A Brief Review of Cyber Attacks on Internet of Things and its Mitigation Techniques
Subscribe/Renew Journal
Since the inception of ARPANET almost 50 years ago, the Internet has come a long way to the point it has become as important as electricity and water supply. It has evolved from connecting computers and servers and computers to connecting “things”. Internet of Things or IoT as considered to be the next wave of the Internet development. As with any new technology, IoT also suffers from various security issues and vulnerabilities due to its design that is new and untested against attacks. Furthermore, IoT device manufacturers are focused on getting their product marketed at the soonest thus causing security taking the backseat. This paper provides an overview of the potential attacks that can be carried out on IoT devices and outline how these attacks can be mitigated.
Keywords
- "Security and Privacy Issues in the Internet of Things", Cse.wustl.edu, 2016. [Online]. Available: http://www.cse.wustl.edu/~jain/cse574-14/ftp/security/index.html. [Accessed: 28- May- 2016].
- Internet of Things,” Washington Univ., St. Louis, 2014. [Accessed: 27- May- 2016].
- N. Gour, M. Agarwal, H. Singh and A. Kumar, "A Review on Impersonation Attack in Mobile Ad-Hoc Network", International Journal of Computer Trends and Technology, vol. 8, no. 1, pp. 34-37, 2014.
- T. Tsao, R. Alexander, M. Dogler, V. Daza, A. Lozano and M. Richardson, "RFC 7416 - A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs)", Tools.ietf.org, 2016. [Online]. Available: https://tools.ietf.org/html/rfc7416. [Accessed: 28- May- 2016].
- "IPSec Anti-Replay Check Failures", Cisco, 2016. [Online]. Available: http://www.cisco.com/c/en/us/support/docs/ip/internet-key-exchange-ike/116858-problem-replay-00.html#anc2. [Accessed: 28- May- 2016].
- Awerbuch, R. Curtmola, D.Holmer, C. Nita-Rotaru, and H. Rubens, “Mitigating Byzantine Attacks in Ad Hoc Wireless Networks,” Johns Hopkins Univ., Baltimore, MD, Tech. Report Ver. 1, 2004.
- P. Sharma, "A Review of Selective Forwarding Attacks in Wireless Sensor Networks", International Journal of Advanced Smart Sensor Network Systems, vol. 2, no. 3, pp. 37-42, 2012.
- G. Kibirige C. Sanga, "A Survey on Detection of Sinkhole Attack in Wireless Sensor Network", IJSIA, vol. 10, no. 3, pp. 41-54, 2016.
- Yih-Chun Hu, A. Perrig and D. Johnson, "Wormhole attacks in wireless networks", IEEE J. Select. Areas Commun., vol. 24, no. 2, pp. 370-380, 2006.
- "Internet of Things", Wikipedia, 2016. [Online]. Available: https://en.wikipedia.org/wiki/Internet_of_Things. [Accessed: 27- May- 2016].
- H. Solomon, "Lots of vulnerabilities in IoT device Web interfaces: Study", IT World Canada, 2015. [Online]. Available: http://www.itworldcanada.com/article/lots-of-vulnerabilities-in-iot-device-web-interfaces-study/378779. [Accessed: 27- May- 2016].
- "HTTPS", Wikipedia. [Online]. Available: https://en.wikipedia.org/wiki/HTTPS. [Accessed: 27- May- 2016].
- "Web Application Firewall - OWASP", Owasp.org, 2016. [Online]. Available: https://www.owasp.org/index.php/Web_Application_Firewall. [Accessed: 27- May- 2016].
- "Authentication Cheat Sheet - OWASP", Owasp.org, 2016. [Online]. Available: https://www.owasp.org/index.php/Authentication_Cheat_Sheet. [Accessed: 27- May- 2016].
- "Two-factor authentication", Wikipedia, 2016. [Online]. Available: https://en.wikipedia.org/wiki/Two-factor_authentication. [Accessed: 27- May- 2016].
- "Blocking Brute Force Attacks - System Administration Database",Cs.virginia.edu, 2016. [Online]. Available: http://www.cs.virginia.edu/~csadmin/gen_support/brute_force.php. [Accessed: 27- May- 2016].
- "The Internet of Secure Things – What is Really Needed to Secure the Internet of Things? | Icon Labs", Iconlabs.com, 2016. [Online]. Available: http://www.iconlabs.com/prod/internet-secure-things-%E2%80%93-what-really-needed-secure-internet-things. [Accessed: 27- May- 2016].
- Cooper, "The IoT, Cloud and Security", CIO, 2016. [Online]. Available: http://www.cio.com/article/2933046/cloud-security/the-iot-cloud-and-security.html. [Accessed: 27- May- 2016].
- "Hardware Security Modules (HSMs) | SafeNet Encryption & Key Security", SafeNet, Inc., 2016. [Online]. Available: http://www.safenet-inc.com/data-encryption/hardware-security-modules-hsms/. [Accessed: 27- May- 2016].
- "Trusted Platform Module (TPM) | Trusted Computing Group (TPM)", Trusted Computing Group, 2016. [Online]. Available: http://www.trustedcomputinggroup.org/work-groups/trusted-platform-module/. [Accessed: 27- May- 2016].
Abstract Views: 354
PDF Views: 0