Security and Privacy Issues in IoT
Added on 2023-06-12
5 Pages3262 Words310 Views
ITC 595 SECURITY AND PRIVACY ISSUES IN IOT
[AUTHOR NAME]
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
[AUTHOR EMAIL ID]
Abstract - IOT is considered as a future of internet
where everyday objects would be connected to
one another allowing a seamless method of
interaction and automation. In the future, it will
play a pivotal role enhancing lifestyle and
infrastructure and turning out to be one of the
biggest business models in the world. IOT would
allow billions of devices, services and people to be
connected simultaneously ushering a new era of
hyper connectivity and digitization. Since IOT is
based on the current existing wireless and sensory
networks technologies, it also faces the same kind
of vulnerabilities and security threats. As a result,
the foreseen widespread use in all domains can
turn out to be a disaster unless efforts have not
been made to put in enough privacy and security
protocols. This paper talks about a comprehensive
study on overall privacy and security issues that
riddles IOT today and in the future.
Keywords – IOT, RFID, Threats
INTRODUCTION
The IOT or Internet of Things is a futuristic concept
wherein everyday objects and accessories would be
able to connect to each other, be aware about their
surroundings as well as be connected to the
internet. IOT is close associate with technologies
such as Sensor, RFID and Wireless networks.
According to Gartner, approximately 25 to 30
Billion IOT devices would be in use in the world.
The rate at which this is growing possess big
security concerns as IOT devices have multiple
vulnerability while at the same time the potential
growth attracts the attention of malicious actors.
IOT security is an important concern because: a)
IOT is considered to be an extended version of
Wireless Sensor Networks, Mobile communication
and Broadband which and since they itself possess
multiple security flaws, it also translates over to IOT
b) Since every device is connected to the internet
and has itself low defence mechanisms c) IOT
objects communicate with each other leaving
scope of security and privacy. This paper aims to
summarize the potential security and privacy
threats of IOT (Schneier, 2017).
LITERATURE REVIEW
The characteristics of IOT that points to out it’s
dynamic behaviour, mobility, intelligence,
undefined parameters make it’s a high-end
technological domain and a scalable technological
revolution but also highly vulnerable in terms of
security. As a result, it’s important to understand
the concept of IOT before moving ahead to its
security vulnerabilities.
Presentation
Middleware
Hardware
Also, the same pattern could be observed in
determining different paradigms of IOT, and they
include:
Semantic-oriented
Things-oriented
Internet-oriented
As a result, the similar concept could applied to the
structure of IOT. The IOT architecture, comprises
of:
The application layer
The perception layer
The network layer
The application layer that consists of the bulk of
the logic interacts with the end-users to satisfy
their needs. The perception layers gathers
environment related data and network layer
consists of wireless and wired systems is intended
to transmit and process information ("Cloud
Computing Security, Privacy and Forensics: Issues
and Challenges Ahead", 2018). The IOT needs
[AUTHOR NAME]
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
[AUTHOR EMAIL ID]
Abstract - IOT is considered as a future of internet
where everyday objects would be connected to
one another allowing a seamless method of
interaction and automation. In the future, it will
play a pivotal role enhancing lifestyle and
infrastructure and turning out to be one of the
biggest business models in the world. IOT would
allow billions of devices, services and people to be
connected simultaneously ushering a new era of
hyper connectivity and digitization. Since IOT is
based on the current existing wireless and sensory
networks technologies, it also faces the same kind
of vulnerabilities and security threats. As a result,
the foreseen widespread use in all domains can
turn out to be a disaster unless efforts have not
been made to put in enough privacy and security
protocols. This paper talks about a comprehensive
study on overall privacy and security issues that
riddles IOT today and in the future.
Keywords – IOT, RFID, Threats
INTRODUCTION
The IOT or Internet of Things is a futuristic concept
wherein everyday objects and accessories would be
able to connect to each other, be aware about their
surroundings as well as be connected to the
internet. IOT is close associate with technologies
such as Sensor, RFID and Wireless networks.
According to Gartner, approximately 25 to 30
Billion IOT devices would be in use in the world.
The rate at which this is growing possess big
security concerns as IOT devices have multiple
vulnerability while at the same time the potential
growth attracts the attention of malicious actors.
IOT security is an important concern because: a)
IOT is considered to be an extended version of
Wireless Sensor Networks, Mobile communication
and Broadband which and since they itself possess
multiple security flaws, it also translates over to IOT
b) Since every device is connected to the internet
and has itself low defence mechanisms c) IOT
objects communicate with each other leaving
scope of security and privacy. This paper aims to
summarize the potential security and privacy
threats of IOT (Schneier, 2017).
LITERATURE REVIEW
The characteristics of IOT that points to out it’s
dynamic behaviour, mobility, intelligence,
undefined parameters make it’s a high-end
technological domain and a scalable technological
revolution but also highly vulnerable in terms of
security. As a result, it’s important to understand
the concept of IOT before moving ahead to its
security vulnerabilities.
Presentation
Middleware
Hardware
Also, the same pattern could be observed in
determining different paradigms of IOT, and they
include:
Semantic-oriented
Things-oriented
Internet-oriented
As a result, the similar concept could applied to the
structure of IOT. The IOT architecture, comprises
of:
The application layer
The perception layer
The network layer
The application layer that consists of the bulk of
the logic interacts with the end-users to satisfy
their needs. The perception layers gathers
environment related data and network layer
consists of wireless and wired systems is intended
to transmit and process information ("Cloud
Computing Security, Privacy and Forensics: Issues
and Challenges Ahead", 2018). The IOT needs
solutions related to architecture that helps manage
heterogeneous states so as to work effectively.
CHALLENGES IN THIS RESEARCH AREA
Privacy is considered to be a fundamental human
right and the Universal Declaration of Human
Rights mentions this in 1948. In the US, the first
biggest piece of legislation that was passed was the
1974 Privacy Act. However, even today the level of
privacy protection offered by the legislation are
insufficient because of the day-to-day spillages and
unpunished breach of privacy and security issues.
This issue is greatly enhanced with IOT as it creates
many new grey areas wherein legislative
boundaries disappear. First of this is the notion of
PII or Personally Identifiable Information as the
definition of PII quickly deprecates in lieu of IOT as
it becomes increasingly difficult to distinguish
between Non-PII and PII. Many privacy breaches
today go unnoticed. For example, websites that
allow constant tracking of users on the web ("Cloud
Computing Security, Privacy and Forensics: Issues
and Challenges Ahead", 2018) or for instance
smartphone companies and carriers that constantly
collect location of the users or even smart meter
readings that track people’s lifestyles. Also, too
many privacy breaches go unnoticed among users
as data collection of everyday things become a
normality and the data collection is more passive.
ISSUES IN IOT
PRIVACY THREATS
Identification
Identification means the threat of being identified
by a name, pseudonym, address or contact number
or by other means. This is a rapidly growing issue
within IOT as the usage of surveillance cameras in
IOT devices have become a norm for non-security
contexts such as marketing and analytics purposes
by non-government units. The images captured by
these cameras can be automatically recognized
using advanced facial recognition techniques. Apart
from this, the increasing interconnection among
devices (Song, Fink & Jeschke, 2014) make
fingerprinting possible. Finally, the integration of
speech and phrase recognition technology used in
everyday consumer products such as speaker
systems or calendars have made a huge data-base
not just individual speech samples but also what
they speak into, what they demand constantly
among others. This could potentially be used to
recognize and identify people by government and
non-government organizations.
Localization and Tracking
Localization and tracking means constant or in-
frequent accessing and / or recording of person’s
location through space and time. As IOT objects
become smarter and more intuitive, their accuracy
and frequency of recording location to provide
meaningful feedback and help increases as well.
Simultaneously, the recording of location also
becomes more passive and users are unaware
about the same. This is a among the most
concerning privacy issues associated with IOT.
Profiling
Profiling means compiling details of an individuals
and tracking his likes, preferences, background and
other details in order to understand the individual
better. These methods are typically used on social
media sites and ecommerce sites to provide better
recommendation to users. However, with so many
IOT devices in the wild, it gets easier to track and
profile an individual’s lives those parts which were
previously inaccessible.
Security Threats
Perception layer security issues: It stands at the
lowest level in IOT structure and is the main source
of access for the information within IOT. There isn’t
enough security mechanisms built into this layer
and is vulnerable to attack owing to its limited
energy use, diversity and a weak protection that
relies on the security of RFID, M2M and WSN.
Perception layer is susceptible to attacks such as
congestion attack, DoS attack, forward attack,
physical capture, capture gateway node and node
replication attack. Within Perception layer, WSN
and RFID also have separate vulnerabilities:
Wireless Sensor Networks
WSN sense and control various environment
around them and the security issues can be
categorized under :
Authentication based attacks
Network availability based attacks
heterogeneous states so as to work effectively.
CHALLENGES IN THIS RESEARCH AREA
Privacy is considered to be a fundamental human
right and the Universal Declaration of Human
Rights mentions this in 1948. In the US, the first
biggest piece of legislation that was passed was the
1974 Privacy Act. However, even today the level of
privacy protection offered by the legislation are
insufficient because of the day-to-day spillages and
unpunished breach of privacy and security issues.
This issue is greatly enhanced with IOT as it creates
many new grey areas wherein legislative
boundaries disappear. First of this is the notion of
PII or Personally Identifiable Information as the
definition of PII quickly deprecates in lieu of IOT as
it becomes increasingly difficult to distinguish
between Non-PII and PII. Many privacy breaches
today go unnoticed. For example, websites that
allow constant tracking of users on the web ("Cloud
Computing Security, Privacy and Forensics: Issues
and Challenges Ahead", 2018) or for instance
smartphone companies and carriers that constantly
collect location of the users or even smart meter
readings that track people’s lifestyles. Also, too
many privacy breaches go unnoticed among users
as data collection of everyday things become a
normality and the data collection is more passive.
ISSUES IN IOT
PRIVACY THREATS
Identification
Identification means the threat of being identified
by a name, pseudonym, address or contact number
or by other means. This is a rapidly growing issue
within IOT as the usage of surveillance cameras in
IOT devices have become a norm for non-security
contexts such as marketing and analytics purposes
by non-government units. The images captured by
these cameras can be automatically recognized
using advanced facial recognition techniques. Apart
from this, the increasing interconnection among
devices (Song, Fink & Jeschke, 2014) make
fingerprinting possible. Finally, the integration of
speech and phrase recognition technology used in
everyday consumer products such as speaker
systems or calendars have made a huge data-base
not just individual speech samples but also what
they speak into, what they demand constantly
among others. This could potentially be used to
recognize and identify people by government and
non-government organizations.
Localization and Tracking
Localization and tracking means constant or in-
frequent accessing and / or recording of person’s
location through space and time. As IOT objects
become smarter and more intuitive, their accuracy
and frequency of recording location to provide
meaningful feedback and help increases as well.
Simultaneously, the recording of location also
becomes more passive and users are unaware
about the same. This is a among the most
concerning privacy issues associated with IOT.
Profiling
Profiling means compiling details of an individuals
and tracking his likes, preferences, background and
other details in order to understand the individual
better. These methods are typically used on social
media sites and ecommerce sites to provide better
recommendation to users. However, with so many
IOT devices in the wild, it gets easier to track and
profile an individual’s lives those parts which were
previously inaccessible.
Security Threats
Perception layer security issues: It stands at the
lowest level in IOT structure and is the main source
of access for the information within IOT. There isn’t
enough security mechanisms built into this layer
and is vulnerable to attack owing to its limited
energy use, diversity and a weak protection that
relies on the security of RFID, M2M and WSN.
Perception layer is susceptible to attacks such as
congestion attack, DoS attack, forward attack,
physical capture, capture gateway node and node
replication attack. Within Perception layer, WSN
and RFID also have separate vulnerabilities:
Wireless Sensor Networks
WSN sense and control various environment
around them and the security issues can be
categorized under :
Authentication based attacks
Network availability based attacks
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IOT - Security Issues and Solutions - Reportlg...
|9
|2197
|75
Internet of Things (IOT) - PDFlg...
|14
|3561
|82
Analyzing The Security Challenges of IoT Deviceslg...
|12
|4267
|74
Internet of Things Technologylg...
|11
|2627
|81
Interacting Socially with the Internet of Things (IoT): Effects of Source Attribution and Specialization in Human–IoT Interactionlg...
|5
|908
|462
Wireless Communication Protocols for IoTlg...
|4
|845
|380