Fontys S7
Security of IOT protocols and technology
Nowadays more and more people have their home filled with smart devices. Almost everything is smart in some way. Which creates new problems like security. These products weren't made with security in mind, on the contrary, they were made to be cheap and easy to use for people without IT knowledge.
This causes IOT products to be, the most of the time, the weakest link in someones network. But IOT is here to stay and it is improving fast so let's take a look at some common security protocols.
| Protocol | Feature | TCP/UDP | Security |
|---|---|---|---|
| LOWPAN | WPANs to maintain an IPv6 network | TCP | SSL |
| MQTT | To utilize the publish/subscribe pattern to provide transition flexibility and simplicity of implementation | TCP | SSL |
| AMQP | To provide publish-subscribe and point-to point communication | TCP | SSL |
| CoAP | To connect resource-constrained devices in a secure and reliable way | UDP | DTLS |
| XMPP | To transfer instant messaging (IM) standard that is used for multi-party chatting, voice and video calling and telepresence | TCP | SSL |
| DSS | To enable scalable, real-time, dependable, high-performance and interoperable data exchanges using a publish–subscribe pattern | TCP/UDP | SSL |
To show the security flaws in IOT devices
| Layers | Attacks | Issues | Control Measures |
|---|---|---|---|
| Perception | Hardware Tempering | Data Leakage (Keys, Routing Tables, Etc) | Secure Physical Design |
| Fake Node Injection | Fake Data Manipulation | Secure Booting | |
| Malicious Code Injection | Halt Transmission | Intrusion Detection Technology (IDT) | |
| Sleep Denial Attack | Node Shutdown | Authentication | |
| WSN Node Jamming | Jam Node Communication | IPSec Security Channel | |
| RF Interference Of RFID | Distortion In Node Communication | Authentication | |
| Network | Traffic Analysis Attacks | Data Leakage (About Network) | Routing Security |
| RFID Spoofing | Intrusion In Network Data Manipulation | GPS Location System | |
| RFID Unauthorized Access | Node Data Can Be Modified (Read, Write & Delete) | Network Authentication | |
| Sinkhole Attack | Data Leakage (Data Of The Nodes) | Security Aware Ad Hoc Routing | |
| Man In The Middle Attack | Data Privacy Violation | Point-To-Point Encryption | |
| Routing Information Attack | Routing Loops (Network Destruction) | Encrypting Routing Tables | |
| Application Security | Privacy Violation | Web Application Scanner | |
| Data Security | Data Leakage (User Data On Cloud) | Homomorphic Encryption | |
| Underlying Infrastructure Security | Service Hijacking | Fragmentation Redundancy Scattering | |
| Third-Party Relationships | Data Leakage (User Data On Cloud) | Encryption | |
| Shared Resources | Resources Destruction | Hyper Safe | |
| Virtualization Threats | Resources Theft | Hyper Safe | |
| Application | Phishing Attacks | Data Leakage (User Credentials Data) | Biometrics Authentication |
| Virus, Worms, Trojan Horse, Spyware | Resource Destruction & Hijacking | Protective Software | |
| Malicious Scripts | Hijacking | Firewalls | |
| Denial Of Service | Resource Destruction | Access Control Lists | |
| Data Protection And Recovery | Data Loss & Catastrophic Damage | Cryptographic Hash Functions | |
| Software Vulnerabilities | Buffer Over Flow | Awareness Of Security |
As seen in this article there are a lot of different vulnerabilities in IOT devices. And not all of them can be solved with just a good security protocol.
- Date: November 2021
- Client: Fontys
- Category: Research Skill