Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presenter: Patrick N. zwane Advisor: Dr. Kai-Wei Kevin Ke 21/09/2018

Published by혜상 조 Modified over 6 years ago

Similar presentations

Presentation on theme: "Presenter: Patrick N. zwane Advisor: Dr. Kai-Wei Kevin Ke 21/09/2018"— Presentation transcript:

1 Presenter: Patrick N. zwane Advisor: Dr. Kai-Wei Kevin Ke 21/09/2018
Internet of Things (IoT) Security: Challenges, Recent Advances, and Future Trends Presenter: Patrick N. zwane Advisor: Dr. Kai-Wei Kevin Ke 21/09/2018

2 Outline Introduction IOT Architecture IoT Security Issues
IoT Security Countermeasures Future Directions References

3 Introduction (1\3) Internet of things (IoT) is a collection of many interconnected objects, services, humans, and devices that can communicate, share data, and information to achieve a common goal in different areas and applications IoT has many implementation domains: transportation, agriculture healthcare energy production and distribution

4 Introduction (2\3) The IoT applications have seen rapid development in recent years due to the technologies of Radio Frequency Identification (RFID) and Wireless Sensor Networks (WSN) RFID enables the tagging or labeling of every single device, so as to serve as the basic identification mechanism in IoT Due to WSN, each “thing” i.e. people, devices etc. Becomes a wireless identifiable object and can communicate among the physical, cyber, and digital world

5 Introduction (3\3)

6 IoT Architecture (1\4)

7 IoT Architecture (2\4) The IoT operation layer: Perception Layer
also known as the “Sensors” layer in IoT to acquire the data from the environment with the help of sensors and actuators detects, collects, and processes information and then transmits it to the network layer performs the IoT node collaboration in local and short range networks

8 IoT Architecture (3\4) The IoT operation layer: Network
serves the function of data routing and transmission to different IoT hubs and devices over the Internet operate by using some of the very recent technologies such as WiFi, LTE, Bluetooth, 3G, Zigbee etc serve as the mediator between different IoT nodes by aggregating, filtering and transmitting data to and from different sensors

9 IoT Architecture (4\4) The IoT operation layer: Application Layer
guarantees the authenticity, integrity, and confidentiality of the data the purpose of IoT or the creation of a smart environment is achieved.

10 IoT Security Issues (1\10)
The security features of IoT: two categories Technological challenges arise due to the heterogeneous and ubiquitous nature of IoT device related to wireless technologies, scalability, energy, and distributed nature Security challenges related to the principles and functionalities that should be enforced to achieve a secure network require the ability to ensure security by authentication, confidentiality, end-to-end security, integrity

11 IoT Security Issues (2\10)
There are different mechanisms to ensure security including: The software running on all IoT devices should be authorized When an IoT device is turned on, it should first authenticate itself into the network before collecting or sending data Since the IoT devices have limited computation and memory capabilities, firewalling is necessary in IoT network to filter packets directed to the devices The updates and patches on the device should be installed in a way that additional bandwidth is not consumed

12 IoT Security Issues (3\10)
Security principles that should be enforced to achieve a secure communication framework: Confidentiality: ensure that the data is secure and only available to authorized users Integrity: ensure the accuracy of the data Availability: users of the IoT should have all the data available whenever they need it Authentication: Each object in the IoT must be able to clearly identify and authenticate other objects

13 IoT Security Issues (4\10)
Lightweight Solutions: Lightweight solutions are a unique security feature that is introduced because of the limitations in the computational and power capabilities of the devices involved in the IoT Heterogeneity: different entities with different capabilities, complexity, and different vendors Policies: must be policies and standards to ensure that data will be managed, protected and transmitted in an efficient way, but more importantly a mechanism to enforce such polices is needed to ensure that every entity is applying the standards

14 IoT Security Issues (5\10)
Key Management Systems: the devices and IoT sensors need to exchange some encryption materials to ensure confidentiality of the data. there needs to be a lightweight key management system for all frameworks that can enable trust between different things and can distribute keys by consuming devices minimum capabilities

15 IoT Security Issues (6\10)
Security Challenges in each layer: Perception Layer - are three security issues the strength of wireless signals - signals are transmitted between sensor nodes of IoT using wireless technologies whose efficiency can be compromised by disturbing waves they are prone to physical attacked limited storage capacity, power consumption, and computation capability

16 IoT Security Issues (7\10)
The confidentiality of this layer can easily be exploited by Replay Attack

17 IoT Security Issues (8\10)
Timing Attack - the attacker might gain the encryption key by analysing the required time to perform the encryption Node Capture attack - when the attacker takes over the node and captures all information and data Data integrity attack -Attacker can add another node to the network that threatens the integrity of the data in this layer by sending Malicious Data

18 IoT Security Issues (9\10)
Network Layer The adversary can attack the confidentiality and privacy at network layer by traffic analysis, eavesdropping, and passive monitoring The network layer is highly susceptible to Man-in-the-Middle attack by securing the secure communication channel Compatibility issues - the heterogeneity of the network components makes it difficult to use the current network protocols

19 IoT Security Issues (10\10)
Application Layer Difficult to ensure data privacy and identity authentication Availability of the services – the large amounts of connected devices that share data will cause large overhead on applications that analyse the data how different users will interact with them, the amount of data that will be revealed, and who will be responsible for managing these applications

20 IoT Security Countermeasures (1\7)
Authentication Measures In 2011, Zhao et al. presented a mutual authentication scheme for IoT between platforms and terminal nodes The scheme is based on hashing and feature extraction The feature extraction was combined with the hash function to avoid any collision attacks The feature extraction process has the properties of irreversibility which is needed to ensure security and it is light weight

21 IoT Security Countermeasures (2\7)
The scheme focuses on authentication process when the platform is trying to send data to terminal nodes and not the opposite. Wen et al 2012, presented Another method for ID authentication at sensor nodes of IoT It is a one-time one cipher method based on request-reply mechanism This dynamic variable cipher is implemented by using a pre-shared matrix between the communicating parties

22 IoT Security Countermeasures (3\7)
The parties can generate a random coordinate which will serve as the key coordinate gets transferred between two parties The key, i.e. password, is then generated from this coordinate All the messages are sent by encrypting them with the key, along with key coordinate, device ID, and time stamp

23 IoT Security Countermeasures (4\7)
Mahalle et al presented an Identity Authentication and Capability based Access Control (IACAC) for the IoT This research attempts to fill the gap for an integrated protocol with both authentication and access control capabilities to achieve mutual identity establishment in IoT The proposed model uses a public key approach and is compatible with the lightweight, mobile, distributed, and computationally limited nature of IoT devices plus existing access technologies like Bluetooth, 4G, WiMax, and Wi-Fi

24 IoT Security Countermeasures (5\7)
It prevents man-in-the-middle attacks by using a timestamp in the authentication message between the devices, which serves as the Message Authentication Code (MAC) The scheme works in three stages; first a secret key is generated based on Elliptical Curve Cryptography-Diffie Hellman algorithm (ECCDH) then identity establishment is made by one-way and mutual authentication protocols, and lastly access control is implemented

25 IoT Security Countermeasures (6\7)
Lee et al, 2014 introduced a light weight authentication protocol to secure RFID tags In unsecured RFID the attacker can gain access to the network by sniffing the Electronic Product Key (EPC) of the victim tag The protocol ensures mutual authentication between RFID readers and tagged items without introducing large overhead on these devices

26 IoT Security Countermeasures (7\7)
Trust Establishment About access control and permissions Xie and Wang 2014, presented the concept of mutual trust for inter-system security in IoT by creating an item-level access-control framework It establishes trust from the creation to operation and transmission phase This trust is established by two mechanisms; the creation key and the token

27 Future Directions (1\3) Architecture Standards
IoT currently employs different devices, services, and protocols to achieve a common goal The present day requirement of IoT is to have well defined architecture standards comprising of data models, interfaces, and protocols which can support a wide range of humans, devices, languages, and operating systems

28 Future Directions (2\3) Identity Management
there needs to be some predefined identity management entity or hub which can monitor the connection process of devices by applying cryptography and other techniques to prevent identity theft Identity management in IoT is performed by exchanging identifying information between the things for first time connection

29 Future Directions (3\3) Session layer
As per most of the researchers, the three-layer architecture of IoT does not accommodate the opening, closing, and managing a session between two things An abstract session layer should be accommodated as an additional layer in IoT architecture which can specifically manage the connections, protocols, and sessions between communicating heterogeneous devices

30 Conclusion The IoT framework is susceptible to attacks at each layer; hence there are many security challenges and requirements that need to be addressed There are some other attacks that affect IoT; impersonation, Sybil, compromise attacks, needs to be taken in to consideration a need for new identification, wireless, software, and hardware technologies to resolve the currently open research challenge in IoT like the standards for heterogeneous devices, implementation of key management and identity establishment systems, and trust management hubs

31 References (1\3) G. Zhao, X. Si, J. Wang, X. Long, and T. Hu, "A novel mutual authentication scheme for Internet of Things," in Int'l Conference on Modelling, Identification and Control (ICMIC), , 2011 Q. Wen, X. Dong, and R. Zhang, "Application of dynamic variable cipher security certificate in internet of things," in Int'l Conference on Cloud Computing and Intelligent Systems (CCIS), , 2012

32 References (2\3) P. N. Mahalle, B. Anggorojati, N. R. Prasad, and R. Prasad, "Identity authentication and capability based access control (iacac) for the internet of things," J. of Cyber Security and Mobility, vol. 1, , 2013. J.-Y. Lee, W.-C. Lin, and Y.-H. Huang, "A lightweight authentication protocol for internet of things," in Int'l Symposium on Next-Generation Electronics (ISNE), 1- 2, 2014

33 References (3\3) Qiu, Yue, and Maode Ma. "An authentication and key establishment scheme to enhance security for M2M in 6LoWPANs." 2015 IEEE International Conference on Communication Workshop (ICCW). IEEE, 2015.

34

Download ppt "Presenter: Patrick N. zwane Advisor: Dr. Kai-Wei Kevin Ke 21/09/2018"

Similar presentations

By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Comparative studies on authentication and key exchange methods for 802.11 wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Tufts Wireless Laboratory School Of Engineering Tufts University “Network QoS Management in Cyber-Physical Systems” Nicole Ng 9/16/20151 by Feng Xia, Longhua.

Tufts Wireless Laboratory School Of Engineering Tufts University “Network QoS Management in Cyber-Physical Systems” Nicole Ng 9/16/20151 by Feng Xia, Longhua.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
Security Patterns in Wireless Sensor Networks By Y. Serge Joseph October 8 th, 2009 Part I.

Security Patterns in Wireless Sensor Networks By Y. Serge Joseph October 8 th, 2009 Part I.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Summary of Distributed Computing Security Yifeng Zou Georgia State University 2011.11.2.

Summary of Distributed Computing Security Yifeng Zou Georgia State University
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Lecture 24 Wireless Network Security

Lecture 24 Wireless Network Security

Similar presentations

Ads by Google