Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

A Brief Review of Cyber Attacks on Internet of Things and its Mitigation Techniques


Affiliations
1 National Advanced IPv6 Centre, Universiti Sains Malaysia, 11800 Gelugor, Malaysia
     

   Subscribe/Renew Journal


Since the inception of ARPANET almost 50 years ago, the Internet has come a long way to the point it has become as important as electricity and water supply. It has evolved from connecting computers and servers and computers to connecting “things”. Internet of Things or IoT as considered to be the next wave of the Internet development. As with any new technology, IoT also suffers from various security issues and vulnerabilities due to its design that is new and untested against attacks. Furthermore, IoT device manufacturers are focused on getting their product marketed at the soonest thus causing security taking the backseat. This paper provides an overview of the potential attacks that can be carried out on IoT devices and outline how these attacks can be mitigated.


Keywords

Internet of Things, Cyber Security, Cyber-Attack, Attack Mitigation.
User
Subscription Login to verify subscription
Notifications
Font Size

  • "Security and Privacy Issues in the Internet of Things", Cse.wustl.edu, 2016. [Online]. Available: http://www.cse.wustl.edu/~jain/cse574-14/ftp/security/index.html. [Accessed: 28- May- 2016].
  • Internet of Things,” Washington Univ., St. Louis, 2014. [Accessed: 27- May- 2016].
  • N. Gour, M. Agarwal, H. Singh and A. Kumar, "A Review on Impersonation Attack in Mobile Ad-Hoc Network", International Journal of Computer Trends and Technology, vol. 8, no. 1, pp. 34-37, 2014.
  • T. Tsao, R. Alexander, M. Dogler, V. Daza, A. Lozano and M. Richardson, "RFC 7416 - A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs)", Tools.ietf.org, 2016. [Online]. Available: https://tools.ietf.org/html/rfc7416. [Accessed: 28- May- 2016].
  • "IPSec Anti-Replay Check Failures", Cisco, 2016. [Online]. Available: http://www.cisco.com/c/en/us/support/docs/ip/internet-key-exchange-ike/116858-problem-replay-00.html#anc2. [Accessed: 28- May- 2016].
  • Awerbuch, R. Curtmola, D.Holmer, C. Nita-Rotaru, and H. Rubens, “Mitigating Byzantine Attacks in Ad Hoc Wireless Networks,” Johns Hopkins Univ., Baltimore, MD, Tech. Report Ver. 1, 2004.
  • P. Sharma, "A Review of Selective Forwarding Attacks in Wireless Sensor Networks", International Journal of Advanced Smart Sensor Network Systems, vol. 2, no. 3, pp. 37-42, 2012.
  • G. Kibirige C. Sanga, "A Survey on Detection of Sinkhole Attack in Wireless Sensor Network", IJSIA, vol. 10, no. 3, pp. 41-54, 2016.
  • Yih-Chun Hu, A. Perrig and D. Johnson, "Wormhole attacks in wireless networks", IEEE J. Select. Areas Commun., vol. 24, no. 2, pp. 370-380, 2006.
  • "Internet of Things", Wikipedia, 2016. [Online]. Available: https://en.wikipedia.org/wiki/Internet_of_Things. [Accessed: 27- May- 2016].
  • H. Solomon, "Lots of vulnerabilities in IoT device Web interfaces: Study", IT World Canada, 2015. [Online]. Available: http://www.itworldcanada.com/article/lots-of-vulnerabilities-in-iot-device-web-interfaces-study/378779. [Accessed: 27- May- 2016].
  • "HTTPS", Wikipedia. [Online]. Available: https://en.wikipedia.org/wiki/HTTPS. [Accessed: 27- May- 2016].
  • "Web Application Firewall - OWASP", Owasp.org, 2016. [Online]. Available: https://www.owasp.org/index.php/Web_Application_Firewall. [Accessed: 27- May- 2016].
  • "Authentication Cheat Sheet - OWASP", Owasp.org, 2016. [Online]. Available: https://www.owasp.org/index.php/Authentication_Cheat_Sheet. [Accessed: 27- May- 2016].
  • "Two-factor authentication", Wikipedia, 2016. [Online]. Available: https://en.wikipedia.org/wiki/Two-factor_authentication. [Accessed: 27- May- 2016].
  • "Blocking Brute Force Attacks - System Administration Database",Cs.virginia.edu, 2016. [Online]. Available: http://www.cs.virginia.edu/~csadmin/gen_support/brute_force.php. [Accessed: 27- May- 2016].
  • "The Internet of Secure Things – What is Really Needed to Secure the Internet of Things? | Icon Labs", Iconlabs.com, 2016. [Online]. Available: http://www.iconlabs.com/prod/internet-secure-things-%E2%80%93-what-really-needed-secure-internet-things. [Accessed: 27- May- 2016].
  • Cooper, "The IoT, Cloud and Security", CIO, 2016. [Online]. Available: http://www.cio.com/article/2933046/cloud-security/the-iot-cloud-and-security.html. [Accessed: 27- May- 2016].
  • "Hardware Security Modules (HSMs) | SafeNet Encryption & Key Security", SafeNet, Inc., 2016. [Online]. Available: http://www.safenet-inc.com/data-encryption/hardware-security-modules-hsms/. [Accessed: 27- May- 2016].
  • "Trusted Platform Module (TPM) | Trusted Computing Group (TPM)", Trusted Computing Group, 2016. [Online]. Available: http://www.trustedcomputinggroup.org/work-groups/trusted-platform-module/. [Accessed: 27- May- 2016].

Abstract Views: 355

PDF Views: 0




  • A Brief Review of Cyber Attacks on Internet of Things and its Mitigation Techniques

Abstract Views: 355  |  PDF Views: 0

Authors

Selvakumar Manickam
National Advanced IPv6 Centre, Universiti Sains Malaysia, 11800 Gelugor, Malaysia

Abstract


Since the inception of ARPANET almost 50 years ago, the Internet has come a long way to the point it has become as important as electricity and water supply. It has evolved from connecting computers and servers and computers to connecting “things”. Internet of Things or IoT as considered to be the next wave of the Internet development. As with any new technology, IoT also suffers from various security issues and vulnerabilities due to its design that is new and untested against attacks. Furthermore, IoT device manufacturers are focused on getting their product marketed at the soonest thus causing security taking the backseat. This paper provides an overview of the potential attacks that can be carried out on IoT devices and outline how these attacks can be mitigated.


Keywords


Internet of Things, Cyber Security, Cyber-Attack, Attack Mitigation.

References