Security of the Internet of Things: Vulnerabilities, Attacks and Countermeasures

Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology

Asioiden Internetin tietoturva: ratkaisuja, standardeja ja avoimia ongelmia

Internet of Things (IoT) extends the Internet to our everyday objects, which enables new kind of applications and services. These IoT applications face demanding technical challenges: the number of ‘things’ or objects can be very large, they can be very con-strained devices, and may need to operate on challenging and dynamic environments. However, the architecture of today’s Internet is based on many legacy protocols and technology that were not originally designed to support features like mobility or the huge and growing number of objects the Internet consists of today. Similarly, many security features of today’s Internet are additional layers built to fill up flaws in the un-derlying design. Fulfilling new technical requirements set by IoT applications requires efficient solutions designed for the IoT use from the ground up. Moreover, the imple-mentation of this new IoT technology requires interoperability and integration with tra-ditional Internet. Due to considerable technical challenges, the security is an often over-looked aspect in the emerging new IoT technology. This thesis surveys general security requirements for the entire field of IoT applica-tions. Out of the large amount of potential applications, this thesis focuses on two major IoT application fields: wireless sensor networks and vehicular ad-hoc networks. The thesis introduces example scenarios and presents major security challenges related to these areas. The common standards related to the areas are examined in the security perspective. The thesis also examines research work beyond the area of standardization in an attempt to find solutions to unanswered security challenges. The thesis aims to give an introduction to the security challenges in the IoT world and review the state of the security research through these two major IoT areas

VEDSDA: Voronoi Encryption and Decryption for Secure Data Aggregation in WSNs

The various application in Wireless Sensor Networks fascinated towards minimal and secure data transmission. In this paper, VEDSDA protocol is proposed to achieve reduction of data redundancy, data length and providing security for data transmission. The VEDSDA protocol used compression technique to reduce data length which helps to utilize less energy consumption. The data compression technique involves leveling, encoding and decoding phases. Levelling phase converts data to logical data where as encoding phase compress the data size at the source node and decoding phase decompress the data size at the destination. The voronoi diagram concept is used to encrypt and decrypt aggregated data. Thus, VEDSDA protocol is compared with existing protocol and proves better enhancement

System support for robust data collection in wireless sensing systems

This dissertation studied how to provide system support for robust data collection in wireless sensing systems through addressing a few urgent design issues in the existing systems. A wireless sensing system may suffer issues arising at the sensors, during the data transmission, and during the data access by applications. Due to the unique characteristics of wireless sensing systems, certain conventional solutions for networked systems may not work well with these issues. We developed approaches to resolve these urgent problems in the design of wireless sensing systems. Specially, we have achieved the following: (1) we developed a resilient trust model to effectively detect faulty data in wireless sensing systems due to either sensor malfunctioning or malicious attempts to report false data; (2) we developed a low-cost, self-contained, accurate localization system for small-sized ground robotic vehicles, which enhances the wireless sensing systems containing mobile sensors by providing more accurate and highly available location data, with only limited overhead in economic cost and management; (3) we designed and implemented a robust trust-aware routing framework to secure multi-hop routing through a set of sensors in wireless sensing systems; (4) we developed a privacy-preserving wireless sensing system, which protects the user privacy while allowing arbitrary third-party applications to extract knowledge from the collected data

Transport mechanism for wireless micro sensor network

Wireless sensor network (WSN) is a wireless ad hoc network that consists of very large number of tiny sensor nodes communicating with each other with limited power and memory constrain. WSN demands real-time routing which requires messages to be delivered within their end-to-end deadlines (packet lifetime). This report proposes a novel real-time with load distribution (RTLD) routing protocol that provides real time data transfer and efficient distributed energy usage in WSN. The RTLD routing protocol ensures high packet throughput with minimized packet overhead and prolongs the lifetime of WSN. The routing depends on optimal forwarding (OF) decision that takes into account of the link quality, packet delay time and the remaining power of next hop sensor nodes. RTLD routing protocol possesses built-in security measure. The random selection of next hop node using location aided routing and multi-path forwarding contributes to built-in security measure. RTLD routing protocol in WSN has been successfully studied and verified through simulation and real test bed implementation. The performance of RTLD routing in WSN has been compared with the baseline real-time routing protocol. The simulation results show that RTLD experiences less than 150 ms packet delay to forward a packet through 10 hops. It increases the delivery ratio up to 7 % and decreases power consumption down to 15% in unicast forwarding when compared to the baseline routing protocol. However, multi-path forwarding in RTLD increases the delivery ratio up to 20%. In addition, RTLD routing spreads out and balances the forwarding load among sensor nodes towards the destination and thus prolongs the lifetime of WSN by 16% compared to the baseline protocol. The real test bed experiences only slight differences of about 7.5% lower delivery ratio compared to the simulation. The test bed confirms that RTLD routing protocol can be used in many WSN applications including disasters fighting, forest fire detection and volcanic eruption detection

The Internet of Everything

In the era before IoT, the world wide web, internet, web 2.0 and social media made people’s lives comfortable by providing web services and enabling access personal data irrespective of their location. Further, to save time and improve efficiency, there is a need for machine to machine communication, automation, smart computing and ubiquitous access to personal devices. This need gave birth to the phenomenon of Internet of Things (IoT) and further to the concept of Internet of Everything (IoE)

Dynamic Target Classification in Wireless Sensor Networks

Information exploitation schemes with high-accuracy and low computational cost play an important role in Wireless Sensor Networks (WSNs). This thesis studies the problem of target classification in WSNs. Specifically, due to the resource constraints and dynamic nature of WSNs, we focus on the design of the energy-efficient solutionwith high accuracy for target classification in WSNs. Feature extraction and classification are two intertwined components in pattern recognition. Our hypothesis is that for each type of target, there exists an optimal set of features in conjunction with a specific classifier, which can yield the best performance in terms of classification accuracy using least amount of computation, measured by the number of features used. Our objective is to find such an optimal combination of features and classifiers. Our study is in the context of applications deployed in a wireless sensor network (WSN) environment, composed of large number of small-size sensors with their own processing, sensing and networking capabilities powered by onboard battery supply. Due to the extremely limited resources on each sensor platform, the decision making is prune to fault, making sensor fusion a necessity. We present a concept, referred to as dynamic target classification in WSNs. The main idea is to dynamically select the optimal combination of features and classifiers based on the probability that the target to be classified might belong to a certain category. We use two data sets to validate our hypothesis and derive the optimal combination sets by minimizing a cost function. We apply the proposed algorithm to a scenario of collaborative target classification among a group of sensors which are selected using information based sensor selection rule in WSNs. Experimental results show that our approach can significantly reduce the computational time while at the same time, achieve better classification accuracy without using any fusion algorithm, compared with traditional classification approaches, making it a viable solution in practice

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

The Internet of Everything

In the era before IoT, the world wide web, internet, web 2.0 and social media made people’s lives comfortable by providing web services and enabling access personal data irrespective of their location. Further, to save time and improve efficiency, there is a need for machine to machine communication, automation, smart computing and ubiquitous access to personal devices. This need gave birth to the phenomenon of Internet of Things (IoT) and further to the concept of Internet of Everything (IoE)