nach oben

Erschienen in:

2021 | OriginalPaper | Buchkapitel

Internet of Things (IoT): Vulnerabilities and Remediation Strategies

verfasst von : Pooja Anand, Yashwant Singh, Arvind Selwal

Erschienen in: Recent Innovations in Computing

Verlag: Springer Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Iot being a transformative approach for imparting countless services raises consequential security flaws as well. These flaws germinate from the embedded vulnerabilities in IoT devices. The market is flooded with these vulnerable smart devices, which are easy to play with to remotely enter into an IoT system. This becomes more serious as communication protocols and Internet technologies were not devised to support IoT. In this paper, we mainly focus on the evolving vulnerabilities in IoT that can affect its sustenance in the long run. We also elaborated on the remediation strategies to be incorporated to lessen the fertility of the ground to launch numerous attacks. Finally, we conclude with the challenges and recommendations.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Bot Detection in Social Networks Using Stacked Generalization Ensemble

Nächstes Kapitel DACHE: A Data Aggregation-Based Effective and Optimized Cluster Head Election Routing Protocol for HWSNs

Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014). https://doi.org/10.1109/JIOT.2014.2306328CrossRef

Yosra Ben Saied: Collaborative security for the internet of things Sécurité Collaborative pour l ’ Internet des Objets. Int. J. Comput. Appl. 135(2), 23–29 (2013)

Hypponen, M., Nyman, L.: The Internet of (vulnerable) Things : on hypponen ’ s law, security engineering, and IoT legislation. Technol. Innov. Manag. Rev. 7(4), 5–11 (2017)CrossRef

Corser, G., Fink, G.A., Aledhari, M.: IEEE Internet Technology Policy Community White Paper INTERNET OF THINGS ( IOT ) SECURITY. IEEE, no. February, pp. 1–13, 2017.

Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and Other Botnets. Computer (Long. Beach. Calif). 79 (2017)

IoT connected teddy bear leaks millions of kids’ conversations, exposed database to blame—TechRepublic. [Online]. Available: https://www.techrepublic.com/article/iot-connected-teddy-bear-leaks-millions-of-kids-conversations-exposed-database-to-blame/. Accessed: 03-Jan-2020.

Stanislav, M., Beardsley, T.: HACKING IoT: a case study on baby monitor exposures and vulnerabilities. September (2015)

Standaert, F.: Introduction to side-channel attacks. Secur. Integr. Circuits Syst. Springer Sci. Media, pp. 27–42 (2010). https://doi.org/10.1007/978-0-387-71829-3.

Neshenko, N., Bou-harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on Internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. PP(c), 1 (2019). https://doi.org/10.1109/COMST.2019.2910750.

10.

Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19. (2016). https://doi.org/10.1109/TETC.2016.2606384.

11.

Makhdoom, I., Abolhasan, M., Lipman, J., Liu, R.P., Ni, W.: Anatomy of threats to the Internet of Things. IEEE Commun. Surv. Tutor. PP(c), 1 (2018). https://doi.org/10.1109/COMST.2018.2874978.

12.

Chen, C., Zhang, Z., Lee, S., Shieh, S.: In the IoT age. Computer (Long. Beach. Calif.) (2018)

13.

Visoottiviseth, V., Akarasiriwong, P., Chaiyasart, S., Chotivatunyu, S.: PENTOS : penetration testing tool for Internet of Thing devices. In: Proceedings 2017 IEEE Region 10 Conference, pp. 2279–2284 (2017)

14.

Linda, M.: Scanning for vulnerable devices in the Internet of Things. 463–467 (2015)

15.

Ko, E., Kim, T., Kim, H.: Management platform of threats information in IoT environment. J. Ambient Intell. Humaniz. Comput. 9, 1167–1176 (2017). https://doi.org/10.1007/s12652-017-0581-6CrossRef

16.

Sachidananda, V.: POSTER: towards exposing Internet of Things : a roadmap of the Negev. ACM 1, 1820–1822 (2016)

17.

S. Siboni, V. Sachidananda, Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S.: Security testbed for Internet-of-Things devices. IEEE Trans. Reliab., vol. PP, 1–22 (2018). https://doi.org/10.1109/TR.2018.2864536.

18.

Anand, P., Singh, Y., Selwal, A., Alazab, M., Tanwar S., Kumar, N.: IoT vulnerability assessment for sustainable computing: threats, current solutions, and open challenges. In: IEEE Access 8, 168825–168853 (2020) https://doi.org/10.1109/ACCESS.2020.3022842

19.

Sachidananda, V., Toh, J., Siboni, S., Bhairav, S., Shabtai, A., Elovici, Y.: Let the cat out of the bag: a holistic approach towards security analysis of the internet of things. IoTPTS 2017—Proc. 3rd ACM Int. Work. IoT Privacy, Trust. Secur. co-located with ASIA CCS 2017, pp. 3–10 (2017). https://doi.org/10.1145/3055245.3055251.

20.

Trappe, W., Howard, R., Moore, R.S.: Low-energy security: limits and opportunities in the internet of things. IEEE Secur. Priv. 13(1), 14–21 (2015). https://doi.org/10.1109/MSP.2015.7CrossRef

21.

Ramesh, D., Rao, D.K.: Vampire attacks: draining life from wireless ad hoc sensor communication of networks. IEEE Trans. Mob. Comput. 3(9), 1107–1110 (2014)

22.

Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet Under the Microscope pp. 1–72 (2010)

23.

Rajan, A., Jithish, J., Sankaran, S.: Sybil attack in IoT: Modelling and defenses. In: International Conference on Advances in Computing, Communications and Informatics, ICACCI 2017, vol. 2017-Janua, pp. 2323–2327 (2017). https://doi.org/10.1109/ICACCI.2017.8126193.

24.

Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based internet of things. Int. J. Distrib. Sens. Netw. 2013(10), 1–11 (2013). https://doi.org/10.1155/2013/794326CrossRef

25.

Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart Nest Thermostat : A Smart Spy in Your Home, pp. 1–8. Black Hat USA, Cisco (2014)

26.

Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6(2), 76–84 (2013). https://doi.org/10.1016/j.ijcip.2013.04.004CrossRef

27.

Arias, O., Wurm, J., Hoang, K., Jin, Y.: Privacy and security in Internet of Things and wearable devices. IEEE Trans. Multi-Scale Comput. Syst. 1(2), 99–109 (2015). https://doi.org/10.1109/TMSCS.2015.2498605CrossRef

28.

Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19 (2016).

29.

Bertino, E., Islam, N.: Botnets and Internet. IEEE Comput. Soc. 18, 76–79 (2017)CrossRef

30.

Alaba, F.A., Othman, M., Abaker, I., Hashem, T., Alotaibi, F.: Internet of Things security: a survey. J. Netw. Comput. Appl. 88(April), 10–28 (2017)CrossRef

Titel: Internet of Things (IoT): Vulnerabilities and Remediation Strategies
verfasst von: Pooja Anand
Yashwant Singh
Arvind Selwal
Verlag: Springer Singapore
Buch: Recent Innovations in Computing
Print ISBN: 978-981-15-8296-7

Electronic ISBN: 978-981-15-8297-4

Copyright-Jahr: 2021
DOI: https://doi.org/10.1007/978-981-15-8297-4_22

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"