SECURITY IN IoT(Internet of Things)

PRESENTED BY:-RAMNEEK KAURME(CSE),Regular152417 1

CONTENTS• Internet of Things(IoT)• IoT Devices• IoT Technology• OWASP Top 10 Security issues in IoT• Security concerns• Wireless Sensor Network(WSN)• Attacks on WSN• Devices under Attack• Countermeasures• Future Scope• References 2

IoT diffusion-Forecast

• Welcome to the era of the Internet of Things (IoT), where digitally connected devices are encroaching on every aspect of our lives, including our homes, offices, cars and even our bodies.

• With the advent of IPv6 and Wi-Fi networks, IoT is growing at a dangerously fast pace, and researchers estimate that by 2020, the number of active wireless connected devices will exceed 50 billion.

3

IoT(Internet of Things)-Definition IoT refers to the network of physical, Identifiable, objects connected

via the internet, which can sense and communicate. It is Ubiquitous-means anywhere, anytime, anyway, anything and

anyhow (5 A’s). IoT includes concepts such as Wireless Sensor Networks(WSN) ,

Machine-to-machine(M2M) communication and Low power Wireless Personal Area Networks (LoWPAN) ,or technologies such as Radio-Frequency Identification(RFID).

4

IoT devices • Thermostat• smoke detector• Lockitron• Smart baby monitor• Philips Hue light bulb• Air Quality egg• Smart Body Analyzer• In Home Health Care

5

IoT Technology• Now that we all understand the IoT concept, it would be worthwhile

to deep dive in order to get familiar with the building blocks of IoT:

6

CONTINUE…1) Sensors & Sensor technology – They will sniff a wide variety of information ranging from Location, Weather/Environment conditions, data to Health essentials of a patient.

2) IoT Gateways – IoT Gateways , as the name rightly suggests, are the gateways to internet for all the things/devices that we want to interact with. Gateways help to bridge the internal network of sensor nodes with the external Internet or World Wide Web.

3) Cloud/server infrastructure & Big Data – The data transmitted through gateway is stored & processed securely within the cloud infrastructure using Big Data analytics engine. This processed data is then used to perform intelligent actions that make all our devices ‘Smart Devices’! 7

CONTINUE…4) End-user Mobile apps – The mobile apps will help end users to control & monitor their devices from remote locations.

5) IPv6 – IP addresses are the backbone to the entire IoT ecosystem. Internet.• With IPv4 we were running out of IP addresses, but with IPv6

(launched in 2012) we now have 3.4*10^38 IP addresses!

8

Key Challenges of IoT• Availability• Architecture• Reliability• Mobility• Performance• Management• Scalability• Security & Privacy

-Security and Privacy is a significant challenge due to lack of common standards and architecture for IoT security.

9

OWASP Top 10 1. Insecure Web Interface2. Insufficient Authentication/Authorization3. Insecure Network Services4. Lack of Transport Encryption5. Privacy Concerns6. Insecure Cloud Interface7. Insecure Mobile Interface8. Insufficient Security Configurability9. Insecure Software/Firmware10. Poor Physical Security

10

IoT security concerns1. Privacy Concerns: 90 percent of devices collected at least one piece of personal information via the device, the cloud or the device’s mobile application. • information like name, address, date of birth or even health and

credit card information.

2. Insufficient Authentication/Authorization: 80 percent users and devices rely on weak and simple passwords and authorizations.

3. Transport Encryption: 70 percent of devices used unencrypted network services. Transport encryption will be crucial as most of the devices are transmitting data that most people would consider crucial. 11

IoT security concerns

4. Web Interface: 60 percent raised security concerns with their user interfaces. These issues included:• persistent cross-site scripting, poor session management and

weak default credentials. • From this, hackers were able to identify valid user accounts

and take them over using things like password reset features.

5. Insecure Software: 60 percent did not use encryption when downloading software updates.

12

Wireless Sensor Network(WSN)-• Wireless sensor networks (WSN), sometimes called wireless

sensor and actuator networks (WSAN)

• The topology of the WSNs can vary from a simple star network to an advanced multi-hop wireless mesh network.

• The propagation technique between the hops of the network can be routing or flooding.

• Wireless Sensor Networks (WSNs) are playing more and more a key role in several application scenarios such as healthcare, agriculture, environment monitoring, and smart metering. 13

WSN- Architecture

14

WSNs are Vulnerable to various types of Attacks

15

Attack Models• Eavesdropping: an attacker intercepts packets transmitted over the air

for further cryptanalysis or traffic analysis.• Traffic analysis: allows an attacker to determine that there is

activity in the network, the location of the BSs, and the type of protocols being used.

• Message injection: an adversary injects bogus control information into the data stream.

• Message modification: a previously captured message is modified before being retransmitted

• Node capture: An embedded device is considered being compromised when an attacker, through various means, gains control to the node itself.

• Denial-of-Service (DoS) attacks: can be grouped into two categories Service degradation (e.g., collision attack), and Service disablement through power exhaustion (e.g. jamming)

16

Layer-based attack categorization

17

Attacks in Wireless Sensor Networks• Selective forwarding• Acknowledgement spoofing• Wormhole Attack• Sinkhole Attack• Helloflood Attack• Sybil Attack

18

• Selective forwarding: A malicious node refuses to forward all or a subset of the packets it receives and simply drops them. If a malicious node drops all the packets, the attack is then called black hole.

• Acknowledgement spoofing: Spoof link layer acknowledgements(ACKs) to trick other nodes to believe that a link or node is either dead or alive.

Attacks in Wireless Sensor Networks

19

Wormhole and Sinkhole Attacks• In Wormhole the attacker tunnels the packets received at one location of the network and replays them in another location.• In Sinkhole node tries to attract network traffic by advertise its fake routing update. • launch other attacks like :selective forwarding attackacknowledge spoofing attack

Wormhole Link

20

HELLO Flood Attack• Every new node broadcasts “Hello messages” to find its

neighbors. Also, it broadcasts its route to the BS.• Attacker with a high radio transmission range and processing

power sends HELLO packets to number of sensor nodes.• Sensors are thus persuaded that the attacker is their neighbor.• Victim nodes try to go through the attacker.

21

Sybil Attack

•“a malicious node illegitimately claims multiple identities”•The Sybil attack can disrupt geographic and multi-path routing protocols.

Adversary A at actual location (3,2) forges location advertisements for non-existent nodes A1, A2, and A3 as well as advertising her own location. After hearing these advertisements, if B wants to send amessage to C: (0,2), it will attempt to do so through A3. This transmission can be overheard and handled by the adversary A.

22

Devices under Attack• Smart Watch: Data sent between the Smart watch and an

Android mobile phone could be intercepted.• Bluetooth communication between most Smart watches and

Android devices relies on a six digits PIN.• Easy to crack with a brute-force attack.

• Smart Homes• Smart Cars• and many more….

23

Overview of Countermeasures• Confidentiality is provided through the use of encryption

technologies. Cryptographic algorithms such as the DES, RSA are used to protect the secrecy of a message.

• MAC (Message Authentication Code) or Digital Signature Algorithms(DSA) can be used to assure the recipient’s integrity of the data and authenticity of the message

• Digital Signatures can be used to ensure non-repudiation.• Availability can be achieved by adding redundant nodes. Multi

path and probabilistic routing can also be used to minimize the impact of unavailability.

• Data freshness is ensured by adding a counter value in each message. 24

Future Scope• Identify vulnerabilities (e.g. replay attacks) in the proposed

authentication method and find solutions to them before implementation.

• Further research and implementation of key exchanges together with security protocols for IP-communication in constrained networks.

• Lot of work can be done in this field as no efficient security architecture for IoT is given yet.

25

References• G. Padmavathi, D. Shanmugapriya,“A Survey of Attacks, Security

Mechanisms and Challenges in Wireless Sensor Networks”, International Journal of Computer Science and Information Security, IJCSIS, Vol. 4, No. 1 & 2, August 2009, USA

• https://en.wikipedia.org/wiki/Internet_of_Things• https://www.owasp.org/index.php/

OWASP_Internet_of_Things_Project• http://

www.cisco.com/c/en/us/about/security-center/secure-iot-proposed-framework.html

26

27