IoT Security Attacks and Countermeasures Supervisor: – Prof. Dr. Alaa Hussein Al-Hamami, Student: – MohammedSaleem Shatnawi Internet of Things devices are shape our life today, huge number ofdevices are connected to the internet and collect information about ouractivities, the dramatically increase in the number of IoT devices and the sheer size of information that is gathered bybillions of Internet of things devices could make these devices and theinformation they gathered a very valuable target for intruders, many attackstarget these devices, in this paper we will cover most well-known attacks andtheir countermeasures. IndexTerms—Internet of things security, IoT attacks, IoT security countermeasures. 1. IntroductionBillions of intelligent IoT devices connectedto internet today, and it is predicted to be 50 billion devices by 20201.
these smart, self-decision-making devices control the electricity demands ofour cities (smart grid), our home security, transmit our health records tohospitals and receive prescription in order to make human being life easier andproductive, Figure 1.Since Internet of Things devices recordalmost everything around us and collect sheer amount of human and systemsactivities in addition to the nature of the Internet of Things devices thatrequire them to be online almost always, that make the collected informationand devices itself exceptionally important target for attackers and intruders,IoT devices could be attacked to collect information about sensitiveenvironment like Smart Grid or to violate people privacy and committing crimes, exploited IoT devices could be used to lunchattacks against others like DDOS attacks. To demonstrate the ability of intruders to exploit IoT devices tolunch a massive attacks, in September 2016, a massive attack caused manypopular web sites like Amazon, BBC, Netflix to get down for a while, the attackhas then expanded to attack Dyn a DNS solution and Email delivery servicemaking tens of thousands of users unable to reach the internet, this attack hasbeen lunched using DDOS attack techniques taking advantage of hundreds ofthousands of vulnerable IoT devices to compose a network of zombie and controlthem to start the attack23, what makes these types of attacks dangers isthat it can be lunched from any device that is connected to the internet whichcould be for example smart refrigerators, smart TVs part of this type ofattacks, other concern of IoT security is the privacy of users, since IoTdevices collect information about people activities like the health informationcollected by smart wearable devices, unauthorized access to these data would beprivacy violation, what is more danger is the intruders’ ability to manipulateIoT devices to harm people like manipulate medicaldevices to change the victim’s prescription. Inthis paper we will discuss the different types of attacks that target IoTenvironment and its countermeasures, section 2 is a general overview of the IoTarchitecture, section 3 discuss IoT security in general, section 4 listsrelated work and most-well attacks against IoT environments, section 5 showsthe statement of the problem and challenges, section 6 shown the proposed solution,section 7 is conclusion and future work. IoT Architecture TheIoT infrastructure composed of multiple heterogeneous devices that areconnected to each other and exchange information between them. An abstract viewof how IoT works is shown in figure 2.
Datais measured by one or more sensors, these measurements are sent the local IoTdevice that responsible for making the initial processing and storing, data isthen sent through the internet to a cloud service for more processing and longterm storage. Widelyrecognizable architecture for IoT environment is to categories devices based onits location and/or based on its function. the three level IoT architecture 4is a very well-known architecture that split the IoT environment into threelayers, application, network and perception figure 3. i. Perceptionlayer: – Inthis layer actions are measured through sensors, these measurements are thensent to IoT controllers which are microcontrollers and embedded boards used to processdata and stored it locally, technologies used in this layer like RFID and WSN,RFID is stand for Radio-frequency Identification which is the technology thatused to enable the communication between sensors and the monitored IoT objectsthrough RFID tag, the measured data is sent to the controller through wirelessnetwork transmission (WSN). devices in this layer have a limited processing andstoring capabilities. ii. Networklayer Afterdata is collected in perception layer, it needs to be transmitted to the IoTcloud service, the network layer contains devices like wireless and wirerouters, switches and firewall, IDS and IPS are used to deliver data from theperception layer to the could provider.
iii. Application Layer Thefinal destination of collected data is the cloud, cloud providers processingand analyzing the data to provide the IoT user with meaningful results, alsothis layer provides the user with a portal to view IoT services results. 3.
IoT SecurityThe main goal of cyber security is to preserve the Confidentiality,Integrity and Availability. 3.1 IoT ConfidentialityIt is very important for data either intransmit or in store to be secure from unauthorized access that could exposeuser’s data and violates user’s privacy, 1-2-3Zones 5 divided the IoT environment to three zones Internal zone, Middle zone and Outside zone figure 4. We can see from the figure 4 that data inIoT environment could be located and transmit as the following: – 1- Data could be stored in the Internal zone,like in IoT devices.
2- Data could be stored in the External zonein the cloud.3- Data transmits within devices in Internalzone, from sensors to IoT devices or controllers. 4- Data transmits from Internal zone to Middlezone. 5- Data transmit from Middle zone to external zone.
So it is substantial to protect dataconfidentiality in all previous mentioned places. 3.2 IoTIntegrityAnyunauthorized modify of IoT data either in store or in transmit would make allIoT results and analysis invalid, we can imagine that an intruder who break IoTmedical device that reads a patient health activity and modify his healthreading which definitely would expose his life to danger, so it’s veryimportant to protect the integrity of data in IoT. 4. LiteratureSurveyThere are a wide range of attacks targetingeach layer of IoT architecture figure 3, many research papers have categoriesthese attacks, this section will discuss the literature survey of IoT attacks. 4.
1 Perceptionlayer attacks Attacks in this layer will target mainly embedded technology likesensors and other measuring devices, and due to the nature of these devicesthat have small processing unit and limited power make it easy target forintruders this layer could be target for the following attacks: – Node Tempering: – in this type of attack the intrudermay damage, replace or manipulate the IoT devices that sense and measuresactivities 6, the goal of this attack is to get or alter the data measured bythese devices. – Code injection: – in code injection the attacker exploitsa vulnerability in the IoT device that enable him to inject the device with maliciouscode 7 which enable the attacker to do whatever he wants like inject the IoTdevice with a worm to join it in a botnet or to control the IoT device andtamper data. – Man in the Middle Attack: – the intruder can eavesdropin IoT communications, which enable him to listen to the traffic between the sensorsand IoT controller or between controller and edge of the IoT network which givesattacker the advantage to expose sheer amount of data 8. – DOS Attack: – break the availability of services is avery popular attack, DOS attack can be lunched against IoT environment or canbe lunched from IoT environment against other services, in the first scenario amassive network request sent to IoT environment to flood the system resourcesand make it unavailable, such attacks would be very disruptive if they targetsensitive environment like Smart Grid, in the second scenario where the attackinitiated from IoT environment, intruders control a wide network of IoTenvironments making a network of botnet, and use that botnet to lunch DOSattack against other target 239. – RFID Cloning and Spoofing: – this type of attackenable the attacker to spoof signals, alter them and send its own using the genuineRFID tag which make the signals appear coming from the original device 10.
– IoT Device Impersonation: – this attack take placewhen attacker adds a device that can act as either sensor or IoT controller andappears it belong to the IoT environment, which give the attacker the abilityto generates or receive data 11 – Password Attacks: – All IoT devices and controllershave a portal that enable the user to configure and read the IoT results andsince these devices are connected to the internet they are target to thepassword guessing attacks as it happened with Dyn cyberattack 23. 4.2 NetworkLayer Attacks Attacks inthis layer will target network devices and services, which are responsible formoving data from one layer to other layer, devices included in this would belike router, switches, Wi-Fi, Bluetooth and others. – Sniffing Traffic: – sniffing traffic in transmit is a popularattack in networking world, attackers can sniff the flow of data while travelingto cloud, this attack would break the confidentiality of information and givethe intruder the ability to learn and change IoT information 12 – Routing attack: – intruder change the routinginformation of the IoT device to route packets to other destination or to pausethe IoT functionality 13.
– DOS Attacks: – similar to the perception layer, DOSattacks can take place in network layer and cause IoT services to stop. 4.3 IoT Security CountermeasureProtecting IoT environment for cyberattacks is an essential demand insecurity worlds, many researches discussed techniques and procedures that canbe taken to secure against such attacks.- Using Digital Certificate and two-way authenticationwill preserve the confidentiality of data 14, that will make sure everydevice in IoT environment is a legitimate and genuine device which in turn willprevent the many attacks like Node Tampering, Man in the Middle, DeviceImpersonation and other attacks. – Data Encryption will make sure that all data will beonly read by authorized parties 15.- Access Control Lists (ACLS): creating the right rulesto control the inbound and outbound of traffic will stop unwanted traffic andmonitor access to the IoT devices.
– Intrusion Detection and Prevention: would alarm andprevent any malicious activities on IoT devices.- Anti-virus would protect IoT devices for differentkind of malwares. – Updating IoT firmware devices will patch bugs andvulnerabilities that attackers can take advantage of to attack against IoTdevices.
– Proper IoT devices configuration like change defaultpassword and turn on only needed services would protect IoT environment fromwide range of attacks. 5. Statement ofthe problem Due to the design and functional nature of IoT devices, applyingsecurity procedures and policies faces many challenges and difficulties, someof these challenges: – 1- Lack of standards in IoT devices and proprietarytechniques and protocols used make understanding IoT threats and deployingsecurity mechanism more challenging and difficult. 2- Thelimited processing and storage capabilities of IoT devices make applyingsecurity features more difficult, like applying encryption method betweensensors and IoT devices, most of sensors do not have enough processing power tohandle the encryption process which arise the need to develop a lightweightencryption method to apply in IoT devices, the limited storage also preventusers from deploy security mechanism like anti-virus that could fill thestorage unit of IoT devices. 3- Most of IoT vendors are not interested todevelop imbedded security features as opposed to their interested selling morecheap IoT devices. All these challenges arise the need todevelop mechanisms to protect against threats and attacks.The proposed framework is stand on fourcomponents Authentication, Authorization, Encryption and Cloud SecurityService.
6. The ProposedSolution 1 M.Hung, “Leading the IoT,” pp. 1–29, 2017. Retrieved from https://www.gartner.com/imagesrv/books/iot/iotEbook_digital.pdf2 Antonakakis,Manos et al.
2017. “Understanding the Mirai Botnet.” Proceedings of the 26thUSENIX Security Symposium: 1093–1110.3 Mirai botnet: Three admitcreating and running attack tool. (2017, December 13). Retrieved January 19,2018, from http://www.
bbc.com/news/technology-423422214 Vijayalakshmi, A Vithya, and L Arockiam.2016. “I Nternational J Ournal OF E Ngineering S Ciences & M Anagement REsearch A STUDY ON SECURITY ISSUES AND CHALLENGES IN IoT I Nternational JOurnal OF E Ngineering S Ciences & M Anagement R Esearch.” 3(11): 34–43.5 E.
Oriwoh, “Internet of Things Forensics?: Challenges andApproaches Edewede Oriwoh Presentation outline,” no. OCTOBER 2013, pp. 1–13,2013.
6 H.Suo, J. Wan, C. Zou, and J. Liu, “Security in the internet of things:A review,”Proc. – 2012 Int. Conf. Comput.
Sci. Electron. Eng.
ICCSEE 2012, vol. 3, pp.648–651, 2012.7 Farooq,M. U., et al. “A critical analysis on the security concerns of internet ofthings (IoT).” International Journal of Computer Applications 111.
7 (2015).8 RwanMahmoud, Tasneem Yousuf, Fadi Aloul and Imran Zualkernan, “Internet of Things(IoT)Security:Current Status, Challenges and Prospective Measures”, International Conferencefor Internet Technology and Secured Transactions (ICITST), 2015, pg. 336-341.9 Zhang,Congyingzi, and Robert Green.
” Communication security in internet of thing:preventive measure and avoid DDoS attack over IoT network.” Proceedings of the18th Symposium on Communications & Networking. Society for ComputerSimulation International, 2015.10 Borgohain, Tuhin, Uday Kumar, and SugataSanyal. “Survey ofsecurityand privacy issues of Internet of Things.” arXiv preprintarXiv:1501.
02211(2015).11 FRUSTACI, Mario,Pasquale PACE, Gianluca ALOI, and Giancarlo FORTINO. 2017. “Evaluating CriticalSecurity Issues of the IoT World: Present and Future Challenges.” IEEE Internetof Things Journal 4662(c).12 Hossain, Md Mahmud,Maziar Fotouhi, and Ragib Hasan. “Towards an analysis of security issues,challenges, and open problems in the internet of things.
” Services (SERVICES),2015 IEEE World Congress on. IEEE, 2015. 13 Puthal, Deepak, et al.” Threats to NetworkingCloud and Edge Datacenters in the Internet of Things.” IEEE Cloud Computing 3.3(2016): 64-71.
14 XiongLi, Zhou Xuan, Liu Wen “Research on the Architecture of Trusted Security SystemBased on the Internet of Things” 2011 Fourth International Conference onIntelligent Computation Technology and Automation15 RolfH. Weber “Internet of Things – New security and privacy challenges” computerlaw & security review 26(2010) 23 – 30