This lecture is presented at the IoT workshop organized by SRGE at CUm 12 July 2018 by Dr. Mohamed torky, SRGE member

1. SRGE 2018 Internet of Things workshop – Cairo University, 12 July 2018
1
The Shift from Social Network Security to
the Social IOT Security
Presented By
Dr. Mohamed Torky
PHD in Computer Science (2018), Faculty of Science, Menoufyia University, Egypt.
Member in Scientific Research Group in Egypt (SRGE)

2. Agenda
2
1
• Introduction.
2
• Privacy Protection of Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

3. Agenda
3
1
• Introduction.
2
• Privacy Protection in Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

4. 7/13/2018
1- Introduction

5. Internet of People (IOP) Attacks
5
(IOP)

6. Agenda
6
1
• Introduction.
2
• Privacy Protection of Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

7. 7/13/2018
2- Privacy Protection of Internet of People (IOP)
Hacking Privacy of IOP
Fake Profiles Attacks Social Bot Attacks

8. 2.1. IOP Privacy Protection against Fake Profile Attacks
(Fake Profile Recognizer (FPR) Model)
8

9. 9
Users’ Identity Generator (UIG) Model
2.1. IOP Privacy Protection against Fake Profile Attacks
(Fake Profile Recognizer (FPR) Model)

10. 10
Identity Verifier Machine (IVM) Model
2.1. IOP Privacy Protection against Fake Profile Attacks
(Fake Profile Recognizer (FPR) Model)

11. 7/13/2018

12. 2-4 Results
Intelligent system and it's application, FCI, Sat 3-12-2016
12
AccuracyF-MeasureRecallPrecisionDataset
03.9501.9594.5395.49Facebook
94.7794.4794.2795.22Google+
94.9394.928.9495.05Twitter
94.9194.8994.5395.25AVG
AUCFNRFall-OutSpecificityDataset
06.9547.547.453.95Facebook
94.785.734.7395.27Google+
94.955.24.9395.07Twitter
94.935.474.7195.29AVG

13. Results
13
Fig 1 Fig 2

14. Comparison Results
14
Fig 1 Fig 2

15. 15

16. 16
2.2. IOP Privacy Protection against Social Bot Attacks
(Necklace CAPTCHA Mechanism)
Classical Necklace Graph Modified Necklace Graph
Social Bot
CAPTCHA

17. 17
2.2. IOP Privacy Protection against Social Bot Attacks
(Necklace CAPTCHA Mechanism)

18. 7/13/2018

19. 3-2 Usability Results
19
Effectiveness Results Solution Time Results

20. 3-3 Security Results
20
Fig 1 Fig 2

21. 3-4 Comparison Results
21

22. 3-4 Comparison Results
22

23. 23

24. 24
From IOP to Internet of Things (IOT) !!
IOP IOT

25. Agenda
25
1
• Introduction.
2
• Privacy Protection of Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

26. 26
According to The Social Internet of Things (SIOT)–
when social networks meet the IOT: Concept,
architecture and network characterization, the term
SIOT (Social internet of Things) has a different
definition from what you might expect. In short, it
doesn’t refer to smart objects that are connected to
social networks,, but rather to intelligent devices that
are able to create social relationships among them,
fact that leads to social networks of their own.
3. Social Internet of Things (SIOT) is the Next Technology.

27. 27
(1) Parental Object Relationship (POR):
is typically established among homogenous
objects - same generation devices made by
the same manufacturer.
3.1 Types of SIOT Relationships

28. 28
(2) Co-location Object Relationship (C-LOR)
Established among heterogeneous or homogenous
objects that share the same environment or goal.
3.1 Types of SIOT Relationships

29. 29
(3) Co-work Object Relationship (C-WOR):
Established between two or more devices whose
functionalities are combined to accomplish a
common goal. This type of relationship occurs
between objects that either need to touch each other
to achieve that goal, or need to be in close proximity
of one another
3.1 Types of SIOT Relationships

30. 30
(4) Ownership Object Relationship (OOR):
Occur between the smart devices of the same user
(smartphones, portable media players, video game
consoles, etc.)
3.1 Types of SIOT Relationships

31. 31
(4) Social Object Relationship (SOR):
Occur when the devices come in touch whenever
their owners meet. Smart objects belonging to
friends, classmates, coworkers and companions
could establish this type of relationship.
3.1 Types of SIOT Relationships

32. 32
IOT is Dramatically Enlarging
the Attack Surface, So, How to
Secure SIOT Platforms, is an
Open Challenge !!

33. Agenda
33
1
• Introduction.
2
• Privacy Protection of Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

34. 34
4 .1. SIOT Attacks Surface
Insecure Mobile Interface
Insecure Web Interface
Lack of Encryption Protocol
Insecure Cloud Interface
Insecure Network services
Insecure Software/ Firmware
Poor Physical Security

35. 35
4 .2. SIOT is a Popular Platforms for Attackers
Computational capabilities, Increasing capabilities
of microcomputers and Internet Connection make
IOT devices a popular attack tool to Hackers:
IOT Device can be used to:
• Send Same Messages
• Coordinate an attack against a critical
Infrastructure
• Serve a Malware
• Work as a entry point within a corporate network

36. 36
4 .3. SIOT Attack Patterns
Botnets are already a major Threats…..
• IOT device can send a ThingBot within the
Social Internet of Things.
• Infected device can harm all connected
devices in SIOT network.
• Number of ThingBot software against smart
routers, TVs, network attached storage
devices, gaming devices are increasingly
growing.
Oops….. My refrigerator is sending Spam
Messages

37. 37
4 .3. SIOT Attack Patterns
A Linux worm (Linux.Darlloz) and Spike Botnets is
designed to target IOT Devices through DDoS…..
• Generate random IP Addresses and attempt to
use commonly used credentials to log into the
target device in SIOT .
• It send HTTP posts requests specially crafted ,
once compromised the target device , it
downloads the worm from a remote server and
start searching other target devices in SIOT
network.
• Once the worm has compromised a device, it kills
off access to any telnet service running .
Symantec detected Linux.Darlloz attack as
the first IOT malware

38. 38
4 .3. SIOT Attack Patterns
Hacking Smart watches…..
• Data sent between the Smart watches and an
android mobile phone can be intercepted.
• Easy to crack the authentication of smart watches
by brute force attacks as it use six digit PIN
Hacking Wearable Devices

39. 39
4 .3. SIOT Attack Patterns
Hacking Smart Meters…..
• In Spain, millions of smart meters are susceptible to
cyber attacks due to lack of proper security controls.
• Attacker can exploit the lack of security controls to
perform fraudulent activities with smart meters in
SIOT network
• Smart meters is designed with poor protected
Credentials.
• Attackers can modify device ID to impersonate other
customer or use the smart meter to launch attacks
against power network or harm other devices in the
SIOT of the houses or firms.
Smart meters can be hacked to hit the
National power network

40. Agenda
40
1
• Introduction.
2
• Privacy Protection of Internet of People (IOP).
3
• Social Internet of Things (SIOT) is the Next Technology
4
• Open Security Challenges in SIOT
5
• Evolution of SIOT: Today, Tomorrow

41. 41
 More Than 50 billion Devices by 2020.
 More Than 6 connected devices per
person.
 By 2020 IOT will be more than the size
of smart phones , PC, Tablets,
Connected Cars and wearable devices.
 We are rapidly evolving toward a world
where every thing will be connected
 Number of security attacks will increase.
 Privacy and security must be addressed
with untraditional mechanisms to secure
large SIOT networks.
 PKI-based solution can be used to
improve IOT and SIOT security.
5. Evolution of SIOT: Today, Tomorrow

42. 42

43. 43
Acknowledgment

44. 44