Remediation Measures to Make the Insecure Internet of Things Deployment Secure
Remediation Measures to Make the Insecure Internet of Things Deployment Secure |
||
|
||
© 2022 by IJETT Journal | ||
Volume-70 Issue-6 |
||
Year of Publication : 2022 | ||
Authors : Srabana Pramanik, Deepak. S. Sakkari, Sudip Pramanik |
||
DOI : 10.14445/22315381/IJETT-V70I6P219 |
How to Cite?
Srabana Pramanik, Deepak. S. Sakkari, Sudip Pramanik, "Remediation Measures to Make the Insecure Internet of Things Deployment Secure," International Journal of Engineering Trends and Technology, vol. 70, no. 6, pp. 155-164, 2022. Crossref, https://doi.org/10.14445/22315381/IJETT-V70I6P219
Abstract
In the globalized era, daily activities largely depend on smart services like E-marketing, Smart health care, E-farming, Smart home, Smart waste management, Smart emergency services, etc. Most activities become smarter with the Internet of Things (IoT) support. Day by day, the diapason of the IoT application sphere increases exponentially. This flourishment of IoT brings lots of security issues. Because the Internet of things is a resource constraint device, it has limited resources like minimum storage capacity, less battery backup, limited speed of processing, etc. in these phenomena, the conventional security filter will not perform. to hold the security aspect of IoT tightly, there is a need for a very lightweight encryption technique, authentication technique, and a modified architectural framework. in this paper, the existing architectures, threats, and vulnerabilities of IoT are studied and analyzed. Along with that, the recent empirical review of remediation security measures on IoT deployment is discussed. Furthermore, a security architecture has been proposed as a countermeasure to enhance the security of the IoT deployment, and a combined protocol stack is elaborated
Keywords
Attacks on IoT, Internet of things (IoT), Security threat, Vulnerability.
Reference
[1] International Telecomunicaciones Union (Itu), 2012.Recommendation Itu-T Y.4000/Y.2060, (2012)
[2] X. Jia, O. Feng, T. Fan, and Q. Lei, Rfid Technology and Its Applications in Internet of Things (Iot), in Proc. 2nd Ieee Int. Conf. Consum.Electron., Commun. Netw. (Cecnet), Yichang, China, (2012) 1282–1285.
[3] S. Li, L. Xu, and X. Wang, Compressed Sensing Signal and Data Acquisition in Wireless Sensor Networks and Internet of Things, Ieee Trans. Ind.Informat., 9(4) (2013) 2177–2186, Nov. 2013.
[4] W. He and L. Xu, Integration of Distributed Enterprise Applications:A Survey, Ieee Trans. Ind. Informat., 10(1) (20140 35–42,Feb. 2014.
[5] K. Ashton Et Al., That Internet of Things Thing, Rfid Journal, 22(7) (2009) 97–114, 2009.
[6] Koshizuka, N.; Sakamura, K. Ubiquitous Id: Standards For Ubiquitous Computing and the Internet of Things. Ieee Pervasive Comput, 9 (2010) 98–101.
[7] Want, R. An Introduction to Rfid Technology. Ieee Pervasive Comput, 5 (2006) 25–33.
[8] Want, R. Near Field Communication. Ieee Pervasive Comput, 10 (2011) 4–7.
[9] Mcdermott-Wells, P. What Is Bluetooth? Ieee Potentials , 23 (2004) 33–35.
[10] I.Mashal,O.Alsaryrah,T.-Y.Chung,C.-Z.Yang,W.-H.Kuo,and D. P. Agrawal, Choices For Interaction with Things on Inter-Net and Underlying Issues, Ad Hoc Networks,28 (2015) 68–90,2015.
[11] G. Yang, J. Xu, W. Chen, Z. H. Qi, and H. Y. Wang, Security Characteristic and Technology in the Internet of Things, Journal of Nanjing University of Posts and Telecommunications (Natural Science), 30(4) (2010).
[12] R. Khan, S. U. Khan, R. Zaheer, and S. Khan, Future Internet:the Internet of Things Architecture, Possible Applications Andkey Challenges, in Proceedings of the 10th International Conference on Frontiers of Information Technology (Fit ’12), (2012) 257–260, December 2012.
[13] Iotsploit – Iot Vulnerability Scanner — Iot Firmware Analyzer —Iotpentesting and Security Consultiung, Https://Iotsploit.Co/, Accessed: (2022).
[14] R. H. Weber, Internet of Thingsnew Security and Privacy Challenges. Amsterdam, the Netherlands: Elsevier, (2010).
[15] D. Kozlov, J. Veijalainen, and Y. Ali, ``Security and Privacy Threats in Iot Architectures,'' in Proc. 7th Int. Conf. Body Area Netw., (2012) 256262.
[16] R. Khan, S. U. Khan, R. Zaheer, and S. Khan, Future Internet:the Internet of Things Architecture, Possible Applications Andkey Challenges, in Proceedings of the 10th International Conference on Frontiers of Information Technology (Fit ’12), (2012) 257–260, December 2012.
[17] H. Suoa, J. Wana, C. Zoua, and J. Liua, Security in the Internet of Things: A Review, in Proc. Int. Conf. Comput. Sci. Electron. Eng., 2012, Pp. 648651. [14] A. Cooper, Security For the Internet of Things,'' School Comput.Sci. Commun., Kth Royal Inst. Technol., Stockholm, Sweden, Tech.Rep. 848663, (2015).
[18] Https://Barbaraiot.Com/Blog/Main-Attacks-Malware-Iot-Devices-2018, Accessed: 02-Feb-2022.
[19] K. Angrishi, Turning Internet of Things (Iot) Into Internet of Vulnerabilities (Iov): Iot Botnets, Arxiv Preprint Arxiv:1702.03681, (2017).
[20] R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, Internet of Things (Iot) Security: Current Status, Challenges and Prospective Measures,in Proc. 10th Int. Conf. Internet Technol. Secured Trans. (Icitst), London, U.K., (2015) 336–341.
[21] J. Zhao, on Resilience and Connectivity of Secure Wireless Sensor Networks Under Node Capture Attacks, Ieee Trans. Inf. Forensics Security, 13(3) (2017) 557–571.
[22] W. Trappe, R. Howard, and R. S. Moore, Low-Energy Security: Limits and Opportunities in the Internet of Things, Ieee Security Privacy, 13(1) (2015) 14–21.
[23] D. G. Costa, I. Silva, L. A. Guedes, F. Vasques, and P. Portugal, Availability Issues in Wireless Visual Sensor Networks, Sensors, 14(2) (2014) 2795–2821.
[24] T. Kothmayr, C. Schmitt, W. Hu, M. Brünig, and G. Carle, Dtls Based Security and Two-Way Authentication For the Internet of Things, Ad Hoc Netw., 11(8) (2018) 2710–2723, 2013.
[25] P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, and M. Ylianttila, Pauthkey: A Pervasive Authentication Protocol and Key Establishment Scheme For Wireless Sensor Networks in Distributed Iot Applications, Int. J. Distrib. Sensor Netw., 10(7) (2014) 357– 430, 2014.
[26] B. Wei, G. Liao, W. Li, and Z. Gong, A Practical One-Time File Encryption Protocol For Iot Devices, in Proc. Ieee Int. Conf. Comput. Sci.Eng. (Cse) Embedded Ubiquitous Comput. (Euc), 2 (2017) 114–119.
[27] L. Markowsky and G. Markowsky, Scanning For Vulnerable Devices in the Internet of Things, in Proc. Ieee 8th Int. Conf. Intell. Data Acquisition Adv. Comput. Syst. Technol. Appl. (Idaacs), 1 (2015) 463–467.
[28] C. Konstantinou and M. Maniatakos, Impact of Firmware Modification Attacks on Power Systems Field Devices, in Proc. Ieee Int. Conf. Smart Grid Commun. (Smartgridcomm), Miami, Fl, Usa, (2015) 283–288.
[29] Q. Feng Et Al., Scalable Graph-Based Bug Search For Firmware Images, in Proc. Acm Sigsac Conf. Comput. Commun. Security, (2016) . 480–491.
[30] S. L. Keoh, S. S. Kumar and H. Tschofenig, Securing the Internet of Things: A Standardization Perspective, in Ieee Internet of Things Journal, 1(3) (2014) 265-275, June 2014, Doi: 10.1109/Jiot.2014.2323395.
[31] N. Krishnaraj, S. Sangeetha A Study of Data Privacy in Internet of Things Using Privacy Preserving Techniques with Its Management International Journal of Engineering Trends and Technology 70.2(2022):43-52. Doi:10.14445/22315381/Ijett-V70i2p207
[32] Pongle, P., & Chavan, G. (2015). Real Time Intrusion and Wormhole Attack Detection in Internet of Things. International Journal of Computer Applications, 121(9) (2015) 1–9. Doi:10.5120/21565-4589.
[33] Khalid Mahmood, Shehzad Ashraf Chaudhry, Husnain Naqvi, Taeshik Shon, Hafiz Farooq Ahmad,A Lightweight Message Authentication Scheme For Smart Grid Communications in Power Sector, Computers & Electrical Engineering, Volume 52,2016,Pages 114-124,Issn 6,Https://Doi.Org/10.1016/J.Compeleceng.2016.02.017
[34] Ma, H., & Chen, B. (2016). An Authentication Protocol Based on Quantum Key Distribution Using Decoy-State Method For Heterogeneous Iot. Wireless Personal Communications, 91(3) (2016)1335–1344. Doi:10.1007/S11277-016-3531-2.
[35] Tewari, A., & Gupta, B. B. (2016). Cryptanalysis of A Novel Ultra-Lightweight Mutual Authentication Protocol For Iot Devices Using Rfid Tags. the Journal of Supercomputing, 73(3) (2016) 1085–1102. Doi:10.1007/S11227-016-1849-X.
[36] R. Stephen and L. Arockiam , Intrusion Detection System to Detect Sinkhole Attack on Rpl Protocol in Internet of Things,'' Int. J. Elect. Electron.Comput. Sci. Eng., 4(4) (2017).
[37] T. H. Lin, C. C. Lee, and C. H. Chang, Wsn Integrated Authentication Schemes Based on Internet of Things,'' J. Internet Technol., 19(4) (2018) 1043-1053.
[38] F. Y. Yavuz, D. Ünal, and E. Gül, Deep Learning For Detection of Routing Attacks in the Internet of Things,'' Int. J. Comput. Intell. Syst., 12 (1) (2018) 39 58, Nov. 2018. Doi: 10.2991/Ijcis.2018.25905181.
[39] M. A. Uddin, A. Stranieri, I. Gondal, and V. Balasubramanian, ``Continuous Patient Monitoring with A Patient Centric Agent: A Block Architecture,'' Ieee Access, 6 (2018) 32700-32726, 2018. Doi: 10.1109/Access.2018.2846779.
[40] G. Liu,W. Quan, N. Cheng, H. Zhang, and S.Yu, Efficient Ddos Attacks Mitigation For Stateful Forwarding in Internet of Things, J. Netw. Comput. Appl., 130 (2019)113. Elsevier Doi: 10.1016/J.Jnca.2019.01.006.
[41] M. Dammak, O. R. M. Boudia, M. A. Messous, S. M. Senouci, and C. Gransart, Token-Based Lightweight Authentication to Secure Iot Networks, in Proc. 16th Ieee Annu. Consum. Commun. Netw. Conf. (Ccnc), (2019) 1-4. Doi: 10.1109/Ccnc.2019.8651825.
[42] Mostafa, A., Lee, S. J., & Peker, Y. K. (2020). Physical Unclonable Function and Hashing Are All You Need to Mutually Authenticate Iot Devices. Sensors, 20(16) (2020) 4361. Doi:10.3390/S20164361.
[43] Smita Sanjay Ambarkar, Narendra Shekokar An Efficient Authentication Technique to Protect Iot Networks From Impact of Rpl Attacks International Journal of Engineering Trends and Technology, 69(10) (2021) 137-145. Doi:10.14445/22315381/Ijett-V69i10p217
[44] H. Ning and Z. Wang, Future Internet of Things Architecture: Like Mankind Neural Systemor Social Organization Framework? Ieee Communications Letters, 15(4) (2011) 461–463.
[45] M. Aazam and E.-N. Huh, Fog Computing and Smart Gateway Based Communication For Cloud of Things, in Proceedings of the 2nd Ieee International Conference on Future Internet Ofthings and Cloud (Ficloud ’14), (2014) 464–470. Barcelona, Spain, August 2014.
[46] Burhan, Muhammad, Rana Asif Rehman, Bilal Khan, and Byung-Seo Kim. Iot Elements, Layered Architectures and Security Issues: A Comprehensive Survey. Sensors , 18(9) (2018) 2796.
[47] Peña, M. A. L., & Fernández, I. M. (2019, April). Sat-Iot: An Architectural Model For A High-Performance Fog/Edge/Cloud Iot Platform. in 2019 Ieee 5th World Forum on Internet of Things (Wf-Iot), (2019) 633-638. Ieee.
[48] J. Soldatos, N. Kefalakis, M. Hauswirth Et Al., Openiot: Open Source Internet of-Things in the Cloud, in Interoperability and OpenSource Solutions For the Internet of Things: International Workshop, Fp7 Openiot Project, Held in Conjunction with Soft- Com2014, Split, Croatia, September 18, 2014, Invited Papers, Vol. 9001 of Lecture Notes in Computer Science, (2015) 13–25.Springer, Berlin, Germany.
[49] A. Ranganathan, J. Al-Muhtadi, S. Chetan, R. Campbell, and M. D. Mickunas, Middlewhere: A Middleware For Location Awareness in Ubiquitous Computing Applications, Inacm/Ifip/ Usenix International Conference on Distributed Systems Platforms and Open Distributed Processing Middleware , (2004) 397–416. Springer, New York, Ny, Usa.
[50] M. Eisenhauer, P. Rosengren, and P. Antolin, A Development Platform For Integrating Wireless Devices and Sensors Into Ambient Intelligence Systems, in Proceedings of the 6th Ieee Annual Communications Societyconference on Sensor,Mesh Andadhoc Communications and Networks Workshops (Secon Workshops ’09), (2009) 1–3. Ieee, Rome, Italy.
[51] T. Zahariadis, A. Papadakis, F. Alvarez Et Al., Fiware Lab: Managing Resources and Services in A Cloud Federation Supportingfuture Internet Applications, in Proceedings of the 7th Ieee/ Acm International Conference on Utility and Cloud Computing (Ucc ’14), (2014) 792–799. Ieee, London, Uk, (2014).