ITC595 Research Project: Privacy and Security in IoT - Fall 2023

Verified

Added on 2025/05/03

AI Summary

Desklib provides solved assignments and past papers to help students succeed.

ITC595 Research Project (Privacy and Security In
IoT)
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

ABSTRACT –
Internet of thing can be defined as a combination
of day to day things and activities encompassed with
the software electronics, gateways, actuators and
sensors which can be directly connected to the
interne. An IoT devices has power to connect and
collect the data for the transmission and further
communication. The services which are provided by
these devices are regularly becoming the necessary
part of the lifer of individuals. However, there are
some security and privacy issues related to the data
of the use which are also increasing with the use of
this technology.
Keywords— Security, IoT devices, privacy Internet.
INTRODUCTION
The technology named as Internet of Things is
seeking attention in all type of businesses, industries
and processes as well as in the day to day lives of the
individuals. With the increasing conveniences and
opportunities, challenges and issues related to the
security and privacy are also increasing. Innovations
are taking place in a rapid manner which are
developing chances to take advantages along with
facing the new challenges. It can also be said that
challenges come in the form of opportunities and are
required to be treated with strategies, planning and
their implementations. Iot is responsible for shifting
the content in the era of vulnerabilities, data
breaches and threats. This term was firstly
introduced by Kevin Ashton around the year 2000.
Further, the concept slowly started migrating
towards the lives of people and facilitating with
various advantages and features. This technology is
also defined as the 'Third Wave' in the development
of the internet usage. As per the current literature,
IoT would be capable to connect more than 25
billion devices and systems by 2020 which may
include smart watches, sophisticated drones,
pilotless places etc. This paper mainly deals with
analyzing the existing security and privacy issues
which are affecting the sensitive and important
information of the IoT users in the present era. In
addition to this, a solution has also been proposed on
the basis of financing out the gap in the literature. At
the end, a conclusion has been drawn summarizing
the main content and summary of the entire research
paper.
A. Research Problem
The main issue and problem which is being
discussed in this research paper deals with the
privacy and security measurements in the IoT
devices. With the increasing use and functions of
IoT, the risk of data breach and leakage is also
increasing and thus it is required to analyze the main
reason due to which, this problem is increasing day
by day. this research paper includes an short and
comprehensive review of the current literature for
the identification of the main security and privacy
threats.
Research Justification
This research is conducted on the basis of the
existing literature in the field of Internet of Things.
The information is derived from the latest journal
articles and research papers. The relevant
information is used and with the references provided
in the end of the research paper.
LITEERATURE REVIEW
Privacy is a very vast concept which is the main
reason of the development and deployment of may
technologies, techniques and tools. It is maintaining
its existence since the beginning of the mankind.
Internet has become a major part of our day to day
lives and every single information is being shared
over the internet either in direct or indirect manner
like videos, pictures, gaming records, health records,
professional data and business information and other
routine life data of a user. Thus, the users deeply
concerned with the security and privacy of their
information. When it comes to internet of things
technology, privacy has different aspects which
includes data collection, data provisioning and
mining and other data processing and data storage
techniques [1].
Most of the developers do not consider the
security, as the most important aspect while
development of IoT infrastructure. They usually shift
the blame to the users in case of any type of data
breach by indicating the lack of using the security
considerations. Most of the times, the manufactures
does not consider the security fundamentals in an
appropriate manner by using easy codes and
passwords in the devices.
The current literatures have discussed a number of
security issues which are heterogeneity in IoT
system. the use of machine learning techniques can
help in dealing with such challenges. In addition to
this, the authors have also suggested the use of
creation method in the internet of things framework
to eliminate the loopholes and reducing the chances
of data breach before and after the processing [4].
2

Sometimes the data is collected in such a manner
that it is not easily understandable by the common
users which generates the needs of data processing
and converting the same in an easy and
understandable manner. The main threats towards
the IoT technology can be defined as follows:
DoS attack: This type of attack aims at spoiling and
violation of the availability of the different devices.
The different layers of the IoT model are responsible
for completing the different tasks and DoS attacks
directly impact such layers and thus, there are
chances of the breach and leakage of the
information.
Malicious Code: The attackers can easily find a
number of vulnerabilities with the graphical user
interface software and operating system based
mobile software. As a results there are a lot of
chances of XSS attack, trojan deployments and even
remote code execution which can badly spoil the
normal working of the system and the related
architecture [3].
Social engineering: This is the most common and
majorly used threat where the information and
personal data is collected by developing contacts
with the users via chatting, emails voice and video
calls on internet etc.
Privacy Issues: Operating systems can be defined as
the open doors to spoil the user's privacy by the
attackers. In addition to this, not updating about the
vulnerabilities can also be the reason for the simple
and direct attack by the hackers for collecting the
important information [5].
Security Initiatives/ Open Security Issues
IoT devices and systems are developed by the
semiconductor devices including microprocessors,
power management and sensors. Thus, the security
measurements of such devices largely depends on
the applications used. The main reason behind the
successful adoption of this technology is the easy in
use, high data compatibility, large storage space,
fault tolerance and robustness of the device. The
level of security and privacy of data, data
falsification, data manipulation, network
manipulation and IP theft is based on the volume and
amount of sensitive data to be transferred. Security is
required to ensure the proper and timely
implementations of some factors which mainly
includes integrity, authentication, confidentiality and
access control [2].
Cryptography:
Cryptography techniques helps in providing
protection to the confidential and sensitive
information collected in the network and enables the
safe transmission from one network to other. There
are a number of cryptographic algorithms including
SHA1, RSA, AES, MD5 which can be implemented
to the internet security protocols for the purpose of
secure transmission on the unsecured of relatively
low security networks. effective resources and with
high quality, are required to be used for the
application of such algorithms. However, the
efficient process for such application is not know till
now. Thus, the is a need to conduct further research
for the successful implementation of such algorithms
to increasing the memory space and processing
speed of the hardware devices in Internet of Things.
End to End Security:
While discussing about the modern and traditional
internet, a number of protocols including SSL. TLS,
IPSec are considered which can enable the end to
end security for the implication of the data integrity.
However, IoT devices are developed with the low
processing power and thus, implementation of such
protocols is not possible which finally results in not
providing end to end security to data and
information. It may also result in DDoS attack, DOS
attack, data manipulation and man-in middle attack.
This literature indicates that there is a need for
research in the field of secure data transmission and
development of the protocols equivalent to TLS/SSL
and IPSec. This can also help in preventing the
network breach [7].
IPS or Firewall
the network which does not possess IPS or firewall,
act as an open invitation for the hackers. IPS and
Firewall have a deep and strong capability of
inspection to make the control over traffic destined
to the final destination. Opposite to this, IoT do not
have packet filtering and packet inspection
capability which make it more insecure and unsafe.
The main factors which can help in maintaining the
high level of security in the internet of things based
devices and systems can be defined as follows:
3

 Security in booting via digital signature and
cryptography.
 Accessing control by using Mandatory
Access Control and Role Based Access
Control for anticipation against the intruders.
 Authentication of devices and users with the
help of strong passwords, code reader and
case sensitive passwords.
 Effective and regular use of IPS systems and
firewalls.
 Patches and updates on regular basis and
fixed time intervals.
 Decentralized trust and authentication model
for authenticating the networks and systems
in the IoT infrastructures
 Privacy preserving techniques for the entire
set of things and objects.
 Use of encryption and decryption algorithm
for secure data transmission between the
different devices and applications [6].
PROPOSED DESIGN
Explanation
The main components of the above proposed
solution can be defined as follows:
 IoT devices: Devices helps in registering
with the cloud and also helps in connecting
the cloud for sending and receiving data. The
dices may also consist edge devices that can
perform the data processing in the device and
in a gateway field.
 Cloud gateway: A cloud gateway a cloud hub
for the IoT devices to send and receive the
data and information in a secured manner
along with providing the facilities of control
of devices, device management and
command management. Iot hub is also
responsible for event ingestion, secure
connectivity, device management and
bidirectional communication [8].
 Device Provisioning helps in connecting and
registering a larger number of device sets,
use of device provisioning services can be
helpful.
 Stream Processing helps in analyzing the
large number of data records and then
evaluating the same for the related stream.
Stream analysis can also enable the execution
of the complex analysis at a scale with the
help of stream aggregations, window
functioning and external data sources.
 Machine learning techniques also allows the
execution of predictive algorithms over the
traditional telemetry data including
predictive maintenance.
 Warm path storage helps in storing the data
which may be needed at any time for the
visualization and reporting.
 Cold Path Storage hold such data which is
used for batch processing and in log term
analysis.
 Data Transformation aggregated and
manipulates the telemetry streams. For
examples, protocol transmission converts
binary data to the combining data point. Data
can either be transformed before reaching to
the internet of things hub or after storage of
the IoT devices.
 Business Process Integration helps in
performing the actions on the basis of the
insights of the data of devices. This can also
include raising alarms, informational
messages, integration with the CRM and
sending messages and emails.
User management restricts the unauthorized access
and use of the devices by groups and users. It also
segregates the users on the basis of their capabilities
to access the devices and the application..
CONCLUSION
On the basis of above discussion, it can be
concluded that Internet of things is the most
important and developing technology in the present
era which is continuously attracting a number of
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

researchers and information technology
professionals to analyze and work upon the same.
There is no doubt that research are continuously
contributing towards dealing with the security and
privacy issues related to this field, bit there are a lot
of issues which are also undiscovered and having a
negative impact on the IOT devices and applications.
This paper contains a precise study of the security
architecture of IoT and the main security threats
along with some security measurements and
initiatives which can be taken by the developers of
the IoT based applications and system software. In
addition to this, a system has also been proposed
after considering the loopholes in the existing
security system and analyzing their limitations. All
data and information included in this research paper
is derived from the latest research paper and
literature available in the field of IoT. This paper is
based on the secondary research and thus there is
lack of practical implications of the data analyzed.
The future research can be carried out to test the
results of this research paper.
ACKNOWLEDGEMENT
The information is presented in the best possible
and accurate manner and derived from the
authenticated and relevant research papers,. This
paper is based on the secondary research.
REFERENCES
[1] M. A. Razzaq, M. A. Qureshi, S. H. Gill and S.
Ullah, "Security Issues in the Internet of Things
(IoT): A," International Journal of Advanced
Computer Science and Applications, vol. 8, no.
6, pp. 383-388, 2017.
[2] M. M. Hossain, M. Fotouhi and R. Hasan,
"Towards an Analysis of Security Issues,
Challenges, and Open Problems in the Internet
of Things," 2015 IEEE World Congress on
Services, 2015.
[3] M. Frustaci, P. Pace, G. Aloi and G. Fortino,
"Evaluating Critical Security Issues of the IoT
World: Present and Future Challenges," IEEE
Internet of Things Journal, vol. 5, no. 4, pp.
2483 - 2495, 2018.
[4] A. Alrawais, A. Alhothaily, C. Hu and X.
Cheng, "IEEE Internet Computing," Fog
Computing for the Internet of Things: Security
and Privacy Issues, vol. 21, no. 2, pp. 34-42,
2017.
[5] R. Mahmoud, T. Yousuf, F. Aloul and I.
Zualkernan, "Internet of things (IoT) security:
Current status, challenges and prospective
measures," 2015 10th International Conference
for Internet Technology and Secured
Transactions (ICITST), 2016.
[6] Y. Yang, L. Wu, G. Yin and L. Li, "IEEE
Internet of Things Journal," A Survey on Security
and Privacy Issues in Internet-of-Things, vol. 4,
no. 5, pp. 1250-1258, 2017.
[7] M. Sruthi and R. RAJKUMAR, "A study on
development issues over IOT platforms,
protocols and operating system," 2016
International Conference on Innovations in
information, Embedded and Communication
Systems (ICIIECS), 2016.
[8] M. Farooq, M. Waseem, A. Khairi and S.
Mazhar, "A Critical Analysis on the Security
Concerns of Internet of Things (IoT),"
International Journal of Computer Applications,
vol. 11, no. 7, pp. 1-6, 2015.
5