(Internet of Things) IoT as IoT (Interconnection of Threats)
(Internet of Things) IoT as IoT (Interconnection of Threats)
When we talk about interconnection, we usually think in terms of computers, tablets and smartphones. The Internet of Things (IoT) describes a world where just about anything can be connected and communicate in a “smart mode” by combining simple data to produce usable intelligence. With the IoT, the physical world is becoming one big information system with the ultimate goal of improving quality of life and empowering new business models.
However, this also means that more personal information and business data will reside in the cloud and be exchanged between thousands of devices that may have exploitable vulnerabilities. One weak link in the security chain could provide hackers with nearly limitless doorways that could be unlocked and lead to sensitive information.
Currently, more things are connected to the Internet than people. According to Gartner, there are approximately 6.4 billion connected devices in use worldwide in 2016, and that number is slated to reach 20.8 billion by 2020. In this quickly evolving world, all the things that connect to the Internet are exponentially expanding that attack surface for hackers.
In the future, maybe around the year 2020 with IPv6 and the 5G network, millions of heterogeneous things will be part of the IoT. Privacy and security will be the major factors of concern at that time. The IoT can be viewed in different dimensions by the different sections of academia and industry; whatever the viewpoint, the IoT has not yet reached maturity and is vulnerable to all sorts of threats and attacks. The prevention or recovery systems used in the traditional network and Internet cannot be used in the IoT due to its connectivity.
security issues in three dimensions, based on phase, architecture, and components. will show all possible types of attacks in these three different views, thus the IoT as the Interconnection of Threats.
- IoT Phase attacks - There are five phases of IoT, as following.
Phase I: Data collection, acquisition and perception
Phase II: Storage
Phase III: Intelligent processing
Phase IV: Data transmission
Phase V: Delivery
Every phase have potential of security attacks. demonstrates the variety of attacks on the five phases of IoT. (in red colored boxes)
Attacks on the five phases of IoT
2. Attacks as per architecture - The IoT has not yet been confined to a particular architecture. Different vendors and applications adopt their own layers. In general, the IoT is assumed to have four layers: the lowest-level perception layer or sensing layer, the network layer, the transmission layer, and the application layer. following figure depicts the layers and the possible threats to each layer.
Possible attacks based on architecture
3. Attacks based on components - The IoT connects “everything” through the Internet. These things are heterogeneous in nature, communicating sensitive data over a distance. Apart from attenuation, theft, loss, breach, and disaster, data can also be fabricated and modified by compromised sensors. Figure shows the possible types of attacks at the component level.
Verification of the end user at the entry level is mandatory; distinguishing between humans and machines is extremely important. Different types of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) help in this fundamental discrimination.
Possible attacks based on components
