Analysing Internet Of Things Security Issues
Question
Task:
In the era of the Internet of Things (IoT), a massive volume of sensor devices collect and/or
generate various sensory data over time for a wide range of fields and applications. However
the varied nature of devices and protocols in use, the sensitivity of the data contained within
make security for the IoT a growing research priority and industry concern. With many
security practices being inappropriate due to their resource limitation, it is deemed important
to include second line defences into IoT networks. These systems will also necessity to be
evaluated for their efficacy in a diversity of different network types and protocol. An IoT
attacks continues to be a serious threat to the IoT ecosystem users.
Assume you have an interview for the cybersecurity analyst position with Regal Security
Solutions Company. You are supposed to be prepared about the IoT attacks, their types,
threats, and mitigation tools. In this context write a report including the following sections:
A. Introduction about IoT security , IoT attacks and their impacts on the society
B. Discussion of any five of IoT attacks
C. The working mechanism of IoT attacks
D. Potential threats posed by IoT attacks
E. Case study of at least one recent attack carried out by the IoT attacks
F. Recommendations on any two mitigation tools to tackle the IoT attack and discuss
the effectiveness of the selected tools
G. Summary
H. References in IEEE Transactions on Networking style
Answer
Introduction
The present paper critically examines the several Internet of Things security issues in a detailed manner. Internet of Things, IoT is a technology that is on a rise and is being widely used by the users and business firms from all across the globe. The technology provides the interconnection of numerous components that could be the computing equipment, databases, electronic devices, sensors, and several other forms of tools and devices. The IoT technology has provided a number of benefits in terms of connectivity, processing, real-time access, and a lot more. There are Internet of Things security issues that are also present and cannot be ignored [1].
IoT attacks comprise of different forms of Internet of Things security issues/attacks that could be targeted on the specific components, network, or the data sets. The devices present in the IoT networks may be targeted and physical Internet of Things security issues/attacks may be executed. The majority of the IoT attacks are network-based or are conducted to cause damage to the specific information properties. These are usually deliberate attacks to cause damage to the availability of the IoT application or cause an impact to the confidentiality of the data.
Outline
The report covers the detailed discussion on potential threats posed by IoT. It is enumerated via different kinds of Attack vectors. Thereafter the report talks about a recent case study to describe and explain the IoT attacks. There are two tools that have been recommended to mitigate the IoT attacks and the effectiveness of these tools is discussed with the conclusive summary at the end.
Potential Threats
Internet of Things security issues at sensing layer
The sensor layer concerns primarily only with physical IoT sensors as well as actuators. Sensors detect the actual activity that is taking place mostly around them. However there are multiple types of sensors for detecting various types of data, such as high frequency sensors, lens sensors, sensors for pollution detection, heat and moisture sensors etc. Significant risks to Internet of Things security issues which can be found in the sensor layer are:
Node Capturing: IoT implementations require many minimal-power nodes, including sensors as well as actuators. The perpetrators can attempt to capture or substitute a compromised node within the IoT network. The newest node can appear to be part of the network but it is the intruder operates it.
Denial based Attacks
The intention behind the DoS attack is to ensure that the users do not successfully utilize a specific network or the application. It is one of the forms of the flooding attacks and the IoT apps and networks are exposed to these Internet of Things security issues. The aim in these attacks is not to access the confidential information from the IoT applications. The target is to cause damage to the network availability. For example, in the case of smart parking applications, the overloading of the networks with the garbage traffic will lead to the unavailability of the services [2]. The location-based tracking of the parking spots may not be feasible which may result in the overall breakdown. The attack takes place by making use of the multiple compromised computer systems which are used to create the situation of congestion and blockage on the network. The use of malware and botnets is done to carry out the DDoS attack. The DoS attack, one of the Internet of Things security issues, gives certain form of control to the attacker over the network. The malware may be used to launch the botnets and the attacker can gain control over the group of bots.
Malicious Code Injection Attack: The intrusion entails the intruder inserting certain malware into the node's storage. The perpetrators may use these malicious codes to cause the nodes to execute any unintentional tasks or might even attempt to access the entire IoT network [3].
False Data Injection Attack: Upon capturing of the node, the perpetrator could use the node to insert false data into the IoT device. It may lead to negative results as well as the IoT device can crash.
Side-Channel Attacks (or SCA): Besides direct attacks onto the nodes, separate SCA or side-channel attacks will contribute to critical data leakage.
Eavesdropping as well as Interference: IoT applications sometimes fall into the category of different nodes which are dispatched in open environments. As a consequence, certain IOT applications are now vulnerable to eavesdroppers [3].
Sleep Deprivation Attacks: In these forms of attacks the attackers aim to kill the near zero-powered IoT edge device batteries. This contributes to a denial of service owing to a empty battery from those in the nodes throughout the IoT program.
Internet of Things security issues at network layer
The main role of the network layer is forwarding information obtained from the sensory layer to that of the processor unit. The main Internet of Things security issues faced at the network layer will be as described.
Access Attack: Access attack is often called advanced persistent threat (or even APT) in which an attacker achieves access to a part or full IoT network. The intruder can remain unseen in the infrastructure for a long time to come [2]. The aim or intent of such a type of attack is to capture useful information and data, instead of causing network disruption.
Data Transit Attacks: IoT systems deal with many processing and sharing data. Data is important, and is much more prone to cyber-attacks when in motion or traveling from one place to the next.
Routing Attacks: The IoT networks primarily use the wireless sensor networks to sync all of the components with each other. These networks work on the basis of the sensor nodes along with the computing elements called the actuators. The selective forwarding attacks which are one of the Internet of Things security issues may take place on the wireless sensor networks used with the IoT apps. One or multiple nodes turn malicious and these nodes forward only the selective packets. In such incidents, fraudulent nodes can seek to divert the route pathways during the information transit through an IoT application. This may lead to some of the packets being dropped and there may be Internet of Things security issues of inconsistency and integrity violations that may occur as an outcome. There may also be modification of the packet destination that may be done [4]. The selective forwarding attacks are of varied types and all of these different forms of attacks may occur on the IoT channels.There are two different attacks carried out in this scenario. The first one is Sink-hole attack and the second one is worm-hole attack. Sinkhole and wormhole attacks are two of the most common forms of the selective forwarding attacks. The wormhole attacks are the ones in which a specific data packet is recorded and it is then replayed across varied locations. The attacker may take control of a node in the sinkhole attack which may then be used to gather unwanted traffic.
Sybil Attack: This is one of the Internet of Things security issues that may occur on the IoT apps and networks. The computing device in the IoT network may be hacked by the attacker and the hacker then claim multiple identities through the same device. One node can represent multiple identities which may make it too complex to detect the faults and the fault tolerance may also reduce considerably [5]. The Sybil attack can lead to massive privacy violations as the users may share some of the private and confidential information with the fake identity set up by the attacker. There are other social engineering attacks that may be given shape using the information sets. The RFID tags and the information obtained from these tags may also be misused and modified which can lead to the violation of the privacy norms.
What is the impact of Internet of Things security issues at middleware layer?
Middleware's function in Internet of things is to establish a layer of abstraction between both application layer and network layer. Middleware offers a combination pf strong storage and computing capabilities, too. Middleware is vulnerable to various threats, too. Through infecting middleware such attacks will take control over the entire IoT program.
Man in the Middle (MITM) Attack: These attacks are carried out by the attackers using the networking channel between two systems so that the interception of the messages can be caused. The network control can be gained by the attackers which may result to the manipulation of the data packets or acquiring the same resulting in the privacy violations. The IoT devices share data and information over the networks in real-time. The interception of the communication over the networks can be done by the attacker [3].
Data Modification on RFID Tags: Radio Frequency Technology is often used with the IoT apps and networks. The RFID technology makes use of the RFID tags and sensors. The physical data modification of the information present within these tags may be done. The tags may be stolen and the modification of the data is done by the attackers. The use of fault induction along with memory writing is done for the purpose of making unauthorized changes. The memory writing may be performed with specific tools, such as small charged needle [6].
SQL Injection Attack: Middleware has always been vulnerable to an attack by SQL Injection (or commonly called as SQLi). Intruder can inject harmful SQL statements into a system in these assaults against the IOT.
Cloud Malware Injection: The intruder will get access, insert malicious code or insert a VM into the server during server malware-based injection.
Internet of Things security issues at gateways
Gateway is a diverse layer that plays a significant role in linking multiple IOT devices along with people and connected cloud services. Gateways also aid to provide IoT devices with hardware as well as software solutions.
Secure On-boarding: When adding a new device and / or a sensor into an IoT network, securing the cryptographic keys becomes crucial. The gateways, particularly during most of the on-boarding phase, are vulnerable to MITM attacks including eavesdropping to seize the aforementioned key [3].
End-to-End Encryption: Genuine end-to-end protection of application layer is essential to maintain the data privacy. The communications must be decrypted and re-encrypted by the gateways. Such gateway-level authentication renders the data vulnerable to data breaches.
Internet of Things security issues at application layer
Access Control Attacks: Access control is nothing but an authorisation system that gives access to information or account mostly to legitimate users including processes. Access control assault in IoT applications is indeed a crucial attack as once access control is jeopardized the entire IoT application will become susceptible to attack [7].
Sniffing Attacks: In IoT implementations the assailants can use sniffer programs to monitor internet traffic. These can allow the intruder to access sensitive user data when there are inadequate security measures in place to stop it [4].
Case Study
There are a number of Internet of Things security issues/attacks that have occurred in the past and are associated with the IoT attacks. One of these attacks took place in October 2016 which is considered as one of the most massive DDoS attacks in the history. The attack was the Mirai botnet attack which is also known as the Dyn attack. The attack was carried out using the IoT botnet. It had the massive impacts on a number of services and networks impacting Twitter, Netflix, Reddit, CNN, and The Guardian. The use of Mirai malware was done to give shape to the IoT botnet. The computer systems and devices that are infected with the Mirai malware carry out the continuous search functionality to look for the IoT devices. These are then used to obtain the default usernames and passwords for the purpose of login and spread to the other systems and applications. The devices that were involved included the digital cameras and DVD players. The majority of the embedded firmware that is used is insecure and comes with high degree of vulnerability. This puts a large number of systems at risk. Paras Jha, one of the undergraduates at Rutgers was interested to know about the mechanism behind the working of the DDoS attacks [8]. In order to understand the attacks in a better way, he launched some of the minor attacks on the systems installed in his university. He also tried to negotiate with the university admin to hire him to mitigate the risks. Mirai was another series of botnets that was developed by Jha along with some of his other friends. Mirai refers to the future in Japanese and it was first used against the French host called OVH.
The Mirai IoT botnet had the capabilities to launch HTTP flood and network-based security attacks. There are some of the IP addresses that Mirai has made sure are avoided and the US Department of Defense IP is one of these. Mirai also looks for the other malware that may already be present on the device and makes sure that it has the enhanced control over the device.
Much of the embedded firmware running connected devices is insecure and highly vulnerable, leaving an indeterminate number of critical systems at risk. There are a number of lessons on Internet of Things security issues that have been obtained after the occurrence of the Mirai security attack on the IoT devices and apps. It is the best to not implement the devices that are not updated in terms of their firmware or software. It is necessary that the default credentials of the device or any application is modified. The authentication mode plays a massive role in the maintenance of security and the passwords shall be uniquely defined. The patching of the IoT devices and software must be made a practice to ensure that the security vulnerabilities are avoided.
Recommendations – Mitigation Tools
Bitdefender Box and ZingBox are the two mitigation tools that can be used to promote IoT security. Bitdefender Box is a security tool that comes with a number of security controls and options. The malware protection is offered by the tool along with the protection from identity thefts and password-based security attacks. The hacker attacks occurring through the network can also be prevented with the features present in the software. The tool provides the local and network protection so that the IoT security attacks do not take place. The virtual private network is also included along with the tool which minimizes the attack window and the attack surface for most of the IoT attacks. The yearly subscription of the tool comes at $149.99. After one year, it gets reduced to $99 yearly. The total security is ensured with the tool which is one of the necessities for the IoT apps and devices [9].
ZingBox is another tool that can be used for Internet of Things security issues. The tool is a cloud-based IoT security solution which can be utilized to promote the local and specifically the network security. The tool recognizes the challenges that come with the IoT apps due to the presence of numerous devices and equipment in the IoT network. The AI-powered tool comes with the smart solutions and makes use of intelligent codes and concepts to provide security. The use of predictive and diagnostic analytics is done by ZingBox to make sure that the IoT attacks do not take place [10]. There are security alerts and notifications that are shared by the tool with the users so that the security updates are always installed. The tool also comes with the enhanced access control and authentication. The malware protection, network security, and the optimization of the security controls are made possible using the tool.
Both the tools that have been recommended for the mitigation of the Internet of Things security issues/attacks on the IoT systems are effective. It is because of the integrated security capabilities that are offered by Bitdefender Box and ZingBox. The integrated IoT security makes sure that all the aspects of the security are targeted and are covered. It starts from the basic protection and includes the advanced measures that must be followed for the purpose of security. The ZingBox tool makes use of the other advanced techniques, such as AI and analytics. This makes sure that the understanding of the probable security attack patterns is known to the users. These attack patterns can then be used to make sure that the existing gaps in security are filled. Bitdefender Box also targets all the aspects of IoT security. Both of these tools recognize the dynamic nature of the IoT systems and therefore, have the capability to provide real-time security. There are updates that are released by both of these tools at regular intervals. This makes sure that the security gaps and vulnerabilities in the IoT systems are avoided. Also, the latest security measures are taken to manage the Internet of Things security issues.
Conclusive Summary
There are a number of Internet of Things security issues that the systems and applications are exposed to. Five of these attacks are discussed as Denial of service, man in the middle, selective forwarding, Sybil, and data modification using RFID tags. There is specific working mechanism that is associated with all of these security attacks. These attacks may also cause further security gaps. Distributed Denial of Service, DDoS is one of the potential threats that may occur due to the DoS attacks. There are several other potential threats that may come up due to the ones identified. It is essential that the measures are taken to resolve the security concerns so that the purpose of the development of an IoT system or app is fulfilled. There are certain controls that can be used in the areas of technical or logical security controls. There have been numerous security attacks in the past on the IoT apps and systems. Mirai is one such popular security attack which makes use of the bots and malware to give shape to the security attack. There are tools that have been developed which can be used to avoid the Internet of Things security issues. Bitdefender Box and ZingBox are two such tools that can be used so that the security attacks on the IoT systems are prevented and mitigated.
References
[1] N. Alhalafi and P. Veeraraghavan, “Privacy and Security Challenges and Solutions in IOT: A review,” IOP Conference Series: Earth and Environmental Science, Internet of Things security issues vol. 322, p. 012013, Sep. 2019.
[2] B. Schneier, “IoT Security: What’s Plan B?,” IEEE Security & Privacy, vol. 15, no. 5, pp. 96–96, 2017.
[3] V. Malik and S. Singh, “Security risk management in IoT environment,” Journal of Discrete Mathematical Sciences and Cryptography, vol. 22, no. 4, pp. 697–709, May 2019.
[4] R. Chow, “The Last Mile for IoT Privacy,” IEEE Security & Privacy, vol. 15, no. 6, pp. 73–76, Nov. 2017.
[5] M. Hussain and N. Kaliya, “An Improvised Framework for Privacy Preservation in IoT,” International Journal of Information Security and Privacy, vol. 12, no. 2, pp. 46–63, Apr. 2018.
[6] M. Balliu, I. Bastys, and A. Sabelfeld, “Securing IoT Apps,” IEEE Security & Privacy, pp. 1–1, 2019.
[7] M. Husamuddin and M. Qayyum, “Internet of Things: A study on security and privacy threats,” 2017 2nd International Conference on Anti-Cyber Crimes (ICACC), Mar. 2017.
[8] L. E. S. Jaramillo, “Malware Detection and Mitigation Techniques: Lessons Learned from Mirai DDOS Attack,” Journal of Information Systems Engineering & Management, vol. 3, no. 3, Jul. 2018.
[9] Bitdefender, “Bitdefender BOX - Home Network Security for All Connected Devices,” Bitdefender, 2020. [Online]. Internet of Things security issues Available: https://www.bitdefender.com/box/. [Accessed: 09-May-2020].
[10] Zingbox, “AI-powered IoT Command Center | Zingbox – Enabling the Internet of Trusted Things,” 2020. [Online]. Available: https://www.zingbox.com/. [Accessed: 09-May-2020].