IoT Security Challenges and Solutions
VerifiedAdded on 2020/02/19
|14
|3253
|53
AI Summary
This assignment delves into the complexities of security within the Internet of Things (IoT). It examines a range of existing security protocols, identifies prevalent challenges and open research issues in IoT security, and discusses potential solutions and future directions for securing this rapidly evolving technology. The provided references offer insights into various aspects of IoT security, including architectural frameworks for eHealth security, privacy concerns, and the ongoing need for robust security measures to protect connected devices and networks.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: INTERNET OF THINGS (IOT)
Internet of Things (IOT)
(Security issues and solutions)
Name of the student:
Name of the university:
Author Note
Internet of Things (IOT)
(Security issues and solutions)
Name of the student:
Name of the university:
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1INTERNET OF THINGS (IOT)
Executive summary
The IoT or Internet of Things denotes the inter-networking that takes place under various connected
devices or smart devices. The poor development and sluggish growth owing to the security of IoT
has been in doubts. The report is developed considering the major aspect of security of IoT.
Executive summary
The IoT or Internet of Things denotes the inter-networking that takes place under various connected
devices or smart devices. The poor development and sluggish growth owing to the security of IoT
has been in doubts. The report is developed considering the major aspect of security of IoT.
2INTERNET OF THINGS (IOT)
Table of Contents
1. Introduction:......................................................................................................................................3
2. Various supportive descriptions:.......................................................................................................3
2.1. The challenges:...........................................................................................................................3
2.2. The problems:.............................................................................................................................4
2.3. The relevant technologies and their applications:......................................................................5
2.4. Clarification of the vague areas:.................................................................................................6
2.5. The probable research questions:................................................................................................6
3. Summary of the issues:.....................................................................................................................7
4. Problems that were not addressed or not addressed adequately in the discussions:..........................8
5. Discussion on the impact of the above mentioned issues and their application in real world:........9
6. The most important lessons learnt: ..............................................................................................11
7. Conclusion:......................................................................................................................................12
8. References:......................................................................................................................................13
Table of Contents
1. Introduction:......................................................................................................................................3
2. Various supportive descriptions:.......................................................................................................3
2.1. The challenges:...........................................................................................................................3
2.2. The problems:.............................................................................................................................4
2.3. The relevant technologies and their applications:......................................................................5
2.4. Clarification of the vague areas:.................................................................................................6
2.5. The probable research questions:................................................................................................6
3. Summary of the issues:.....................................................................................................................7
4. Problems that were not addressed or not addressed adequately in the discussions:..........................8
5. Discussion on the impact of the above mentioned issues and their application in real world:........9
6. The most important lessons learnt: ..............................................................................................11
7. Conclusion:......................................................................................................................................12
8. References:......................................................................................................................................13
3INTERNET OF THINGS (IOT)
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4INTERNET OF THINGS (IOT)
1. Introduction:
The IoT or Internet of Things refers to the inter-networking that takes place within the
various connected devices or smart devices. This enables the various objects like vehicles, buildings,
software and others to gather and transform data (Hossain et al., 2015).
However the poor development and sluggish growth owing to the security of IoT has been in
doubts. The report is prepared keeping the major aspect of security of IoT in mind.
The report has undergone through the issue with brief descriptions about the challenges,
problems, relevant technologies and others. It has also summarized the problems and identified the
important problems that are not addressed, or not addressed adequately. The effect of the mentioned
issues and their application are also analyzed. Lastly the lessons learnt due these discussions are
demonstrated.
2. Various supportive descriptions:
2.1. The challenges:
While the progress of IoT would not be stopping at any time, the biggest issues with the
business and consumers are discussed below:
More devices, more problems:
The most basic weakness of security of IoT has been that it raises the amount of devices
beyond the firewall of the network. Since there are so many devices, hence they are prone to be
hacked. This indicates that the hackers could accomplish more.
1. Introduction:
The IoT or Internet of Things refers to the inter-networking that takes place within the
various connected devices or smart devices. This enables the various objects like vehicles, buildings,
software and others to gather and transform data (Hossain et al., 2015).
However the poor development and sluggish growth owing to the security of IoT has been in
doubts. The report is prepared keeping the major aspect of security of IoT in mind.
The report has undergone through the issue with brief descriptions about the challenges,
problems, relevant technologies and others. It has also summarized the problems and identified the
important problems that are not addressed, or not addressed adequately. The effect of the mentioned
issues and their application are also analyzed. Lastly the lessons learnt due these discussions are
demonstrated.
2. Various supportive descriptions:
2.1. The challenges:
While the progress of IoT would not be stopping at any time, the biggest issues with the
business and consumers are discussed below:
More devices, more problems:
The most basic weakness of security of IoT has been that it raises the amount of devices
beyond the firewall of the network. Since there are so many devices, hence they are prone to be
hacked. This indicates that the hackers could accomplish more.
5INTERNET OF THINGS (IOT)
More and more updates:
Since the IoT has been turning to reality, people need to worry regarding the protection of
more devices. Another challenge is that the companies never upgrade their devices sufficiently. This
indicates that the IoT device that was secured at first could turn unsafe since the hackers identify
new vulnerabilities (Jing et al., 2014).
Protecting data from corporations:
The corporations creating and distributing the interconnected devices might also utilize the
devices for retrieving personal data. This has been especially dangerous while using the money
transfers.
Lazy consumers:
The computers possess partial auto up-gradations since maximum users are very lazy in
performing the primary steps required to keep the machine safe (Abomhara & Køien, 2014). As the
protection of the myriad devices of IoT is considered, this becomes much more difficult than any
single machine. And the challenge gets worse.
2.2. The problems:
The latest IoT devices are required to make the life smoother. Unfortunately the insufficient
security has been turning the things annoying. At the end of the previous year, some parts of the
Internet have stayed inaccessible because of the DDoS or “Denial of Service” attacks (Mahmoud et
al., 2014). This took place against the Dyn DNS servers. The security issues have been impacting the
popular companies also. Thus the security problems have not been restricted to the password
problems only. Both the producers and consumers of the devices have been sharing the liability in
thwarting the hacks of IoT (Li & Da Xu, 2017).
More and more updates:
Since the IoT has been turning to reality, people need to worry regarding the protection of
more devices. Another challenge is that the companies never upgrade their devices sufficiently. This
indicates that the IoT device that was secured at first could turn unsafe since the hackers identify
new vulnerabilities (Jing et al., 2014).
Protecting data from corporations:
The corporations creating and distributing the interconnected devices might also utilize the
devices for retrieving personal data. This has been especially dangerous while using the money
transfers.
Lazy consumers:
The computers possess partial auto up-gradations since maximum users are very lazy in
performing the primary steps required to keep the machine safe (Abomhara & Køien, 2014). As the
protection of the myriad devices of IoT is considered, this becomes much more difficult than any
single machine. And the challenge gets worse.
2.2. The problems:
The latest IoT devices are required to make the life smoother. Unfortunately the insufficient
security has been turning the things annoying. At the end of the previous year, some parts of the
Internet have stayed inaccessible because of the DDoS or “Denial of Service” attacks (Mahmoud et
al., 2014). This took place against the Dyn DNS servers. The security issues have been impacting the
popular companies also. Thus the security problems have not been restricted to the password
problems only. Both the producers and consumers of the devices have been sharing the liability in
thwarting the hacks of IoT (Li & Da Xu, 2017).
6INTERNET OF THINGS (IOT)
2.3. The relevant technologies and their applications:
Some of the hottest relevant technologies regarding security issues at IoT are described below:
Technologies Applications
IoT network security This has been securing of the network
connecting the IoT devices to the back-ends
over the Internet.
IoT authentication This has been delivering the user’s ability for
authenticating the IoT device. This has been
including the controlling of various users of
any single device.
IoT encryption The encrypting of data at rest and in the transit
between the IoT edge devices and the systems
of back-end is done here. This helps in
maintaining the data integrity and prevention
of data traced by the hackers (Sicari et al.,
2015).
IoT PKI This has been delivering the complex X.509
digital certificate and the cryptographic key.
This has been including the life-cycle
capabilities including the distribution,
revocation and management of public or
private key generation.
2.3. The relevant technologies and their applications:
Some of the hottest relevant technologies regarding security issues at IoT are described below:
Technologies Applications
IoT network security This has been securing of the network
connecting the IoT devices to the back-ends
over the Internet.
IoT authentication This has been delivering the user’s ability for
authenticating the IoT device. This has been
including the controlling of various users of
any single device.
IoT encryption The encrypting of data at rest and in the transit
between the IoT edge devices and the systems
of back-end is done here. This helps in
maintaining the data integrity and prevention
of data traced by the hackers (Sicari et al.,
2015).
IoT PKI This has been delivering the complex X.509
digital certificate and the cryptographic key.
This has been including the life-cycle
capabilities including the distribution,
revocation and management of public or
private key generation.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INTERNET OF THINGS (IOT)
IoT security analytics This has been aggregating, collecting,
normalizing and monitoring data from the IoT
devices. Moreover it has been delivering
actionable alerting and reporting over
particular activities.
IoT API security This has been delivering the capability for
authenticating and authorizing the data
movement between the IoT devices, the back-
end devices and the applications utilizing the
documented APIs based on REST (Zhao & Ge,
2013).
2.4. Clarification of the vague areas:
Particularly, people have been slightly vague regarding the type of data created by the IoT
devices and the data processing within it. In various system architectures the processing of data has
been done in the huge centralized manner certain cases like cloud computers (Farooq et al., 2015).
These cloud centric architectures keeps the cloud in the core. The applications are kept above and
the network of the smart things beneath that.
2.5. The probable research questions:
Keeping the diverse set of the socio-economic problems in mind, the following questions are
developed as the guidance regarding the security concern at IoT:
1. How could people assure that the IoT devices could adapt the behavior of communication on the
basis of present context of communication and security threats?
IoT security analytics This has been aggregating, collecting,
normalizing and monitoring data from the IoT
devices. Moreover it has been delivering
actionable alerting and reporting over
particular activities.
IoT API security This has been delivering the capability for
authenticating and authorizing the data
movement between the IoT devices, the back-
end devices and the applications utilizing the
documented APIs based on REST (Zhao & Ge,
2013).
2.4. Clarification of the vague areas:
Particularly, people have been slightly vague regarding the type of data created by the IoT
devices and the data processing within it. In various system architectures the processing of data has
been done in the huge centralized manner certain cases like cloud computers (Farooq et al., 2015).
These cloud centric architectures keeps the cloud in the core. The applications are kept above and
the network of the smart things beneath that.
2.5. The probable research questions:
Keeping the diverse set of the socio-economic problems in mind, the following questions are
developed as the guidance regarding the security concern at IoT:
1. How could people assure that the IoT devices could adapt the behavior of communication on the
basis of present context of communication and security threats?
8INTERNET OF THINGS (IOT)
2. How could people exploit the abstractions and the relationships at real world for better modeling
the trust relationships and the privacy policies between the IoT devices?
3. How could the IoT be designed such its nature restricts the people from getting exploited?
4. How could be the useful IoT systems gets emerged from the building blocks as deployed people
and not the enterprises and companies?
3. Summary of the issues:
The posts has helped in learning that as the IOT is not going to take off truly ever the public
perception is the first problem to be addressed by the manufacturers. Obviously with the high level
of worry, the consumers could hesitate in purchasing the connected devices (Roman, Zhou & Lopez,
2013). There have been also vulnerabilities to hacking. The researchers have been able to hack
through the on-the-market real devices with sufficient time and energy.
Moreover only a mere percentage of enterprises have felt confident that they might secure the
device against the devices. Further the enterprises also require creating security into the software
applications and the network connections linking to the devices.
The summary presented is accurate since the issues of security have not been about the
launching of the DoD attacks. They could be utilized for generating the spam through emailing the
content to the other devices. The contents gathered by the devices could be sent unknowingly to the
parties also.
2. How could people exploit the abstractions and the relationships at real world for better modeling
the trust relationships and the privacy policies between the IoT devices?
3. How could the IoT be designed such its nature restricts the people from getting exploited?
4. How could be the useful IoT systems gets emerged from the building blocks as deployed people
and not the enterprises and companies?
3. Summary of the issues:
The posts has helped in learning that as the IOT is not going to take off truly ever the public
perception is the first problem to be addressed by the manufacturers. Obviously with the high level
of worry, the consumers could hesitate in purchasing the connected devices (Roman, Zhou & Lopez,
2013). There have been also vulnerabilities to hacking. The researchers have been able to hack
through the on-the-market real devices with sufficient time and energy.
Moreover only a mere percentage of enterprises have felt confident that they might secure the
device against the devices. Further the enterprises also require creating security into the software
applications and the network connections linking to the devices.
The summary presented is accurate since the issues of security have not been about the
launching of the DoD attacks. They could be utilized for generating the spam through emailing the
content to the other devices. The contents gathered by the devices could be sent unknowingly to the
parties also.
9INTERNET OF THINGS (IOT)
4. Problems that were not addressed or not addressed adequately in the
discussions:
There have been two issues found that have not been discussed sufficiently:
The rush to produce:
Mass production of the IoT devices has been happening regularly for responding to the
demand customer. However the rush in deploying the products has been often leading to the
considerations of lack security. The failure in including the security in main design has been a
considerable risk. The products must feature the security and the design instead of the retrofitted
solutions (Granjal, Monteiro & Silva, 2015). Moreover various IoT devices have not possessed the
storage or power required to host the endpoint security software. There have been various products
IoT that devoid of the capability to have the firmware upgraded with security issues. This could lead
to the issues like the DDos, malware vulnerabilities or the man-in-middle attacks.
Lack of standards for sharing and protecting data:
There have been various efforts of IoT standardization happening. On the other hand there
has been no standard body of the regulations of IoT for the manufacturers for adhering to (Zhang et
al., 2014). Each business should decide on their own what security measures would be employed.
This must be without the baseline for bare minimum.
4. Problems that were not addressed or not addressed adequately in the
discussions:
There have been two issues found that have not been discussed sufficiently:
The rush to produce:
Mass production of the IoT devices has been happening regularly for responding to the
demand customer. However the rush in deploying the products has been often leading to the
considerations of lack security. The failure in including the security in main design has been a
considerable risk. The products must feature the security and the design instead of the retrofitted
solutions (Granjal, Monteiro & Silva, 2015). Moreover various IoT devices have not possessed the
storage or power required to host the endpoint security software. There have been various products
IoT that devoid of the capability to have the firmware upgraded with security issues. This could lead
to the issues like the DDos, malware vulnerabilities or the man-in-middle attacks.
Lack of standards for sharing and protecting data:
There have been various efforts of IoT standardization happening. On the other hand there
has been no standard body of the regulations of IoT for the manufacturers for adhering to (Zhang et
al., 2014). Each business should decide on their own what security measures would be employed.
This must be without the baseline for bare minimum.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10INTERNET OF THINGS (IOT)
5. Discussion on the impact of the above mentioned issues and their application
in real world:
Problems Discussions Applications
Physical Attacks The physical attacks have
been targeting the IoT
system’s hardware and
including the breaches at
sensor layer. They just
typically need the physical
proximity to that system.
However they could also
include the actions limiting the
efficacy of the IoT hardware
(Ahlmeyer & Chircu, 2016).
The attackers could also
temper with the nodes for
gaining the control over the
sensor devices or nodes in the
IoT environment. They have
been further using the control
for extracting the code, data
and materials. By the injection
of malicious code, the
The IoT has been broadening
the range of physical security.
This happens as the smart
devices are connected to the
business systems by the
internet (Al-Fuqaha et al.,
2015). The internet might be
located outside the established
protected perimeters. The
isolating of these smart
devices could not be gained in
the same way like the physical
borders of the organization.
Hence the device
location plays an important
role to keep the equipment
safe and secure and totally
functional in the external
world.
5. Discussion on the impact of the above mentioned issues and their application
in real world:
Problems Discussions Applications
Physical Attacks The physical attacks have
been targeting the IoT
system’s hardware and
including the breaches at
sensor layer. They just
typically need the physical
proximity to that system.
However they could also
include the actions limiting the
efficacy of the IoT hardware
(Ahlmeyer & Chircu, 2016).
The attackers could also
temper with the nodes for
gaining the control over the
sensor devices or nodes in the
IoT environment. They have
been further using the control
for extracting the code, data
and materials. By the injection
of malicious code, the
The IoT has been broadening
the range of physical security.
This happens as the smart
devices are connected to the
business systems by the
internet (Al-Fuqaha et al.,
2015). The internet might be
located outside the established
protected perimeters. The
isolating of these smart
devices could not be gained in
the same way like the physical
borders of the organization.
Hence the device
location plays an important
role to keep the equipment
safe and secure and totally
functional in the external
world.
11INTERNET OF THINGS (IOT)
attackers could also deploy
physically the malicious nodes
between the legitimate nodes
at the IoT network. The
malicious nodes also known as
the MitM or man-in-the-
middle attacks could control
the operations and the data
flowing between the linked
codes.
Network attacks The network attacks could
target the network layer of the
IoT system and could be
conducted distantly. The
DDos attacks have been the
most popular network of the
IoT security risks. They have
been involving typically the
server from replying to the
legitimate requests (Sadeghi,
Wachsmann & Waidner,
2015). By utilizing the
One of the major problems of
the network attacks is the
eavesdropping. Often most of
the network communications
have been happening in the
clear text or unsecured format.
This has been allowing the
attackers who have got access
to the data paths in the
network for listening or
interpret the traffic (Lake et
al., 2014). Strong encryption
attackers could also deploy
physically the malicious nodes
between the legitimate nodes
at the IoT network. The
malicious nodes also known as
the MitM or man-in-the-
middle attacks could control
the operations and the data
flowing between the linked
codes.
Network attacks The network attacks could
target the network layer of the
IoT system and could be
conducted distantly. The
DDos attacks have been the
most popular network of the
IoT security risks. They have
been involving typically the
server from replying to the
legitimate requests (Sadeghi,
Wachsmann & Waidner,
2015). By utilizing the
One of the major problems of
the network attacks is the
eavesdropping. Often most of
the network communications
have been happening in the
clear text or unsecured format.
This has been allowing the
attackers who have got access
to the data paths in the
network for listening or
interpret the traffic (Lake et
al., 2014). Strong encryption
12INTERNET OF THINGS (IOT)
sniffing applications, the
attackers could do the traffic
analysis for inferring
information on the basis of
communication patterns
between the devices in the
network of IoT.
of the services has been a
good application that has been
based on cryptography. Then
the data could not be read by
the others as it transmits
through the network.
6. The most important lessons learnt:
The devices designed with the idea of IoT might be convenient. However there have been
some security risks involved here. Currently, there is a development in the devices to be hacked and
incorporated to the botnets for ordering to carry out the malicious attacks. The devices have been
often storing the sensitive data that could be stolen by hackers. These data combined with the weak
infrastructure has been making the device highly tempting for the hackers.
The security recognized in various IoT connected gadgets has not been high. Since the
devices have been generally small and lacking physical security or locked to the factory default
passwords. The development of the IoT botnets is rampant. The manufacturers have been also
neglecting the updates regarding the devices. The current mass production of the IoT devices has left
them neglected by the manufacturers that could lead to various households in compromise. The
hackers could probe into the current devices of today and attack in the nearest future without any
kind of restrictions. As the customers have been expected to use the devices in the coming years, the
manufacturers must continue to enhance and support that software also. The Department of Defense
sniffing applications, the
attackers could do the traffic
analysis for inferring
information on the basis of
communication patterns
between the devices in the
network of IoT.
of the services has been a
good application that has been
based on cryptography. Then
the data could not be read by
the others as it transmits
through the network.
6. The most important lessons learnt:
The devices designed with the idea of IoT might be convenient. However there have been
some security risks involved here. Currently, there is a development in the devices to be hacked and
incorporated to the botnets for ordering to carry out the malicious attacks. The devices have been
often storing the sensitive data that could be stolen by hackers. These data combined with the weak
infrastructure has been making the device highly tempting for the hackers.
The security recognized in various IoT connected gadgets has not been high. Since the
devices have been generally small and lacking physical security or locked to the factory default
passwords. The development of the IoT botnets is rampant. The manufacturers have been also
neglecting the updates regarding the devices. The current mass production of the IoT devices has left
them neglected by the manufacturers that could lead to various households in compromise. The
hackers could probe into the current devices of today and attack in the nearest future without any
kind of restrictions. As the customers have been expected to use the devices in the coming years, the
manufacturers must continue to enhance and support that software also. The Department of Defense
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13INTERNET OF THINGS (IOT)
of various nations also proposes that the IoT enterprises must come up with the roadmap to support
and make that clear to users. The choice for either manual or automatic updates must be provided to
every client.
7. Conclusion:
It could be concluded by saying that the IoT has been nearer to being imposed. This is what
the people have been thinking normally. The most of the required technological developments
needed to it are made already. Few of the agencies and manufacturers have started imposing the
small scale version of that. It has been clear that the IoT has been presenting new issues to the
security and network architects. The smarter security systems include the controlled threat detection,
anomaly detection, and predictive analysis for evolving. The primary cause why it has not been
really imposed has been the effect it would pose in the social, security, logical and ethical field. The
employees could abuse it potentially, the hackers might access it, the corporations could not desire to
share their information publicly and individuals might not love the entire absence of the privacy. For
such causes, the IoT could get pushed back for longer time than it actually needed to be.
of various nations also proposes that the IoT enterprises must come up with the roadmap to support
and make that clear to users. The choice for either manual or automatic updates must be provided to
every client.
7. Conclusion:
It could be concluded by saying that the IoT has been nearer to being imposed. This is what
the people have been thinking normally. The most of the required technological developments
needed to it are made already. Few of the agencies and manufacturers have started imposing the
small scale version of that. It has been clear that the IoT has been presenting new issues to the
security and network architects. The smarter security systems include the controlled threat detection,
anomaly detection, and predictive analysis for evolving. The primary cause why it has not been
really imposed has been the effect it would pose in the social, security, logical and ethical field. The
employees could abuse it potentially, the hackers might access it, the corporations could not desire to
share their information publicly and individuals might not love the entire absence of the privacy. For
such causes, the IoT could get pushed back for longer time than it actually needed to be.
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.