Security and Privacy Concerns for the Modern Technology of Internet of Things
Keywords:Internet of Things (IoT), Security, Privacy, Technology
The Internet of Things (IoT) is present in every aspect of our lives. They are used in our households, in hospitals, and outside to monitor and report environmental improvements, deter fires, and perform a variety of other useful functions. However, both of these advantages can come at the expense of significant security and risks privacy. Several academic research have been conducted to counteract these issues and figure out a better way to remove or minimise the threats to the user’s privacy and protection specifications in IoT devices. The survey is divided into four parts. The first section would look at the most important shortcomings of IoT devices and how to overcome them. The description of IoT attacks will be presented in the second section. The final section would look at security problems at various layers.
J. Granjal, E. Monteiro, and J. S. Silva, “A secure interconnection model for ipv6 enabled wireless sensor networks,” in IFIP Wireless Days, pp. 1-6, Oct. 2010.
S. Sicari, A. Rizzardi, L. Grieco, and A. Coen-Porisini, “Security, privacy and trust in internet of things: The road ahead,” Computer Networks, Vol. 76, pp. 146-164, 2015.
R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed internet of things,” Computer Networks, towards a Science of Cyber Security Security and Identity Architecture for the Future Internet, Vol. 57, No. 10, pp. 2266-2279, 2013.
W. Trappe, R. Howard, and R. S. Moore, “Low-energy security: Limits and opportunities in the internet of things,” IEEE Security Privacy, Vol. 13, No. 1, pp. 14-21, Jan. 2015.
H. Shafagh, A. Hithnawi, A. Droescher, S. Duquennoy, and W. Hu,“Poster: Towards encrypted query processing for the internet of things,” in Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, ser. MobiCom ’15, New York, NY, USA: ACM, pp. 251-253, 2015.
R. Kotamsetty and M. Govindarasu, “Adaptive latency-aware queryprocessing on encrypted data for the internet of things,” in 25th International Conference on Computer Communication and Networks (ICCCN), pp. 1-7, Aug. 2016.
S. A. Salami, J. Baek, K. Salah, and E. Damiani, “Lightweight en- cryption for smart home,” in 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 382-388, Aug. 2016.
I. Andrea, C. Chrysostomou and G. Hadjichristofi, “Internet of things: Security vulnerabilities and challenges,” in IEEE Symposium onComputers and Communication (ISCC), pp. 180-187, July 2015.
E. Ronen and A. Shamir, “Extended functionality attacks on IoT devices: The case of smart lights,” in IEEE European Symposium onSecurity and Privacy (Euro S & P), pp. 3-12, March 2016.
J. Chen, S. Kher, and A. Somani, “Distributed fault detection ofwireless sensor networks,” in Proceedings of the 2006 Workshop on Dependability Issues in Wireless AdHoc Networks and Sensor Networks, ser. DIWANS ‘06, pp. 65-72, 2006.
A. P. R. daSilva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L.B. Ruiz, and H. C. Wong, “Decentralized intrusion detection inwireless sensor networks,” in Proceedings of the 1st ACM International Workshop on Quality of Service & Amp; Security in Wireless and Mobile Networks, ser. Q2SWinet ‘05, pp. 16-23, 2005.
G. Gaubatz, J. P. Kaps, E. Ozturk, and B. Sunar, “State of the art in ultra-low power public key cryptography for wireless sensor networks,” in Third IEEE International Conference on PervasiveComputing and Communications Workshops, pp. 146-150, March 2005.
Y. Yao, L. T. Yang, and N. N. Xiong, “Anonymity-based privacy- preserving data reporting for participatory sensing,” IEEE Internet ofThings Journal, Oct. 2015.
D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel, “Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses,” in IEEE S&P, 2008.
David Goldman, “A hacker can give you a fatal overdose,” [Online] Available: http://money.cnn.com/2015/06/10/technology/drug-pump-hack/, 2013.
FDA, “Two safety communications on the cyber security vulnerabilities of two hospira infusion pump systems,” [Online] Available: http://www.fda.gov/MedicalDevices/Safety/Alertsand Notices/default.htm, 2015.
S. Raza, S. Duquennoy, T. Chung, D. Yazar, T. Voigt, and U. Roedig, “Securing communication in 6lowpan with compressed ipsec,” in2011 International Conference on Distributed Computing in SensorSystems and Workshops(DCOSS), pp. 1-8, June2011.
A. J. Jara, D. Fernandez, P. Lopez, M. A. Zamora, and A. F.Skarmeta, “Light weight mipv6 with ipsec support,” in Mobile Information Systems, 2014.
T. Kothmayr, C. Schmitt, W. Hu, M. Bryunig, and G. Carle, “Dtlsbased security and two-way authentication for the internet of things,”Ad Hoc Netw., Vol. 11, No. 8, pp. 2710-2723, Nov. 2013.
S. Raza, D. Trabalza, and T. Voigt, “Blowpan compressed dtls for coap,” in 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, pp. 287-289, May 2012.
M. Brachmann, S. L. Keoh, O. G. Morchon, and S. S. Kumar, “End-to-end transport security in the ip-based internet of things,” in 2012 21st International Conference on Computer Communications and Networks (ICCCN), pp. 1-5, July 2012.
R. Hummen, J. H. Ziegeldorf, H. Shafagh, S. Raza, and K. Wehrle,“Towards viable certificate-based authentication for the internet ofthings,” in Proceedings of the 2Nd ACM Workshop on Hot Topics on Wireless Network Security and Privacy, ser. HotWiSec ‘13,pp. 37-42, 2013.