The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved

The future of Internet of Things (IoT) is already upon us. IoT applications have been widely used in many field of social production and social living such as healthcare, energy and industrial automation. While enjoying the convenience and efficiency that IoT brings to us, new threats from IoT also have emerged. There are increasing research works to ease these threats, but many problems remain open. To better understand the essential reasons of new threats and the challenges in current research, this survey first proposes the concept of "IoT features". Then, the security and privacy effects of eight IoT new features were discussed including the threats they cause, existing solutions and challenges yet to be solved. To help researchers follow the up-to-date works in this field, this paper finally illustrates the developing trend of IoT security research and reveals how IoT features affect existing security research by investigating most existing research works related to IoT security from 2013 to 2017

A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT

Internet of Things (IoT) is a disruptive technology with applications across diverse domains such as transportation and logistics systems, smart grids, smart homes, connected vehicles, and smart cities. Alongside the growth of these infrastructures, the volume and variety of attacks on these infrastructures has increased highlighting the significance of distinct protection mechanisms. Intrusion detection is one of the distinguished protection mechanisms with notable recent efforts made to establish effective intrusion detection for IoT and IoV. However, unique characteristics of such infrastructures including battery power, bandwidth and processors overheads, and the network dynamics can influence the operation of an intrusion detection system. This paper presents a comprehensive study of existing intrusion detection systems for IoT systems including emerging systems such as Internet of Vehicles (IoV). The paper analyzes existing systems in three aspects: computational overhead, energy consumption and privacy implications. Based on a rigorous analysis of the existing intrusion detection approaches, the paper also identifies open challenges for an effective and collaborative design of intrusion detection system for resource-constrained IoT system in general and its applications such as IoV. These efforts are envisaged to highlight state of the art with respect to intrusion detection for IoT and open challenges requiring specific efforts to achieve efficient intrusion detection within these systems

Trends on Computer Security: Cryptography, User Authentication, Denial of Service and Intrusion Detection

The new generation of security threats has been promoted by digital currencies and real-time applications, where all users develop new ways to communicate on the Internet. Security has evolved in the need of privacy and anonymity for all users and his portable devices. New technologies in every field prove that users need security features integrated into their communication applications, parallel systems for mobile devices, internet, and identity management. This review presents the key concepts of the main areas in computer security and how it has evolved in the last years. This work focuses on cryptography, user authentication, denial of service attacks, intrusion detection and firewalls

A lightweight cryptography (LWC) framework to secure memory heap in Internet of Things

The extensive networking of devices and the large amount of data generated from the Internet of Things (IoT) has brought security issues to the attention of the researcher. Java is the most common platform for embedded applications such as IoT, Wireless Sensors Networks (WSN), Near Field Communications (NFC) and Radio Frequency Identification (RFID). The object programming languages such as Java, SWIFT, PHP and C++ use garbage collection after any object run which creates security loophole for attacks such as Next Memory Address Occupation (NMAO), memory replay, Learning Tasks Behaviors (LTB). The security risk increases in IoT when attacks exceeds the target device to the surrounding connected devices. Inappropriate or wrong operations causes energy loss and increased costs. In this paper, a security method to protect IoT system operation from memory heap penetration and address modification attack is proposed. The proposed method prevents directed attack by encrypting the object Garbage Collection at run time. To form a unique signature mechanism, the Cryptographic Hash Function (CHF) which employs a specific one-way hash algorithm. The proposed framework uses L-function based ECC and one-time Key (OTK) to secure the memory heap. Our method is used with open system where the effect on the operating system is not considered. The proposed method proved to be powerful and efficient which can help in achieving higher levels of security across several IoT applications, by enabling better detection of malicious attacks.Comment: Alexandria Engineering Journa

Securing Edge Networks with Securebox

The number of mobile and IoT devices connected to home and enterprise networks is growing fast. These devices offer new services and experiences for the users; however, they also present new classes of security threats pertaining to data and device safety and user privacy. In this article, we first analyze the potential threats presented by these devices connected to edge networks. We then propose Securebox: a new cloud-driven, low cost Security-as-a-Service solution that applies Software-Defined Networking (SDN) to improve network monitoring, security and management. Securebox enables remote management of networks through a cloud security service (CSS) with minimal user intervention required. To reduce costs and improve the scalability, Securebox is based on virtualized middleboxes provided by CSS. Our proposal differs from the existing solutions by integrating the SDN and cloud into a unified edge security solution, and by offering a collaborative protection mechanism that enables rapid security policy dissemination across all connected networks in mitigating new threats or attacks detected by the system. We have implemented two Securebox prototypes, using a low-cost Raspberry-PI and off-the-shelf fanless PC. Our system evaluation has shown that Securebox can achieve automatic network security and be deployed incrementally to the infrastructure with low management overhead

Internet of Things: Survey on Security and Privacy

The Internet of Things (IoT) is intended for ubiquitous connectivity among different entities or "things". While its purpose is to provide effective and efficient solutions, security of the devices and network is a challenging issue. The number of devices connected along with the ad-hoc nature of the system further exacerbates the situation. Therefore, security and privacy has emerged as a significant challenge for the IoT. In this paper,we aim to provide a thorough survey related to the privacy and security challenges of the IoT. This document addresses these challenges from the perspective of technologies and architecture used. This work focuses also in IoT intrinsic vulnerabilities as well as the security challenges of various layers based on the security principles of data confidentiality, integrity and availability. This survey analyzes articles published for the IoT at the time and relates it to the security conjuncture of the field and its projection to the future.Comment: 16 pages, 3 figure

Wireless Sensor Networks Security: State of the Art

Wireless sensor networks (WSNs) have become one of the main research topics in computer science in recent years, primarily owing to the significant challenges imposed by these networks and their immense applicability. WSNs have been employed for a diverse group of monitoring applications, with emphasis on industrial control scenarios, traffic management, rescue operations, public safety, residential automation, weather forecasting, and several other fields. These networks constitute resource-constrained sensors for which security and energy efficiency are essential concerns. In this context, many research efforts have been focused on increasing the security levels and reducing the energy consumption in the network. This paper provides a state-of-the-art survey of recent works in this direction, proposing a new taxonomy for the security attacks and requirements of WSNs.Comment: 11 pages, 3 Figures, 2 Table

HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT Devices (Extended Version)

Internet of Things (IoT) devices have become ubiquitous and are spread across many application domains including the industry, transportation, healthcare, and households. However, the proliferation of the IoT devices has raised the concerns about their security, especially when observing that many manufacturers focus only on the core functionality of their products due to short time to market and low-cost pressures, while neglecting security aspects. Moreover, it does not exist any established or standardized method for measuring and ensuring the security of IoT devices. Consequently, vulnerabilities are left untreated, allowing attackers to exploit IoT devices for various purposes, such as compromising privacy, recruiting devices into a botnet, or misusing devices to perform cryptocurrency mining. In this paper, we present a practical Host-based Anomaly DEtection System for IoT (HADES-IoT) that represents the last line of defense. HADES-IoT has proactive detection capabilities, provides tamper-proof resistance, and it can be deployed on a wide range of Linux-based IoT devices. The main advantage of HADES-IoT is its low performance overhead, which makes it suitable for the IoT domain, where state-of-the-art approaches cannot be applied due to their high-performance demands. We deployed HADES-IoT on seven IoT devices to evaluate its effectiveness and performance overhead. Our experiments show that HADES-IoT achieved 100% effectiveness in the detection of current IoT malware such as VPNFilter and IoTReaper; while on average, requiring only 5.5% of available memory and causing only a low CPU load

A Survey on the Security of Pervasive Online Social Networks (POSNs)

Pervasive Online Social Networks (POSNs) are the extensions of Online Social Networks (OSNs) which facilitate connectivity irrespective of the domain and properties of users. POSNs have been accumulated with the convergence of a plethora of social networking platforms with a motivation of bridging their gap. Over the last decade, OSNs have visually perceived an altogether tremendous amount of advancement in terms of the number of users as well as technology enablers. A single OSN is the property of an organization, which ascertains smooth functioning of its accommodations for providing a quality experience to their users. However, with POSNs, multiple OSNs have coalesced through communities, circles, or only properties, which make service-provisioning tedious and arduous to sustain. Especially, challenges become rigorous when the focus is on the security perspective of cross-platform OSNs, which are an integral part of POSNs. Thus, it is of utmost paramountcy to highlight such a requirement and understand the current situation while discussing the available state-of-the-art. With the modernization of OSNs and convergence towards POSNs, it is compulsory to understand the impact and reach of current solutions for enhancing the security of users as well as associated services. This survey understands this requisite and fixates on different sets of studies presented over the last few years and surveys them for their applicability to POSNs...Comment: 39 Pages, 10 Figure

DDoS Attacks: Tools, Mitigation Approaches, and Probable Impact on Private Cloud Environment

The future of the Internet is predicted to be on the cloud, resulting in more complex and more intensive computing, but possibly also a more insecure digital world. The presence of a large amount of resources organized densely is a key factor in attracting DDoS attacks. Such attacks are arguably more dangerous in private individual clouds with limited resources. This paper discusses several prominent approaches introduced to counter DDoS attacks in private clouds. We also discuss issues and challenges to mitigate DDoS attacks in private clouds