Securing Wireless Communications of the Internet of Things from the Physical Layer, An Overview

The security of the Internet of Things (IoT) is receiving considerable interest as the low power constraints and complexity features of many IoT devices are limiting the use of conventional cryptographic techniques. This article provides an overview of recent research efforts on alternative approaches for securing IoT wireless communications at the physical layer, specifically the key topics of key generation and physical layer encryption. These schemes can be implemented and are lightweight, and thus offer practical solutions for providing effective IoT wireless security. Future research to make IoT-based physical layer security more robust and pervasive is also covered

Security and Privacy Issues in IoT

Internet of Things (IoT) is a global network of physical and virtual ‘things’ connected to the internet. Each object has unique ID which is used for identification. IoT is the emerging technology which will change the way we interact with devices. In future almost every electronic device will be a smart device which can compute and communicate with hand-held and other infrastructure devices. As most of the devices may be battery operated, due to less processing power the security and privacy is a major issue in IoT. Authentication, Identification and device heterogeneity are the major security and privacy concerns in IoT. Major challenges include integration, scalability, ethics communication mechanism, business models and surveillance. In this paper major issues related to security and privacy of IoT are focused

Exploring Data Security and Privacy Issues in Internet of Things Based on Five-Layer Architecture

Data Security and privacy is one of the serious issues in internet-based computing like cloud computing, mobile computing and Internet of Things (IoT). This security and privacy become manifolded in IoT because of diversified technologies and the interaction of Cyber Physical Systems (CPS) used in IoT. IoTs are being adapted in academics and in many organizations without fully protecting their assets and also without realizing that the traditional security solutions cannot be applied to IoT environment. This paper explores a comprehensive survey of IoT architectures, communication technologies and the security and privacy issues of them for a new researcher in IoT. This paper also suggests methods to thwart the security and privacy issues in the different layers of IoT architecture

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

[Abstract] Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.Galicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED431C 2016-045Agencia Estatal de Investigación (España); TEC2013-47141-C4-1-RAgencia Estatal de Investigación (España); TEC2015-69648-REDCAgencia Estatal de Investigación (España); TEC2016-75067-C4-1-RGalicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED341D2016/012Galicia. Consellería de Cultura, Educación e Ordenación Universitaria; ED431G/0

Internet of Things for system integrity: a comprehensive survey on security, attacks and countermeasures for industrial applications

The growth of the Internet of Things (IoT) offers numerous opportunities for developing industrial applications such as smart grids, smart cities, smart manufacturers, etc. By utilising these opportunities, businesses engage in creating the Industrial Internet of Things (IIoT). IoT is vulnerable to hacks and, therefore, requires various techniques to achieve the level of security required. Furthermore, the wider implementation of IIoT causes an even greater security risk than its benefits. To provide a roadmap for researchers, this survey discusses the integrity of industrial IoT systems and highlights the existing security approaches for the most significant industrial applications. This paper mainly classifies the attacks and possible security solutions regarding IoT layers architecture. Consequently, each attack is connected to one or more layers of the architecture accompanied by a literature analysis on the various IoT security countermeasures. It further provides a critical analysis of the existing IoT/IIoT solutions based on different security mechanisms, including communications protocols, networking, cryptography and intrusion detection systems. Additionally, there is a discussion of the emerging tools and simulations used for testing and evaluating security mechanisms in IoT applications. Last, this survey outlines several other relevant research issues and challenges for IoT/IIoT security

A hybrid methodology to assess cyber resilience of IoT in energy management and connected sites

Cyber threats and vulnerabilities present an increasing risk to the safe and frictionless execution of business operations. Bad actors (“hackers”), including state actors, are increasingly targeting the operational technologies (OTs) and industrial control systems (ICSs) used to protect critical national infrastructure (CNI). Minimisations of cyber risk, attack surfaces, data immutability, and interoperability of IoT are some of the main challenges of today’s CNI. Cyber security risk assessment is one of the basic and most important activities to identify and quantify cyber security threats and vulnerabilities. This research presents a novel i-TRACE security-by-design CNI methodology that encompasses CNI key performance indicators (KPIs) and metrics to combat the growing vicarious nature of remote, well-planned, and well-executed cyber-attacks against CNI, as recently exemplified in the current Ukraine conflict (2014–present) on both sides. The proposed methodology offers a hybrid method that specifically identifies the steps required (typically undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on CNI). Furthermore, we present a novel, advanced, and resilient approach that leverages digital twins and distributed ledger technologies for our chosen i-TRACE use cases of energy management and connected sites. The key steps required to achieve the desired level of interoperability and immutability of data are identified, thereby reducing the risk of CNI-specific cyber attacks and minimising the attack vectors and surfaces. Hence, this research aims to provide an extra level of safety for CNI and OT human operatives, i.e., those tasked with and responsible for detecting, deterring, disrupting, and mitigating these cyber-attacks. Our evaluations and comparisons clearly demonstrate that i-TRACE has significant intrinsic advantages compared to existing “state-of-the-art” mechanisms

A Design Approach to IoT Endpoint Security for Production Machinery Monitoring

The Internet of Things (IoT) has significant potential in upgrading legacy production machinery with monitoring capabilities to unlock new capabilities and bring economic benefits. However, the introduction of IoT at the shop floor layer exposes it to additional security risks with potentially significant adverse operational impact. This article addresses such fundamental new risks at their root by introducing a novel endpoint security-by-design approach. The approach is implemented on a widely applicable production-machinery-monitoring application by introducing real-time adaptation features for IoT device security through subsystem isolation and a dedicated lightweight authentication protocol. This paper establishes a novel viewpoint for the understanding of IoT endpoint security risks and relevant mitigation strategies and opens a new space of risk-averse designs that enable IoT benefits, while shielding operational integrity in industrial environments

Threats to Journalists from the Consumer Internet of Things

Threats associated with the consumer Internet of Things (IoT) may particu-larly inhibit the work and wellbeing of journalists, especially because of the danger of technological surveillance and the imperative to protect con-fidential sources. These issues may have knock-on effects on societal sta-bility and democratic processes if press freedom is eroded. Still, journalists remain unaware of potential IoT threats, and so are unable to incorporate them into risk assessments or to advise their sources. This shows a clear gap in the literature, requiring immediate attention. This article therefore identi-fies and organises distinctive and novel threats to journalism from the con-sumer IoT. The article presents a novel conceptualisation of threats to the press in six categories: regulatory gaps, legal threats, profiling threats, track-ing threats, data and device modification threats, and networked devices threats. Each of the threats in these categories includes a description and hypothetical consequences that include real-life ways in which IoT devices can be used to inhibit journalistic work, building on interdisciplinary liter-ature analysis and expert interviews. In so doing, this article synthesises technical information about IoT device capabilities with human security and privacy requirements tailored to a specific at-risk population: journal-ists. It is therefore important for cyber science scholarship to address the contemporary and emerging risks associated with IoT devices to vulnerable groups such as journalists. This exploratory conceptualisation enables the evidence-based conceptual evolution of understandings of cyber security risks to journalists