• Title/Summary/Keyword: IoT Security

Search Result 917, Processing Time 0.024 seconds

A Review on IoT: Layered Architecture, Security Issues and Protocols

  • Tooba Rashid;Sumbal Mustafa
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.9
    • /
    • pp.100-110
    • /
    • 2023
  • The Internet of Things (IoT) is the most creative and focused technology to be employed today. It increases the living conditions of both individuals and society. IoT offers the ability to recognize and incorporate physical devices across the globe through a single network by connecting different devices by using various technologies. As part of IoTs, significant questions are posed about access to computer and user privacy-related personal details. This article demonstrates the three-layer architecture composed of the sensor, routing, and implementation layer, respectively, by highlighting the security risks that can occur in various layers of an IoT architecture. The article also involves countermeasures and a convenient comparative analysis by discussing major attacks spanning from detectors to application. Furthermore, it deals with the basic protocols needed for IoT to establish a reliable connection between objects and items.

Cognitive Radio Anti-Jamming Scheme for Security Provisioning IoT Communications

  • Kim, Sungwook
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.10
    • /
    • pp.4177-4190
    • /
    • 2015
  • Current research on Internet of Things (IoT) has primarily addressed the means to enhancing smart resource allocation, automatic network operation, and secure service provisioning. In particular, providing satisfactory security service in IoT systems is indispensable to its mission critical applications. However, limited resources prevent full security coverage at all times. Therefore, these limited resources must be deployed intelligently by considering differences in priorities of targets that require security coverage. In this study, we have developed a new application of Cognitive Radio (CR) technology for IoT systems and provide an appropriate security solution that will enable IoT to be more affordable and applicable than it is currently. To resolve the security-related resource allocation problem, game theory is a suitable and effective tool. Based on the Blotto game model, we propose a new strategic power allocation scheme to ensure secure CR communications. A simulation shows that our proposed scheme can effectively respond to current system conditions and perform more effectively than other existing schemes in dynamically changeable IoT environments.

Comprehensive Survey on Internet of Things, Architecture, Security Aspects, Applications, Related Technologies, Economic Perspective, and Future Directions

  • Gafurov, Khusanbek;Chung, Tai-Myoung
    • Journal of Information Processing Systems
    • /
    • v.15 no.4
    • /
    • pp.797-819
    • /
    • 2019
  • Internet of Things (IoT) is the paradigm of network of Internet-connected things as objects that constantly sense the physical world and share the data for further processing. At the core of IoT lies the early technology of radio frequency identification (RFID), which provides accurate location tracking of real-world objects. With its small size and convenience, RFID tags can be attached to everyday items such as books, clothes, furniture and the like as well as to animals, plants, and even humans. This phenomenon is the beginning of new applications and services for the industry and consumer market. IoT is regarded as a fourth industrial revolution because of its massive coverage of services around the world from smart homes to artificial intelligence-enabled smart driving cars, Internet-enabled medical equipment, etc. It is estimated that there will be several dozens of billions of IoT devices ready and operating until 2020 around the world. Despite the growing statistics, however, IoT has security vulnerabilities that must be addressed appropriately to avoid causing damage in the future. As such, we mention some fields of study as a future topic at the end of the survey. Consequently, in this comprehensive survey of IoT, we will cover the architecture of IoT with various layered models, security characteristics, potential applications, and related supporting technologies of IoT such as 5G, MEC, cloud, WSN, etc., including the economic perspective of IoT and its future directions.

IoT Environment Management System Using Open Source (오픈 소스를 활용한 IoT 환경 관리 시스템)

  • Park, Jae-Min;Kim, Tae-Uk;Choi, Sang-Yong;Lee, Jong-Rak;Kim, Jeung-Sam
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2020.07a
    • /
    • pp.131-134
    • /
    • 2020
  • 스마트시티로 가는 첫걸음이자 핵심이라 할 수 있는 IoT 기술이 우리의 삶을 변화시키고 있다. 원격에서 집 내부의 상태를 확인하며 조정할 수 있고, 집 내부의 상황도 영상을 통해 확인할 수 있게 되었다. 이처럼 IoT 기술은 우리 삶의 편리함을 제공하고 중요한 요소가 되었지만, IoT 환경 관리의 주체가 사용자 개인이거나 IoT 환경상태를 모니터링하며 관리할 수 있는 수단이 없어 관리가 되지 않고 있고 공격을 받아도 사용자가 알 수 없다는 특성 때문에 IoT 보안에 있어 심각한 문제를 일으킬 수 있다. 이러한 문제에도 불구하고 IoT 보안에 대한 인식과 IoT 환경에 특화된 관리 시스템은 갖춰지지 않고 있다. 본 논문에서는 오픈 소스 데이터 분석 및 시각화 솔루션인 Elastic Stack을 활용하여 손쉽게 IoT 환경을 관리하고 상태를 시각화하여 제공하는 IoT 환경 관리 시스템을 제안한다.

  • PDF

Why Dynamic Security for the Internet of Things?

  • Hashemi, Seyyed Yasser;Aliee, Fereidoon Shams
    • Journal of Computing Science and Engineering
    • /
    • v.12 no.1
    • /
    • pp.12-23
    • /
    • 2018
  • The Internet of Things (IoT) ecosystem potentially includes heterogeneous devices with different processing mechanisms as well as very complicated network and communication models. Thus, analysis of data associated with adverse conditions is much more complicated. Moreover, mobile things in the IoT lead to dynamic alteration of environments and developments of a dynamic and ultra-large-scale (ULS) environment. Also, IoT and the services provided by that are mostly based on devices with limited resources or things that may not be capable of hosting conventional controls. Finally, the dynamic and heterogeneous and ULS environment of the IoT will lead to the emergence of new security requirements. The conventional preventive and diagnostic security controls cannot sufficiently protect it against increasing complication of threats. The counteractions provided by these methods are mostly dependent on insufficient static data that cannot sufficiently protect systems against sophisticated and dynamically evolved attacks. Accordingly, this paper investigates the current security approaches employed in the IoT architectures. Moreover, we define the dynamic security based on dynamic event analysis, dynamic engineering of new security requirements, context awareness and adaptability, clarify the need for employment of new security mechanism, and delineate further works that need to be conducted to achieve a secure IoT.

User Sensitive Data Classification for IoT Gateway Security (사물인터넷 게이트웨이 보안을 위한 사용자 민감 데이터 분류)

  • Heo, Mhanwoo;Park, Kicheol;Hong, Jiman
    • Smart Media Journal
    • /
    • v.8 no.4
    • /
    • pp.17-24
    • /
    • 2019
  • As IoT technology is widely used in industrial environments, its environmental security issues are becoming more important. In such a context, studies utilizing hardware security functions are being actively carried out. However, previous studies did not consider the performance degradation that occurs when using hardware security functions in IoT environment. Gateway devices that are mainly used in IoT environments are often resource-limited. Utilizing hardware security in such an environment can cause serious performance degradation as the number of IoT devices connected to the gateway increases. Therefore, in this paper, we propose a data classification scheme to efficiently utilize hardware security functions in resource limited environment. We implement a platform with the proposed technique using ARM Trustzone. Performance degradation due to the hardware security functions is measured through experiments on the implemented platform and compared with the performance as of when the proposed technique is applied.

A Study on Systematic Firmware Security Analysis Method for IoT Devices (체계적인 IoT 기기의 펌웨어 보안 분석 방법에 관한 연구)

  • Kim, Yejun;Gim, Jeonghyeon;Kim, Seungjoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.1
    • /
    • pp.31-49
    • /
    • 2021
  • IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

Authentication and Group Key Management Techniques for Secure Communication in IoT (IoT 환경에서 안전한 통신을 위한 인증 및 그룹 키 관리 기법)

  • Min, So-Yeon;Lee, Jae-Seung
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.20 no.12
    • /
    • pp.76-82
    • /
    • 2019
  • The development of Internet technology and the deployment of smart devices provide a convenient environment for people, and this is becoming common with the technology called the Internet of Things (IoT). But the development of, and demand for, IoT technology is causing various problems, such as personal information leaks due to the attacks of hackers who exploit it. A number of devices are connected to a network, and network attacks that have been exploited in the existing PC environment are occurring in the IoT environment. When it comes to IP cameras, security incidents (such as distributed denial of service [DDoS] attacks, hacking someone's personal information, and monitoring without consent) are occurring. However, it is difficult to install and implement existing security solutions because memory space and power are limited owing to the characteristics of small devices in the IoT environment. Therefore, this paper proposes a security protocol that can look at and prevent IoT security threats. A security assessment verified that the proposed protocol is able to respond to various security threats that could arise in a network. Therefore, it is expected that efficient operation of this protocol will be possible if it is applied to the IoT environment.

A Study on the Infringement Incident Response Curriculum Model in IoT Environment (사물인터넷 환경에서 침해사고대응 교육과정 모델에 관한 연구)

  • Keun-Ho Lee
    • Journal of Internet of Things and Convergence
    • /
    • v.9 no.3
    • /
    • pp.55-60
    • /
    • 2023
  • The IoT environment is very vulnerable to security threats, and if an intrusion occurs, it can cause great damage. In order to strengthen the security of the IoT environment, a curriculum that considers the characteristics of the IoT environment is needed. In this paper, we propose a curriculum model for cyber incident response in the Internet of Things environment. The proposed curriculum model was designed as a model for security threats in the IoT environment, types of intrusion incidents, and incident response procedures. The proposed curriculum model is expected to contribute to improving security awareness in the IoT environment and fostering cyber incident response experts in the IoT field. The proposed curriculum model strengthens the security of the IoT environment and is expected to be safe through security incident response in the IoT.

Hardware Interlocking Security System with Secure Key Update Mechanisms In IoT Environments (IoT 환경에서의 안전한 키 업데이트를 위한 하드웨어 연동 보안 시스템)

  • Saidov, Jamshid;Kim, Bong-Keun;Lee, Jong-Hyup;Lee, Gwang
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.12 no.4
    • /
    • pp.671-678
    • /
    • 2017
  • Recent advances in Internet of Things (IoT) encourage us to use IoT devices in daily living areas. However, as IoT devices are being ubiquitously used, concerns onsecurity and privacy of IoT devices are getting grown. Key management is an important and fundamental task to provide security services. For better security, we should restrict reusing a same key in sequential authentication sessions, but it is difficult to manually update and memorize keys. In this paper, we propose a hardware security module(HSM) for automated key management in IoT devices. Our HSM is attached to an IoT device and communicates with the device. It provides an automated, secure key update process without any user intervention. The secure keys provided by our HSM can be used in the user and device authentications for any internet services.