A survey on Iot security: Application Areas, Security Threats, and Solution Architectures
II. SECURITY CRITICAL APPLICATION AREAS OF IOT
tải về 6.16 Mb. Chế độ xem pdf
|
thong-tin-so bao-cao-qpsk-1 - [cuuduongthancong.com]
| II. SECURITY CRITICAL APPLICATION AREAS OF IOT
Security is highly critical in almost all IoT applications that have already been deployed or are in the process of deploy- ment. The applications of IoT are increasing very rapidly and penetrating most of the existing industries. Although operators support these IoT applications through existing networking technologies, several of these applications need more stringent security support from technologies they use. In this section various security critical IoT applications are discussed. 1. Smart Cities: Smart cities involve extensive use of emerging computation and communication resources for increasing the overall quality of life of the people [15]. It includes smart homes, smart traffic manage- ment, smart disaster management, smart utilities, etc. There is a push to make cities smarter, and govern- ments worldwide are encouraging their development through various incentives [16]. Although the use of smart applications is intended to improve the overall quality of life of the citizens, it comes with a threat to the privacy of the citizens. Smart card services tend to put the card details and purchase behavior of the citizens at risk. Smart mobility applications may leak the location traces of the users. There are applications TABLE 2: Related Surveys on IoT Security Year Author Contributions 2016 Arsalan Mosenia et al., [7] A brief discussion of vulnerabilities faced by the edge side layer of IoT 2017 Yu wei et al., [8] Survey on using Edge Computing to secure IoT 2017 Jie Lin ea al., [9] Discussion on relationship between IoT and Fog Computing 2017 Y yang et al., [10] A brief discussion on most relevant limitations of IoT devices 2017 L chen , S. Thombre et al., [11] security issues specific to location-based services in IoT 2017 A H Ngu, V. Metsis et al., [12] Security issues related to the IoT middle ware 2018 I Farris, T Taleb et al., [13] Security mechanism for IoT security like SDN and NFB 2019 Ikram Ud din, M. Guizani et al,. [14] Trust Management Techniques for Internet of Things VOLUME x, 2019 3 This work is licensed under a Creative Commons Attribution 3.0 License. For more information, see http://creativecommons.org/licenses/by/3.0/. This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2019.2924045, IEEE Access Vikas Hassija et al.: A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures TABLE 3: List of Acronyms Notation Meaning ABSI Adaptive Binary Splitting Inspection AMI Advanced Metering Infrastructure AMQP Advanced Message Queuing Protocol APT Advanced Persistent Threat CoAP Constrained Application Protocol DAC Distributed Autonomous Corporation DAOs Decentalized Autonomous Organizations DDoS Distributed denial of service GPS Global Positioning System HAN Home Area Network IIoT Industrial Internet of Things IOE Internet of Everything IoT Internet of Things M2M Machine to Machine MCC Mobile Cloud Computing MEC Mobile Edge Computing MLP Multi-Layer Perceptron MQTT Message Queuing Telemetry Transport NFC Near Field Communication NFV Network Function Virtualization P2P peer to peer QoS Quality of Service RFID Radio Frequency Identification RSN RFID sensor Networks SDN Software-Defined Networking SHA Secure Hash Algorithm SIoT Social Internet of Things SMQTT Secure Message Queue Telemetry Transport STD Security Trust and Decentralization WSN Wireless Sensor Networks XMPP Extensible Messaging and Presence Protocol XSS cross-site scripting using which parents can keep track of their child. How- ever, if such applications are hacked, then the safety of the child can come to risk. 2. Smart Environment: Smart environment includes various IoT applications such as fire detection in forests, monitoring the level of snow in high alti- tude regions, preventing landslides, early detection of earthquakes, pollution monitoring, etc. All these IoT applications are closely related to the life of human beings and animals in those areas. The government agencies involved in such fields will also be relying on the information from these IoT applications. Security breaches and vulnerability in any area related to such IoT applications can have serious consequences. In this context, both false negatives and false positives can lead to disastrous results for such IoT applications. For example, if the application starts detecting earthquakes falsely, then it will lead to monetary losses for the government and businesses. On the other hand, if the application is not able to predict the earthquake, then it will lead to the loss of both property and life. There- fore, smart environment applications have to be highly precise, and security breaches and data tampering must be avoided. 3. Smart Metering and Smart Grids: Smart metering includes applications related to various measurements, monitoring, and management. The most common ap- plication of smart metering is smart grids, where the electricity consumption is measured and monitored. Smart metering may also be used to address the prob- lem of electricity theft [17]. Other applications of smart metering include monitoring of water, oil and gas levels in storage tanks and cisterns. Smart meters are also used to monitor and optimize the performance of solar energy plants by dynamically changing the angle of solar panels to harvest the maximum possible solar energy. There also exist some IoT applications that use smart meters to measure the water pressure in water transport systems or to measure the weight of goods. However, smart metering systems are vulnerable to both physical and cyber-attacks as compared to analog meters that can be tampered only by physical attacks. Also, smart meters or advanced metering infrastruc- ture (AMI) are intended to perform functions beyond generic energy usage recording. In a smart home area network (HAN) all electric equipment at home are con- nected to smart meters and the information collected from these equipments can be used for load and cost management. Intentional intrusion in such communi- cation systems by the consumer or an adversary may modify the collected information, leading to monetary loss for the service providers or consumers [18]. 4. Security and Emergencies: Security and emergencies is another important area where various IoT applica- tions are being deployed. It includes applications such as allowing only authorized people in restricted areas etc. Another application in this domain is the detection of leakage of hazardous gases in industrial areas or areas around chemical factories. Radiation levels can also be measured in the areas around nuclear power reactors or cellular base stations and alerts can be generated when the radiation level is high. There are various buildings whose systems have sensitive data or that house sensitive goods. Security applications can be deployed to protect sensitive data and goods. IoT applications that detect various liquids can also be used to prevent corrosion and break downs in such sensitive buildings. Security breaches in such applications can also have various serious consequences. For example, the criminals may try to enter the restricted areas by attacking the vulnerabilities in such applications. Also, false radiation level alarms can have serious immediate and long term impacts. For example, if infants are exposed to high levels of radiation, then it may lead to serious life threatening diseases in long term. 4 VOLUME x, 2019 This work is licensed under a Creative Commons Attribution 3.0 License. For more information, see http://creativecommons.org/licenses/by/3.0/. This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2019.2924045, IEEE Access Vikas Hassija et al.: A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures 5. Smart Retail: IoT applications are being extensively used in the retail sector. Various applications have been developed to monitor the storage conditions of the goods as they move along the supply chain. IoT is also being used to control the tracking of products in the warehouses so that restocking can be done optimally. Various intelligent shopping applications are also being developed for assisting the customers based on their preferences, habits, allergies to certain components, etc. Mechanisms to provide the experience of online shopping to offline retailers using augmented reality techniques have also been developed. Various compa- nies in retail have faced security issues in deploying and using various IoT applications. Some of these com- panies include Apple, Home Depot, JP Morgan Chase and Sony [19]. Adversaries may try to compromise the IoT applications associated with storage conditions of the goods and may try to send wrong information about the products to the users in order to increase the sale. If security features are not implemented in smart retail, attackers may steal debit and credit card information, phone numbers, email-addresses, etc. of the customers which can lead to monetary losses for the customers and retailers. 6. Smart Agriculture and Animal Farming: Smart agriculture includes monitoring soil moisture, control- ling micro-climate conditions, selective irrigation in dry zones, and controlling humidity and temperature. Usage of such advanced features in agriculture can help in achieving high yields and can save farmers from monetary losses. Control of temperature and humidity levels in various grain and vegetable production can help in preventing fungus and other microbial contam- inants. Controlling the climate conditions can also help in increasing the vegetable and crop yield and quality. Just like crop monitoring, there are IoT applications to monitor the activities and the health condition of farm animals by attaching sensors to the animals. If such applications are compromised, then it may lead to the theft of animals from the farm and adversaries may also damage the crops. 7. Home Automation: Home automation is one of the most widely used and deployed IoT applications. This includes applications such as those for remotely con- trolling electrical appliances to save energy, systems deployed on windows and doors to detect intruders, etc. Monitoring systems are being applied to track energy and water supply consumption, and users are being ad- vised to save cost and resources. Authors in [20] have proposed the use of logic based security algorithms to enhance security level in homes. Intrusions are de- tected by comparing the user actions at key locations of the home with normal behavior of the user in these locations. However, attackers may gain unauthorized access of the IoT devices in the home and try to harm the users. For instance, cases of home burglaries have FIGURE 2: Layers in IoT System. increased rapidly after the deployment of various home automation systems [20]. There have also been various cases in the past where the adversaries try to analyze the type and volume of Internet traffic to/from the smart home for judging the behavior and presence of the residents. tải về 6.16 Mb. Chia sẻ với bạn bè của bạn:
|