Presentation is loading. Please wait.

Presentation is loading. Please wait.

Azam Supervisor : Prof. Raj Jain

Published byAlvin McDowell Modified over 8 years ago

Similar presentations

Presentation on theme: "Azam Supervisor : Prof. Raj Jain"— Presentation transcript:

1 Azam Supervisor : Prof. Raj Jain
Survey on IoT Security Azam Supervisor : Prof. Raj Jain

2 Outline Introduction Why Cyber Security Matters in IoT
Security Goals of IoT Protocols Threats in IoT IoT Protocols (WirelessHART, 6LoWPAN, IPSec, IEEE ) Summary

3 Introduction What is IoT? The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data. For example, sensors on the roadway electronically alert cars to potential hazards, and the smart grid sends dynamic electricity pricing data to home appliances in order to optimize power consumption.

4 Why Cyber Security matters in IoT?
Current Internet security protocols rely on a well-known and widely trusted suite of cryptographic algorithms: The Advanced Encryption Standard (AES) block cipher for confidentiality The Rivest-Shamir-Adelman (RSA) asymmetric algorithm for digital signatures and key transport The Diffie-Hellman (DH) asymmetric key agreement algorithm; and the SHA-1 and SHA-256 secure hash algorithms.

5 But.. Securing an IoT system is a challenge because of many vulnerabilities. The applicability of these cryptographic techniques to the IoT is unclear, and requires further analysis to ensure that algorithms can be successfully implemented given the constrained memory and processor speed expected in the IoT. Until to date, security and interconnectivity issues amongst the IoT devices remain as open discussions.

6 Security Goals of IoT Protocols

7 Types of Threats Skimming: Read w/o knowledge of owner
Eavesdropping or sniffing: Man-in-the-middle Data Tampering: Erasing or changing data Spoofing: Mimic another source Cloning: Making a copy of data Malicious Code: Insertion of executable virus code Denial of Service: Overwhelm the receiver’s capacity Killing: Disable Jamming: Interfere with a strong signal Shielding: Mechanically prevent reading

8 IoT Protocols WirelessHART 6LoWPan IPSec IEEE

9 WirelessHART Currently the only WSN standard.
It designed primarily for industrial process automation and control. payload is encrypted and all messages are authenticated. All devices are provisioned with a secret Join key as well as a Network id in order to join the network. Master key, Session key, and Link key. The network key is shared between all devices

10 6LoWPAN 6LowPAN works on the IPv6 protocol suite based on IEEE standard. Hence it has the characteristics of low-cost, low-rate and low-power deployment. AES (Advanced Encryption System) IPsec (Internet Protocol Security) Research done by several researchers has shown that exchanging key is another problem that should be considered.

11 6LoWPAN Cryptography cannot detect attackers with legal keys that behave maliciously. There is a need for implementing IDS to monitor any malicious behavior of the network to prevent security attacks to decrease its effects.

12 Rank Attack

13 IPSec In IoT, security at the network layer is provided by the IP Security (IPsec) protocol suite. It can be used with any transport layer protocol including TCP, UDP, HTTP, and CoAP. However, being mandatory in IPv6, IPsec is one of the most suitable options for E2E security in the IoT.

14 IEEE The original IEEE standard was released in 2003. The original version supported two physical layers, one of them working in the and 915 MHz frequency bands and the other working in the 2.4GHz band. Later on, there was another revision released in 2006, which improved the transfer speeds. Additional bands were added in the subsequent revisions.

15 IEEE MAC Frame

16 Summary In summary, the security challenges for the IoT still are daunting. The link layer, the network layer, as well as the transport layer have distinct security requirements and communication patterns. In particular, security protocols should further take into account the resource-constrained nature of things and heterogeneous communication models. Hopefully, this survey can motivate more future works to cope with security concerns in the deployment of IoT.

17 Thank you for your kind attention !

Download ppt "Azam Supervisor : Prof. Raj Jain"

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Authentication In Mobile Internet Protocol version 6 Liu Ping Supervisor: professor Jorma Jormakka.

Authentication In Mobile Internet Protocol version 6 Liu Ping Supervisor: professor Jorma Jormakka.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google