IOT and Applications

GTU # 3160716

Unit-7
IoT Security

Prof. Kalpesh H Surati

Computer Engineering Department
Darshan Institute of Engineering & Technology, Rajkot
[email protected]
+91 99250 10033
Introduction to IoT Security
Overview
 IoT is growing day by day, as we know it’s about
data and controlling of physical devices.
 Security and privacy are the two major concern in
the field of IoT.
 Huge amount of sensed data contains private
information so need to protect.
 All kind of securities of physical devices is
considered in the IoT security.
 IoT is not possible without the Internet so Internet
and network security issues also should be
considered in it.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 2

Introduction to IoT Security
Overview
 IoT security is not traditional cybersecurity
 It’s a fusion of cybersecurity with other engineering
disciplines.
 It is much more than data, servers, network
infrastructure, and information security.
 It includes the direct monitoring and control of the
physical systems connected over the Internet.
 IoT devices are physical things, many of which are
safety-related.
 The compromise of such devices may lead to
physical harm of persons and property, or even death

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 3

IoT Security Prospective
IoT System Functionalities from Security Prospective
 Microcontroller unit carries firmware, need to

Software
protect it even while updating patch.
 Massage channels during the paring stage need Data

to protect in the public networking, like

OS/Firmware
 Wi-Fi, Zigbee
 Bluetooth
wa re
 NFC

Ne
Hard

tw
ork
 An appropriate protocol should be followed while

ing
connecting the user and device.
 An authentication process is needed when the
controller linking to a port in local network. Multidimensional Prospective of IoT Security

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 4

IoT System Functionalities from Security Prospective
 If the controller is no internet then

Software
cloud services are used for
authentication. multidimensional Data

 Big data analytics on the data collected

OS/Firmware
are processed on cloud so cloud
security is essential.
wa re

Ne
Hard
 Abnormal behavior should be

tw
ork
monitored like too many login attempts

ing
Multidimensional Prospective of IoT Security

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 5

IoT Security Architecture

 Information with network

security should be Smart Transportation
prepared with the Application Layer Environmental Observing
Information Service
following properties.

Network Security
 Authentication

Management
Support Layer Cloud and Smart Computing
 Privacy
 Undeniability Internet Portable
 IoT will be needed extra Network Layer Communication Network and
Communication Protocols
care for advanced
security and privacy Perceptual Layer RFID Reader, Sensors and GPS
across critical areas.

IoT Security Architecture

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 6

IoT Security Architecture
Perceptual Layer
 Gathers all types of information with the help of
physical equipment.
 Information of
 Object properties,
 Environmental condition and
 The different physical equipment like
 RFID reader,
 GPS,
 All kind of sensors, etc.
 It identifies the external world.
 The key component in this layer is the sensors.
 They are used for capturing and representing the
physical world.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 7

IoT Security Architecture
Network Layer
 Responsible for the dependable
broadcast of data and
information from the previous
level
 Initially handling of the data
collected from sensors,
cataloging and polymerization.
 The data broadcast is trusted on
many networks like
 Mobile communication network
 Wireless network
 Satellite networks, etc.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 8

IoT Security Architecture
Support Layer

Application Layer
 A dependable platform for the application
layer.
 Grid and cloud computing are mostly used for
all kinds of intelligent computing powers.

Support Layer
 This layers helps merge the application layer
upward and the network layer downward.

Network Layer
Application Layer
 This layer delivers the personalized services
based on the users’ need.

Perceptual Layer
 It helps users access IoT through the interface
using personal computer, mobile equipment,
etc.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 9

 m
o
Security Features Need Across Four Layers a
n D r
n a t
Perceptual Layer
P t
 With a simple architecture and less power, this e
layers dose not have storage and computation h c a
N
e
power. y t e
 Appling public key encryption algorithm and N d
frequency hoping communication is not s i e s
possible here. i v e
 So security is necessary and needed for some i d
threats from external network like DoS attacks.
c
t s
 Due to all the reason the sensor data to be a
protected for authenticity, integrity, and y
confidentiality.
l
N Security Needs
Ne
Prof. Kalpesh H Surati #3160716 (IoT) 
e eSecurity
Unit 7 – IoT 10
Security Features Need Across Four Layers
Network Layer
 Security vulnerabilities are like man-in-the-middle attack, still exists even the main network has
enough safety feature.
 Malwares and junk mails cannot be ignored.
 Data blocking may occurs because of huge amount of data transmission.
 Because of all the above reason security methods are needed.
Support Layer
 It is a challenge to increase the ability to identify malicious data in this layer due to the huge
amount of data processing and mining.
Application Layer
 In this layer, security needs may differ from application to application
 Data sharing property of the layer does lead to privacy problem, access control issues, and
information revelation to unintended persons.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 11

Security Requirements
 A dynamic IoT technology has lots of security challenges.
 The laws and regulations surrounding the challenges also play a significant role.
Perceptual Layer
 Authentication is the first level of security measure and is always essential to prevent any illegal
access to the node.
 Information confidentiality is taken care during transmission between nodes
 Because of limited resource, lightweight encryption technology may help in stronger data safety
measures. It including cryptographic protocol and algorithms.
 Similarly need care for the authenticity and integrity of the data in this layer
Network Layer
 Establishing data confidentiality and integrity mechanism is the priority in these days.
 Identity verification is one of the methods to avoid illegal nodes.
 DDoS attack in the network is a serious issue in the IoT domain.
Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 12
Security Requirements
Support Layer
 Cloud computing along with secure multi-party computation falls under this layer of security
needs.
 Different encryption algorithms along with the encryption protocol and tougher system security
technology are hence essential in this layer.
Application Layer
 In the topmost layer, verification and key contract across the varied network needed as security
features.
 Also consider the user’s confidentiality protection in the layer.
 Along with these two aspects education and management are also very imperative for data
security.
 This helps IoT security consulting and certification services.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 13

Challenges in IoT Securities
 In the raising IoT field many problems to be solved to build an efficient and effective
product.
 Securities challenges are one of them.

Encryption
 Encryption play key role in the security, but many
devices cannot perform the complex encryption
and decryption quickly because of limited
resource.
 Products with constrained resources are most
likely to attacks.
 Reverse engineering of algorithm is possible on it.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 14

Challenges in IoT Securities
Authorization and Authentication
 Device authorization and authentication is
critical to securing IoT products
 The things establish their identity before
accessing gateway and other cloud related
activities.
 IoT platform with two factor authentication and
usage of strong passwords or certificates can
help to solve this issue.
 They can also help to know which services or
apps each device has access to throughout the
system.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 15

Challenges in IoT Securities
Firmware Updates
 Device updates needs to be managed effectively.
 Security patches to firmware or software will have a number of
challenges.
 Over-the-air updates may not be possible with all types of IoT
devices.
 The device owners may also not show much interest in applying an
update to the system.

Communication Channel
 The communication channel needs to be secure as well
 Encrypting messages before transfer is good but it is better to use
transport encryption and to adopt standards like TLS.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 16

Challenges in IoT Securities
Data Storage and Integrity
 The sensor data should be stored and processed
securely.
 Data integrity, including checksums or signatures,
can help to make sure that the original raw data is
not modified during transmission.
 Data should be erased in a better way and should
not be recovered in any part of the system.
 Maintaining compliance with legal and regulatory
framework is necessary and challenging also.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 17

Challenges in IoT Securities
Application and Services
 All applications and services should also be secured as they manage, process, and access
IoT devices along with the sensor data.
 Security vulnerabilities and breaches are unavoidable but security measures need to be
taken to avoid conflict of interest.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 18

Mirai Botnet and the Algorithm
 Mirai Trojan is the main reason of creation of
Mirai Botnet.
 A research group determined that it had evolved
from a previously-created Trojan also known
Gafgyt, Bashlite, Lizkebab, Bashdoor, Bash()day,
and Torlus.
 It was created using Executable and Linkable
Format (EFL) binaries which is a common file
format for Unix and Linux based Systems
 Mirai malware uses a uniform scanning strategy
where it randomly scan public IP addresses and
selects a pair of username/password from a
hardcoded dictionary list for the attack.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 19

Mirai Botnet and the Algorithm
 Devices that are infected by Mirai will continuously scan
for IP address in the internet of the IoT devices.
 Mirai then identifies the IoT devices that are vulnerable
using the common factory default usernames and
passwords.
 Infect them with Mirai malware.
 There are over a hundred of thousands IoT devices using
default settings and making them vulnerable to infection.
 It is also reported that a successor of Mirai is designed to
hijack crypto currency mining operations.
 The source code for the Mirai is made open-source and
the techniques have been adapted in other malware
projects.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 20

Summary
 A multi layered security design approach is most needed for managing IoT devices, sensor
data, mobile and cloud related application
 This enables us to maintain data privacy and integrity while also delivering IoT data, apps and
services without any compromises.
 In short, IoT development and advancement will bring more security related issues, which is
always going to be the research focus in coming years.

Prof. Kalpesh H Surati #3160716 (IoT)  Unit 7 – IoT Security 21