Security and Privacy Issues in all domains of IoT
Submit a research project on a chosen topic related to IoT, not exceeding 6000 words.
8 Pages6752 Words306 Views
Added on 2023-06-13
About This Document
This report discusses the security and privacy challenges faced by IoT in all domains. It includes a literature review on IoT security issues, firmware, dynamic testing, and DoS attacks. The report also covers the challenges faced by front-end sensors and equipment, back-end servers, and communication channels.
Security and Privacy Issues in all domains of IoT
Submit a research project on a chosen topic related to IoT, not exceeding 6000 words.
Added on 2023-06-13
ShareRelated Documents
Security and Privacy Issues in all domains of IoT
[Name of the Author]
[Name of the Author]
ABSTRACT – IoT or the Internet of Things can be considered as the system, which, mainly consists of an interrelated
computing devices digital or mechanical machines and many more. This devices are generally provided with an unique
identifier to identify them. These devices also have the capability of transferring data over the network without any involvement
of the human-to-human or human-to-computer interactions. This new emerging technology is being used in almost every field
to make the live of peoples much easier. However, along with benefits there also exists certain risks regarding the use of IoT.
This report would be discussing about the various security and the privacy challenges faced by IoT while implementing in
various domains. Which is followed by a literature review about the topic that is “ security and privacy issues in all domains of
the IoT”. IoT or Internet of Things can be defined as a network, which generally compromises of physical devices that are
capable of communicating with each other by making use of the internet. They are also capable of gathering and sharing
information. This is an emerging technology and consists of different varieties of “smart devices” which are responsible for the
collection of data by making use of different sensors. This report mainly discusses about the use of IoT in different fields and
what are main challenges that are faced by IoT regarding the security and privacy and the data.
Keywords: IoT, security issues, privacy issues, firmware’s, dynamic testing, DoS attack
1. INTRODUCTION
Internet of Things is one of the most emerging techniques
Internet of things has been gaining the global acceptance from
the audience all over the globe. This global acceptance
increases the usage of the technology Internet of Thing are
nothing but simple electronic devices which has the
transmitter and the receiver embedded in the electronic device
that enables them to communicate and transact over the
platform of the digital communication and the internet. With
the benefit of gaining, the advantage of gaining
communication through the entire globe comes the
disadvantage of security in disguise. Security of the database
has been the major issue for the application of the Internet of
things in regular life.
Along with the evolution of the IT infrastructure and the
networking technologies, there would be numerous number of
barrier, which would be encountered by the IoT technology.
The key challenges faced by IoT is regarding its privacy and
security. As more and more devices are being connected to the
network the decentralized entry points for the malwares is also
increasing. Main tampering occurs in the devices which are
less expensive and are located in area which are mostly
compromised. Different types of new software’s integration of
the middleware and many more things are mainly responsible
for creating new complexities and new security risks as well.
Along with this the compliances is also going to a major issue
for the fields when the personal data of an individual is
involved and there are no such IoT devices that does not
consists of any personal data of the user. It is better to say that
almost every IoT device is associated with collection of at
least one personal data of the user. Security and privacy
measures for the IoT is very important, as this would affect
the lives of the people along with various economic activities.
IoT or Internet of Things can be termed as an network of
physical things which are generally embedded with various
sensors, electronics, software and connectivity so as to allow
the device perform in better way by exchanging the
information with the other devices connected to it or with the
operator or with the manufacturer. Simply it can stated that
IoT is a network where the physical devices are capable of
exchanging the data in an internal way or with the other
devices connected to it. IoT has made out life much more
easier but despite of all this there are certain risks associated
with the use of IoT and the most important concern is
regarding the various security and the privacy challenges
faced by IoT. The report mainly aims at discussing the various
security and privacy challenges faced by IoT in all domains of
IoT. The use of IoT has been adopted in almost every domain.
Along with creating new opportunities, the implementation of
IoT has also brought various risks associated with it.
2. LITERATURE REVIEW
2.1 Security Issues
2.1.1 Insecure Web Interface
Bekara, 2014, in his journal stated that the most important
aspect that affects the infrastructure of the computing system
is the Web Interface of the company. The security aspect of
the Web Interface is also the major concern for the
organizations that are dependent on this feature as their
networking system [9]. Web interface proves to be important
as it as the link between the user and the computing device.
An attack on the web interface allows the cyber criminal to
get access on the direct interface of the networking system.
Modulations made on the interface reflects instantly on the
web media and the clients of the database and the web service
aces a lot of problem as the data that is to be present in the
web is modulated and wrong information is posted in the web
leading to the conflict between the user and the employees of
the organization who provide the web services.
According to Andrea, Chrysostomou & Hadjichristofi,
2015, the methodologies that are undertaken to prevent the
attack on the Web Interfaces are setting up of password and
user name different from the initial username and the
password that was already set during the installation if the
web services [8]. This aspect of changing the initial password
and the username gives the web services a robustness in the
accounting of the database of the web. Another methodology
that is being used in the process to protecting the web
interface from the cyber criminals are by processing of the
password recovery method as in case the password of the web
computing devices digital or mechanical machines and many more. This devices are generally provided with an unique
identifier to identify them. These devices also have the capability of transferring data over the network without any involvement
of the human-to-human or human-to-computer interactions. This new emerging technology is being used in almost every field
to make the live of peoples much easier. However, along with benefits there also exists certain risks regarding the use of IoT.
This report would be discussing about the various security and the privacy challenges faced by IoT while implementing in
various domains. Which is followed by a literature review about the topic that is “ security and privacy issues in all domains of
the IoT”. IoT or Internet of Things can be defined as a network, which generally compromises of physical devices that are
capable of communicating with each other by making use of the internet. They are also capable of gathering and sharing
information. This is an emerging technology and consists of different varieties of “smart devices” which are responsible for the
collection of data by making use of different sensors. This report mainly discusses about the use of IoT in different fields and
what are main challenges that are faced by IoT regarding the security and privacy and the data.
Keywords: IoT, security issues, privacy issues, firmware’s, dynamic testing, DoS attack
1. INTRODUCTION
Internet of Things is one of the most emerging techniques
Internet of things has been gaining the global acceptance from
the audience all over the globe. This global acceptance
increases the usage of the technology Internet of Thing are
nothing but simple electronic devices which has the
transmitter and the receiver embedded in the electronic device
that enables them to communicate and transact over the
platform of the digital communication and the internet. With
the benefit of gaining, the advantage of gaining
communication through the entire globe comes the
disadvantage of security in disguise. Security of the database
has been the major issue for the application of the Internet of
things in regular life.
Along with the evolution of the IT infrastructure and the
networking technologies, there would be numerous number of
barrier, which would be encountered by the IoT technology.
The key challenges faced by IoT is regarding its privacy and
security. As more and more devices are being connected to the
network the decentralized entry points for the malwares is also
increasing. Main tampering occurs in the devices which are
less expensive and are located in area which are mostly
compromised. Different types of new software’s integration of
the middleware and many more things are mainly responsible
for creating new complexities and new security risks as well.
Along with this the compliances is also going to a major issue
for the fields when the personal data of an individual is
involved and there are no such IoT devices that does not
consists of any personal data of the user. It is better to say that
almost every IoT device is associated with collection of at
least one personal data of the user. Security and privacy
measures for the IoT is very important, as this would affect
the lives of the people along with various economic activities.
IoT or Internet of Things can be termed as an network of
physical things which are generally embedded with various
sensors, electronics, software and connectivity so as to allow
the device perform in better way by exchanging the
information with the other devices connected to it or with the
operator or with the manufacturer. Simply it can stated that
IoT is a network where the physical devices are capable of
exchanging the data in an internal way or with the other
devices connected to it. IoT has made out life much more
easier but despite of all this there are certain risks associated
with the use of IoT and the most important concern is
regarding the various security and the privacy challenges
faced by IoT. The report mainly aims at discussing the various
security and privacy challenges faced by IoT in all domains of
IoT. The use of IoT has been adopted in almost every domain.
Along with creating new opportunities, the implementation of
IoT has also brought various risks associated with it.
2. LITERATURE REVIEW
2.1 Security Issues
2.1.1 Insecure Web Interface
Bekara, 2014, in his journal stated that the most important
aspect that affects the infrastructure of the computing system
is the Web Interface of the company. The security aspect of
the Web Interface is also the major concern for the
organizations that are dependent on this feature as their
networking system [9]. Web interface proves to be important
as it as the link between the user and the computing device.
An attack on the web interface allows the cyber criminal to
get access on the direct interface of the networking system.
Modulations made on the interface reflects instantly on the
web media and the clients of the database and the web service
aces a lot of problem as the data that is to be present in the
web is modulated and wrong information is posted in the web
leading to the conflict between the user and the employees of
the organization who provide the web services.
According to Andrea, Chrysostomou & Hadjichristofi,
2015, the methodologies that are undertaken to prevent the
attack on the Web Interfaces are setting up of password and
user name different from the initial username and the
password that was already set during the installation if the
web services [8]. This aspect of changing the initial password
and the username gives the web services a robustness in the
accounting of the database of the web. Another methodology
that is being used in the process to protecting the web
interface from the cyber criminals are by processing of the
password recovery method as in case the password of the web
service is changed by the cyber criminal then the genuine
client can gain access of the data in the web service with the
help of the restoring password methodology. Another way of
terminating the risk of ten cyber attack in the web interface is
by setting reference for the password so that the password that
is set is well strong for the cyber criminals to harm the web
interface and the gain access to the front end of the web
interface.
2.1.2 Insufficient authorization
Gatsis & Pappas, 2017, in their book stated that the
inefficient methodology that is applied in the usage of the
process from securing the web services has been acting as one
of the major causes for the security issues in the field of
Internet of things [6]. The computing devices that deploy the
methodology of the authentication of the user of the web
service is very inefficient as the imposters can use the identity
of the genuine clients and gain access to the web services and
modulate the information that harms the clients who use the
web service. This security problems faced is due to the fact
that the password complexity of the web services are not as
strong as it is required for preventing the imposters to gain
access to the personal accounts or the data that are private in
nature. Again according to Sridhar & Smys, 2017, another
reason of insufficient authentication problem is that
credentials of the database are very poorly protected which
makes the credentials vulnerable to the imposters. The
authentication systems that are applied in the database are one
factor authentication system. The liability of the one factor
authentication is limited and the robustness of the platform is
affected due to this terminology of one factor authentication
methodology [11]. Insecurity in the password recovery
methodology is availed due to the fact the lack of robustness
in the setting of the password. The control of the rile based
access is not well maintained which leads to the fact of lack of
authentication robustness of the database.
According to Pacheco & Hariri, 2016, the password that is
being set for the database has to be strong enough to be
cracked by the imposters in order to keep the database
protected from the imposters are by ensuring that the
password that set for the data base is strong enough to be
cracked [5]. To prevent the access of the imposters the most
important thing that should be checked is the positioning of
the granular access control. To keep the data base protected
the granular access control must be placed in the right place
and the use of the granular access control must be made
efficiently. The password that are set for the database must be
recoverable by the client in case of misplacing the password.
2.1.3 Insecure Network Services
Lee & Lee, 2015, in their book stated that insecure network
services deals with the methodologies that are caused due to
the vulnerabilities of the networking system that requires
Internet of Things in the process of the infrastructural
methodology [3]. The platform of Internet of Things provides
the intruders the access in an unauthorized manner to the data
that is associate in nature. Vulnerable services that are
provided by the Internet of Things are proven to be the main
reason behind the lack of robustness of the network services.
According to Abomhara & Køien, 2014, another main reason
of this lack of robustness of the platform is the buffer over
flow of the networking services. The overflow of the buffer
provides the imposters an opportunity to gain access to the
personal data of the clients who has been using the platform
network services from the transaction purpose. The major
reason behind the improper access of data in the networking
services are the opening of the ports that are accessible by the
means of UPnP [10]. The UDP services that are exploitable in
nature also acts as the gateway for t imposters to gain access
to the data as the imposters exploits the UDP gateway to enter
into the database of the clients and modulate the same. Usage
of the DOS via Network Fizzing is also the major reason of
the data insecurity of the Insecure Networking services. This
fizzing of the networking infrastructure via the DS
infrastructure has attracted many cyber criminals to poach
against the databases that are stored in the network services.
According to Bertino, 2017, The major security steps that
are taken to prevent the security issues of the Internet of
things in the field of unsecured networking services are by
ensuring the facts that the ports are necessarily exposed the
ports and get the ports available in the fact of the data must be
secured and the ports of the networking services. another
technical strategy to prevent the security issues are by having
an access to the buffer system. The overflow of the buffer
system acts as the fact of that overflowing of the buffer
embarks the fact that the network security stays protected [4].
Ensuring the services which are not vulnerable in nature as the
fact that the DoS services the attacks to the networking
services. this affects the computing system itself. The local
devices are also affected by the DoS attack.
2.1.4. Lack of transport encryption
According to Li & Da Xu, 2017, the main function of the
Internet of Things is to communicate and transact with the
computing services. But the data that have been transacted
through the networking services must be encrypted in order to
keep the data robust and protected from the imposters and
keep the data secured [1]. The major issues are regarding the
unencrypted data that is being distributed via the global
networking services as well as the local networking service.
The security issues are also due to the fact of lack of
implementation of the SSL/TLS. Another reason for the lack
of security is due to the fact of the mismatched state of the
SSL/TLS.
Again according to Hwang, 2015, the measures that must
be taken in order to keep the data secured from the encryption
issues are by the fact by ensuring that the data is encrypted
efficiently using the data protocols which uses the technology
of the SSL and the technology of the TTL during the process
of transiting networks [2]. Another major process that must be
taken in order to keep the data protected from the lack of
encryption of the data is by ensuring the fact that the data that
is to be encrypted must be encrypted using the technology of
the standard encryption technique in case the SSL and the
TTL technique is not available for the encryption of the data.
SSL and the TTL technique are the best strategy to encrypt the
data that is being transacted. Another technology that is being
client can gain access of the data in the web service with the
help of the restoring password methodology. Another way of
terminating the risk of ten cyber attack in the web interface is
by setting reference for the password so that the password that
is set is well strong for the cyber criminals to harm the web
interface and the gain access to the front end of the web
interface.
2.1.2 Insufficient authorization
Gatsis & Pappas, 2017, in their book stated that the
inefficient methodology that is applied in the usage of the
process from securing the web services has been acting as one
of the major causes for the security issues in the field of
Internet of things [6]. The computing devices that deploy the
methodology of the authentication of the user of the web
service is very inefficient as the imposters can use the identity
of the genuine clients and gain access to the web services and
modulate the information that harms the clients who use the
web service. This security problems faced is due to the fact
that the password complexity of the web services are not as
strong as it is required for preventing the imposters to gain
access to the personal accounts or the data that are private in
nature. Again according to Sridhar & Smys, 2017, another
reason of insufficient authentication problem is that
credentials of the database are very poorly protected which
makes the credentials vulnerable to the imposters. The
authentication systems that are applied in the database are one
factor authentication system. The liability of the one factor
authentication is limited and the robustness of the platform is
affected due to this terminology of one factor authentication
methodology [11]. Insecurity in the password recovery
methodology is availed due to the fact the lack of robustness
in the setting of the password. The control of the rile based
access is not well maintained which leads to the fact of lack of
authentication robustness of the database.
According to Pacheco & Hariri, 2016, the password that is
being set for the database has to be strong enough to be
cracked by the imposters in order to keep the database
protected from the imposters are by ensuring that the
password that set for the data base is strong enough to be
cracked [5]. To prevent the access of the imposters the most
important thing that should be checked is the positioning of
the granular access control. To keep the data base protected
the granular access control must be placed in the right place
and the use of the granular access control must be made
efficiently. The password that are set for the database must be
recoverable by the client in case of misplacing the password.
2.1.3 Insecure Network Services
Lee & Lee, 2015, in their book stated that insecure network
services deals with the methodologies that are caused due to
the vulnerabilities of the networking system that requires
Internet of Things in the process of the infrastructural
methodology [3]. The platform of Internet of Things provides
the intruders the access in an unauthorized manner to the data
that is associate in nature. Vulnerable services that are
provided by the Internet of Things are proven to be the main
reason behind the lack of robustness of the network services.
According to Abomhara & Køien, 2014, another main reason
of this lack of robustness of the platform is the buffer over
flow of the networking services. The overflow of the buffer
provides the imposters an opportunity to gain access to the
personal data of the clients who has been using the platform
network services from the transaction purpose. The major
reason behind the improper access of data in the networking
services are the opening of the ports that are accessible by the
means of UPnP [10]. The UDP services that are exploitable in
nature also acts as the gateway for t imposters to gain access
to the data as the imposters exploits the UDP gateway to enter
into the database of the clients and modulate the same. Usage
of the DOS via Network Fizzing is also the major reason of
the data insecurity of the Insecure Networking services. This
fizzing of the networking infrastructure via the DS
infrastructure has attracted many cyber criminals to poach
against the databases that are stored in the network services.
According to Bertino, 2017, The major security steps that
are taken to prevent the security issues of the Internet of
things in the field of unsecured networking services are by
ensuring the facts that the ports are necessarily exposed the
ports and get the ports available in the fact of the data must be
secured and the ports of the networking services. another
technical strategy to prevent the security issues are by having
an access to the buffer system. The overflow of the buffer
system acts as the fact of that overflowing of the buffer
embarks the fact that the network security stays protected [4].
Ensuring the services which are not vulnerable in nature as the
fact that the DoS services the attacks to the networking
services. this affects the computing system itself. The local
devices are also affected by the DoS attack.
2.1.4. Lack of transport encryption
According to Li & Da Xu, 2017, the main function of the
Internet of Things is to communicate and transact with the
computing services. But the data that have been transacted
through the networking services must be encrypted in order to
keep the data robust and protected from the imposters and
keep the data secured [1]. The major issues are regarding the
unencrypted data that is being distributed via the global
networking services as well as the local networking service.
The security issues are also due to the fact of lack of
implementation of the SSL/TLS. Another reason for the lack
of security is due to the fact of the mismatched state of the
SSL/TLS.
Again according to Hwang, 2015, the measures that must
be taken in order to keep the data secured from the encryption
issues are by the fact by ensuring that the data is encrypted
efficiently using the data protocols which uses the technology
of the SSL and the technology of the TTL during the process
of transiting networks [2]. Another major process that must be
taken in order to keep the data protected from the lack of
encryption of the data is by ensuring the fact that the data that
is to be encrypted must be encrypted using the technology of
the standard encryption technique in case the SSL and the
TTL technique is not available for the encryption of the data.
SSL and the TTL technique are the best strategy to encrypt the
data that is being transacted. Another technology that is being
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IoT Security and Privacy Challenges in All Domainslg...
|2
|714
|196
Security and Privacy Challenges in IoT Domainlg...
|3
|790
|398
IoT Security and Privacy Regime/Challenges in All Domains of IoTlg...
|2
|1568
|228
IoT in Healthcare: Challenges and Opportunitieslg...
|3
|1756
|192
Security Challenges in Emerging Networks: Overview of IoT and its Applicationslg...
|9
|467
|400
Internet of Things: Privacy Issues and Contentslg...
|9
|1402
|116