Skip to main content

2022 | Buch

Internet of Things

Security and Privacy in Cyberspace

herausgegeben von: Prof. Dr. Sandeep Saxena, Dr. Ashok Kumar Pradhan

Verlag: Springer Nature Singapore

Buchreihe: Transactions on Computer Systems and Networks


Über dieses Buch

This book covers major areas of device and data security and privacy related to the Internet of Things (IoT). It also provides an overview of light-weight protocols and cryptographic mechanisms to achieve security and privacy in IoT applications. Besides, the book also discusses intrusion detection and firewall mechanisms for IoT. The book also covers topics related to embedded security mechanisms and presents suitable malware detection techniques for IoT. The book also contains a unique presentation on heterogeneous device and data management in IoT applications and showcases the major communication-level attacks and defense mechanisms related to IoT.


Chapter 1. Pre-requisite Concepts for Security and Privacy
Nowadays, technology has reached a level that it is dissolved in our lives. Expanding rapidly in the last several decades, information security has become a major concern for everyone connected to the Internet. Information security ensures that our information is only available to the authorized user (receiver) and prevents any changes or modifications of information. In order to get this high level security various methods, techniques and algorithms have been developed. Cryptography can be defined as a method that encrypts the data, depending on the algorithm use. This changes the data in different form which is unreadable to the person unless it is changed to original form by the authorized person (receiver) using same encryption algorithm.
Inderpreet Kaur, Sunil Kumar Bharti, Sandeep Saxena
Chapter 2. Basic Concepts of Cloud and Fog Computing
IoT and cloud computing both are entirely different technologies. But they complement each other as IoT devices are have small storage and processing capacity; on the other hand, cloud has practically unlimited resources. Together, when these two technologies got merged is referred as cloud IoT. As, more IoT devices are coming into application and limiting factors of cloud computing (CC), evolved area of CC, i.e. fog computing has come into picture. Fog computing lies in between the cloud computing and IoT devices and provides time sensitive services like data analytics and mining for IoT devices. This chapter presents the introduction of the CC and its characteristics, integration of IoT and CC, followed by introduction of fog computing, its components, applications, and its role in IoT.
Sahil Kansal
Chapter 3. Access Control and Authentication in IoT
The Internet of things (IoT) technology is changing human life in every aspect and enriching people’s livelihood. Not only that, but it also helps the industry to automate production with high quality by reducing the production cost. On the climate protection part, they are helping humans to monitor changes in real time and help in response actions. The continuous IoT devices deployments in every sector lead to security and management issues because no specific security guidelines and mechanisms exist. Real-time data is more crucial for making decisions, and protecting the IoT ecosystem is challenging because of the decentralized and distributed IoT devices. In estimation, these dives will overcome the human population with a ratio of 2:1 by 2025 with a population over 25 billion. The IoT ecosystem’s heterogeneity makes designing and implementing standard security and management procedures difficult. Researchers are coming up with more finetuned versions of access control mechanisms and security protocols to maintain IoT ecosystem-level security, privacy, and device management. We have introduced more relevant and recent security and privacy mechanisms in this chapter with examples.
Bhaskara Santhosh Egala, Ashok Kumar Paradhan
Chapter 4. Lightweight Cryptographic Techniques and Protocols for IoT
The Internet of things (IoT) is a developing and emerging technology for bridging the gap between the physical and cyberspace. IoT furnishes various services in massive applications such as agriculture, transportation, gaming, cities, health, and the industrial environment. Researchers and academicians have proposed various lightweight cryptographic techniques and protocols for low-power IoT-enabled devices. Despite hundreds of conveniences and advantages of IoT technology, the IoT-enabled lightweight schemes suffer from several security threats due to malicious attacks, lack of privacy preservation and key secrecy, huge storage and computation overhead. This chapter focuses on various international standards bodies that empower the rapid growth of IoT-enabled protocol development. These standard bodies include network, communication, access, and application layer protocols that provide vision into the existing research to resolve the security challenges. Also, this chapter discusses the different protocol stacks for implementing early IoT advancements for millions of already installed wireless nodes. Moreover, very constrained research is available in the existing literature that meets the characteristics and specifications of IoT protocol development. In this chapter, we study the communication characteristics of IoT protocols with their features thoroughly. Finally, we illustrate the state-of-the-art IoT-enabled cryptographic schemes and demonstrate a detailed analysis of the previous protocols. Most of the protocols are classified into two categories such as private- and public-key-based lightweight cryptography. Furthermore, we discuss numerous research challenges and open problems of IoT-enabled lightweight cryptographic protocols.
Shubham Gupta, Sandeep Saxena
Chapter 5. Communication Security in IoT
Internet of Things (IoT) is a network of connections of smart devices. This network is made up of different components and terms such as RFID, sensor, network protocols, semantic analysis, and intelligent decision-making. These components are dispersed into different layers. These layers are the perception layer that helps in sensing the environment and helps in capturing and sending the data to its gateway; network layer helps in sending the information to the Internet and cloud server. Cloud server helps in storing and analyzing the data. The third layer is the application layer; it helps in providing the services to the user. In this chapter, our main focus is on the network layer. The main function of network layer is helping in the communication among the devices. This communication requires some protocols. Protocols are 6LoWPAN, ZigBee, BLE, NFC, Z-Wave, Sigfox; in this chapter, we focus on these protocols. These protocols transmit messages from one place to another. This gives a chance to an intruder for capturing the data. This is one of the motivations of writing this chapter which helps researchers to give a comprehensive look at different protocols and maintain security with a different defense mechanism. With the increment of connection of devices, data producing by them is also increasing, and utilization of resources is also increasing. So, there is a requirement for optimization of the network. In the last section of this chapter, we have mentioned the techniques of network optimization and the challenges related to optimization.
Raveena Yadav, Vinod Kumar
Chapter 6. Intrusion Detection System with Layered Approach to Internet of Things—A Business Paradigm
A network formed by smart objects consisting of multiple physical objects, sensors, edge devices, and communicating using different types of Internet resources employed for various applications in a wide range of fields such as automobiles, health care, garment, education, and logistics is referred to as Internet of Things (IoT). It is one of the most important technological revolutions in the current time. Moreover, with the popularity of Industry 4.0, there is a huge rise in IoT applications that are being deployed and in turn it has led to the need of innovative business models. IoT provides the base for a new business model which uses physical things and the Internet. It is expected that multi-billion of physical things will be linked to the Internet by the year 2022. Also, these physical objects are heterogeneous in nature, have different protocols and architectures, lack interoperability, and as more things get connected to other things and people, security becomes an increasingly important issue. If one thing gets hacked, the connectivity gets compromised and hence the other devices connected to it becomes vulnerable and the complete system gets exposed to security threats. The huge heterogeneous landscape of these objects makes it quite difficult to design the appropriate security measures. Therefore, in addition to traditional security techniques, other security tools particular to IoT domain are needed. For this, Intrusion Detection System (IDS) are used to fulfill the aim. In this chapter, we present an overview on the use of IDS in IoT. We focus on the current state of IoT by doing extensive literature survey, identifying current architectures, and presenting some security challenges and the possible solutions.
Sunil Gupta, Goldie Gabrani, Pradeep Kumar Arya
Chapter 7. Malware Detection in IoT
The use of IoT devices is increasing at a fast pace, and it is like IoT has conquered the world. This fast usage of IoT has changed the entire computing paradigm of the modern world. More people are interested in using IoT at their homes, offices, commercial stores, etc. IoT is being used everywhere like in medical sciences (IoMT), in the battle fields (IoBT), in traffic monitoring (IoV), in agriculture, and in machinery. With the widespread use of IoT in different fields, malicious activities are also rising. IoT connects the devices through Internet, and the data are stored online, so it has become easy for the attackers to gain access to this valuable data. The malicious activities aim toward breeching the confidentiality of the IoT devices, their authenticity, their integrity, and the availability of the data to the other resources of the system. Sometimes, the data are manipulated by the attackers and are not even available for the authorized users. Hence, this has become necessary to protect the IoT devices from the attacks. The effects of the malware are increasing day by day as they are becoming more fast and advanced. They harm and interrupt the normal functioning of the system and damage the client servers, networks that are associated with the affected system. The medium through which the malware transfers into the victim system is through the connected portable devices of the system, and through the network, the system is connected to. Malware is always been a serious threat to the digital world, and this is mainly due to the increase in the usage of the Internet, and hence, this is why the malware problem has become severe. The effectiveness of the malware detectors depend upon the kind of detection techniques used. Latest technologies are being developed by the researchers, but still, the malware attackers always remain a step ahead of the detection techniques or the anti-malware software. These days, the innovation in the information and communications technology (ICT) has been able to change the entire paradigm of the malware activities. Due to these advancements, there are a lot of new and secured communications environments are made for the IoT devices. The IoT environment provides the day to day activities of the IoT devices, but it also suffers several threats and attacks from the malware and virus activities such as denial-of-service attacks, privacy issues, password and username issues, information leaks, remote hijacking of the system, and impersonation. From all the mentioned attacks, most of them are caused by the malware software, and hence, malware attacks are the most dangerous ones. Malware botnets often lead to the several attacks which mainly lead to affect the system’s confidentiality, integrity, availability of data, system’s authenticity, etc. This mainly affects the confidential information present in the system; sensitive data can be disclosed; unauthorized users can get access to such data, etc. There is a shortage of existence of advanced security designs present in the IoT architectures of the IoT devices such as the presence of heterogeneity in the architecture of the processor. The malware detection techniques have to deal with several kinds of challenges such as the detection of the cross-architecture malware present in the IoT devices which are connected over the same network and work in the same system. Hence, in the recent years, the malware detection techniques mainly focus on the security analysis of the system. The dynamic and static-based analysis plays a major role in determining the IoT malware. Static-based analyses mainly address the multi-architecture problem present in the IoT devices, while the dynamic analysis mainly deals at the much advanced levels of the architecture. The usage of IoT has become a mega trend these days, and with the development of the new devices and systems, the complexity in the computing mechanisms also increases. The complications of the architecture in hardware and the software part of the system can lead to several security problems. Cybersecurity is taking a toll on these devices due to lack of good authentication mechanisms, outdated versions of malwares running in the system which may compromise the overall functioning of the devices. Hence, developing new modular approaches and improving the already existing security aspects of the IoT devices are the real need of the hour these days for the researchers. This chapter aims toward discussing the existing malware attacks in IoT hardware and software such as botnet, rootkit, ransomware, and Trojan horse. It also provides with some malware analysis and detection techniques. The following chapter includes six different sections. Section 7.1 contains a brief introduction of the different types of malware existing in the IoT software. Section 7.2 discusses malware found in IoT hardware and some of their counter measure techniques. Section 7.3 talks about the IoT malware analysis techniques, and then, it discusses about the different stages of malware analysis found in IoT. In Sect. 7.4, different types of IoT malware detection techniques are discussed along with their counter measures. Section 7.5 contains malware use cases which are prevalent at present. In Sect. 7.6, several research opportunities in the field of malware detection can be explored such that the existing techniques can be enhanced. The chapter ends with references to different papers and authors who have worked in this field.
Prachi Dahiya
Chapter 8. IoT Network Used in Fog and Cloud Computing
The ever-changing rapid paradigm shift from one technology to another has led to extensive research in interdisciplinary fields. The different technologies are enhancing and transmuting at such an exponential rate that it has become important to effectively manage all the data and related environments associated with them. The aim of this chapter is to contribute to understanding the significance of fog and cloud computing and the related Internet of Things (IoT) networks supporting these technologies in real-time applications. This chapter provides insights on how the IoT frameworks provide increased scalability, increased performance, and immediate pay-as-you-go payment options to both the providers and consumers. This chapter aims to provide detailed information about IoT networks which can be employed in cloud and fog computing. The chapter seeks to provide the readers a brief description on introduction of IoT, IoT networks, cloud computing, and fog computing and their integration with IoT. A detailed comparison between cloud computing and fog computing paradigms throws light on the distinctions between the two paradigms. This chapter highlights the implementation of fog and cloud computing using IoT in detail and also highlights the security issues, threats and concerns related to the discussed technologies and their implementations. We have also explored the IoT network protocols used for the implementation of fog computing and cloud computing using IoT, along with few case studies which underline the applications and examples with respect to the technologies. Since the power and potential of IoT is being realized, major business giants are investing heavily in the technology as the gains are long termed. As per recent reports, the fog computing market is expected to reach an approximate 18 to 20 billion $ by 2022. Also, fog computing has become a necessity only for IoT and cloud, but also for embedded artificial intelligence, it has become an integral part of major interdisciplinary works. And since the technology is acting as the backbone of the industries, it cannot be ignored now and it is here to stay. It is expected that fog computing is anticipated to embark into already existing software, devices as Fog as Service (FaaS).
Umang Kant, Vinod Kumar
Chapter 9. Internet of Vehicles: Features, Architecture, Privacy, and Security Issues
Internet of vehicles (IοV) is an emerging technology by assimilating the Internet of things (IoT) technοlogy in the transpοrtation to make the intelligent transpοrtation system. Vehicles have a number of sensors that accumulate infοrmation from the environment and other vehicles in the IοV platform. The user will assist in safe navigation, pollution control, traffic management, and also make vehicles capable of making their own decisions about delivering users to their destination after an analysis of the acquired data. Thus, IοV is the union of mobile Internet and IoT technology. It acts as the emerging domain for the autοmotive industries and has also become the essential part of smart cities. This chapter provides the brief intrοduction of Internet of vehicles and also highlights the characteristics of IοV implemented vehicles. To create the intelligent vehicles, different designing architecture is used to the implementation of IοV technology in the vehicles. Some architecture of IοV technology is highlighted in this chapter. Security has become a central concern because IοV includes a tremendous amοunt of dynamic continuous information. That is why the chapter summarizes the security requirements and security challenges.
Sushma Malik, Anamika Rana
Chapter 10. Cybersecurity and Ethics for IoT System: A Massive Analysis
This year’s exponential growth of digital links has resulted in a rise in cyber strikes, many of which have tragic and severe repercussions. Malware is the most common phenomenon used to achieve malevolent aims on the Internet, whether it is by exploiting new vulnerabilities or experimenting with new technologies and concepts. Customers identify the implementation of more robust and inventive pathogen parasitic breaches as a pressing need. In order to help them (Maxmen in Nature 555(7696):293–294, 2018), we will walk through the most common and easy problems that exist on old platforms, programming, and infrastructure layers. They serve as one of the most viable solutions after criticizing the present state requirements for change. Afterward, we analyze evolving assault techniques in areas such as Facebook, virtualization, mobile devices, and power grids. Finally, we discuss our hypothesis. We make a few observations regarding potential key findings coming up.
Manish Thakral, Rishi Raj Singh, Bharathi V. Kalghatgi
Chapter 11. Blockchain for Enhancing Security of IoT Devices
The Internet of Things (IoT) covers a vast area of automation, from cities to railways to cars and homes, and even wearables and implanted devices. The two common things in IoT are access networks through the Internet to transfer data from machine to machine (M2M) and very low-cost sensors. However, the data collected from IoT sensors contain a large amount of private information and must be preserved. Security and privacy are the two critical issues for IoT applications and still face some huge challenges. The fact that Blockchain emerges as the essential support mechanism for a cryptocurrency platform named Bitcoin. The origin story of Blockchain describes a distributed ledger that supports secure and immutable transactions without a central authority and only modifiable by agreement from all participants. This technological advancement has the potential to disrupt many industries, the IoT among them. Decentralizing information reduces the ability for data tampering and provides a trustless and secure environment for IoT. Considering the security advancements in centralized IoT ecosystems like cloud, fog and edge computing, the security implication is still insufficient to meet the challenges. In this study, we investigated fundamental working principles of Blockchain and how Blockchain-based systems achieve the characteristics of decentralization, security and trustless. We have analyzed some real-scenarios of the industries which indicates security enhanced using the integration of IoT and Blockchain concepts together to achieve the security mechanism in IoT devices some extend.
Yahye Adam Omar, S. B. Goyal
Chapter 12. Challenges and Trends on Post-Quantum Cryptography
The classical encryption code is facing challenges due to no copy protection mechanism. The attempt to explore diverse challenges in classical encryption code, such as prime factorization of a large number, is now possible with sub-polynomial time. As a result, classical cryptographic algorithms are real challenges and threads. Hence, post-quantum security or encryption codes in communication are now prime focus. In this chapter, the first challenges are discussed, and finally, several quantum cryptographic encryption algorithms are discussed, namely BB84, quantum teleportation, quantum cheque, and post-quantum cryptographic development.
Kunal Das, Arindam Sadhu
Internet of Things
herausgegeben von
Prof. Dr. Sandeep Saxena
Dr. Ashok Kumar Pradhan
Springer Nature Singapore
Electronic ISBN
Print ISBN