644 research outputs found

    Internet-of-Things (IoT) Security Threats: Attacks on Communication Interface

    Get PDF
    Internet of Things (IoT) devices collect and process information from remote places and have significantly increased the productivity of distributed systems or individuals. Due to the limited budget on power consumption, IoT devices typically do not include security features such as advanced data encryption and device authentication. In general, the hardware components deployed in IoT devices are not from high end markets. As a result, the integrity and security assurance of most IoT devices are questionable. For example, adversary can implement a Hardware Trojan (HT) in the fabrication process for the IoT hardware devices to cause information leak or malfunctions. In this work, we investigate the security threats on IoT with a special emphasis on the attacks that aim for compromising the communication interface between IoT devices and their main processing host. First, we analyze the security threats on low-energy smart light bulbs, and then we exploit the limitation of Bluetooth protocols to monitor the unencrypted data packet from the air-gapped network. Second, we examine the security vulnerabilities of single-wire serial communication protocol used in data exchange between a sensor and a microcontroller. Third, we implement a Man-in-the-Middle (MITM) attack on a master-slave communication protocol adopted in Inter-integrated Circuit (I2C) interface. Our MITM attack is executed by an analog hardware Trojan, which crosses the boundary between digital and analog worlds. Furthermore, an obfuscated Trojan detection method(ADobf) is proposed to monitor the abnormal behaviors induced by analog Trojans on the I2C interface

    Remotely Exploiting AT Command Attacks on ZigBee Networks

    Get PDF
    Internet of Things networks represent an emerging phenomenon bringing connectivity to common sensors. Due to the limited capabilities and to the sensitive nature of the devices, security assumes a crucial and primary role. In this paper, we report an innovative and extremely dangerous threat targeting IoT networks. The attack is based on Remote AT Commands exploitation, providing a malicious user with the possibility of reconfiguring or disconnecting IoT sensors from the network. We present the proposed attack and evaluate its efficiency by executing tests on a real IoT network. Results demonstrate how the threat can be successfully executed and how it is able to focus on the targeted nodes, without affecting other nodes of the network

    Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications

    Get PDF
    Wireless sensor networks monitor dynamic environments that change rapidly over time. This dynamic behavior is either caused by external factors or initiated by the system designers themselves. To adapt to such conditions, sensor networks often adopt machine learning techniques to eliminate the need for unnecessary redesign. Machine learning also inspires many practical solutions that maximize resource utilization and prolong the lifespan of the network. In this paper, we present an extensive literature review over the period 2002-2013 of machine learning methods that were used to address common issues in wireless sensor networks (WSNs). The advantages and disadvantages of each proposed algorithm are evaluated against the corresponding problem. We also provide a comparative guide to aid WSN designers in developing suitable machine learning solutions for their specific application challenges.Comment: Accepted for publication in IEEE Communications Surveys and Tutorial

    FUZZY BASED SECURITY ALGORITHM FOR WIRELESS SENSOR NETWORKS IN THE INTERNET OF THINGS PARADIGM

    Get PDF
    Published ThesisThe world is embracing the idea of Internet of Things and Industrial Revolution 4.0. However, this acceptance of computerised evolution is met with a myriad of challenges, where consumers of this technology are also growing ever so anxious about the security of their personal data as well as reliability of data collected by the millions and even billions of sensors surrounding them. Wireless sensor networks are the main baseline technology driving Internet of things; by their very inherent nature, these networks are too vulnerable to attacks and yet the network security tools designed for conventional computer networks are not effective in countering these attacks. Wireless sensors have low computational resources, may be highly mobile and in most cases, these networks do not have a central point which can be marked as an authentication point for the sensors, any node can join or leave whenever they want. This leaves the sensors and the internet of things applications depending on them highly susceptible to attacks, which may compromise consumer information and leave security breaches in situation that need absolute security such as homes or even the cars they drive. There are many possibilities of things that could go wrong when hackers gain control of sensors in a car or a house. There have been many solutions offered to address security of Wireless Sensor Networks; however, most of those solutions are often not customised for African context. Given that most African countries have not kept pace with the development of these underlying technologies, blanket adoption of the solutions developed for consumption in the developed world has not yielded optimal results. The focus of this research was the development of an Intrusion Detection System that works in a hierarchical network structured Wireless Sensor Network, where cluster heads oversee groups of nodes and relay their data packets all the way to the sink node. This is a reactive Intrusion Detection System (IDS) that makes use of a fuzzy logic based algorithm for verification of intrusion detections. This system borrows characteristics of traditional Wireless Sensor Networks in that it is hosted external to the nodes; that is, on a computer or server connected to the sink node. The rational for this is the premise that developing the system in this manner optimises the power and processing resource of nodes because no part of the IDS is found in the nodes and they are left to focus purely on sensing. The Intrusion Detection System makes use of remote Over The Air programming to communicate with compromised nodes, to either shut down or reboot and is designed with the ZigBee protocol in mind. Additionally, this Intrusion Detection System is intended to being part of a larger Internet of Things integration framework being proposed at the Central University of Technology. This framework is aimed at developing an Internet of Things adoption strategy customised for African needs and regionally local consumers. To evaluate the effectiveness of the solution, the rate of false detections being picked out by the security algorithm were reduced through the use of fuzzy logic systems; this resulted in an accuracies of above 90 %. The algorithm is also very light when asymptotic notation is applied, making it ideal for Wireless Sensors. Lastly, we also put forward the Xbee version of the Triple Modular Redundancy architecture, customised for Wireless sensor networks in order to beef-up on the security solution presented in this dissertation

    Security protocols suite for machine-to-machine systems

    Get PDF
    Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

    Improved Wireless Security through Physical Layer Protocol Manipulation and Radio Frequency Fingerprinting

    Get PDF
    Wireless networks are particularly vulnerable to spoofing and route poisoning attacks due to the contested transmission medium. Traditional bit-layer defenses including encryption keys and MAC address control lists are vulnerable to extraction and identity spoofing, respectively. This dissertation explores three novel strategies to leverage the wireless physical layer to improve security in low-rate wireless personal area networks. The first, physical layer protocol manipulation, identifies true transceiver design within remote devices through analysis of replies in response to packets transmitted with modified physical layer headers. Results herein demonstrate a methodology that correctly differentiates among six IEEE 802.15.4 transceiver classes with greater than 99% accuracy, regardless of claimed bit-layer identity. The second strategy, radio frequency fingerprinting, accurately identifies the true source of every wireless transmission in a network, even among devices of the same design and manufacturer. Results suggest that even low-cost signal collection receivers can achieve greater than 90% authentication accuracy within a defense system based on radio frequency fingerprinting. The third strategy, based on received signal strength quantification, can be leveraged to rapidly locate suspicious transmission sources and to perform physical security audits of critical networks. Results herein reduce mean absolute percentage error of a widely-utilized distance estimation model 20% by examining signal strength measurements from real-world networks in a military hospital and a civilian hospital

    Graceful Degradation in IoT Security

    Get PDF
    As the consumer grade IoT devices industry advances, personal privacy is constantly eroded for the sake of convenience. Current security solutions, although available, ignore convenience by requiring the purchase of additional hardware, implementing confusing, out of scope updates for a non-technical user, or quarantining a device, rendering it useless. This paper proposes a solution that simultaneously maintains convenience and privacy, tailored for the Internet of Things. We propose a novel graceful degradation technique which targets individual device functionalities for acceptance or denial at the network level. When combined with current anomaly detection and fingerprinting methods, graceful degradation provides a personalized IoT security solution for the modern user

    Wireless Sensor Networks in Industrial Automation

    Get PDF

    802.15.4/ZigBee Analysis and Security: tools for practical exploration of the attack surface

    Get PDF
    This thesis explores methods and techniques for surveying 802.15.4 and ZigBee wireless networks. The tools developed will aid in reconnaissance attacks against target networks; information gathered during this process will be used to profile a target network and its devices, as well as to pinpoint the geolocation of devices for executing physical attacks against the onboard hardware. Attacks against the PHY and MAC layers of the 802.15.4 standard will be explored as well
    • …
    corecore