IoT and Cyber Security
VerifiedAdded on 2023/04/04
|15
|4234
|395
AI Summary
This article discusses the impact of IoT on the cyber security of critical infrastructure in Australia. It compares IoT with the Internet and different definitions of critical infrastructure. It also provides a technical analysis of a Distributed Denial of Service attack involving IoT, including the vulnerabilities exploited. The article concludes by explaining the implications of IoT for Australian cyber security in the context of international anarchy.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author Note
Cyber Security
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CYBER SECURITY
IoT AND CYBER SECURITY
OPTION 1: Will the Internet of Things (IoT) increase or decrease the cyber security of
critical infrastructure in Australia? Compare and contrast IoT with the Internet, as well as
with different definitions of critical infrastructure. Then, provide a technical analysis of at
least one detailed example of a Distributed Denial of Service attack involving IoT,
including the vulnerabilities exploited and subsequent attribution. Finally, drawing on
your analysis, briefly explain what you think IoT implies for Australian cyber security in
the context of international anarchy.
IoT or the Internet of things is the extensive Internet connection with the smart devices and
daily objects. The smart devices are embedded with sensors and Internet connectivity with
the objective to interact with one another over the Internet to get a task completed1. The entire
working system can be monitored and controlled remotely as the devices are connected over
the Internet. The Internet of Things or IoT works in conjugation with multiple technology and
real time analysis. The technology aspect of IoT is a convergence of artificial intelligence,
machine learning, embedded systems and commodity sensors. The smart devices are
unanimously connected over the Internet with Unique Identifiers (UIDs) which allows the
easy transmission of data over the network system without any manual intervention2. Internet
of Things act on the collected information, analyses the data to provide services and create
value. The recent years have seen considerable evolution of the IoT in the industries to
enhance operation services and for the efficient delivery of customer services. IoT can
definitely become advantageous in improving decision making and enhancing business
1 Al-Fuqaha, Ala, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa Ayyash. "Internet
of things: A survey on enabling technologies, protocols, and applications." IEEE communications surveys &
tutorials 17, no. 4 (2015): 2347-2376.
2 Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for safer, rapid response
with industry IoT control operations." Proceedings of the IEEE 104, no. 5 (2016): 938-946.
1
IoT AND CYBER SECURITY
OPTION 1: Will the Internet of Things (IoT) increase or decrease the cyber security of
critical infrastructure in Australia? Compare and contrast IoT with the Internet, as well as
with different definitions of critical infrastructure. Then, provide a technical analysis of at
least one detailed example of a Distributed Denial of Service attack involving IoT,
including the vulnerabilities exploited and subsequent attribution. Finally, drawing on
your analysis, briefly explain what you think IoT implies for Australian cyber security in
the context of international anarchy.
IoT or the Internet of things is the extensive Internet connection with the smart devices and
daily objects. The smart devices are embedded with sensors and Internet connectivity with
the objective to interact with one another over the Internet to get a task completed1. The entire
working system can be monitored and controlled remotely as the devices are connected over
the Internet. The Internet of Things or IoT works in conjugation with multiple technology and
real time analysis. The technology aspect of IoT is a convergence of artificial intelligence,
machine learning, embedded systems and commodity sensors. The smart devices are
unanimously connected over the Internet with Unique Identifiers (UIDs) which allows the
easy transmission of data over the network system without any manual intervention2. Internet
of Things act on the collected information, analyses the data to provide services and create
value. The recent years have seen considerable evolution of the IoT in the industries to
enhance operation services and for the efficient delivery of customer services. IoT can
definitely become advantageous in improving decision making and enhancing business
1 Al-Fuqaha, Ala, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa Ayyash. "Internet
of things: A survey on enabling technologies, protocols, and applications." IEEE communications surveys &
tutorials 17, no. 4 (2015): 2347-2376.
2 Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for safer, rapid response
with industry IoT control operations." Proceedings of the IEEE 104, no. 5 (2016): 938-946.
1
2CYBER SECURITY
values. However, there exist the chance of data and service being compromised using some
IoT. Internet of things receives major flak, especially in regards to security and privacy
concerns related to the connected devices and their intentional pervasive presence3. The
internet of things connect a number of devices over the Internet, which might result in the
creation of multiple data points. The security of such data points is important to reduce the
vulnerabilities in the network system4. Multiple data points relatively expand the attack
surface. Poorly secured IoT devices run a huge risk of being easily attacked by cyber
criminals to gain access and control over the network. Poor maintenance and irregular
updates makes the network system vulnerable for such attacks. IoT opens up numerous cyber
challenges when implemented without proper security protocols5.
Critical infrastructure application by the Internet of Things involves the controlling and
monitoring sustainable infrastructure of both the urban and rural sector in Australia. The
critical infrastructure provides services, which are extremely essential for day-to-day
activities, such as food, energy, transport, water, health, communication, banking and
finance6. The critical infrastructure includes bridges, off shore and on shore wind farms,
railway tracks and transportation system. IoT infrastructure can be extensively used to
monitor the change of events in the structural composition which can increase risk and
compromise the safety of the structure. The flexible and highly secure infrastructure supports
productivity, aids in driving various business activities which underpins economic
3 Cui, Xiaoyi. "The internet of things." In Ethical Ripples of Creativity and Innovation, pp. 61-68. Palgrave
Macmillan, London, 2016.
4 Angrishi, Kishore. "Turning internet of things (iot) into internet of vulnerabilities (iov): Iot botnets." arXiv
preprint arXiv:1702.03681 (2017).
5 Asplund, Mikael, and Simin Nadjm-Tehrani. "Attitudes and perceptions of IoT security in critical societal
services." IEEE Access 4 (2016): 2130-2138.
6 Sajid, Anam, Haider Abbas, and Kashif Saleem. "Cloud-assisted IoT-based SCADA systems security: A
review of the state of the art and future challenges." IEEE Access 4 (2016): 1375-1384.
2
values. However, there exist the chance of data and service being compromised using some
IoT. Internet of things receives major flak, especially in regards to security and privacy
concerns related to the connected devices and their intentional pervasive presence3. The
internet of things connect a number of devices over the Internet, which might result in the
creation of multiple data points. The security of such data points is important to reduce the
vulnerabilities in the network system4. Multiple data points relatively expand the attack
surface. Poorly secured IoT devices run a huge risk of being easily attacked by cyber
criminals to gain access and control over the network. Poor maintenance and irregular
updates makes the network system vulnerable for such attacks. IoT opens up numerous cyber
challenges when implemented without proper security protocols5.
Critical infrastructure application by the Internet of Things involves the controlling and
monitoring sustainable infrastructure of both the urban and rural sector in Australia. The
critical infrastructure provides services, which are extremely essential for day-to-day
activities, such as food, energy, transport, water, health, communication, banking and
finance6. The critical infrastructure includes bridges, off shore and on shore wind farms,
railway tracks and transportation system. IoT infrastructure can be extensively used to
monitor the change of events in the structural composition which can increase risk and
compromise the safety of the structure. The flexible and highly secure infrastructure supports
productivity, aids in driving various business activities which underpins economic
3 Cui, Xiaoyi. "The internet of things." In Ethical Ripples of Creativity and Innovation, pp. 61-68. Palgrave
Macmillan, London, 2016.
4 Angrishi, Kishore. "Turning internet of things (iot) into internet of vulnerabilities (iov): Iot botnets." arXiv
preprint arXiv:1702.03681 (2017).
5 Asplund, Mikael, and Simin Nadjm-Tehrani. "Attitudes and perceptions of IoT security in critical societal
services." IEEE Access 4 (2016): 2130-2138.
6 Sajid, Anam, Haider Abbas, and Kashif Saleem. "Cloud-assisted IoT-based SCADA systems security: A
review of the state of the art and future challenges." IEEE Access 4 (2016): 1375-1384.
2
3CYBER SECURITY
development and expansion. However, any disruption to the critical infrastructure can lead to
serious implications for government, business and the community thus impacting service
continuity7 and supply security. The Australian government is very particular about the
increase of cyber security risks involved with critical infrastructure of the country8. The
responsibility of handling and managing critical infrastructure is of critical importance to
build trusted information sharing network environment. The network system involves the
sharing of data and information on the critical infrastructure by the government and the
business firm to identify vulnerabilities in the infrastructure and chart out technical schemes
to access and mitigate the identified risks. The Australian critical infrastructure faces
complex nation risks of coercion, espionage and sabotages9. The highlighted critical
infrastructure of the nation includes communication network, banking and finance,
healthcare, energy, food and grocery, water and transport. The utilization of IoT in the
Australian critical infrastructure can benefit the monitoring process. IoT can be implemented
to study and recognize the potential risk in the structure and which compromises safety. IoT
application in the critical infrastructure can increase the risk of cyber security concerns. An
IoT application incorporates cameras, sensors, smart devices and numerous other physical
devices. The inputs from the connected devices are transmitted over the wired and wireless
network communications to an aggregation point and then processors apply multiple
algorithms for taking valuable decisions. Once the decision making process is over, control
signals are sent to the actuators, which are connected with the devices in implementation
process. Multiple data points are created in the implementation process, which opens up
7 Steele, Wendy, Karen Hussey, and Stephen Dovers. "What’s critical about critical infrastructure?." Urban
Policy and research 35, no. 1 (2017): 74-86.
8 GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks -- GCN". GCN.
https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
9 Eliza Chapman, Tom Uren. 2019. "The Internet Of Insecure Things". Aspi.Org.Au.
https://www.aspi.org.au/report/InternetOfInsecureThings.
3
development and expansion. However, any disruption to the critical infrastructure can lead to
serious implications for government, business and the community thus impacting service
continuity7 and supply security. The Australian government is very particular about the
increase of cyber security risks involved with critical infrastructure of the country8. The
responsibility of handling and managing critical infrastructure is of critical importance to
build trusted information sharing network environment. The network system involves the
sharing of data and information on the critical infrastructure by the government and the
business firm to identify vulnerabilities in the infrastructure and chart out technical schemes
to access and mitigate the identified risks. The Australian critical infrastructure faces
complex nation risks of coercion, espionage and sabotages9. The highlighted critical
infrastructure of the nation includes communication network, banking and finance,
healthcare, energy, food and grocery, water and transport. The utilization of IoT in the
Australian critical infrastructure can benefit the monitoring process. IoT can be implemented
to study and recognize the potential risk in the structure and which compromises safety. IoT
application in the critical infrastructure can increase the risk of cyber security concerns. An
IoT application incorporates cameras, sensors, smart devices and numerous other physical
devices. The inputs from the connected devices are transmitted over the wired and wireless
network communications to an aggregation point and then processors apply multiple
algorithms for taking valuable decisions. Once the decision making process is over, control
signals are sent to the actuators, which are connected with the devices in implementation
process. Multiple data points are created in the implementation process, which opens up
7 Steele, Wendy, Karen Hussey, and Stephen Dovers. "What’s critical about critical infrastructure?." Urban
Policy and research 35, no. 1 (2017): 74-86.
8 GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks -- GCN". GCN.
https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
9 Eliza Chapman, Tom Uren. 2019. "The Internet Of Insecure Things". Aspi.Org.Au.
https://www.aspi.org.au/report/InternetOfInsecureThings.
3
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4CYBER SECURITY
several vulnerability spots for the creation of cyber-attacks. Each data point acts as a failure
point and such a failure point in critical infrastructure can cause serious damage to the
economy of the country. However, the unplanned and planned interactions among the critical
and non-critical system resulting in raising several issues for the design engineers. These
dynamic, interacting and cross-domain IoT systems create a high potential for the increased
amount of threat vectors, tragedy and new vulnerabilities. When a commodity passes through
different IoT environment, where each environment have a specific protocol of its own, it
increases difficulties and opens up weak security spots in the system to get exploited. There
are several other issues underlying in the multi-domain IoT ecosystem. Connectivity through
handheld devices like mobile phones tablets or iPad, smart cars, smart homes and wireless-
enabled devices inevitably increases surface attack for the hackers to exploit and damage.
Power stations have multiple vulnerabilities in their operational and network structure. The
weakness can be easily accessed when they are connected over a series of network opening
up new weak points in the system to launch attack. The power station is one of the significant
critical infrastructures which can cause several weaknesses in the network if connected over
the internet of things. Traffic control system and sensors, Led light connected over the
internet are prone to hacking as they have weak spots in their structure. Such vulnerabilities
in the network make it easier for unauthorized access into the system and taking control of
the entire system. Such vulnerabilities can be easily recognized in the automotive system,
transportations system- railways, roadways and airways. The vulnerabilities in these
structures when exploited can cause catastrophe10. Considering the Banking system of
Australia, when the services and the devices providing the services are all interconnected
through a common network, it creates several data points in the network system which opens
up numerous weakness in the network. The users, who have their bank service connected to
10 Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for safer, rapid
response with industry IoT control operations." Proceedings of the IEEE 104, no. 5 (2016): 938-946.
4
several vulnerability spots for the creation of cyber-attacks. Each data point acts as a failure
point and such a failure point in critical infrastructure can cause serious damage to the
economy of the country. However, the unplanned and planned interactions among the critical
and non-critical system resulting in raising several issues for the design engineers. These
dynamic, interacting and cross-domain IoT systems create a high potential for the increased
amount of threat vectors, tragedy and new vulnerabilities. When a commodity passes through
different IoT environment, where each environment have a specific protocol of its own, it
increases difficulties and opens up weak security spots in the system to get exploited. There
are several other issues underlying in the multi-domain IoT ecosystem. Connectivity through
handheld devices like mobile phones tablets or iPad, smart cars, smart homes and wireless-
enabled devices inevitably increases surface attack for the hackers to exploit and damage.
Power stations have multiple vulnerabilities in their operational and network structure. The
weakness can be easily accessed when they are connected over a series of network opening
up new weak points in the system to launch attack. The power station is one of the significant
critical infrastructures which can cause several weaknesses in the network if connected over
the internet of things. Traffic control system and sensors, Led light connected over the
internet are prone to hacking as they have weak spots in their structure. Such vulnerabilities
in the network make it easier for unauthorized access into the system and taking control of
the entire system. Such vulnerabilities can be easily recognized in the automotive system,
transportations system- railways, roadways and airways. The vulnerabilities in these
structures when exploited can cause catastrophe10. Considering the Banking system of
Australia, when the services and the devices providing the services are all interconnected
through a common network, it creates several data points in the network system which opens
up numerous weakness in the network. The users, who have their bank service connected to
10 Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for safer, rapid
response with industry IoT control operations." Proceedings of the IEEE 104, no. 5 (2016): 938-946.
4
5CYBER SECURITY
their mobile phones might create additional data points as well as significant vulnerability
point11. If such points are not well patched with additional layer of security software, it might
create a path for the attackers to get into the system and still sensitive, confidential and
valuable customer data and money from the bank. The traffic control system when
implemented using IoT application opens up a wide network with multiple weak spots to
cause damage to the system. Manipulation of the system can cause damage and disaster to the
public. The data ports opens up gateways for the attackers to launch attack on the system.
Any failure in the IoT system in the healthcare sector will cause massive damage to the
patients. A single weak point in the system leads to the manipulation of the entire service
system. As multiple devices are connected inside the network system, one device will lead to
another device, making it easier for the attackers to gather information and valuable data. The
entire process of accessing data out of the system becomes a cake walk for the attackers.
Water utilities of Australia serve around a hundred thousand connections, reports the
operational information and asset ownership structure information to the Critical
Infrastructure Register. This information is intended to assist the Australian Government to
understand who own, controls and has the ability to influence Australia’s critical
infrastructure12. Internet of Things application in such a scenario opens up portal for attacks
and data can be easily drawn out of the system to gather effective information which can be
used against the system to cause severe damage to the connections and control lines. The
application of Internet of Things or IoT will decrease cyber security and increase the risk of
multiple cyber-attacks and data theft within the system which can cause great damage to the
Australians and may highly affect the nation’s economy. Hence, in order to secure the IoT
application requires a comprehensive approach which requires the involvement of selecting
11 Farooq, Muhammad Umar, Muhammad Waseem, Anjum Khairi, and Sadia Mazhar. "A critical analysis on
the security concerns of internet of things (IoT)." International Journal of Computer Applications 111, no. 7
(2015
12 Laugé, Ana, Josune Hernantes, and Jose M. Sarriegi. "Critical infrastructure dependencies: A holistic,
dynamic and quantitative approach." International Journal of Critical Infrastructure Protection 8 (2015): 16-23.
5
their mobile phones might create additional data points as well as significant vulnerability
point11. If such points are not well patched with additional layer of security software, it might
create a path for the attackers to get into the system and still sensitive, confidential and
valuable customer data and money from the bank. The traffic control system when
implemented using IoT application opens up a wide network with multiple weak spots to
cause damage to the system. Manipulation of the system can cause damage and disaster to the
public. The data ports opens up gateways for the attackers to launch attack on the system.
Any failure in the IoT system in the healthcare sector will cause massive damage to the
patients. A single weak point in the system leads to the manipulation of the entire service
system. As multiple devices are connected inside the network system, one device will lead to
another device, making it easier for the attackers to gather information and valuable data. The
entire process of accessing data out of the system becomes a cake walk for the attackers.
Water utilities of Australia serve around a hundred thousand connections, reports the
operational information and asset ownership structure information to the Critical
Infrastructure Register. This information is intended to assist the Australian Government to
understand who own, controls and has the ability to influence Australia’s critical
infrastructure12. Internet of Things application in such a scenario opens up portal for attacks
and data can be easily drawn out of the system to gather effective information which can be
used against the system to cause severe damage to the connections and control lines. The
application of Internet of Things or IoT will decrease cyber security and increase the risk of
multiple cyber-attacks and data theft within the system which can cause great damage to the
Australians and may highly affect the nation’s economy. Hence, in order to secure the IoT
application requires a comprehensive approach which requires the involvement of selecting
11 Farooq, Muhammad Umar, Muhammad Waseem, Anjum Khairi, and Sadia Mazhar. "A critical analysis on
the security concerns of internet of things (IoT)." International Journal of Computer Applications 111, no. 7
(2015
12 Laugé, Ana, Josune Hernantes, and Jose M. Sarriegi. "Critical infrastructure dependencies: A holistic,
dynamic and quantitative approach." International Journal of Critical Infrastructure Protection 8 (2015): 16-23.
5
6CYBER SECURITY
the right engineering lifecycle model embracing process discipline, associated processes,
standards compliance, understanding the complex interactions and selecting the correct tools
for use in the systems lifecycle13. It is highly required to identify the soft spots in the system
to avoid any leakage of data and immediate action to patch up the weak spots by
implementing security protocol to prevent cyber-attacks.
The Internet is a global system of interconnected network that use the standardized internet
protocol suite to connect and link devices over the network worldwide. The internet follows
the TCP/IP suite to bring and connect numerous devices to provide internet access. Internet is
defined as a network of network which comprises public, private, business and government
networks on a local as well as on a global scale. The internet carries a wide range of data and
information through the network system on the World Wide Web. There is no single
centralized governance or policies for the Internet for access and usage; each constituent
network sets its own policies. The internet protocol (IP) and the Domain Name System
(DNS) are the principle structure of the internet. The internet has connected the world and
made this world a small place. Information is readily available on the internet and has made
data access easy. The internet has revolutionized the world of technology by connecting all
the entities through a connected network in which data can flow easily and quickly. Devices
are connected using the internet to connect with people and access information from
anywhere at any given time. The process has developed a connected world where information
is easily available as it flows smoothly over the connected network. On the other hand IoT
uses an extended application of the Internet. The Internet of Things is a connected network of
multiple devices liked over the internet which enables the smart device to interact with each
other to get a task done. The Internet of things enables the collection of data from the
13 Mussington, David, Brent J. Arnold, Benoît Dupont, Scott Hilts, Timothy Grayson, Christian Leuprecht, Liam
Nevill, Brian O'Higgins, and Josh Tupler. "Governing Cyber Security in Canada, Australia and the United
States." (2018).
6
the right engineering lifecycle model embracing process discipline, associated processes,
standards compliance, understanding the complex interactions and selecting the correct tools
for use in the systems lifecycle13. It is highly required to identify the soft spots in the system
to avoid any leakage of data and immediate action to patch up the weak spots by
implementing security protocol to prevent cyber-attacks.
The Internet is a global system of interconnected network that use the standardized internet
protocol suite to connect and link devices over the network worldwide. The internet follows
the TCP/IP suite to bring and connect numerous devices to provide internet access. Internet is
defined as a network of network which comprises public, private, business and government
networks on a local as well as on a global scale. The internet carries a wide range of data and
information through the network system on the World Wide Web. There is no single
centralized governance or policies for the Internet for access and usage; each constituent
network sets its own policies. The internet protocol (IP) and the Domain Name System
(DNS) are the principle structure of the internet. The internet has connected the world and
made this world a small place. Information is readily available on the internet and has made
data access easy. The internet has revolutionized the world of technology by connecting all
the entities through a connected network in which data can flow easily and quickly. Devices
are connected using the internet to connect with people and access information from
anywhere at any given time. The process has developed a connected world where information
is easily available as it flows smoothly over the connected network. On the other hand IoT
uses an extended application of the Internet. The Internet of Things is a connected network of
multiple devices liked over the internet which enables the smart device to interact with each
other to get a task done. The Internet of things enables the collection of data from the
13 Mussington, David, Brent J. Arnold, Benoît Dupont, Scott Hilts, Timothy Grayson, Christian Leuprecht, Liam
Nevill, Brian O'Higgins, and Josh Tupler. "Governing Cyber Security in Canada, Australia and the United
States." (2018).
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CYBER SECURITY
connected network and the interactive devices that exchange data constantly. The Internet of
Things connects devices like mobiles, tablets, machines, vehicles and smart houses over the
internet. The connected devices interact with one another over the internet to exchange data
within the system and carry out a process. The smart devices are embedded with sensors and
Internet connectivity with the objective to interact with one another over the Internet to get a
task completed. The entire working system can be monitored and controlled remotely as the
devices are connected over the Internet. Internet of things or IoT works in conjugation with
multiple technology and real time analysis. The technology aspect of IoT is a convergence of
artificial intelligence, machine learning, embedded systems and commodity sensors. The
smart devices are unanimously connected over the Internet with Unique Identifiers (UIDs)
which allows the easy transmission of data over the network system without any manual
intervention. Internet of Things uses the internet to stay connected with the devices in the
network and transmit data over the network system14. IoT is used to monitor several critical
infrastructures and provides significant advantage in remotely controlling the system.
Implementation of Internet of Things in critical infrastructure which includes water supply,
banking and finance, energy, transportation and healthcare, can be used in the remote
monitoring of the resources and connecting the services through a common network. IoT
gradually reduces labor and human intervention making the business process extremely
smooth and easy. Internet of things can be used for decision making and critical calculations.
For any infrastructure, IoT is used to schedule maintenance and repair activities. The
application can be put into use to identify weak spots in structures and recognize potential
damage the structure can face. IoT devices can be used for the purpose operating and
monitoring infrastructure which will surely improve emergency response coordination and
incident management, service quality, up-times and reduce costs of operation in all
14 Wortmann, Felix, and Kristina Flüchter. "Internet of things." Business & Information Systems Engineering 57,
no. 3 (2015): 221-224.
7
connected network and the interactive devices that exchange data constantly. The Internet of
Things connects devices like mobiles, tablets, machines, vehicles and smart houses over the
internet. The connected devices interact with one another over the internet to exchange data
within the system and carry out a process. The smart devices are embedded with sensors and
Internet connectivity with the objective to interact with one another over the Internet to get a
task completed. The entire working system can be monitored and controlled remotely as the
devices are connected over the Internet. Internet of things or IoT works in conjugation with
multiple technology and real time analysis. The technology aspect of IoT is a convergence of
artificial intelligence, machine learning, embedded systems and commodity sensors. The
smart devices are unanimously connected over the Internet with Unique Identifiers (UIDs)
which allows the easy transmission of data over the network system without any manual
intervention. Internet of Things uses the internet to stay connected with the devices in the
network and transmit data over the network system14. IoT is used to monitor several critical
infrastructures and provides significant advantage in remotely controlling the system.
Implementation of Internet of Things in critical infrastructure which includes water supply,
banking and finance, energy, transportation and healthcare, can be used in the remote
monitoring of the resources and connecting the services through a common network. IoT
gradually reduces labor and human intervention making the business process extremely
smooth and easy. Internet of things can be used for decision making and critical calculations.
For any infrastructure, IoT is used to schedule maintenance and repair activities. The
application can be put into use to identify weak spots in structures and recognize potential
damage the structure can face. IoT devices can be used for the purpose operating and
monitoring infrastructure which will surely improve emergency response coordination and
incident management, service quality, up-times and reduce costs of operation in all
14 Wortmann, Felix, and Kristina Flüchter. "Internet of things." Business & Information Systems Engineering 57,
no. 3 (2015): 221-224.
7
8CYBER SECURITY
infrastructure related areas. The prominent application of IoT is the better management of
cities and building a completely equipped smart city. The application of IoT provides real
time data analytics. IoT brings in optimization and automation which is highly beneficial for
execution of processes. Energy management and environment monitoring are aspects of
critical infrastructure where IoT application lies. IoT has the capability to reduce and
optimize power usage as a whole15. This will significantly benefit the energy departments.
The application can be sued to control working of the power plants remotely. Smart grids use
IoT applications to gather and act on the provided energy to improve efficiency in the
production process and also on the line of distribution. IoT application is used to monitor
various aspects of the environment, like monitoring of air quality and wild life movements.
Distributed Denial-of-Service (DDoS) is a kind of attack where numerous compromised and
infected computer systems launches attack on a target, the target could be a server system or
some other network resource and cause denial of service to the targeted computer system
users16. The targeted system is flooded with junk messages, massive number of connection
requests and malformed packets. This influx of junk data crowds the network channel of the
system forcing the data flow to slow down which eventually results in the crashing of the
server system and a complete shutdown of the network and computer system17. The attacks
are mostly launched from the soft points or missing patches in the computer system. Such
spots open out the door for junk data to enter the system and flood the system. The cyber
attackers looks for vulnerable spots in the system and once they identify the spot they gain
15 Thierer, Adam, and Andrea Castillo. "Projecting the growth and economic impact of the internet of
things." George Mason University, Mercatus Center, June 15 (2015).
16 an, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues,
and challenges." IEEE communications surveys & tutorials 18, no. 1 (2015): 602-622.
17 Bhuyan, Monowar H., D. K. Bhattacharyya, and Jugal K. Kalita. "An empirical evaluation of information
metrics for low-rate and high-rate DDoS attack detection." Pattern Recognition Letters 51 (2015): 1-7.
8
infrastructure related areas. The prominent application of IoT is the better management of
cities and building a completely equipped smart city. The application of IoT provides real
time data analytics. IoT brings in optimization and automation which is highly beneficial for
execution of processes. Energy management and environment monitoring are aspects of
critical infrastructure where IoT application lies. IoT has the capability to reduce and
optimize power usage as a whole15. This will significantly benefit the energy departments.
The application can be sued to control working of the power plants remotely. Smart grids use
IoT applications to gather and act on the provided energy to improve efficiency in the
production process and also on the line of distribution. IoT application is used to monitor
various aspects of the environment, like monitoring of air quality and wild life movements.
Distributed Denial-of-Service (DDoS) is a kind of attack where numerous compromised and
infected computer systems launches attack on a target, the target could be a server system or
some other network resource and cause denial of service to the targeted computer system
users16. The targeted system is flooded with junk messages, massive number of connection
requests and malformed packets. This influx of junk data crowds the network channel of the
system forcing the data flow to slow down which eventually results in the crashing of the
server system and a complete shutdown of the network and computer system17. The attacks
are mostly launched from the soft points or missing patches in the computer system. Such
spots open out the door for junk data to enter the system and flood the system. The cyber
attackers looks for vulnerable spots in the system and once they identify the spot they gain
15 Thierer, Adam, and Andrea Castillo. "Projecting the growth and economic impact of the internet of
things." George Mason University, Mercatus Center, June 15 (2015).
16 an, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues,
and challenges." IEEE communications surveys & tutorials 18, no. 1 (2015): 602-622.
17 Bhuyan, Monowar H., D. K. Bhattacharyya, and Jugal K. Kalita. "An empirical evaluation of information
metrics for low-rate and high-rate DDoS attack detection." Pattern Recognition Letters 51 (2015): 1-7.
8
9CYBER SECURITY
control of the system by injecting malware into the system or by bypassing the authentication
control18. The attacker creates a command-and-control server to command the network of
bots, also called a botnet19. Botnets care composed of multiple numbers of bots. The attackers
assemble the botnets and jam the traffic in the network system thus compromising the
working of the system. The DDoS attack can have several victims in the network system.
Once the application layer is attacked and is overwhelmed with targeted resource calls in high
volumes20. The flooding of the resource packets causes a denial of service.
In the recent time there has been a prominent Distributed Denial of Service attack that
utilized a botnet army of IoT devices. The attack was a Mirai Botnet malware. Mirai Botnet
attacked a cyber security blog. The DDoS attack exceeded 620 GBps and was double the size
of any previously recorded attack. The Mirai malware is used to scan vulnerabilities over the
Internet for unsecured IoT devices21. The Malware conscripted the security cameras of the
army to get confidential information about national security and other sensitive data. Mirai
looks for vulnerable spots on the internet for weakly connected IoT devices. The codes of the
malware coded in C language. The bots communicate over the infected device and C&C
server. The port 48101 is used with the motive to control and coordinate the bot instances.
The Mirai malware widely scans the IoT devices to find a single spot of vulnerability in the
system and locate vulnerable IoT devices, which was easily accessed from a remote location.
The Mirai use a dictionary attack of nearly sixty two default common usernames and
18 David, Jisa, and Ciza Thomas. "DDoS attack detection using fast entropy approach on flow-based network
traffic." Procedia Computer Science 50 (2015): 30-36.
19 Bertino, Elisa, and Nayeem Islam. "Botnets and internet of things security." Computer 2 (2017): 76-79.
20 Hallman, Roger, Josiah Bryan, Geancarlo Palavicini, Joseph Divita, and Jose Romero-Mariona. "IoDDoS—
The Internet of Distributed Denial of Service Attacks." (2017).
21 Antonakakis, Manos, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir
Durumeric et al. "Understanding the mirai botnet." In 26th {USENIX} Security Symposium ({USENIX} Security
17), pp. 1093-1110. 2017.
9
control of the system by injecting malware into the system or by bypassing the authentication
control18. The attacker creates a command-and-control server to command the network of
bots, also called a botnet19. Botnets care composed of multiple numbers of bots. The attackers
assemble the botnets and jam the traffic in the network system thus compromising the
working of the system. The DDoS attack can have several victims in the network system.
Once the application layer is attacked and is overwhelmed with targeted resource calls in high
volumes20. The flooding of the resource packets causes a denial of service.
In the recent time there has been a prominent Distributed Denial of Service attack that
utilized a botnet army of IoT devices. The attack was a Mirai Botnet malware. Mirai Botnet
attacked a cyber security blog. The DDoS attack exceeded 620 GBps and was double the size
of any previously recorded attack. The Mirai malware is used to scan vulnerabilities over the
Internet for unsecured IoT devices21. The Malware conscripted the security cameras of the
army to get confidential information about national security and other sensitive data. Mirai
looks for vulnerable spots on the internet for weakly connected IoT devices. The codes of the
malware coded in C language. The bots communicate over the infected device and C&C
server. The port 48101 is used with the motive to control and coordinate the bot instances.
The Mirai malware widely scans the IoT devices to find a single spot of vulnerability in the
system and locate vulnerable IoT devices, which was easily accessed from a remote location.
The Mirai use a dictionary attack of nearly sixty two default common usernames and
18 David, Jisa, and Ciza Thomas. "DDoS attack detection using fast entropy approach on flow-based network
traffic." Procedia Computer Science 50 (2015): 30-36.
19 Bertino, Elisa, and Nayeem Islam. "Botnets and internet of things security." Computer 2 (2017): 76-79.
20 Hallman, Roger, Josiah Bryan, Geancarlo Palavicini, Joseph Divita, and Jose Romero-Mariona. "IoDDoS—
The Internet of Distributed Denial of Service Attacks." (2017).
21 Antonakakis, Manos, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir
Durumeric et al. "Understanding the mirai botnet." In 26th {USENIX} Security Symposium ({USENIX} Security
17), pp. 1093-1110. 2017.
9
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10CYBER SECURITY
passwords to gain complete access of the networked devices, cameras, routers and video
recorders. Te Mirai flooded the HTTP and additional DDoS attacks simultaneously. The
malware launched a generic routing encapsulation IP and GRE Ethernet encapsulation (ETH)
floods, as well as SYN and ACK floods, STOMP (Simple Text Oriented Message Protocol)
floods, DNS floods and UDP flood attacks. The Mirai attack on the Krebs on Security was
huge and included a total number of around a million infected devices which has been
conscripted to form the botnet army22. The malware has been identified to have infected five
hundred thousand devices in around one hundred sixty four countries. The C&C part of the
malware consists handling connection codes and also to add newer botnets to the previously
conscripted botnet army. Connections are made with the admin consoles, API calls are
accepted and the attacks are crafted to deliver inside the system. The database is the Mirai
and the server is made to listen to the connections on the address loop-back only with a
default root authentication and password. Once the malware is launched into the system it
blocks the SIG-INT signals by removing its own executable immediately23. The malware
sends requests to obtain the IP address, calculates function and returns an index in the array
of the running commands and renames itself. The Mirai attacks IoT devices with common
password and username. The system can be shut down to start again, this removes the
malware from the system, but threat remains until and unless the user credentials are
modified. If the credentials are not modified, there is a guaranteed chance of the devices
being re-infected by the malware.
22 Kambourakis, Georgios, Constantinos Kolias, and Angelos Stavrou. "The mirai botnet and the iot zombie
armies." In MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp. 267-272. IEEE,
2017.
23 Kolias, Constantinos, Georgios Kambourakis, Angelos Stavrou, and Jeffrey Voas. "DDoS in the IoT: Mirai
and other botnets." Computer 50, no. 7 (2017): 80-84.
10
passwords to gain complete access of the networked devices, cameras, routers and video
recorders. Te Mirai flooded the HTTP and additional DDoS attacks simultaneously. The
malware launched a generic routing encapsulation IP and GRE Ethernet encapsulation (ETH)
floods, as well as SYN and ACK floods, STOMP (Simple Text Oriented Message Protocol)
floods, DNS floods and UDP flood attacks. The Mirai attack on the Krebs on Security was
huge and included a total number of around a million infected devices which has been
conscripted to form the botnet army22. The malware has been identified to have infected five
hundred thousand devices in around one hundred sixty four countries. The C&C part of the
malware consists handling connection codes and also to add newer botnets to the previously
conscripted botnet army. Connections are made with the admin consoles, API calls are
accepted and the attacks are crafted to deliver inside the system. The database is the Mirai
and the server is made to listen to the connections on the address loop-back only with a
default root authentication and password. Once the malware is launched into the system it
blocks the SIG-INT signals by removing its own executable immediately23. The malware
sends requests to obtain the IP address, calculates function and returns an index in the array
of the running commands and renames itself. The Mirai attacks IoT devices with common
password and username. The system can be shut down to start again, this removes the
malware from the system, but threat remains until and unless the user credentials are
modified. If the credentials are not modified, there is a guaranteed chance of the devices
being re-infected by the malware.
22 Kambourakis, Georgios, Constantinos Kolias, and Angelos Stavrou. "The mirai botnet and the iot zombie
armies." In MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp. 267-272. IEEE,
2017.
23 Kolias, Constantinos, Georgios Kambourakis, Angelos Stavrou, and Jeffrey Voas. "DDoS in the IoT: Mirai
and other botnets." Computer 50, no. 7 (2017): 80-84.
10
11CYBER SECURITY
IoT will open up vulnerable spots in the network system of the nation as a million devices
will be connected over the internet. IoT will jeopardize Australian cyber security in the
context of international anarchy24. Connecting the critical infrastructure over the internet will
surely enhance efficiency and effective production growth but will create ample security
risks. A large network of connected devices on the internet opens up several vulnerable spots
on the network channels, where cyber attackers can use to gain valuable national sensitive
and confidential data. This can put the country in great risk and challenge national security.
24 GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks -- GCN". GCN.
https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
11
IoT will open up vulnerable spots in the network system of the nation as a million devices
will be connected over the internet. IoT will jeopardize Australian cyber security in the
context of international anarchy24. Connecting the critical infrastructure over the internet will
surely enhance efficiency and effective production growth but will create ample security
risks. A large network of connected devices on the internet opens up several vulnerable spots
on the network channels, where cyber attackers can use to gain valuable national sensitive
and confidential data. This can put the country in great risk and challenge national security.
24 GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks -- GCN". GCN.
https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
11
12CYBER SECURITY
Bibliography
Al-Fuqaha, Ala, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa
Ayyash. "Internet of things: A survey on enabling technologies, protocols, and
applications." IEEE communications surveys & tutorials 17, no. 4 (2015): 2347-2376.
an, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking
(SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A
survey, some research issues, and challenges." IEEE communications surveys & tutorials 18,
no. 1 (2015): 602-622.
Angrishi, Kishore. "Turning internet of things (iot) into internet of vulnerabilities (iov): Iot
botnets." arXiv preprint arXiv:1702.03681 (2017).
Antonakakis, Manos, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime
Cochran, Zakir Durumeric et al. "Understanding the mirai botnet." In 26th {USENIX}
Security Symposium ({USENIX} Security 17), pp. 1093-1110. 2017.
Asplund, Mikael, and Simin Nadjm-Tehrani. "Attitudes and perceptions of IoT security in
critical societal services." IEEE Access 4 (2016): 2130-2138.
Bertino, Elisa, and Nayeem Islam. "Botnets and internet of things security." Computer 2
(2017): 76-79.
Bhuyan, Monowar H., D. K. Bhattacharyya, and Jugal K. Kalita. "An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection." Pattern Recognition
Letters 51 (2015): 1-7.
12
Bibliography
Al-Fuqaha, Ala, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa
Ayyash. "Internet of things: A survey on enabling technologies, protocols, and
applications." IEEE communications surveys & tutorials 17, no. 4 (2015): 2347-2376.
an, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking
(SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A
survey, some research issues, and challenges." IEEE communications surveys & tutorials 18,
no. 1 (2015): 602-622.
Angrishi, Kishore. "Turning internet of things (iot) into internet of vulnerabilities (iov): Iot
botnets." arXiv preprint arXiv:1702.03681 (2017).
Antonakakis, Manos, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime
Cochran, Zakir Durumeric et al. "Understanding the mirai botnet." In 26th {USENIX}
Security Symposium ({USENIX} Security 17), pp. 1093-1110. 2017.
Asplund, Mikael, and Simin Nadjm-Tehrani. "Attitudes and perceptions of IoT security in
critical societal services." IEEE Access 4 (2016): 2130-2138.
Bertino, Elisa, and Nayeem Islam. "Botnets and internet of things security." Computer 2
(2017): 76-79.
Bhuyan, Monowar H., D. K. Bhattacharyya, and Jugal K. Kalita. "An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection." Pattern Recognition
Letters 51 (2015): 1-7.
12
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13CYBER SECURITY
Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for
safer, rapid response with industry IoT control operations." Proceedings of the IEEE 104, no.
5 (2016): 938-946.
Cui, Xiaoyi. "The internet of things." In Ethical Ripples of Creativity and Innovation, pp. 61-
68. Palgrave Macmillan, London, 2016.
David, Jisa, and Ciza Thomas. "DDoS attack detection using fast entropy approach on flow-
based network traffic." Procedia Computer Science 50 (2015): 30-36.
Eliza Chapman, Tom Uren. 2019. "The Internet Of Insecure Things". Aspi.Org.Au.
https://www.aspi.org.au/report/InternetOfInsecureThings.
Farooq, Muhammad Umar, Muhammad Waseem, Anjum Khairi, and Sadia Mazhar. "A
critical analysis on the security concerns of internet of things (IoT)." International Journal of
Computer Applications 111, no. 7 (2015).
GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks --
GCN". GCN. https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
Hallman, Roger, Josiah Bryan, Geancarlo Palavicini, Joseph Divita, and Jose Romero-
Mariona. "IoDDoS—The Internet of Distributed Denial of Service Attacks." (2017).
Kambourakis, Georgios, Constantinos Kolias, and Angelos Stavrou. "The mirai botnet and
the iot zombie armies." In MILCOM 2017-2017 IEEE Military Communications Conference
(MILCOM), pp. 267-272. IEEE, 2017.
13
Condry, Michael W., and Catherine Blackadar Nelson. "Using smart edge IoT devices for
safer, rapid response with industry IoT control operations." Proceedings of the IEEE 104, no.
5 (2016): 938-946.
Cui, Xiaoyi. "The internet of things." In Ethical Ripples of Creativity and Innovation, pp. 61-
68. Palgrave Macmillan, London, 2016.
David, Jisa, and Ciza Thomas. "DDoS attack detection using fast entropy approach on flow-
based network traffic." Procedia Computer Science 50 (2015): 30-36.
Eliza Chapman, Tom Uren. 2019. "The Internet Of Insecure Things". Aspi.Org.Au.
https://www.aspi.org.au/report/InternetOfInsecureThings.
Farooq, Muhammad Umar, Muhammad Waseem, Anjum Khairi, and Sadia Mazhar. "A
critical analysis on the security concerns of internet of things (IoT)." International Journal of
Computer Applications 111, no. 7 (2015).
GCN. 2019. "Protecting Critical Internet Infrastructure From Iot Device Risks --
GCN". GCN. https://gcn.com/articles/2018/12/10/iot-critical-infrastructure.aspx.
Hallman, Roger, Josiah Bryan, Geancarlo Palavicini, Joseph Divita, and Jose Romero-
Mariona. "IoDDoS—The Internet of Distributed Denial of Service Attacks." (2017).
Kambourakis, Georgios, Constantinos Kolias, and Angelos Stavrou. "The mirai botnet and
the iot zombie armies." In MILCOM 2017-2017 IEEE Military Communications Conference
(MILCOM), pp. 267-272. IEEE, 2017.
13
14CYBER SECURITY
Kolias, Constantinos, Georgios Kambourakis, Angelos Stavrou, and Jeffrey Voas. "DDoS in
the IoT: Mirai and other botnets." Computer 50, no. 7 (2017): 80-84.
Laugé, Ana, Josune Hernantes, and Jose M. Sarriegi. "Critical infrastructure dependencies: A
holistic, dynamic and quantitative approach." International Journal of Critical Infrastructure
Protection 8 (2015): 16-23.
Mussington, David, Brent J. Arnold, Benoît Dupont, Scott Hilts, Timothy Grayson, Christian
Leuprecht, Liam Nevill, Brian O'Higgins, and Josh Tupler. "Governing Cyber Security in
Canada, Australia and the United States." (2018).
Sajid, Anam, Haider Abbas, and Kashif Saleem. "Cloud-assisted IoT-based SCADA systems
security: A review of the state of the art and future challenges." IEEE Access 4 (2016): 1375-
1384.
Steele, Wendy, Karen Hussey, and Stephen Dovers. "What’s critical about critical
infrastructure?." Urban Policy and research 35, no. 1 (2017): 74-86.
Thierer, Adam, and Andrea Castillo. "Projecting the growth and economic impact of the
internet of things." George Mason University, Mercatus Center, June 15 (2015).
Wortmann, Felix, and Kristina Flüchter. "Internet of things." Business & Information Systems
Engineering 57, no. 3 (2015): 221-224.
14
Kolias, Constantinos, Georgios Kambourakis, Angelos Stavrou, and Jeffrey Voas. "DDoS in
the IoT: Mirai and other botnets." Computer 50, no. 7 (2017): 80-84.
Laugé, Ana, Josune Hernantes, and Jose M. Sarriegi. "Critical infrastructure dependencies: A
holistic, dynamic and quantitative approach." International Journal of Critical Infrastructure
Protection 8 (2015): 16-23.
Mussington, David, Brent J. Arnold, Benoît Dupont, Scott Hilts, Timothy Grayson, Christian
Leuprecht, Liam Nevill, Brian O'Higgins, and Josh Tupler. "Governing Cyber Security in
Canada, Australia and the United States." (2018).
Sajid, Anam, Haider Abbas, and Kashif Saleem. "Cloud-assisted IoT-based SCADA systems
security: A review of the state of the art and future challenges." IEEE Access 4 (2016): 1375-
1384.
Steele, Wendy, Karen Hussey, and Stephen Dovers. "What’s critical about critical
infrastructure?." Urban Policy and research 35, no. 1 (2017): 74-86.
Thierer, Adam, and Andrea Castillo. "Projecting the growth and economic impact of the
internet of things." George Mason University, Mercatus Center, June 15 (2015).
Wortmann, Felix, and Kristina Flüchter. "Internet of things." Business & Information Systems
Engineering 57, no. 3 (2015): 221-224.
14
1 out of 15
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.