Security of IoT devices

Protection of data has been a concern for us since we connected the first 2 computers. There is a huge amount of data that is being exchanged per second, minute and hour and I’m talking about data ranging from bytes to Gigabytes. Hence the concern of security and vulnerability of IoT devices, which transmits such data, is perceptible. IoT devices are ostentatious and their ease of functionality and use, to both consumers and industry, are making these devices more popular each day. The increase in the number of connected devices, results in rise of security and privacy concerns. In 2019, the cyberattacks On IoT Devices surged 300% measured in billions (Doffman 2019). One of the prominent example of such attack was witnessed in Australia in early 2000 when the sewage control system of Maroochy Shire in Queensland, was accessed remotely, resulting in release of 800,000 litres of sewage into the surrounding waterways (Mack et al. 2018). Although IoT is a part of internet, but the security concerns in IoT and internet cannot be treated as the same (Misra S et al. 2017, p.17). The IoT security can be classified into three categories as below and normal antivirus solutions on devices won’t help.

• Internet’s own security issues: These includes traditional internet security issues such as data eavesdropping, tampering, forgery, and common internet attacks like trojan virus etc. • Internet’s security issues under the scene of IoT: An example of this is DNS not authenticating requester in which a user will not get the URL address as the query is not responsive. In the IoT, this will cause leakage of object privacy as the devices are connected. • IoT’s own security issues: These issues involves authentication protocols problems, key agreement and privacy protection of wireless sensor network devices where in users identity is compromised. Cryptography and encryption methods can help in securing the devices from such security issues. Another important aspect of security in IoT devices is their confidentiality and privacy (D Miorandi et al. 2012). When dealing with confidentiality and privacy, authentication and identity management forms the sub parts which cannot be ignored. As a matter of fact, this issue is of paramount importance in IoT, because multiple users and devices authenticate each other using credible services.

The complicated part is to find solution for handling the identity of users and devices without letting it get compromised. For example, we use radio frequency identification, popularly known as RFIDs, to open doors at hotel and many other places. Now suppose, your card is stolen or is misplaced, it opens the possibility of burglary and what not. Hence, handling the identity of the user becomes of paramount importance for which many discussions have taken place, but no analytical solution has been proposed.

Noticeably, all these discussions have been about the device to cloud security, and very less to no emphasis is laid on device to device security which is as importance as its counterpart as the devices not only talk to the internet (cloud) but also talk to each other (device to device connection) and could have helped in confining the identity of user. This forms one of the potential research gaps in security of IoT devices. References: • Doffman, Z. 2019. Cyberattacks On IOT Devices Surge 300% In 2019, ‘Measured In Billions’, Report Claims. The Forbes,14 September 2019, viewed 3 May 2020, <https://www.forbes.com.cdn.ampproject.org/c/s/www.forbes.com/sites/zakdoffman/2019/09/14/dangerous-cyberattacks-on-iot-devices-up-300-in-2019-now-rampant-report-claims/amp/> • Misra, Sridipta, Author, Maheswaran, Muthucumaru, and Hashmi, Salman. Security Challenges and Approaches in Internet of Things. Switzerland: Springer, 2017. Web. • D. Miorandi, S. Sicari, F. De Pellegrini, and I. Chlamtac, “Internet of things: Vision, applications and research challenges,” Ad Hoc Networks, vol. 10, no. 7, pp. 1497–1516, 2012. • Mack, Michael, Sanchez, Michael, and MacTurk, Derek. Security and Threat Analysis of Industrial Control Systems and Applicable Solutions (2018): ProQuest Dissertations and Theses. Web.