Exploring Network Security Issues and Solutions in the Age of IoT

Verified

Added on 2025/04/28

AI Summary

Desklib provides past papers and solved assignments for students. This report analyzes network security threats and solutions in IoT environments.

Introduction
Network security, in simple terms, can be described as protection or security of an
organization’s network (network infrastructure, software or firmware) from any outside
unauthorized access. It involves software as well as hardware security implementations to
secure the network. These implementations include antivirus, firewall, intrusion detection
system (IDS), intrusion prevention system (IPS), etc. These security measures can be
implemented using software or hardware. It helps the organization to secure the network from
any kind of misuse, alteration, disturbance, latency, destruction, malfunction, loss of
confidentiality (Fruhlinger, 2018).
These security measures give users of the network confidence to communicate and share
crucial information across the network with appropriate confidentiality, integrity, and
availability of information to all the authorized and authenticated users.
With huge advances in technology, networks are integrated with IoT devices. IoT is simply a
network of interconnected devices which can communicate with others over the network or
Internet. These devices are called as IoT enabled devices which the ability to communicate with
other IoT enabled devices without any human interaction as a medium. For example, smart AC
is an example of IoT enabled device with the ability to sense the temperature of the room and
adjust the cooling temperature accordingly (Kobie, 2015).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Security Issues
Figure 1: Organization network
The above figure (Figure1) shows the network implementation is the organization. It includes
various connected devices and security implementations like firewall and proxy servers. It also
includes IoT enabled devices for sensing the temperature of the surrounding environment.
The above network has also implemented the Cisco ASA 5585-X firewall. Firewall act as the first
layer of security for the network. Any request before entering inside the network needs to pass
the firewall. The firewall has certain rules and constraints which the incoming packets or
information need to adhere in order to pass the firewall.
The above network implementation is made secure by implementing a firewall and proxy server
but it still has security loopholes which can help the attacker to compromise the network and
steal the confidential information about the organization. It also includes IoT enabled devices
for sensing the temperature of the surrounding environment. IoT devices also require security
implementations for its protection from unauthorized access. IoT devices without any security
measures can become the path or medium for the attacker to comprise the whole network.

From the above discussion, it can be concluded that every single device, which is a part of the
network, requires security implementation/s. Any device can become the path for an attacker
to move inside the network and compromise the whole network.
Some of the issues related to IT security and IoT security are:
 In the above network implementation, the wireless security protocol used is WEP (Wired
Equivalent Privacy). Though this wireless security protocol prevents unauthorized people to
connect to the network as well as encrypt the confidential information sent over airwaves.
But still, WEP is a highly vulnerable security solution.
 Ubuntu 16.04 mail server with Apache 2 has a security issue that can be exploited. The
issues are that the Apache HTTP server handles the scoreboard shared memory area
incorrectly. This could enable a remote hacker to execute scripts or arbitrary codes with
root privilege (2019).
 Insecure and unnecessary network services running on the IoT enabled device (here
temperature sensor) can lead to unauthorized remote access to device and disclosure of
confidential information.
 Using outdated components or third party hardware or software component can also
compromise the device and information security (Paul, 2019).

Actual attacks
Below are some of the actual attacks which had happened in the past. Gathering information
from these past attacks can help organization gain information about how the attack happened,
the cause of the attack, security measures already implemented in the organization on which
attack happened, and measures to tackle the security breach.
Gathering all the information related to attacks help the organization to make its network
infrastructure more secure, strong and help them prepare in advance for the same situation.
One of the most well-known actual attacks on the WEP was the Fluhrer, Mantin, and Shamir
(FMS). The attack occurred in 2001. The attack takes advantage of the way WEP produce weak
keystreams using weak Initialization Vector (IV). This mechanism gives the hacker the
advantage to gather a sufficient amount of encrypted packets and analyze them to recover the
weak secret key.
In November 2018 Marriott had experienced an enormous network breach. The security breach
results in stealing of records of 500 million clients. The information which was compromised
includes mailing addresses, payment information and other clients confidential information
(O'Flaherty, 2018).
Dahua, the second largest IoT device manufacturing organization, had encountered a major
software flaw in their IoT devices in March 2017. The software flaw allows a hacker to bypass
the authentication mechanism on some of their devices. The flaws might also allow hackers to
retrieve the username and hashed passwords.
The TRENDnet Webcam Hack is the attack on the web camera which was used to for security of
home and monitoring of babies (in absence of baby’s parents). The cameras used for security
had a defective software, which allows the attackers to obtain the camera’s IP and look and
listen through the camera.
Another IoT attack named The Jeep Hack was encountered in July 2015. The attack was
happened by exploiting the firmware and hijacking the vehicle over the network (Sprint cellular
network). The attackers were able to speed down, speed up, and veer off the Jeep SUV.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Vulnerabilities
Ubuntu mail server 16.06 with apache2 has the vulnerability related to incorrect handling of
scoreboard shared memory area. The CVE (Common Vulnerability and Exposures) for this
vulnerability is CVE-2019-0211. This vulnerability could allow the remote hacker to cause the
Ubuntu mail server to consume resources, which could lead to a DoS attack (Denial of Service).
The vulnerability found WEP was related to the secret key (k). In WEP, the secret key is divided
into an Initialization Vector (IV) and the root key (r). If the root key (r) is utilized with different
initialization vectors, it could provide the attacker an advantage to compute the (r) by analyzing
and examining the starting words of the related keystreams. Another vulnerability which can be
exploited by the hackers could be due to the use of the smaller size of the initialization vector
(IV).

Solutions to security issues
The security issues and vulnerability encounter due to the use of WEP wireless protocol can be
tackled by using more advanced and more secure wireless protocol name WPA (Wi-Fi Protected
Access). The WPA implementations use a key which is pre-shared (PSK), also known as WPA
Personal, and the Integrity Protocol known as Temporal Key Integrity Protocol (TKIP) for
encryption of the information. But it was still vulnerable to intrusion attacks.
As an improvement to WPA, WPA2 was introduced which use the Advanced Encryption
Standard (AES). The wireless attacks on these protocols can be eliminated if the access point
firmware could be replaced with other distribution which does not WPS (Wi-Fi Protected
Setup).
The security issue related to Ubuntu 16.04 related to incorrect handling of scoreboard shared
memory area can be avoided by updating the system to Ubuntu 18.04 LTS using apache2-bin -
2.4.29-1ubuntu4.6.
The security issues related to IoT devices can be easily solved by managing the running network
services on the IoT enabled device. Disabling of unnecessary network services makes the device
more secure and less visible to the outside world (attackers). The IoT enabled device should be
purchased from recognized manufacturers and the device should be tested at both ends
(manufacturer end and customer/organization end) multiple times.
The hardware, software, as well as firmware, should be patched regularly and timely to avoid
any security breaches on the organization network. Some of the practices which can be
implemented to secure the IoT devices include: (Buenrostro, et al., 2018)
 Using an excellent encryption technique for Wi-Fi and communication between IoT
enabled devices
 Setup a new password for the IoT device and do not use the default one
 Features which are not required must be disabled
 Implement Two-factor authentication on the IoT devices
 Integrity checks on firmware, using checksums and embedded passwords

Conclusion
From the above report, it is evident that security is the most crucial aspect of the protection of
an organization network. The network infrastructure should be secured by implementing
updated security measures (hardware, software as well as firmware). It includes the
implementation of firewalls, IPS, IDS, antivirus, DMZ (Demilitarized Zone), and other security
measures.
Regular and timely updates should be performed on the network and security measures.
Awareness about different security breaches happening in the surrounding is also important as
it provides appropriate time to the security team to implement security measures to tackle
similar breach which might occur in their organization.
Security patching should be performed on the network assets to avoid any security breaches
and maintain the confidentiality, availability, and integrity of the organizational information.
Different tips to make IoT enabled devices and the communication between them, stronger are
also discussed.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

References
Fruhlinger, J. (2018). What is network security? Definition, methods, jobs & salaries. [Online]
Available at https://www.csoonline.com/article/3285651/what-is-network-security-definition-
methods-jobs-and-salaries.html
Kobie, N. (2015). What is the internet of things? [Online] Available at
https://www.theguardian.com/technology/2015/may/06/what-is-the-internet-of-things-google
(2019). USN-3937-1: Apache HTTP Server vulnerabilities. [Online] Available at
https://usn.ubuntu.com/3937-1/
Paul, F. (2019). Top 10 IoT vulnerabilities. [Online] Available at
https://www.networkworld.com/article/3332032/top-10-iot-vulnerabilities.html
Buenrostro, E., Cyrus, D., Le, T., and Emamian, V. (2018). Security of IoT Devices, 2(1), 1-13.
[Online] Available at https://www.tandfonline.com/doi/abs/10.1080/23742917.2018.1474592
O'Flaherty, K. (2018). Breaking Down Five 2018 Breaches -- And What They Mean For Security In
2019. [Online] Available at
https://www.forbes.com/sites/kateoflahertyuk/2018/12/19/breaking-down-five-2018-
breaches-and-what-they-mean-for-security-in-2019/#1880d17d41c4