1,433 research outputs found
A Holistic Analysis of Internet of Things (IoT) Security : Principles, Practices, and New Perspectives
Peer reviewedPublisher PD
Risk and threat mitigation techniques in internet of things (IoT) environments: a survey
Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a “defence-in-depth” approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement
Securing the Internet of Things: A Study on Machine Learning-Based Solutions for IoT Security and Privacy Challenges
The Internet of Things (IoT) is a rapidly growing technology that connects and integrates billions of smart devices, generating vast volumes of data and impacting various aspects of daily life and industrial systems. However, the inherent characteristics of IoT devices, including limited battery life, universal connectivity, resource-constrained design, and mobility, make them highly vulnerable to cybersecurity attacks, which are increasing at an alarming rate. As a result, IoT security and privacy have gained significant research attention, with a particular focus on developing anomaly detection systems. In recent years, machine learning (ML) has made remarkable progress, evolving from a lab novelty to a powerful tool in critical applications. ML has been proposed as a promising solution for addressing IoT security and privacy challenges. In this article, we conducted a study of the existing security and privacy challenges in the IoT environment. Subsequently, we present the latest ML-based models and solutions to address these challenges, summarizing them in a table that highlights the key parameters of each proposed model. Additionally, we thoroughly studied available datasets related to IoT technology. Through this article, readers will gain a detailed understanding of IoT architecture, security attacks, and countermeasures using ML techniques, utilizing available datasets. We also discuss future research directions for ML-based IoT security and privacy. Our aim is to provide valuable insights into the current state of research in this field and contribute to the advancement of IoT security and privacy
Implementation of ISO Frameworks to Risk Management in IPv6 Security
The Internet of Things is a technology wave sweeping across various industries and sectors. It promises to improve productivity and efficiency by providing new services and data to users. However, the full potential of this technology is still not realized due to the transition to IPv6 as a backbone. Despite the security assurances that IPv6 provides, privacy and concerns about the Internet of Things remain. This is why it is important that organizations thoroughly understand the protocol and its migration to ensure that they are equipped to take advantage of its many benefits. Due to the lack of available IPv4 addresses, organizations are in an uncertain situation when it comes to implementing IoT technologies.
The other aim is to fill in the gaps left by the ISO to identify and classify the risks that are not yet apparent. The thesis seeks to establish and implement the use of ISO to manage risks. It will also help to align security efforts with organizational goals. The proposed solution is evaluated through a survey that is designed to gather feedback from various levels of security and risk management professionals. The suggested modifications are also included in the study.
A survey on the implementation of ISO frameworks to risk management in IPv6 was conducted and with results as shown in the random sampling technique that was used for conducting the research a total of 75 questionnaires were shared online, 50 respondents returned responses online through emails and social media platforms. The result of the analysis shows that system admin has the highest pooling 26% of all the overall participants, followed by network admin with 20%, then cybersecurity specialists with 16%. 14% of the respondents were network architects while senior management and risk management professionals were 4% and 2% respectively. The majority of the respondents agreed that risk treatment enhances the risk management performance of the IPv6 network resulting from the proper selection and implementation of correct risk prevention strategies
Improving efficiency and security of IIoT communications using in-network validation of server certificate
The use of advanced communications and smart mechanisms in industry is growing rapidly, making cybersecurity a critical aspect. Currently, most industrial communication protocols rely on the Transport Layer Security (TLS) protocol to build their secure version, providing confidentiality, integrity and authentication. In the case of UDP-based communications, frequently used in Industrial Internet of Things (IIoT) scenarios, the counterpart of TLS is Datagram Transport Layer Security (DTLS), which includes some mechanisms to deal with the high unreliability of the transport layer. However, the (D)TLS handshake is a heavy process, specially for resource-deprived IIoT devices and frequently, security is sacrificed in favour of performance. More specifically, the validation of digital certificates is an expensive process from the time and resource consumption point of view. For this reason, digital certificates are not always properly validated by IIoT devices, including the verification of their revocation status; and when it is done, it introduces an important delay in the communications. In this context, this paper presents the design and implementation of an in-network server certificate validation system that offloads this task from the constrained IIoT devices to a resource-richer network element, leveraging data plane programming (DPP). This approach enhances security as it guarantees that a comprehensive server certificate verification is always performed. Additionally, it increases performance as resource-expensive tasks are moved from IIoT devices to a resource-richer network element. Results show that the proposed solution reduces DTLS handshake times by 50–60 %. Furthermore, CPU use in IIoT devices is also reduced, resulting in an energy saving of about 40 % in such devices.This work was financially supported by the Spanish Ministry of Science and Innovation through the TRUE-5G project PID2019-108713RB-C54/AEI/10.13039/501100011033. It was also partially supported by the Ayudas Cervera para Centros Tecnológicos grant of the Spanish Centre for the Development of Industrial Technology (CDTI) under the project EGIDA (CER-20191012), and by the Basque Country Government under the ELKARTEK Program, project REMEDY - Real tiME control and embeddeD securitY (KK-2021/00091)
Dynamic Distributed Monitoring for 6LoWPAN-based IoT Networks
Mission-criticalal Internet of Things (IoT)-based networks are increasingly employed in daily and industrial infrastructures. The resilience of such networks is crucial. Given IoT networks’ constantly changing nature, it is necessary to provide dependability and sustainability. A robust network monitoring can reinforce reliability, such that the monitoring mechanism adapts itself to real-time network instabilities. This work proposes a proactive, dynamic, and distributed network monitoring mechanism with monitor placement and scheduling for 6LoWPAN-based IoT networks intended for mission-critical applications. The proposed mechanism aims to ensure real-time monitoring coverage while respecting the limited and changing power resources of devices to prolong the network lifetime
Increase in DODAG version number.
In the Internet of things (IoT), data packets are accumulated and disseminated across IoT devices without human intervention, therefore the privacy and security of sensitive data during transmission are crucial. For this purpose, multiple routing techniques exist to ensure security and privacy in IoT Systems. One such technique is the routing protocol for low power and lossy networks (RPL) which is an IPv6 protocol commonly used for routing in IoT systems. Formal modeling of an IoT system can validate the reliability, accuracy, and consistency of the system. This paper presents the formal modeling of RPL protocol and the analysis of its security schemes using colored Petri nets that applies formal validation and verification for both the secure and non-secure modes of RPL protocol. The proposed approach can also be useful for formal modeling-based verification of the security of the other communication protocols.</div
Color sets to initialize secure mode.
In the Internet of things (IoT), data packets are accumulated and disseminated across IoT devices without human intervention, therefore the privacy and security of sensitive data during transmission are crucial. For this purpose, multiple routing techniques exist to ensure security and privacy in IoT Systems. One such technique is the routing protocol for low power and lossy networks (RPL) which is an IPv6 protocol commonly used for routing in IoT systems. Formal modeling of an IoT system can validate the reliability, accuracy, and consistency of the system. This paper presents the formal modeling of RPL protocol and the analysis of its security schemes using colored Petri nets that applies formal validation and verification for both the secure and non-secure modes of RPL protocol. The proposed approach can also be useful for formal modeling-based verification of the security of the other communication protocols.</div
Performance Analysis of IEEE 802.15.4 Bootstrap Process
The IEEE 802.15.4 is a popular standard used in wireless sensor networks (WSNs) and the Internet of Things (IoT) applications. In these networks, devices are organized into groups formally known as personal area networks (PAN) which require a bootstrap procedure to become operational. Bootstrap plays a key role in the initialization and maintenance of these networks. For this reason, this work presents our implementation and performance analysis for the ns-3 network simulator. Specifically, this bootstrap implementation includes the support of three types of scanning mechanisms (energy scan, passive scan, and active scan) and the complete classic association mechanism described by the standard. Both of these mechanisms can be used independently by higher layers protocols to support network initialization, network joining, and maintenance tasks. Performance evaluation is conducted in total network association time and packet overhead terms. Our source code is documented and publicly available in the latest ns-3 official release
- …