by a developer friendly checklist to be followed for security.
Understanding and Solving Common IoT Security Problems.pdfSeasiaInfotech2
According to them, mobile apps can also be a point of connection for various IoT devices. If you need help with IoT app development, then take the guidance of professionals.
Final Research Project - Securing IoT Devices What are the Challe.docxvoversbyobersby
Final Research Project - Securing IoT Devices: What are the Challenges?
Internet security, in general, is a challenge that we have been dealing with for decades. It is a regular topic of discussion and concern, but a relatively new segment of internet security is getting most attention—internet of things (IoT). So why is internet of things security so important?
The high growth rate of IoT should get the attention of cybersecurity professionals. The rate at which new technology goes to market is inversely proportional to the amount of security that gets designed into the product. According to IHS Markit, “The number of connected IoT devices worldwide will jump 12 percent on average annually, from nearly 27 billion in 2017 to 125 billion in 2030.”
IoT devices are quite a bit different from other internet-connected devices such as laptops and servers. They are designed with a single purpose in mind, usually running minimal software with minimal resources to serve that purpose. Adding the capability to run and update security software is often not taken into consideration.
Due to the lack of security integrated into IoT devices, they present significant risks that must be addressed. IoT security is the practice of understanding and mitigating these risks. Let’s consider the challenges of IoT security and how we can address them.
Some security practitioners suggest that key IoT security steps include:
1. Make people aware that there is a threat to security;
2. Design a technical solution to reduce security vulnerabilities;
3. Align the legal and regulatory frameworks; and
4. Develop a workforce with the skills to handle IoT security.
Final Assignment - Project Plan (Deliverables):
1) Address each of the FOURIoT security steps listed above in terms of IoT devices.
2) Explain in detail, in a step-by-step guide, how to make people more aware of the problems associated with the use of IoT devices.
Bottom of Form
Top of Form
Bottom of Form
I have to create a matrix with unique pointers and do the following :
1.Matrix a, b
2.Matrix c(b)
3.Matrix d=a
4.Matrix e=a+b
Every element from matrix is a unique pointer. First, I have to create a class matrix with constructor destructor(rule of 5 if it is possible).
At first in main, I have to create 2 object a, b, Matrix type.
At 2.I have to create another object c that have as constructor the object b
3.to copy all element from matrix a to d
4.To add Matrix a with Matrix b and the sum to be copy in Matrix e
IoT References:
https://www.techrepublic.com/article/how-to-secure-your-iot-devices-from-botnets-and-other-threats/
https://www.peerbits.com/blog/biggest-iot-security-challenges.html
https://www.bankinfosecurity.asia/securing-iot-devices-challenges-a-11138
https://www.sumologic.com/blog/iot-security/
https://news.ihsmarkit.com/press-release/number-connected-iot-devices-will-surge-125-billion-2030-ihs-markit-says
https://cdn.ihs.com/www/pdf/IoT_ebook.pdf
https://go.armis.com/hubfs/Buyers%E2%80%99%20G ...
Final Research Project - Securing IoT Devices What are the Challe.docxtjane3
Final Research Project - Securing IoT Devices: What are the Challenges?
Internet security, in general, is a challenge that we have been dealing with for decades. It is a regular topic of discussion and concern, but a relatively new segment of internet security is getting most attention—internet of things (IoT). So why is internet of things security so important?
The high growth rate of IoT should get the attention of cybersecurity professionals. The rate at which new technology goes to market is inversely proportional to the amount of security that gets designed into the product. According to IHS Markit, “The number of connected IoT devices worldwide will jump 12 percent on average annually, from nearly 27 billion in 2017 to 125 billion in 2030.”
IoT devices are quite a bit different from other internet-connected devices such as laptops and servers. They are designed with a single purpose in mind, usually running minimal software with minimal resources to serve that purpose. Adding the capability to run and update security software is often not taken into consideration.
Due to the lack of security integrated into IoT devices, they present significant risks that must be addressed. IoT security is the practice of understanding and mitigating these risks. Let’s consider the challenges of IoT security and how we can address them.
Some security practitioners suggest that key IoT security steps include:
1. Make people aware that there is a threat to security;
2. Design a technical solution to reduce security vulnerabilities;
3. Align the legal and regulatory frameworks; and
4. Develop a workforce with the skills to handle IoT security.
Final Assignment - Project Plan (Deliverables):
1) Address each of the FOURIoT security steps listed above in terms of IoT devices.
2) Explain in detail, in a step-by-step guide, how to make people more aware of the problems associated with the use of IoT devices.
Bottom of Form
Top of Form
Bottom of Form
IoT References:
https://www.techrepublic.com/article/how-to-secure-your-iot-devices-from-botnets-and-other-threats/
https://www.peerbits.com/blog/biggest-iot-security-challenges.html
https://www.bankinfosecurity.asia/securing-iot-devices-challenges-a-11138
https://www.sumologic.com/blog/iot-security/
https://news.ihsmarkit.com/press-release/number-connected-iot-devices-will-surge-125-billion-2030-ihs-markit-says
https://cdn.ihs.com/www/pdf/IoT_ebook.pdf
https://go.armis.com/hubfs/Buyers%E2%80%99%20Guide%20to%20IoT%20Security%20-Final.pdf
https://www.techrepublic.com/article/smart-farming-how-iot-robotics-and-ai-are-tackling-one-of-the-biggest-problems-of-the-century/
Video Resources:What is the Internet of Things (IoT) and how can we secure it?
https://www.youtube.com/watch?v=H_X6IP1-NDc
What is the problem with IoT security? - Gary explains
https://www.youtube.com/watch?v=D3yrk4TaIQQ
What are the Challenges of IoT Security?
IoT has many of the same security challenges that other systems have. There are, howe.
Final Research Project - Securing IoT Devices What are the Challe.docxlmelaine
Final Research Project - Securing IoT Devices: What are the Challenges?
Internet security, in general, is a challenge that we have been dealing with for decades. It is a regular topic of discussion and concern, but a relatively new segment of internet security is getting most attention—internet of things (IoT). So why is internet of things security so important?
The high growth rate of IoT should get the attention of cybersecurity professionals. The rate at which new technology goes to market is inversely proportional to the amount of security that gets designed into the product. According to IHS Markit, “The number of connected IoT devices worldwide will jump 12 percent on average annually, from nearly 27 billion in 2017 to 125 billion in 2030.”
IoT devices are quite a bit different from other internet-connected devices such as laptops and servers. They are designed with a single purpose in mind, usually running minimal software with minimal resources to serve that purpose. Adding the capability to run and update security software is often not taken into consideration.
Due to the lack of security integrated into IoT devices, they present significant risks that must be addressed. IoT security is the practice of understanding and mitigating these risks. Let’s consider the challenges of IoT security and how we can address them.
Some security practitioners suggest that key IoT security steps include:
1. Make people aware that there is a threat to security;
2. Design a technical solution to reduce security vulnerabilities;
3. Align the legal and regulatory frameworks; and
4. Develop a workforce with the skills to handle IoT security.
Final Assignment - Project Plan (Deliverables):
1) Address each of the FOURIoT security steps listed above in terms of IoT devices.
2) Explain in detail, in a step-by-step guide, how to make people more aware of the problems associated with the use of IoT devices.
Bottom of Form
Top of Form
Bottom of Form
IoT References:
https://www.techrepublic.com/article/how-to-secure-your-iot-devices-from-botnets-and-other-threats/
https://www.peerbits.com/blog/biggest-iot-security-challenges.html
https://www.bankinfosecurity.asia/securing-iot-devices-challenges-a-11138
https://www.sumologic.com/blog/iot-security/
https://news.ihsmarkit.com/press-release/number-connected-iot-devices-will-surge-125-billion-2030-ihs-markit-says
https://cdn.ihs.com/www/pdf/IoT_ebook.pdf
https://go.armis.com/hubfs/Buyers%E2%80%99%20Guide%20to%20IoT%20Security%20-Final.pdf
https://www.techrepublic.com/article/smart-farming-how-iot-robotics-and-ai-are-tackling-one-of-the-biggest-problems-of-the-century/
Video Resources:What is the Internet of Things (IoT) and how can we secure it?
https://www.youtube.com/watch?v=H_X6IP1-NDc
What is the problem with IoT security? - Gary explains
https://www.youtube.com/watch?v=D3yrk4TaIQQ
What are the Challenges of IoT Security?
IoT has many of the same security challenges that other systems have. There are, howe ...
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
2. CHAPTER 1
INTRODUCTION
1.1 WHAT IS AN INTERNET OF THINGS (IOT)
The term "Things" in the Internet of Things refers to anything and
everything in day to day life which is accessed or connected through the
internet.
IoT is an advanced automation and analytics system which deals with
artificial intelligence, sensor, networking, electronic, cloud messaging
etc. to deliver complete systems for the product or services. The system
created by IoT has greater transparency, control, and performance
FIG 1
FIG 2
If there is a common platform where all these things can connect to each
other would be great because based on my preference, I can set the room
temperature. For example, if I love the room temperature to to be set at
25 or 26-degree Celsius when I reach back home from my office, then
3. according to my car location, my AC would start before 10 minutes I
arrive at home. This can be done through the Internet of Things (IoT)
4. 1.2 HOW DOES INTERNET OF THING (IOT) WORK?
The working of IoT is different for different IoT echo system
(architecture). However, the key concept of there working are similar.
The entire working process of IoT starts with the device themselves,
such as smartphones, digital watches, electronic appliances, which
securely communicate with the IoT platform. The platforms collect and
analyze the data from all multiple devices and platforms and transfer the
most valuable data with applications to devices.
FIG 3
1.3 FEATURES OF IOT
The most important features of IoT on which it works are connectivity,
analyzing, integrating, active engagement, and many more. Some of
them are listed below:
Connectivity: Connectivity refers to establish a proper connection
between all the things of IoT to IoT platform it may be server or cloud.
After connecting the IoT devices, it needs a high speed messaging
between the devices and cloud to enable reliable, secure and bi-
directional communication.
Analyzing: After connecting all the relevant things, it comes to real-time
analyzing the data collected and use them to build effective business
5. intelligence. If we have a good insight into data gathered from all these
things, then we call our system has a smart system.
Integrating: IoT integrating the various models to improve the user
experience as well.
Artificial Intelligence: IoT makes things smart and enhances life
through the use of data. For example, if we have a coffee machine whose
beans have going to end, then the coffee machine itself order the coffee
beans of your choice from the retailer.
Sensing: The sensor devices used in IoT technologies detect and
measure any change in the environment and report on their status. IoT
technology brings passive networks to active networks. Without sensors,
there could not hold an effective or true IoT environment.
Active Engagement: IoT makes the connected technology, product, or
services to active engagement between each other.
Endpoint Management: It is important to be the endpoint management
of all the IoT system otherwise, it makes the complete failure of the
system. For example, if a coffee machine itself order the coffee beans
when it goes to end but what happens when it orders the beans from a
retailer and we are not present at home for a few days, it leads to the
failure of the IoT system. So, there must be a need for endpoint
management.
7. CHAPTER 2
LAYERS AND CHALLANGES
2.1 SECURITY LAYERS
“The quality or state of being secure—to be free from danger”
A successful organization should have multiple layers of security in
place:
1. Physical security
2. Personal security
3. Operations security
4. Communications security
5. Network security
6. Information security
FIG 5
9. 2.2 SECURITY ISSUES AND CHALANGES
IOT SECURITY CHALLENGES
IoT is wonderful in many ways. But unfortunately, technology has not
matured yet, and it is not entirely safe. The entire IoT environment,
from manufacturers to users, still have many security challenges of IoT
to overcome, such as:
➢ Manufacturing standards
➢ Update management
➢ Physical hardening
➢ Users knowledge and awareness
FIG 6
11. TOP IOT SECURITY ISSUES
Lack Of Compliance On The Part Of IoT Manufacturers
The primary source of most IoT security issues is that manufacturers do
not spend enough time and resources on security
The following are some security risks in IoT devices from
manufacturers:
1. Weak, guessable, or hard-coded passwords
2. Hardware issues
3. Lack of a secure update mechanism
4. Old and unpatched embedded operating systems and
software
5. Insecure data transfer and storage
Lack Of User Knowledge & Awareness
Tricking a human is, most of the time, the easiest way to gain access to a
network. A type of IoT security risk that is often overlooked is social
engineering attacks. Instead of targeting devices, a hacker targets a
human, using the IoT.
IoT Security Problems In Device Update Management
Updates are critical for maintaining security on IoT devices. They
should be updated right after new vulnerabilities are discovered. Still,
as compared with smartphones or computers that get automatic updates,
some IoT devices continue being used without the necessary updates.
12. Lack Of Physical Hardening
The lack of physical hardening can also cause IoT security issues.
Although some IoT devices should be able to operate autonomously
without any intervention from a user, they need to be physically secured
from outer threats. Sometimes, these devices can be located in remote
locations for long stretches of time, and they could be physically
tampered with, for example, using a USB flash drive with Malware.
Botnet Attacks
A single IoT device infected with malware does not pose any real threat;
it is a collection of them that can bring down anything. To perform a
botnet attack, a hacker creates an army of bots by infecting them with
malware and directs them to send thousands of requests per second to
bring down the target.
Industrial Espionage & Eavesdropping
If hackers take over surveillance in at location by infecting IoT devices,
spying might not be the only option. They can also perform such attacks
to demand ransom money.
Thus, invading privacy is another prominent IoT security issue.
Spying and intruding through IoT devices is a real problem, as a lot of
different sensitive data may be compromised and used against its owner.
Highjacking Your IoT Devices
Ransomware has been named as one of the nastiest malware types ever
existed. Ransomware does not destroy your sensitive files — it blocks
access to them by way of encryption. Then, the hacker who infected the
device will demand a ransom fee for the decryption key unlocking the
files.
13. Data Integrity Risks Of IoT Security In Healthcare
Most IoT devices extract and collect information from the external
environment.
A hacker can gain access to a medical IoT device, gaining control
over it and being able to alter the data it collects. A controlled
medical IoT device can be used to send false signals, which in turn can
make health practitioners take actions that may damage the health of
their patients.
Rogue IoT Devices
One of the most significant IoT security risks and challenges is being
able to manage all our devices and close the perimeter.
But rogue devices or counterfeit malicious IoT devices are beginning
to be installed in secured networks without authorization. A rogue
device replaces an original one or integrates as a member of a group to
collect or alter sensitive information. These devices break the network
perimeter.
Cryptomining With IoT Bots
Mining cryptocurrency demands colossal CPU and GPU resources, and
another IoT security issue has emerged due to this precondition —
crypto mining with IoT bots. This type of attack involves infected
botnets aimed at IoT devices, with the goal not to create damage, but
mine cryptocurrency.
16. 3.1 PERCEPTION LAYER
It is also known as a sensor layer. It works like people’s eyes, ears and
nose. It has the responsibility to identify things and collect the
information from them. There are many types of sensors attached to
objects to collect information such as RFID, 2-D barcode and sensors.
The sensors are chosen according to the requirement of applications. The
information that is collected by these sensors can be about location,
changes in the air, environment, motion, vibration, etc. However, they
are the main target of attackers who wish to utilize them to replace the
sensor with their own. Therefore, the majority of threats are related to
sensors Common security threats of perception layer are:
• Eavesdropping: Eavesdropping is an unauthorized real-time attack
where private communications, such as phone calls, text messages,
fax transmissions or video conferences are intercepted by an
attacker. It tries to steal information that is transmitted over a
network. It takes advantage of unsecure transmission to access the
information being sent and received.
• Node Capture: It is one of the hazardous attacks faced in the
perception layer of IoT. An attacker gains full control over a key
node, such as a gateway node. It may leak all information
including communication between sender and receiver, a key used
to make secure communication and information stored in memory
• Fake Node and Malicious: It is an attack in which an attacker adds
a node to the system and inputs fake data. It aims to stop
transmitting real information. A node added by an attacker
consumes precious energy of real nodes and potentially control in
order to destroy the network.
• Replay Attack: It is also known as a play back attack. It is an
attack in which an intruder eavesdrops on the conservation
between sender and receiver and takes authentic information from
the sender. An intruder sends same authenticated information to
the victim that had already been received in his communication by
17. showing proof of his identity and authenticity. The message is in
encrypted form, so the receiver may treat it as a correct request and
take action desired by the intruder
• Timing Attack: It is usually used in devices that have weak
computing capabilities. It enables an attacker to discover
vulnerabilities and extract secrets maintained in the security of a
system by observing how long it takes the system to respond to
different queries, input or cryptographic algorithms
3.2 NETWORK LAYER
Network layer is also known as transmission layer. It acts like a bridge
between perception layer and application layer. It carries and transmits
the information collected from the physical objects through sensors. The
medium for the transmission can be wireless or wire based. It also takes
the responsibility for connecting the smart things, network devices and
networks to each other. Therefore, it is highly sensitive to attacks from
the side of attackers. It has prominent security issues regarding integrity
and authentication of information that is being transported in the
network. Common security threats and problems to network layers are:
• Denial of Service (DoS) Attack: A DoS attack is an attack to
prevent authentic users from accessing devices or other network
resources. It is typically accomplished by flooding the targeted
devices or network resources with redundant requests in an order
to make it impossible or difficult for some or all authentic users to
use them
• Main-in-The-Middle (MiTM) Attack: MiTM attack is an attack
where the attacker secretly intercepts and alters the communication
between sender and receiver who believe they are directly
communicating with each other. Since an attacker controls the
communication, therefore he or she can change messages
according to their needs. It causes a serious threat to online
security because they give the attacker the facility to capture and
manipulate information in real time
18. • Storage Attack: The information of users is stored on storage
devices or the cloud. Both storage devices and cloud can be
attacked by the attacker and user’s information may be changed to
incorrect details. The replication of information associated with the
access of other information by different types of people provides
more chances for attacks.
• Exploit Attack: An exploit is any immoral or illegal attack in a
form of software, chunks of data or a sequence of commands. It
takes advantage of security vulnerabilities in an application,
system or hardware. It usually comes with the aim of gaining
control of the system and steals information stored on a network
3.3 APPLICATION LAYER
Application layer defines all applications that use the IoT technology or
in which IoT has deployed. The applications of IoT can be smart homes,
smart cities, smart health, animal tracking, etc. It has the responsibility
to provide the services to the applications. The services may be varying
for each application because services depend on the information that is
collected by sensors. There are many issues in the application layer in
which security is the key issue. In particular, when IoT is used in order
to make a smart home, it introduces many threats and vulnerabilities
from the inside and outside. To implement strong security in an IoT
based smart home, one of the main issues is that the devices used in
smart homes have weak computational power and a low amount of
storage such as ZigBee [44]. Common security threats and problem of
application layer are:
• Cross Site Scripting: It is an injection attack. It enables an attacker
to insert a client-side script, such as java script in a trusted site
viewed other users. By doing so, an attacker can completely
change the contents of the application according to his needs and
use original information in an illegal way [45].
19. • Malicious Code Attack: It is a code in any part of software
intended to cause undesired effects and damage to the system. It is
a type of threat that may not be blocked or controlled by the use of
anti-virus tools. It can either activate itself or be like a program
requiring a user’s attention to perform an action.
• The ability of dealing with Mass Data: Due to a large number of
devices and a massive amount of data transmission between users,
it has no ability to deal with data processing according to the
requirements. As a result, it leads to network disturbance and data
loss.
3.4 SUPPORT LAYER
The reason to make a fourth layer is the security in architecture of IoT.
Information is sent directly to the network layer in three-layer
architecture. Due to sending information directly to the network layer,
the chances of getting threats increase. Due to flaws that were available
in three-layer architecture, a new layer is proposed. In four-layer
architecture, information is sent to a support layer that is obtained from a
perception layer. The support layer has two responsibilities. It confirms
that information is sent by the authentic users and protected from threats.
There are many ways to verify the users and the information. The most
commonly used method is the authentication. It is implemented by using
pre-shared secrets, keys and passwords. The second responsibility of the
support layer is sending information to the network layer. The medium
to transmit information from the support layer to network layer can be
wireless and wire based. There are various attacks that can affect this
layer such as DoS attack, malicious insider, unauthorized access, etc.
Common threats and problems of the support layer are:
• DoS Attack: The DoS attack in a support layer is related to the
network layer. An attacker sends a large amount of data to make
network traffic inundated. Thus, the massive consumption of
system resources exhausts the IoT and makes the user not capable
of accessing the system.
20. • Malicious Insider Attack: It occurs from the inside of an IoT
environment to access the personal information of users. It is
performed by an authorized user to access the information of other
user. It is a very different and complex attack that requires
different mechanisms to prevent the threat
21. CHAPTER 4
ADVANTAGES AND DISADVANTAGES OF (IOT)
Any technology available today has not reached to its 100 % capability.
It always has a gap to go. So, we can say that Internet of Things has a
significant technology in a world that can help other technologies to
reach its accurate and complete 100 % capability as well.
Let's take a look over the major, advantages, and disadvantages of the
Internet of Things.
4.1 ADVANTAGES OF IOT
Internet of things facilitates the several advantages in day-to-day life in
the business sector. Some of its benefits are given below:
• Efficient resource utilization: If we know the functionality and the
way that how each device work we definitely increase the efficient
resource utilization as well as monitor natural resources.
• Minimize human effort: As the devices of IoT interact and
communicate with each other and do lot of task for us, then they
minimize the human effort.
• Save time: As it reduces the human effort then it definitely saves
out time. Time is the primary factor which can save through IoT
platform.
• Enhance Data Collection:
• Improve security: Now, if we have a system that all these things
are interconnected then we can make the system more secure and
efficient.
22. 4.2 DISADVANTAGES OF IOT
As the Internet of things facilitates a set of benefits, it also creates a
significant set of challenges. Some of the IoT challenges are given
below:
o Security: As the IoT systems are interconnected and communicate
over networks. The system offers little control despite any security
measures, and it can be lead the various kinds of network attacks.
o Privacy: Even without the active participation on the user, the IoT
system provides substantial personal data in maximum detail.
o Complexity: The designing, developing, and maintaining and
enabling the large technology to IoT system is quite complicated.
4.3 CONCLUSION
• As IoT becomes more pervasive, edge computing will do the same.
• The ability to analyze data closer to the source will minimize
latency, reduce the load on the internet, improve privacy and
security, and lower data management costs.
• The cloud will continue to play a critical role in aggregating
important data and performing analyses on this massive set of
information to glean insights that can be distributed back to the
edge devices.
• The combination of edge and cloud computing will help you better
manage and analyze your data and significantly increase the value
of your IoT efforts