Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective

Mookyu Park; Haengrok Oh; Kyungho Lee

doi:10.3390/s19092148

Security Risk Measurement for Information Leakage in IoT-Based Smart Homes from a Situational Awareness Perspective

Sensors ◽

10.3390/s19092148 ◽

2019 ◽

Vol 19 (9) ◽

pp. 2148 ◽

Cited By ~ 13

Author(s):

Mookyu Park ◽

Haengrok Oh ◽

Kyungho Lee

Keyword(s):

Smart Home ◽

Situational Awareness ◽

Personal Information ◽

Human Life ◽

Information Leakage ◽

Security Threats ◽

Security Risk ◽

Iot Security ◽

Home Based ◽

Iot Devices

Internet-of-Things (IoT) is a technology that is extensively being used in various fields. Companies like Samsung, LG, and Apple are launching home appliances that use IoT as a part of their smart home business. Currently, Intelligent Things which combine artificial intelligence (AI) and IoT are being developed. Most of these devices are configured to collect and respond to human behavior (motion, voice, etc.) through built-in sensors. If IoT devices do not ensure high security, personal information could be leaked. This paper describes the IoT security threats that can cause information leakage from a hierarchical viewpoint of cyberspace. In addition, because these smart home-based IoT devices are closely related to human life, considering social damage is a problem. To overcome this, we propose a framework to measure the risk of IoT devices based on security scenarios that can occur in a smart home.

Download Full-text

Design of a Symmetry Protocol for the Efficient Operation of IP Cameras in the IoT Environment

Symmetry ◽

10.3390/sym11030361 ◽

2019 ◽

Vol 11 (3) ◽

pp. 361

Author(s):

Jaeseung Lee ◽

Jungho Kang ◽

Moon-seog Jun ◽

Jaekyung Han

Keyword(s):

Personal Information ◽

Rapid Development ◽

Information Leakage ◽

Internet Technology ◽

Smart Devices ◽

The Internet ◽

Security Threats ◽

Efficient Operation ◽

Memory Space ◽

Iot Devices

The rapid development of Internet technology and the spread of various smart devices have enabled the creation of a convenient environment used by people all around the world. It has become increasingly popular, with the technology known as the Internet of Things (IoT). However, both the development and proliferation of IoT technology have caused various problems such as personal information leakage and privacy violations due to attacks by hackers. Furthermore, countless devices are connected to the network in the sense that all things are connected to the Internet, and network attacks that have thus far been exploited in the existing PC environment are now also occurring frequently in the IoT environment. In fact, there have been many security incidents such as DDoS attacks involving the hacking of IP cameras, which are typical IoT devices, leakages of personal information and the monitoring of numerous persons without their consent. While attacks in the existing Internet environment were PC-based, we have confirmed that various smart devices used in the IoT environment—such as IP cameras and tablets—can be utilized and exploited for attacks on the network. Even though it is necessary to apply security solutions to IoT devices in order to prevent potential problems in the IoT environment, it is difficult to install and execute security solutions due to the inherent features of small devices with limited memory space and computational power in this aforementioned IoT environment, and it is also difficult to protect certificates and encryption keys due to easy physical access. Accordingly, this paper examines potential security threats in the IoT environment and proposes a security design and the development of an intelligent security framework designed to prevent them. The results of the performance evaluation of this study confirm that the proposed protocol is able to cope with various security threats in the network. Furthermore, from the perspective of energy efficiency, it was also possible to confirm that the proposed protocol is superior to other cryptographic protocols. Thus, it is expected to be effective if applied to the IoT environment.

Download Full-text

HomeTec Software for Security Aspects of Smart Home Devices Based on IoT

10.54216/jcim.050101 ◽

2021 ◽

pp. 5-16

Author(s):

Parth Rustagi ◽

◽

...

Keyword(s):

Smart Home ◽

Denial Of Service ◽

Security Protocols ◽

The Internet ◽

Security Threats ◽

Deep Dive ◽

Cost Cutting ◽

Full Control ◽

Iot Devices ◽

Service Data

As useful as it gets to connect devices to the internet to make life easier and more comfortable, it also opens the gates to various cyber threats. The connection of Smart Home devices to the internet makes them vulnerable to malicious hackers that infiltrate the system. Hackers can penetrate these systems and have full control over devices. This can lead to denial of service, data leakage, invasion of privacy, etc. Thus security is a major aspect of Smart home devices. However, many companies manufacturing these Smart Home devices have little to no security protocols in their devices. In the process of making the IoT devices cheaper, various cost-cutting is done on the security protocols in IoT devices. In some way, many manufactures of the devices don’t even consider this as a factor to build upon. This leaves the devices vulnerable to attacks. Various authorities have worked upon to standardize the security aspects for the IoT and listed out guidelines for manufactures to follow, but many fail to abide by them. This paper introduces and talks about the various threats, various Security threats to Smart Home devices. It takes a deep dive into the solutions for the discussed threats. It also discusses their prevention. Lastly, it discusses various preventive measures and good practices to be incorporated to protect devices from any future attacks.

Download Full-text

Towards Secure and Privacy-Preserving IoT Enabled Smart Home: Architecture and Experimental Study

Sensors ◽

10.3390/s20216131 ◽

2020 ◽

Vol 20 (21) ◽

pp. 6131

Author(s):

Mamun Abu-Tair ◽

Soufiene Djahel ◽

Philip Perry ◽

Bryan Scotney ◽

Unsub Zia ◽

...

Keyword(s):

Experimental Study ◽

Smart Home ◽

Privacy Preservation ◽

Smart Cities ◽

Security And Privacy ◽

Test Cases ◽

Security Threats ◽

Hardware Implementations ◽

Cryptographic Algorithms ◽

Iot Devices

Internet of Things (IoT) technology is increasingly pervasive in all aspects of our life and its usage is anticipated to significantly increase in future Smart Cities to support their myriad of revolutionary applications. This paper introduces a new architecture that can support several IoT-enabled smart home use cases, with a specified level of security and privacy preservation. The security threats that may target such an architecture are highlighted along with the cryptographic algorithms that can prevent them. An experimental study is performed to provide more insights about the suitability of several lightweight cryptographic algorithms for use in securing the constrained IoT devices used in the proposed architecture. The obtained results showed that many modern lightweight symmetric cryptography algorithms, as CLEFIA and TRIVIUM, are optimized for hardware implementations and can consume up to 10 times more energy than the legacy techniques when they are implemented in software. Moreover, the experiments results highlight that CLEFIA significantly outperforms TRIVIUM under all of the investigated test cases, and the latter performs 100 times worse than the legacy cryptographic algorithms tested.

Download Full-text

Multiple Security Certification System between Blockchain Based Terminal and Internet of Things Device: Implication for Open Innovation

Journal of Open Innovation Technology Market and Complexity ◽

10.3390/joitmc5040087 ◽

2019 ◽

Vol 5 (4) ◽

pp. 87 ◽

Cited By ~ 7

Author(s):

Bong-Gyeol Choi ◽

EuiSeob Jeong ◽

Sang-Woo Kim

Keyword(s):

Internet Of Things ◽

Open Innovation ◽

Security Threats ◽

Effective Solution ◽

Iot Security ◽

Certification System ◽

Blockchain Technology ◽

Security Module ◽

Iot Devices ◽

User Device

As the number of Internet of Things (IoT) devices increases, services expand and illegal hacking and infringement methods become more sophisticated, an effective solution for blockchain technology is required as a fundamental solution to security threats. In this paper, we develop the security module of an IoT device based on blockchain technology that blocks hacking and information infringement and forms a multi-security blockchain system between the IoT device and the user device and we develop a user application. We contribute to addressing the security threats faced by IoT application services by developing a new method. In particular, we present some schemes for the development of a multi-security certification system based on blockchain for IoT security.

Download Full-text

A Framework for Malicious Traffic Detection in IoT Healthcare Environment

Sensors ◽

10.3390/s21093025 ◽

2021 ◽

Vol 21 (9) ◽

pp. 3025

Author(s):

Faisal Hussain ◽

Syed Ghazanfar Abbas ◽

Ghalib A. Shah ◽

Ivan Miguel Pires ◽

Ubaid U. Fayyaz ◽

...

Keyword(s):

Open Source ◽

Human Life ◽

Cyber Attacks ◽

Smart Devices ◽

Use Case ◽

Context Aware ◽

Iot Security ◽

Healthcare Environment ◽

Data Generator ◽

Iot Devices

The Internet of things (IoT) has emerged as a topic of intense interest among the research and industrial community as it has had a revolutionary impact on human life. The rapid growth of IoT technology has revolutionized human life by inaugurating the concept of smart devices, smart healthcare, smart industry, smart city, smart grid, among others. IoT devices’ security has become a serious concern nowadays, especially for the healthcare domain, where recent attacks exposed damaging IoT security vulnerabilities. Traditional network security solutions are well established. However, due to the resource constraint property of IoT devices and the distinct behavior of IoT protocols, the existing security mechanisms cannot be deployed directly for securing the IoT devices and network from the cyber-attacks. To enhance the level of security for IoT, researchers need IoT-specific tools, methods, and datasets. To address the mentioned problem, we provide a framework for developing IoT context-aware security solutions to detect malicious traffic in IoT use cases. The proposed framework consists of a newly created, open-source IoT data generator tool named IoT-Flock. The IoT-Flock tool allows researchers to develop an IoT use-case comprised of both normal and malicious IoT devices and generate traffic. Additionally, the proposed framework provides an open-source utility for converting the captured traffic generated by IoT-Flock into an IoT dataset. Using the proposed framework in this research, we first generated an IoT healthcare dataset which comprises both normal and IoT attack traffic. Afterwards, we applied different machine learning techniques to the generated dataset to detect the cyber-attacks and protect the healthcare system from cyber-attacks. The proposed framework will help in developing the context-aware IoT security solutions, especially for a sensitive use case like IoT healthcare environment.

Download Full-text

Deep Learning-Based Security Behaviour Analysis in IoT Environments: A Survey

Security and Communication Networks ◽

10.1155/2021/8873195 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Yawei Yue ◽

Shancang Li ◽

Phil Legg ◽

Fuzhong Li

Keyword(s):

Deep Learning ◽

Smart Home ◽

Ad Hoc ◽

Security Analysis ◽

Home Healthcare ◽

Security And Privacy ◽

Iot Security ◽

Privacy Concerns ◽

Iot Devices ◽

Primary Focus

Internet of Things (IoT) applications have been used in a wide variety of domains ranging from smart home, healthcare, smart energy, and Industrial 4.0. While IoT brings a number of benefits including convenience and efficiency, it also introduces a number of emerging threats. The number of IoT devices that may be connected, along with the ad hoc nature of such systems, often exacerbates the situation. Security and privacy have emerged as significant challenges for managing IoT. Recent work has demonstrated that deep learning algorithms are very efficient for conducting security analysis of IoT systems and have many advantages compared with the other methods. This paper aims to provide a thorough survey related to deep learning applications in IoT for security and privacy concerns. Our primary focus is on deep learning enhanced IoT security. First, from the view of system architecture and the methodologies used, we investigate applications of deep learning in IoT security. Second, from the security perspective of IoT systems, we analyse the suitability of deep learning to improve security. Finally, we evaluate the performance of deep learning in IoT system security.

Download Full-text

A Review Of The Issues And Challenges In IoT Security Using Machine Learning Techniques

International Journal of Emerging Trends in Engineering Research ◽

10.30534/ijeter/2021/28942021 ◽

2021 ◽

Vol 9 (4) ◽

pp. 499-502

Keyword(s):

Machine Learning ◽

Machine Learning Techniques ◽

Security Threats ◽

X Rays ◽

Iot Security ◽

Learning Techniques ◽

Human Endeavor ◽

Security Challenges ◽

Iot Devices ◽

The Internet Of Things

In a typical IoT network, a sensor connects to a controller using a wireless connection. Controllers collect data from sensors and sends the data for storage and analysis[1]. These controllers work with actuators that translate an electrical input to a physical action. The internet of things (IoT), have found application in different areas of human endeavor including healthcare, government, supply chain, cities, manufacturing, etc. and it is estimated that the number of connected devices will reach 50 billion by 2020[2] With the increasing number of devices comes an increase in the the varying number of security threats to the IoT network [3]. To contain these threats, a secure-by-design approach should be adopted as this will help the IoT devices to anticipate and neutralize the ever changing nature of the threats as against older systems where security was handled as it presents itself [2] This paper x-rays the security challenges in IoT networks and the application of machine learning (Supervised learning, Unsupervised learning and Reinforcement learning) in tackling the security challenges

Download Full-text

IoT Security Using Steganography

Multidisciplinary Approach to Modern Digital Steganography - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-7160-6.ch009 ◽

2021 ◽

pp. 191-210

Author(s):

Atrayee Majumder Ray ◽

Anindita Sarkar ◽

Ahmed J. Obaid ◽

Saravanan Pandiaraj

Keyword(s):

Low Cost ◽

Mobile Technologies ◽

Security Level ◽

Security Threats ◽

Computing Systems ◽

Iot Security ◽

Advantages And Disadvantages ◽

Processing Power ◽

The World ◽

Iot Devices

Internet of things (IoT) is one of those emerging technologies, which are going to rule the world in the next few decades. Due to the advancement of low-cost computing systems and mobile technologies, these physical things are now capable of sharing and collecting data with minimal human interference. However, these devices are exposed to various security threats regarding privacy and data confidentiality as they are openly accessible to all in the network. Moreover, many IoT devices have low processing power and weak security level which could be the main targets for hackers. Lightweight cryptographic schemes are used to meet the security needs in IoT environment. Steganography is used as another security tool for IoT devices. This chapter is an attempt to analyze the various steganography techniques used to strengthen the security needs of IoT devices as per their applications. IoT security schemes using different steganography models and algorithms are outlined here with their relative advantages and disadvantages.

Download Full-text

Scalable and Secure Internet of Things Connectivity

Electronics ◽

10.3390/electronics8070752 ◽

2019 ◽

Vol 8 (7) ◽

pp. 752 ◽

Cited By ~ 6

Author(s):

Ye-Jin Choi ◽

Hee-Jung Kang ◽

Il-Gu Lee

Keyword(s):

Internet Of Things ◽

Industrial Revolution ◽

Human Life ◽

Security Threats ◽

Multiple Objects ◽

Security Risks ◽

Blockchain Technology ◽

Iot Devices ◽

The Internet Of Things ◽

User Intervention

The Internet of things (IoT) technology, which is currently considered the new growth engine of the fourth industrial revolution, affects our daily life and has been applied to various industrial fields. Studies on overcoming the limitations of scalability and stability in a centralized IoT operating environment by employing distributed blockchain technology have been actively conducted. However, the nature of IoT that ensures connectivity with multiple objects at any time and any place increases security threats. Further, it extends the influence of the cyber world into the physical domain, resulting in serious damage to human life and property. Therefore, we aim to study a method to increase the security of IoT devices and effectively extend them simultaneously. To this end, we analyze the authentication methods and limitations of traditional IoT devices and examine cases for improving IoT environments by using blockchain technology. Accordingly, we propose a framework that allows IoT devices to be securely connected and extended to other devices by automatically evaluating security using blockchain technology and the whitelist. The method proposed in this paper restricts the extension of devices vulnerable to security risks by imposing penalties and allows only devices with high security to be securely and quickly authenticated and extended without user intervention. In this study, we applied the proposed method to IoT network simulation environments and observed that the number of devices vulnerable to security was reduced by 48.5% compared with traditional IoT environments.

Download Full-text

Threat Assessment for Android Environment with Connectivity to IoT Devices from the Perspective of Situational Awareness

Wireless Communications and Mobile Computing ◽

10.1155/2019/5121054 ◽

2019 ◽

Vol 2019 ◽

pp. 1-14 ◽

Cited By ~ 3

Author(s):

Mookyu Park ◽

Jaehyeok Han ◽

Haengrok Oh ◽

Kyungho Lee

Keyword(s):

Situational Awareness ◽

Personal Information ◽

Threat Assessment ◽

Machine Learning Algorithms ◽

High Price ◽

Android Os ◽

Threat Intelligence ◽

Iot Devices ◽

Future Direction ◽

Cyber Threat Intelligence

As smartphones such as mobile devices become popular, malicious attackers are choosing them as targets. The risk of attack is steadily increasing as most people store various personal information such as messages, contacts, and financial information on their smartphones. Particularly, the vulnerabilities of the installed operating systems (e.g., Android, iOS, etc.) are trading at a high price in the black market. In addition, the development of the Internet of Things (IoT) technology has created a hyperconnected society in which various devices are connected to one network. Therefore, the safety of the smartphone is becoming an important factor to remotely control these technologies. A typical attack method that threatens the security of such a smartphone is a method of inducing installation of a malicious application. However, most studies focus on the detection of malicious applications. This study suggests a method to evaluate threats to be installed in the Android OS environment in conjunction with machine learning algorithms. In addition, we present future direction from the cyber threat intelligence perspective and situational awareness, which are the recent issues.

Download Full-text