Internet of Things Vulnerabilities

Slides:

Advertisements

Similar presentations

Lecture 1: Overview modified from slides of Lawrie Brown.

Advertisements

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security Awareness: Applying Practical Security in Your World

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

BUSINESS B1 Information Security.

Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Topic 5: Basic Security.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Ingredients of Security

Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.

A Critical Analysis on the Security of IoTs

The Internet of Things(IoT) BY CODEY DISNEY. Objectives  What Is the IOT?  How are corporations at risk? What are the security risks and what can happen.

C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP

Education – Partnership – Solutions Information Security Office of Budget and Finance Christopher Giles Governance Risk Compliance Specialist The Internet.

Introduction to Networking. What is a Network? Discuss in groups.

Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Security Issues in Information Technology

Network security Vlasov Illia

CS457 Introduction to Information Security Systems

The Internet of Things for Health Care

What they are and how to protect against them

Koji Nakao, Dai Arisue NICT, Japan

Internet of Things (IoT)

Firmware threat Dhaval Chauhan MIS 534.

Cybersecurity - What’s Next? June 2017

Instructor Materials Chapter 7 Network Security

Backdoor Attacks.

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

Wireless Network Security

Operating system Security

CNET334 - Network Security

Hello, Today we will look at cyber security and the Internet of Things and how it could impact our business.

Security in Networking

Internet of Things

Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,

The security and vulnerabilities of IoT devices

Determined Human Adversaries: Mitigations

Network Security: IP Spoofing and Firewall

The Internet of Unsecure Things

Home Internet Vulnerabilities

IS4680 Security Auditing for Compliance

Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.

Cryptography and Network Security

Introduction to Network Security

Computer Security By: Muhammed Anwar.

Determined Human Adversaries: Mitigations

Wireless Spoofing Attacks on Mobile Devices

IoT: Privacy and Security

Security Attacks Network Security.

IoT and Supply Chain Risk Management

Presentation transcript:

Internet of Things Vulnerabilities By: Christian Oliva

Introduction Internet of Things is a collection of network enabled devices such as speakers, cars, baby monitors and other forms of objects that have software and sensor embedded into them. These objects connect to the internet and relay data based on their environment.

Problem Many IoT-enabled devices are not sufficiently secured for consumers whether if its personal or business. Many devices may never see an update and have poor outdated code embedded in the software. The average consumer do not possess the technical prowess to secure their networks to prevent intrusion.

IoT Device These computable devices have sensors in order to provide the necessary information they are required of. They must be connected to a home network, cell towers (4G, 3G) or via Bluetooth. They come in all shapes and sizes. Some popular examples are Amazon Echo speaker, Phillips Hue Smart light bulbs and Nest Thermostat.

Sensors Sensors are the backbone to provide all the necessary data to perform their tasks. The hub within a sensor is what integrates everything together. The hub within a devices allows the sensors work together as a whole. There are different sensors such as temperature and proximity sensors. Once the data is analyzed it will the produce results.

Sensor-based attacks Attacks can be exploited via the sensors embedded in IoT devices. They can be done in a passive or active way. There are four key categories that sensor-based attacks are categorized under such as Information Leakage, False Sensor Data Injection, Denial-of-Service and Transmitting Malicious Sensor Patterns or Commands.

Sensor-based attacks Information Leakage is the most common based attack. It can be done with eavesdropping with the microphone of the device and data such as password can be revealed. Transmitting Malicious Sensor commands can trigger malware by a message that is embedded in a song. False Sensor Data Injection is when data is captured and altered in any way. If GPS-enabled device location is tampered with and changes the location Denial-of-Service doesn’t allow legitimate users access a system. This can be achieved with flooding a system with massive amount of traffic.

Sensor-based security Semadroid, an extension in the Android mobile operating system that allows sensor management. This extension allows logging and monitoring of the sensor to make sure there is legitimate activity going on. Policies can also be implemented to control the transmitted data and limiting third party application access to the data. Location-Privacy Preserving Mechanism reduces the attacks on data location. Attackers like to know the location of the victim to launch attacks

Mitigation Strong passwords must be implemented on a router to help prevent intrusions. Change username and password on router configuration. Hardwire IoT devices (if possible) instead of using wireless. Updating firmware on IoT device. Disabling features that are not necessary.

Network Segmentation Separate your network in zones. You can connect all your IoT devices in one network and isolate the rest of your devices on another. If zone is comprised, it wont risk the infection across your entire network.

Minimize Bandwidth There are about 50 million devices connected to the internet. If 1 percent of those devices were under control, they can be controlled to perform a DDoS attack. They can cause up to 81 trillion frames per second of damage. Vendors should dive deeper into the kernel and throttle network transmission. These ‘smart devices’ should be programmed to detect any suspicious activity and perform a reset.

Conclusion Even though Internet of Things faces many vulnerabilities, consumers need to protect themselves or assets. Consumers need to be aware of these exploits and be educated in the matter. Every day many security risks are being introduced due to the popular uprising. Networks need to be secured, security applications need to be utilized and software must be update to date to intrusions more difficult for the hackers.