Internet of Things (IoT): The most up-to-date challenges, architectures, emerging trends and potential opportunities

Internet of Things (IoT) is nowadays the most profound buzzword in Information Technology science. IoT is the evolution of Information Technology which aims to build a mutual infrastructure that integrates, connects and telecommunicates every ‘Things’ (Objects) with each other on the face of the earth. This interconnected infrastructure provides humans with fully control of things. Projections and potential estimates about incomings of IoT are spectacular for future directions. IoT encompasses such a wide range of spectrum that its influences are anyone’s guess. Not only the profits of IoT but also the forfeits and fears of IoT are unpredictable for yet. However, with the increase in research, academic studies and technological developments the atmosphere will be clear for IoT. This research paper proposes a novel comprehensive reference source for those who are interested in IoT, ubiquitous sensing, pervasive computing and smart objects. The paper explains IoT emergence and IoT history in detail, current IoT usage areas, the most up-to-date potential opportunities and future IoT directions, overall IoT architecture and well-liked architectures, security and privacy concerns about IoT. The latest ongoing IoT projects are discussed and the latest burning issues are presented. Critical and turning points of IoT are given in tabular. As compared to similar survey papers in the area, to the best of our knowledge contributions of this paper are unique

A survey on CAN bus protocol: attacks, challenges, and potential solutions

The vehicles are equipped with electronic control units that control their functions. These units communicate with each other via in-vehicle communication protocols like CAN bus. Although CAN is the most common in-vehicle communication protocol, its lack of encryption and authentication can cause serious security shortcomings. In the literature, many attacks are reported related to CAN bus and the number increases with rising connectivity in the cars. In this paper, we present CAN protocol and analyze its security vulnerabilities. Then we survey the implemented attacks and proposed solutions in the literature

Hardware trojan enabled denial of service attack on CAN bus

The trend of technological advances in the vehicle industry illustrates that future cars would have added functionalities with smart features, better connectivity and autonomous behaviour. These naturally involve a higher number of Electronic Control Units (ECUs) being connected using existing conventional in-vehicle network protocols such as Controller Area Network (CAN). In this context, security of systems is now becoming a major concern while industry’s primary interest in the manufacturing of cars is reliability and safety. It is now in daily news that smart cars are being hacked due to weaknesses in their embedded electronics that provides ways of hardware attacks [1] [2]. Hardware Trojan (HT) is the threat that has been recently recognised as one of the primary sources of backdoor access that enables hackers to attack systems. As trouble, HT remains silent until a rare function/event triggers it for activation. This paper contributes to the challenge of demonstration of disruption in CAN buses raised from hidden Hardware Trojan. In this regard, it is presented how just a small size Hardware Trojan disrupts the CAN bus communication without an adversary having physical access to the bus. The attack is neither detectable via frame analysis, nor can be prevented via network segmentation; additionally, a rare triggering mechanism activates HT to process untraceable faults

Layered security for IEEE 1687 using a Bimodal Physically Unclonable Function

In this paper, a layered security mechanism for IEEE 1687 is proposed using a new class of physically unclonable function (PUF) called Bimodal PUF. It moves beyond the conventional single-challenge single-response PUF by introducing a second response to the PUF gained from the same single challenge. As an advantage, a double-response PUF forms two-layer security solution, one at the hardware layer by limiting the access to the embedded instrument and the second one for the data layer by securing the output data that needs to be transmitted. Experiments conducted with FPGA show that such advantages come in place at a small silicon area overhead, up to 1.4%, for a 64-bit security key. This is known to be sufficient enough to resist brute-force and machine learning attack

WINDS: A Wavelet-based Intrusion Detection System for Controller Area Network (CAN)

Vehicles are equipped with Electronic Control Units (ECUs) to increase their overall system functionality and connectivity. However, the rising connectivity exposes a defenseless internal Controller Area Network (CAN) to cyberattacks. An Intrusion Detection System (IDS) is a supervisory module, proposed for identifying CAN network malicious messages, without modifying legacy ECUs and causing high traffic overhead. The traditional IDS approaches rely on time and frequency thresholding, leading to high false alarm rates, whereas state-of-the-art solutions may suffer from vehicle dependency. This paper presents a wavelet-based approach to locating the behavior change in the CAN traffic by analyzing the CAN network’s transmission pattern. The proposed Wavelet-based Intrusion Detection System (WINDS) is tested on various attack scenarios, using real vehicle traffic from two independent research centers, while being expanded toward more comprehensive attack scenarios using synthetic attacks. The technique is evaluated and compared against the state-of-the-art solutions and the baseline frequency method. Experimental results show that WINDS offers a vehicle-independent solution applicable for various vehicles through a unique approach while generating low false alarms

Evaluation of CAN bus security challenges

The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS

Evaluation of CAN Bus Security Challenges

The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS)