Professional Documents
Culture Documents
Unit II:
Unit III:
Unit IV:
Unit V:
Fundamentals
ISO OSI MODEL:
∙ What is ISO in OSI model?
ISO stands for international organization of Standardization. This is called a model for Open
System Interconnection (OSI) and is commonly known as OSI model. The ISO-OSI model is a seven
layer architecture. It defines seven layers or levels in a complete communication system.
∙ physical layer is the lowest layer of the OSI model. This layer controls the way unstructured,
raw, bit -stream data is sent and received over a physical medium. This layer is composed of
the electrical, optical, and physical components of the network.
∙ Data Link Layer provides the functional and procedural means to transfer data between
network entities and to detect and possibly correct errors that may occur in the physical layer.
... Both WAN and LAN service arrange bits from the physical layer into logical sequences
called frames.
∙ Network layer uses network addresses (typically Internet Protocol addresses) to route packets to
a destination node. The data link layer establishes and terminates a connection between two
physically-connected nodes on a network. It breaks up packets into frames and sends them
from source to destination.
∙ Transport Layer provides transparent transfer of data between end users, providing reliable
data transfer services to the upper layers. The transport layer controls the reliability of a given
link through flow control, segmentation and desegmentation, and error control.
∙ Session Layer is the layer of the ISO Open Systems Interconnection (OSI) model that controls
the dialogues (connections) between computers. It establishes, manages, and terminates the
connections between the local and remote application.
∙ presentation layer transforms data into the form that the application accepts. This layer formats
and encrypts data to be sent across a network.
∙ application layer is an abstraction layer that specifies the shared communications protocols and
interface methods used by hosts in a communications network. An application layer
abstraction is specified in both the Internet Protocol Suite (TCP/IP) and the OSI model.
Architecture of IoT:
There is no single consensus on architecture for IoT, which is agreed universally. Different
architectures have been proposed by different researchers.
3. Outdated software
As vulnerabilities in software are discovered and resolved, it is important to distribute the updated
version to protect against the vulnerability. This means that IoT devices must ship with up-to-date
software without any known vulnerabilities, and that they must have update functionality to patch any
vulnerabilities that become known after the deployment of the device.
For example, the malware Linux.Darlloz was first discovered late 2013 and worked by exploiting a
bug reported and fixed more than a year earlier.
4. Lack of encryption
When a device communicates in plain text, all information being exchanged with a client device or
backend service can be obtained by a ‘Man-in-the-Middle’ (MitM). Anyone who is capable of
obtaining a position on the network path between a device and its endpoint can inspect the network
traffic and potentially obtain sensitive data such as login credentials. A typical problem in this
category is using a plain-text version of a protocol (e.g. HTTP) where an encrypted version is
available (HTTPS). A Man in-the-Middle attack where the attacker secretly accesses, and then relays
communications, possibly altering this communication, without either parties being aware.
Even when data is encrypted, weaknesses may be present if the encryption is not complete or
configured incorrectly. For example, a device may fail to verify the authenticity of the other party.
Even though the connection is encrypted, it can be intercepted by a Man-in-the-Middle attacker.
Sensitive data that is stored on a device (at rest) should also be protected by encryption. Typical
weaknesses are lack of encryption by storing API tokens or credentials in plain text on a device. Other
problems are the usage of weak cryptographic algorithms or using cryptographic algorithms in
unintended ways.
5. Application vulnerabilities
Acknowledging that software contains vulnerabilities in the first place is an important step in securing
IoT devices. Software bugs may make it possible to trigger functionality in the device that was not
intended by the developers. In some cases, this can result in the attacker running their own code on the
device, making it possible to extract sensitive information or attack other parties.
Like all software bugs, security vulnerabilities are impossible to avoid completely when developing
software. However, there are methods to avoid well-known vulnerabilities or reduce the possibility of
vulnerabilities. This includes best practices to avoid application vulnerabilities, such as consistently
performing input validation.
6. Lack of Trusted Execution Environment
Most IoT devices are effectively general-purpose computers that can run specific software. This makes
it possible for attackers to install their own software that has functionality that is not part of the normal
functioning of the device. For example, an attacker may install software that performs a DDoS attack.
By limiting the functionality of the device and the software it can run, the possibilities to abuse the
device are limited. For example, the device can be restricted to connect only to the vendor’s cloud
service. This restriction would make it ineffective in a DDoS attack since it can no longer connect to
arbitrary target hosts.
To limit the software a device can run, code is typically signed with a cryptographic hash. Since only
the vendor has the key to sign the software, the device will only run software distributed by the
vendor. This way, an attacker can no longer run arbitrary code on a device.
To totally restrict the code run on the device, code signing must also be implemented in the boot
process, with the help of hardware. This can be difficult to implement correctly. So called ‘jailbreaks’
in devices such as the Apple iPhone, Microsoft Xbox and Nintendo Switch are the result of errors in
the implementation of trusted execution environments.
9. Intrusion ignorance
When a device is compromised, it often keeps functioning normally from the viewpoint of the user.
Any additional bandwidth or power usage is usually not detected. Most devices do not have logging or
alerting functionality to notify the user of any security problems. If they have, these can be overwritten
or disabled when the device is hacked. The result is that users rarely discover that their device is under
attack or has been compromised, preventing them from taking mitigating measures.
∙ the importance of security when working remotely and highlights simple techniques that users
can employ to protect themselves while they are working remotely.
∙ remote management of security refers to any security policy, solution, strategy or process that
exists to prevent unauthorized access to your network, its resources, or any confidential or
sensitive data. Essentially, secure remote access is a mix of security strategies and not
necessarily one specific technology like a VPN.
∙ Secure Remote Access is a combination of security processes or solutions that are designed to
prevent unauthorized access to an organization's digital assets and prevent the loss of sensitive
data.
∙ Why Security is Important While Working Remotely
o Working Remote Presents Many Risks You are responsible for your own security o
Public places can have criminals and competitors
o Lack of preparation can make you an easy target
When you work remotely, you are responsible for ensuring the security of yourself, your belongings,
and your information. When you work remotely, you do not have the benefit of the security you have
in your office. You typically do not often have control over your environment or the people you are
around. This makes working remotely more of a risk than your environment at work or at home. Lack
of preparation for working remotely can make you an easy target for thieves, pick-pockets,
unscrupulous competitors, and other criminals. Good preparation however can significantly reduce
your risks and make your experience far more relaxing and productive.
∙ Risks of Working Remotely
o A lack of security can result in significant losses
▪ Theft of property and valuables
▪ Loss of confidential information
∙ Simple techniques can make you secure
o Personal security to protect yourself
o Protection of your valuables and information
If you do not have good security habits, you can suffer a significant loss. You can have your property
or valuables stolen. This might include your wallet, money, jewellery, and identification documents.
You may also lose confidential information you’re carrying. The theft of wallets, check books, and the
identification cards, payment cards, and bank account information they contain is the main methods of
identity theft. The loss of these items can also hamper any plans or travel. The theft may include a
briefcase or a laptop. The information that they contain can include confidential company product
plans, customer names, proprietary knowledge, and other items that can be very valuable to a
competitor. Even
the personal information that is stored there is valuable to a thief. The inconvenience that results can
spoil your work and your travel. What can seem like a simple incident can actually result in a
significant problem. Simple techniques can, however, protect you against many of these security risks.
These simple techniques should focus on your personal security to protect yourself, how to protect
your valuables and confidential information, knowing where to find assistance when you need it, and
having contingency plans in case of emergencies.
Definition: Risk identification is the process of determining risks that could potentially
prevent the program, enterprise, or investment from achieving its objectives. It includes
documenting and communicating the concern. Keywords: risk, risk identification, risk
management.
1.5Crypto resilience:
With cryptocurrency, the transaction cost is low to nothing at all—unlike, for example, the fee for
transferring money from a digital wallet to a bank account. You can make transactions at any time of
the day or night, and there are no limits on purchases and withdrawals. And anyone is free to use
cryptocurrency, unlike setting up a bank account, which requires documentation and other paperwork.
International cryptocurrency transactions are faster than wire transfers too. Wire transfers take about
half a day for the money to be moved from one place to another. With cryptocurrencies, transactions
take only a matter of minutes or even seconds.
Apart from the malware and MITM attacks discussed above, IoT systems can also be susceptible to
various cyberattacks. Here’s a list of the most common types of attacks on IoT devices:
role of firmware?
∙ Firmware assumes an intermediary role between the hardware and software – including
potential future upgrades of the software. Some firmware (such as the BIOS on a PC) does the
job of booting up a computer by initialising the hardware components and loading the
operating system.
What's an example of firmware?
∙ Examples of firmware include: The BIOS found in IBM-compatible Personal Computers.
Code inside a printer (in addition to the printer driver that is on the computer) Software
controlling a heart defibrillator.
UNIT 2: Security of Wireless Sensor Networks
∙ Due to significant advances in wireless and mobile communication techniques and the broad
development of potential applications,
∙ Wireless Sensor Networks (WSNs) have attracted great attention in recent years. Nevertheless,
WSNs are formed dynamically by a number of power-limited sensor nodes and the manager
node with long-lasting power.
∙ WSNs are self-organized and autonomous systems consisting of common sensors, manager
nodes and back-end data centre.
∙ Common sensors are responsible for transmitting the real-time sensor data of specific
monitoring environment to the intermediate collection nodes called manager node. ∙ Finally, the
back-end data centre will receive the sensed data from manager nodes to do further process and
analysis.
∙ Undoubtedly, all communication between nodes is through the wireless transmission techniques.
∙ Furthermore, due to the property of self-organized, without support from the fixed infrastructure
and the topology of wireless sensor network changes dynamically, therefore, broadcasting is
the general way for communications in WSNs.
∙ Wireless sensor network has been widely used in practical applications, such as monitoring of
forest fire, detection of military purpose, medical or science areas and even in our home life. ∙
However, WSNs are easily compromised by attackers due to wireless communications use a
broadcast transmission medium and their lack of tamper resistance.
∙ Therefore, an attacker can eavesdrop on all traffic, inject malicious packets, replay older
messages, or compromise a sensor node.
∙ Generally, sensor nodes are most worried about two major security issues, which are privacy o
preserving and node authentication.
∙ Privacy means the data confidentiality is achieved under security mechanism, and hence it
allows network communications between sensor nodes and the manager station to proceed
securely.
∙ In addition, a well-structured authentication mechanism can ensure that no unauthorized node is
able to fraudulently participate and get sensitive information from WSNs.
3. Multi-hop routing: The sensor range of nodes in the WSNs is assumed to be limited, so if a
node A would like to communicate with node D, which is out of communication range of node
A. The node B would be an intermediate node and is responsible for transmitting the
communication data to each other between node A and node B. The multi-hops are illustrated
1.Hardware constraints: This part is related to physical property and many constraints on these areas
have been proposed. For example, limited energy. In addition, due to the influence of limited volume
of the sensor, some sensor can only provide limited storage, limited bandwidth, limited energy and
limited computation ability.
2. Communication: The existing communicating schemes show that there are three main types of
communications in WSNs; including direct, clustering-based, and multi-hops communication. In direct
communication, every sensor node transmits its sensor data to a manager node and the manager node
is responsible for collecting these data to back-end data centre for further processing. In clustering
communication, all sensor nodes are divided into several groups and each cluster head node is
responsible for collecting data within its group. Multi-hops communication is used because the
communication range of a sensor is assumed to be limited and the neighboring sensor nodes maybe
used for transmitting the communication packets to each other on their path between the source node
and the destination node.
3. Scalability: Another consideration is the scalability of sensor networks. In this case, networking
must keep on working whatever the number of sensor nodes are placed will not be affected.
4. Fault tolerance: Due to the influence of applied environment on sensors, many exceptions have
been addressed in sensor networks. For example, sensors may crash, power failure or shut down etc.
Such problems need to be avoided by the strategies of fault tolerance to keep on networking.
5. Fault tolerance: Due to the influence of applied environment on sensors, many exceptions have
been addressed in sensor networks. For example, sensors may crash, power failure or shut down etc.
Such problems need to be avoided by the strategies of fault tolerance to keep on networking.
6. Power saving: When the sensors are distributed to monitor some environments of interest, these
sensors may work over a long span of several weeks even for months. Therefore, how to provide a
mechanism of power saving to extend its lifespan is highly important. In general, there’s too great a
consumption of power during the transmitting message phase.
7. Cost: Depending on the application of sensor network, a large number sensors might be scattered
randomly over an environment, such as weather monitoring. If the overall cost was appropriate for
sensor networks and it will be more acceptable and successful to users which need careful
consideration.
8. Mobility: In clustered (hierarchical) WSNs, sensor nodes are typically organized into many
clusters, with cluster controllers collecting sense data from ordinary sensor nodes in the managed
cluster to the back-end data center. Furthermore, compared to mobile ad hoc networks, when sensor
nodes are randomly deployed in a designated area, they only infrequently move from one cluster to
another, and thus mobility is not a critical issue in WSNs.
9. Sleep pattern: The sleep pattern is highly necessary in WSNs to extend the availability of the
networks. For example, the manager node can set fresh bootstrapping times for live sensors while
other sensor nodes can shut down to save power. Different sensor nodes are operated according to the
bootstrapping times to which they belong and the lifetime of WSNs is therefore extended in a
differentiated way.
10. Security: One of the challenges in WSNs is to provide high-security requirements with
constrained resources. The security requirements in WSNs are comprised of node authentication, data
confidentiality, anti-compromise and resilience against traffic analysis. To identify both trustworthy
and unreliable nodes from a security standpoint, the deployment sensors must pass an node
authentication examination by their corresponding manager nodes or cluster heads and unauthorized
nodes can be isolated from WSNs during the node authentication procedure. Similarly, all the packets
transmitted between a sensor and the manager node must be kept secret so that eavesdroppers cannot
intercept, modify and analyze, and discover valuable information in WSNs.
In addition to the characteristics and considerations mentioned above, security threats and
requirements are also critical for a variety of sensor network applications. In recent years, there are
several security issues in WSNs have been proposed. In this section, we will introduce some security
threats and requirements in WSNs.
Passive attacks: In passive attacks (such as eavesdropping attacks), eavesdroppers can unintrusive
monitor on the communication channel between two communicating nodes to collect and discover
valuable information without disturbing the communication.
Active attacks: active attacks (such as node replication attacks, sybil attacks, wormhole attacks, and
compromised node attacks) can be further classified into two categories: external attacks and internal
attacks. In external attacks (such as sybil attacks and wormhole attacks), a node does not belong to a
sensor network and it can first eavesdrop on packets sent or received by normal participating nodes
for the eventual purpose of malicious tempering, interfering, guessing, or spamming, and then injects
invalid packets to disrupt the network functionalities.
o For sybil attacks, a sensor node can illegitimately claim multiple IDs by either directly forging
false IDs, or else impersonating legal IDs. This harmful attack may lead to serious threats to
distributed storage, routing algorithm and data aggregation.
o For wormhole attacks, the malicious node may be located within transmission range of
legitimate nodes while legitimate nodes are not themselves within transmission range of each
other. Thus, the malicious node can tunnel control traffic between legitimate nodes and
nonexistent links which in fact are controlled by the malicious node. Finally, the malicious
node can drop tunnelled packet or carry out attacks on routing protocols.
Internal attacks (such as node replication attacks and node compromised attacks) are usually caused
by compromised members who are belong to the sensor network in question, and hence internal
attacks are more difficult to safeguard against than external attacks.
o For node replication attacks, when a sensor node is compromised by attackers, they can
directly place many replicas of this compromised node at different areas within the
networks. Thus, attackers may use these compromised nodes to subvert the network
functionalities, for example by injecting false sense data.
o For compromised attacks, due to the lack of tamper resistance in sensor nodes, attackers
may compromise a sensor node and use it to establish communication channels with non
compromised sensors to launch other more serious attacks within the sensor network.
According to the above description of the security threats, we can infer that a secure sensor network
corresponds with the following requirements.
Node authentication: For this requirement, a deployed sensor node proves its validity to its
neighboring sensors and the manger node. Thus, an invalid outsider would be unable to send
malevolent data into the networks and the manager node can confirm that received sensed data has
come from a valid sensor node, not from malicious outsiders. This also implies that a sensor node
joined in WSNs has been authenticated and it has the right to access the sensor network.
Availability: The availability of the network should not be affected even if sensors can only provide
limited storage, limited power, and limited computational ability. Therefore, a mechanism regulating
of sleep patterns is necessary for a sensor to extend its lifetime.
Location awareness: The damage cannot be spread from the victimized area to the entire network by
security attacks even if the sensor node is compromised. A secure communication scheme must limit
the damage’s scope caused by the intruders; the mechanism of location awareness is used for this
purpose.
Key establishment For sensor-to-sensor key establishment, a shared key is established by two
communication nodes to protect communications. Thus, all sensed data transmitted between
participants could be verified and protected even if an attacker eavesdrops on the communications
between nodes or injects illegal sensed data into networks, this requirement still provides an adequate
level of security.
No verification table: The verification tables are not required to be stored inside the manager nodes to
prevent stolen-verifier attacks.
Confidentiality: Path-key establishment in every session must be secure against malicious intruders
even if those attackers collect transmission packets.
Perfect forward secrecy: In a two-party path-key establishment, a scheme is said to have perfect
forward secrecy if revealing of the secret key to an intruder cannot help him/her derive the session
keys of past sessions.
Key revocation: When the back-end system or the manager node decides to terminate a sensor
utilizing task, or when a sensor is lost, the sensor must not be allowed to make use of the credential
which it stores to connect to networks.
∙ sensor
o – A transducer
▪ a device that is actuated by power from one system and supplies power usually
in another form to a second system a loudspeaker is a transducer that
transforms electrical signals into sound energy.
▪ Transducers are often employed at the boundaries of automation, measurement,
and control systems, where electrical signals are converted to and from other
physical quantities (energy, force, torque, light, motion, position, etc.).
o – converts physical phenomenon e.g. heat, light, motion, vibration, and sound into
electrical signals.
∙ sensor node
o – basic unit in sensor network
o – contains on-board sensors, processor, memory, transceiver, and power supply. ∙
sensor network
o – consists of a large number of sensor nodes.
o – nodes deployed either inside or very close to the sensed phenomenon.
∙ Characteristics
o Power consumption constraints for nodes using batteries or energy harvesting o
Ability to cope with node failures (resilience)
o Mobility of nodes
o Heterogeneity of nodes
o Scalability to large scale of deployment
o Ability to withstand harsh environmental conditions
o Ease of use
o Cross-layer design
∙ Factors Influencing WSN Design
o Fault tolerance
o Scalability
o Production costs
o Hardware constraints
o Sensor network topology
o Environment
o Transmission media
o Power Consumption
▪ Sensing
▪ Communication
▪ Data processing
∙ Applications
o Military Applications
o Environmental Applications
o Health Applications
o Home and Office Applications
o Automotive Applications
o Other Commercial Applications
∙ Advantages
o It avoids a lot of wiring
o It can accommodate new devices at any time
o It's flexible to go through physical partitions
o It can be accessed through a centralized monitor
∙ Disadvantages
o Lower speed compared to wired network.
o Less secure because hacker's laptop can act as Access Point. If you connected to their
laptop, they'll read all your information (username, password.. etc).
o More complex to configure than wired network.
o Gets distracted by various elementslike Blue-tooth .
o Still Costly at large.
o It does not make sensing quantities in buildings easier.
o It does not reduce costs for installation of sensors.
o It does not allow us to do more than can be done with a wired system. ∙
Design Challenges
o Heterogeneity
▪ The devices deployed may be of various types and need to collaborate with
each other.
o Distributed Processing
o The algorithms need to be centralized as the processing is carried out on different
nodes.
∙ Wireless Sensor Network in IoT is an infrastructure-less wireless network that is used for
deploying a large number of wireless sensors that monitor the system, physical and
environmental conditions.
NETWORKS CONNECTING WIRELESS SENSORS:
To connect Sensors embedded in IoT devices, a communication protocol is used. A low-power wide
area network ,LPWAN, is a type of wireless network designed to allow long-range communications
between these IoT devices.Lora based Wireless Sensor network is widely used. Sub-1 GHz,
Zigbee,Thread etc are also used to connect sensor networks and gateway and data collected from this
sensor network can be sent to cloud using cellular networks such as NBIoT, LTE-M or wifi etc.
WHAT IS LPWAN:
A low-power wide-area network (LPWAN) is a type of wireless telecommunication wide area network
designed to allow long-range communications at a low bit rate among things (connected objects), such
as sensors operated on a battery. A wireless wide area network used primarily for low-power devices is
known as a Low-Power Wide-Area Network (LPWAN). The sensor devices communicate on LPWAN
in Wireless sensor network.
COMMONLY USED LPWAN TECHNOLOGIES:
∙ SUB-1 GHZ
∙ NBIOT
∙ ZIGBEE
∙ LORAWAN
∙ LTE CAT-M1 OR LTE-M
∙ SIGFOX
∙ A Wireless Sensor Network (WSN) is a network of distributed and autonomous devices that use
sensors to track what’s happening around.
∙ The sensor nodes used in WSN systems are integrated with the onboard controllers. ∙ The
complete circuitry manages the operation and monitors it mainly. Everything is connected with
the base station known as the Gateway, where high end processing of data collected from
distributed sensors is done.
∙ All the distributed sensors devices in WSN are mostly connected over a LPWAN technology
and communicate with the gateway.`
∙ The Gateway acts as a bridge between the WSN or other networks and cloud. ∙ This enables data
to be stored and processed by devices with more resources, in a remotely located server which is
known as a gateway unit.
∙ Edge Computing and Cloud computing both has an important role in IoT Applications. ∙ Gateway
or Edge Gateway is a device that allows the management (control) of the network and aggregates
the information received from the nodes to send real-time or near real-time data to a user
platform.
∙ When the gateway is connected to a local laptop, the user can locally control and monitor the
WSN. Adding a cellular modem (works on LTE, NBIoT, LTE-catM1, etc) or an Internet
modem (works on wifi) to the gateway guarantees remote management and sends data to the
cloud.
∙ The gateway is important because it coordinates the communication aspect of the WSN as well
as its sleeping protocol.
∙ At a given time, the gateway wakes up nodes, data is exchanged, and then the nodes go back to
sleep.
∙ Sleeping is necessary for WSNs to save power.
∙ A sensor node generally spends 90% of its time sleeping.
∙ IoT Gateways manage device connectivity, data filtering, processing, protocol translation,
security etc.
∙ Some of the newer gateways also function as platforms for application code by processing data.
LoRa based wireless sensor network is a combination of two terms, LoRa (Long Range) and wireless
sensor networks. Now before knowing more about this let us first understand what these two terms
actually mean.
∙ In the early years of the Internet, network bandwidth capacity was restrained due to technical
limitations.
∙ Connections often depended on low-speed modems for transferring data. However, these low
speed connections demonstrated that IP could run over low- bandwidth networks. ∙ But today, the
evolution of networking has seen the emergence of high-speed infrastructures. ∙ However, high-
speed connections are not usable by some IoT devices in the last mile. ∙ The reasons include the
implementation of technologies with low bandwidth, limited distance and bandwidth due to
regulated transmit power, and lack of or limited network services. ∙ When link layer characteristics
that we take for granted are not present, the network is constrained.
∙ A constrained network can have high latency and a high potential for packet loss. Constrained
networks have unique characteristics and requirements.
∙ In contrast with typical IP networks, where highly stable and fast links are available, constrained
networks are limited by low-power, low bandwidth links (wireless and wired). They operate
between a few kbps and a few hundred kbps and may utilize a star, mesh, or combined
network topologies, ensuring proper operations.
∙ With a constrained network, in addition to limited bandwidth, it is not unusual for the packet
delivery rate (PDR) to oscillate between low and high percentages.
∙ Large bursts of unpredictable errors and even loss of connectivity at times may occur. ∙ These
behaviours can be observed on both wireless and narrowband power-line communication links,
where packet delivery variation may fluctuate greatly during the course of a day. ∙ Unstable link
layer environments create other challenges in terms of latency and control plane reactivity.
∙ One of the golden rules in a constrained network is to “underreact to failure.” Due to the low
bandwidth, a constrained network that overreacts can lead to a network collapse—which
makes the existing problem worse.
∙ Control plane traffic must also be kept at a minimum; otherwise, it consumes the bandwidth that
is needed by the data traffic.
∙ Finally, one has to consider the power consumption in battery-powered nodes. Any failure or
verbose control plane protocol may reduce the lifetime of the batteries.
∙ To summarize, constrained nodes and networks pose major challenges for IoT connectivity in
the last mile. This in turn has led various standards organizations to work on optimizing
protocols for IoT.
IP Versions
For 20+ years, the IETF has been working on transitioning the Internet from IP version 4 to IP version
6. The main driving force has been the lack of address space in IPv4 as the Internet has grown. IPv6
has a much larger range of addresses that should not be exhausted for the foreseeable future. Today,
both versions of IP run over the Internet, but most traffic is still IPv4 based.
While it may seem natural to base all IoT deployments on IPv6, you must take into account current
infrastructures and their associated lifecycle of solutions, protocols, and products. IPv4 is entrenched
in these current infrastructures, and so support for it is required in most cases. Therefore, the Internet
of Things has to follow a similar path as the Internet itself and support both IPv4 and IPv6 versions
concurrently.
Techniques such as tunnelling and translation need to be employed in IoT solutions to ensure
interoperability between IPv4 and IPv6. A variety of factors dictate whether IPv4, IPv6, or both can be
used in an IoT solution. Most often these factors include a legacy protocol or technology that supports
only IPv4. Newer technologies and protocols almost always support both IP versions. The following
are some of the main factors applicable to IPv4 and IPv6 support in an IoT solution:
• Application Protocol:
IoT devices implementing Ethernet or Wi-Fi interfaces can communicate over both IPv4 and IPv6,
but the application protocol may dictate the choice of the IP version. For example, SCADA protocols
such as DNP3/IP (IEEE 1815), Modbus TCP, or the IEC 60870-5-104 standards are specified only for
IPv4. So, there are no known production implementations by vendors of these protocols over IPv6
today. For IoT devices with application protocols defined by the IETF, such as HTTP/HTTPS, CoAP,
MQTT, and XMPP, both IP versions are supported. The selection of the IP version is only dependent
on the implementation.
• Serial Communications:
Many legacy devices in certain industries, such as manufacturing and utilities, communicate through
serial lines. Data is transferred using either proprietary or standards based protocols, such as DNP3,
Modbus, or IEC 60870-5-101. In the past, communicating this serial data over any sort of distance
could
be handled by an analog modem connection. However, as service provider support for analog line
services has declined, the solution for communicating with these legacy devices has been to use local
connections. To make this work, you connect the serial port of the legacy device to a nearby serial port
on a piece of communications equipment, typically a router. This local router then forwards the serial
traffic over IP to the central server for processing. Encapsulation of serial protocols over IP leverages
mechanisms such as raw socket TCP or UDP. While raw socket sessions can run over both IPv4 and
IPv6, current implementations are mostly available for IPv4 only.
6LoWPAN
While the Internet Protocol is key for a successful Internet of Things, constrained nodes and
constrained networks mandate optimization at various layers and on multiple protocols of the IP
architecture. Some optimizations are already available from the market or under development by the
IETF.
∙ Wireless Sensor Networks have the main factor which makes the network vulnerable is its
broadcast nature of transmission.
∙ WSNs are susceptible to broad range of security attacks due to wireless nature of
communication. Because of broadcast nature of communication always there is threat of
attacks.
∙ Furthermore, as sensor nodes are often placed in open environment so there is bonus threat of
physical or natural attacks, because they are not physically protected. Attacks in WSN..
o Sinkhole Attack: Sinkhole attack is basically the attack in which opponents try to
attract the whole traffic of the particular network. It takes place by when a
compromised
node creates centre of attraction for other nodes and attracts whole traffic. This takes
place only with the help of a compromised node.
o Selective forwarding: In selective forwarding attack the compromised node forward
only selected data packets not all to the receiver.
o Wormhole Attack: In wormhole attack the attacker records data packets in one
location and then stores those data packets in another location in order to retransmit
them later in the network.
o Hello flood attack: In hello flood attack an attacker sends a hello packet to the receiver
nodes, which is an attempt to make fool to the sensor nodes that this hello message is
send by the base station. This hello packet works as a weapon to convince other sensor
nodes
o Sybil Attack: In Sybil attack a node itself presents in many duplicate identities. This
attack basically goals to fault tolerant schemes such as multi-path routing and
topology maintenance and distributed storage.
o Message corruption: In this attack the attacker does modification in the message
during the transmission, this disturbs the integrity of the network.
o Denial of Service Attack: Denial of service attack (DoS) is a clear effort to prevent the
genuine user of a service or data. The ordinary technique of attack involves
overloading the target system with requests, so that it cannot service to genuine traffic.
This attack stops services for genuine users. The examples of attack are: Jamming,
Tapering, collision, homing, flooding, etc.
o Node malfunction: If a data-aggregating node such as a cluster leader is a malfunction
node then it will produce the inaccurate data that can harm the integrity of sensor
network.
o Node Outage: The situation when a node stops working is known as node outage. It
may be very much harmful if the victim node is the master node in the network. o Node
Subversion: If the node is captured by an attacker then there is threat of disclosure of
some secret data like cryptographic keys and therefore compromise the whole sensor
network. Any sensor node might be hacked, and secret information (key) accumulated on
it might be acquire by the attacker.
o False node: When an attacker adds an extra node in any network in order to inject
malicious data, comes under the category of false node. With the help of this false
node an intruder may add some false data which may disturb the communication.
Malicious code injected in the network with the help of false node could spread to all
nodes, which can harm whole network.
o Pulse delay attack: There may arise the problem when any intruder or snoopers snoops
the message transmission between two nodes, it may store the message pulses and
then
retransmits the message after some modifications. This problem is known as pulse
delay attack.
o Node Replication Attack: In node replication attack as name implies a replicated copy
of a node is added to the network. An attacker adds a replicated node in a sensor
network by copying node ID and other details related to their identity. This malicious
node may be dangerous for the sensor network because by inserting this node attacker
can manipulate a specific network segment or even it can destroy the network.
o Traffic Analysis: If the message which is transferred is encrypted then also there is risk
of malicious harm. This harm can be possible when the intruder continuously study
the communication pattern. This study can give enough information to intruder to
harm the network.
o Camouflages Adversaries: Any attacker can insert a malicious node in the network or
can compromise a node in order to attract the data packets of the network and then
these packets can be misrouted or can be altered.
o Monitoring & Eavesdropping: This is the most widely recognized assault to
protection. Snooping is the process by which, the opponent can easily get the message
contents. Some times when nodes are communicating information about controls then
eavesdropping is very harmful.
Countermeasures:
2.6. Trust requirements for security protocols for WSNs :
SPINS: SPINS Security Protocol for Sensor Networks:
∙ To study in detail the security protocol for sensor networks. We will go through the following
topics while studying security protocol for sensor networks security for sensor networks,
proposed techniques, application, related work, discussion.
∙ Today sensor network are being widely used in many applications such as real-time traffic
monitoring, military applications, emergency and critical system.
∙ Let us have a look at how security for sensor network is maintained.
∙ There are some challenges faced in security protocol for sensor networks. The is faced in
resource constraints. Resources are been limited in terms of energy, computation, memory,
code size, communication, energy consuming communication. Now let us understand how
SPINS contributes in building protocols.
o a.) SNEP
o SNEP is sensor network protocol and it provides sensor network encryption protocol
and secure point to point communication. SNEP has some important factors data
confidentiality, data authentication, replay protection, weak protection, weak
freshness, low communication overhead.
o b.) µTESLA
o µTESLA is micro timed efficient stream loss-tolerant Authentication. It provides
broadcast authentication. Problems with µTESLA is digital signatures for initial packet
authentication, limited overhead 24bytes per packet, passing one-way key chain is too big
the key is passed from base station to all the nodes through network. Let is now study the
factors essential for system.
▪ a.) Communication Pattern
∙ Communication in the sensor networks takes place from node to base
station, from base station to node, base station to all nodes.
▪ b.) Base Station
∙ A base station is a component or factor which has sufficient memory
and power, and shares secret key with each node while
communication.
▪ c.) Node
∙ Node in a network is a component which has limited resource and
limited trust.
∙ Drawbacks in the above stated is in µTESLA there is need of initial key for each node which
will probably lead to intensive communication. Spins uses source routing so it is not
vulnerable for analysing traffic.
o LEAP was introduced by Cisco Systems back in the year 2000. The aim of this was to
counter some of the earlier vulnerabilities suffered by previous authentication
technologies (CHAP and PAP). Even though attacks against the LEAP protocol were
previously known, Cisco maintained for a long time that the protocol was secure if
users could implement complex passwords. However, much safer protocols were
introduced that included EAP-TLS, EAP-TTLS and PEAP.
o LEAP is designed to provide more secure authentication for 802.11 WLANs (wireless
local area networks) that support 802.1X port access control.
o LEAP uses dynamic Wired Equivalent Privacy (WEP) keys that are changed with more
frequent authentications between a client and a RADIUS server.
2.6.4. TinySEC:
∙ What is TinySec?
■ Link-layer security architecture for wireless sensor networks
∙ Why do we need TinySec?
■ Sensor Networks need a way to communicate securely
■ Wireless inherently insecure due to it’s broadcast nature
■ Existing secure protocols are too bloated for wireless sensor networks
∙ Sensor networks have limited computational resources, battery life and
communication capabilities
Contributions:
∙ TinySec is the first fully-implemented link-layer security protocol for wireless sensor networks
■ TinySec is implemented in official TinyOS release
Sensor Networks:
∙ Message Confidentiality
■ Information needs to be kept private from unauthorized parties
■ Solution: Encryption
∙ Replay Protection
■ An unauthorized party resends a legitimate packet which it overheard at a later time
■ Typical defense: associate counter with each message
■ Problem: state needs to be kept for this and we don’t have the resources for this
■ Solution: Let a higher level protocol deal with this if it is a problem
∙ Overhead
■ Increase in message length
∙ Decrease throughput
∙ Increase latency
∙ Transparency
■ TinySec should be transparent to the application developer when in use
∙ Portability
■ TinySec should support different CPU and radio hardware
■ Any necessary porting should be as painless as possible
TinySec Design:
∙ TinySec-AE
■ Authentication & Encryption
■ MAC computed over encrypted data and the packet header
■ Ensures data received is from a trusted node
■ Prevents adversaries from seeing data
∙ TinySec-Auth
■ Authentication Only
■ Only ensure data received is from a trusted node
■ Good when data does not need to be private
TinySec Encryption:
∙ Encryption Scheme
■ Cipher block chaining (CBC)
∙ IV format
■ 8 byte IV
■ Want to minimize overhead while getting enough security
■ Part of IV is a counter
■ More on this later…
Encryption Algorithm Options:
∙ Stream ciphers
■ Faster than block ciphers (good!)
■ If we ever use the same IV, it is highly likely both messages can be decrypted (bad!) ∙
We have limited resources to vary the IV
Packet Format:
∙ Take 2 bytes for CRC and put them toward 4 bytes used for MAC (+2 bytes) ■
MAC computed over entire packet (data + header)
∙ Group field dropped (-1 byte)
■ Differentiates between multiple sensor networks
■ MAC does this for us
∙ TinySec-AE additional fields (+4 bytes)
■ src – source address
■ ctr – counter
■ These add variability to the IV
Security Analysis:
∙ Message Integrity and Authenticity
■ Based on MAC length (4 bytes for TinySec)
■ 1 in 2^32 chance to guess it
■ Adversary must send 2^32 packets to correctly fake a message
■ This is not OK for regular networks, given our data rate, this is ok
∙ Message Confidentiality
■ Security based on IV length, assuming no reuse
Keying Mechanisms:
∙ How do we distribute private keys to trusted nodes?
∙ Keys preconfigured
∙ Network-wide
■ 1 key for all nodes in the network
∙ Per-link
■ Each pair of nodes that communicate share a key
∙ Per-group
■ Each set of nodes that communicate share a key
∙ (Slightly off topic, but relevant to making the system work)
2.6.5. SM:
2.6.6. ZigBee:
∙ Zigbee is wireless PAN (Personal Area Network) technology developed to support automation,
machine-to-machine communication, remote control and monitoring of IoT devices. It evolved
from IEEE 802.15.4 wireless standard and supported by the ZigBee Alliance.
∙ Zigbee is considered to be a secure wireless communication protocol, with security architecture
built in accordance with IEEE 802.15. 4 standards. Security services provided by Zigbee
include key establishment, key transportation and frame protection via symmetric
cryptography.
However, Zigbee security features are based on certain assumptions:
∙ Zigbee assumes an “open trust” model. The protocol stack layers trust each other. The
layer that originates a frame is responsible for its security.
∙ The security services cryptographically protect the interfaces between different devices
only.
∙ Interfaces between different stack layers in the same device are arranged non
cryptographically.
∙ The secret keys are not discovered during key-transport. An exception to this is during
pre-configuration of a new device, in which a single key may be sent unprotected.
∙ Availability of almost perfect random number generators.
∙ Availability of tamper-resistant hardware.
There are two types of security models in Zigbee networks, as presented in Figure 6. They mainly
differ according to the implemented mechanism, how new devices are admitted into the network and
how they protect the messages in the network – Centralized security network and Distributed security
network.
1. Centralized Security model is complex but more secure and involves the Trust Center
(network coordinator). Only Zigbee Coordinators with Trust Center can establish
centralized networks. Nodes join the network, receive the network key and establish
unique link key with Trust Center. The Trust Center is responsible for:
∙ Configuring and authenticating routers and end devices that join the network. ∙
Generating network key to be used for encrypted communication across the network.
∙ Periodically or as required, switching to a new network key, as a security protection
method. If an attacker acquires a network key, it will have a limited lifetime.
∙ Establishing a unique link key for each device, as they join the network.
∙ Maintaining the overall security of the network.
1. Distributed security model is simple, but less secure. This model supports only routers and
end devices. Routers find their role in formatting the distributed network and they are
responsible for sign up of other routers and end devices. Routers publish network keys
(used to encrypt messages) to newly joined routers and end-devices. All the nodes in the
network use the same network key for encrypting messages. Also, all nodes are pre
configured with a link key (used to encrypt the network key) before entering the network,
as there is no Coordinator and Trust Center.
IEEE 802.1X:
∙ Devices attempting to connect to a LAN or WLAN require an authentication mechanism. IEEE
802.1X, an IEEE Standard for Port-Based Network Access Control (PNAC), provides
protected authentication for secure network access.
∙ ∙ An 802.1X
network is different from home networks in one major way; it has an authentication server called
a RADIUS Server. It checks a user's credentials to see if they are an active member of the
organization and, depending on the network policies, grants users varying levels of access to the
network.
∙ This allows unique credentials or certificates to be used per user, eliminating the reliance on a
single network password that can be easily stolen.
∙ 802.1X is a network authentication protocol that opens ports for network access when an
organization authenticates a user's identity and authorizes them for access to the network. ∙ The
user's identity is determined based on their credentials or certificate, which is confirmed by the
RADIUS server. The RADIUS server is able to do this by communicating with the organization's
directory, typically over the LDAP or SAML protocol.
KEY TAKEAWAYS
∙ 802.1X is an authentication protocol to allow access to networks with the use of a RADIUS
server.
∙ 802.1X and RADIUS based security is considered the gold standard to secure wireless and
wired networks today.
∙ LEACH (Low-Energy Adaptive Clustering Hierarchy) is a routing protocol for wireless sensor
networks in which:
o The base station (sink) is fixed
o Sensor nodes are homogenous
∙ LEACH conserves energy through:
o Aggregation
o Adaptive Clustering
Existing Routing Protocols:
▪ LEACH is compared against three other routing protocols:
– Direct-Transmission
• Single-hop
– Minimum-Transmission Energy
• Multi-hop
– Static Clustering
• Multi-hop
Direct-Transmission:
▪ Each sensor node transmits directly to the sink, regardless of distance ▪ Most
efficient when there is a small coverage area and/or high receive cost
Static Clustering:
2.6.9. TeenySec:
∙ A Wireless Sensor Network (WSN) link layer security protocol called TeenySec. ∙ WSNs are
caused by a lot of vulnerability because of factors such as hardware constraints of the sensor
nodes, wireless communication medium, real-time computing, heterogeneous
structure, large number of nodes, scalability, mobility, weight and cost requirements of
application environment.
∙ In sensitive WSN applications like surveillance of enemy lines or border areas, security
protocols must be used which provide confidential data transfer from sensors to base station. ∙
new data link layer protocol is developed which is called TeenySec.
∙ TeenySec provides data confidentiality, data integrity, data freshness and data authentication
and is also energy efficient.
Step 3: Domain Model Specification • The third step in the IoT design methodology is to define the
Domain Model. The domain model describes the main concepts, entities and objects in the domain of
IoT system to be designed. Domain model defines the attributes of the objects and relationships
between objects. Domain model provides an abstract representation of the concepts, objects and
entities in the IoT domain, independent of any specific technology or platform. With the domain
model, the IoT system designers can get an understanding of the IoT domain for which the system is
to be designed.
Step 4: Information Model Specification • The fourth step in the IoT design methodology is to define
the Information Model. Information Model defines the structure of all the information in the IoT
system, for example, attributes of Virtual Entities, relations, etc. Information model does not describe
the specifics of how the information is represented or stored. To define the information model, we
first list the Virtual Entities defined in the Domain Model. Information model adds more details to the
Virtual Entities by defining their attributes and relations.
Step 5: Service Specifications • The fifth step in the IoT design methodology is to define the service
specifications. Service specifications define the services in the IoT system, service types, service
inputs/output, service endpoints, service schedules, service preconditions and service effects.
Step 6: IoT Level Specification • The sixth step in the IoT design methodology is to define the IoT
level for the system.
Step 7: Functional View Specification • The seventh step in the IoT design methodology is to define
the Functional View. The Functional View (FV) defines the functions of the IoT systems grouped into
various Functional Groups (FGs). Each Functional Group either provides functionalities for interacting
with instances of concepts defined in the Domain Model or provides information related to these
concepts.
Step 8: Operational View Specification • The eighth step in the IoT design methodology is to define
the Operational View Specifications. In this step, various options pertaining to the IoT system
deployment and operation are defined, such as, service hosting options, storage options, device
options, application hosting options, etc
Step 9: Device & Component Integration • The ninth step in the IoT design methodology is the
integration of the devices and components.
Step 10: Application Development • The final step in the IoT design methodology is to develop the
IoT application.
System on Chips:
∙ System on Chip in IoT designed by Redpine Signals is discussed below.This IoT SoC supports
WLAN, bluetooth and Zigbee systems on a single chip. It also supports 2.4 and 5GHz radio
frequencies.
∙ As we know IoT is the technology which will provide communication between things,
between things and people using internet and IP enabled protocols.
∙ As we have seen in IoT tutorial any IoT compliant system will have two major parts viz.
front end and back end.
∙ Front end provides connectivity with physical world and consists of sensors while backend
consists of processing and network connectivity interfaces.
∙ Typical IoT system on chip support more than one RATs (Radio Access Technologies). It
will have following modules.
• Transmit and receive switch.
• RF part mainly consistsof Trasmitter, receiver, oscillator and amplifiers.
• Memoriesi.e. Program memory, data memory to store the code and data
• Physical layer(baseband processing) either on FPGA or on processor based on
complexityand latency requirement.
• MAC layer and upper protocol stacks TCP/IP etc. runningon processor
• ADC and DAC to provide interface between digital baseband and analog RF
portions.
• Various interfaces such as SDIO, USB, SPI etc to provide interface with the host.
• Other peripherals such as UART, I2C, GPIO, WDT etc. to use the IoT SoC for
variousconnections.
This IoT SoC (system on chip in IoT) can be used for numerous applications
as mentioned below:
• Mobile
• M2M-Communication
• Smart meters
• Home automation
• Health care devices and equipments
Figure: Simplified block diagram of the basic building blocks of the IoT
Sensors:
• These form the front end of the IoT devices. These are the so-called “Things” of the system.
Their main purpose is to collect data from its surroundings (sensors) or give out data to its
surrounding (actuators).
• These have to be uniquely identifiable devices with a unique IP address so that they can be
easily identifiable over a large network.
• These have to be active in nature which means that they should be able to collect real-time
data. These can either work on their own (autonomous in nature) or can bemade to work by
the user depending on their needs (user-controlled).
• Examples of sensors are gas sensor, water quality sensor, moisture sensor, etc.
Processors:
• Processors are the brain of the IoT system.
• Their main function is to process the datacaptured by the sensors and process them so as to
extract the valuable data from the enormous amount of raw data collected.
• In a word, we can say that it gives intelligence to the data.
• Processors mostly work on real-time basis and can be easily controlled by applications. • These
are also responsible for securing the data – that is performing encryption and decryption of data.
• Embedded hardware devices, microcontroller, etc are the ones that process the databecause they
have processors attached to it.
Gateways:
• Gateways are responsible for routing the processed data and send it to proper locations for its
(data) proper utilization.
• In other words, we can say that gateway helps in to and fro communication of the data. It
provides network connectivity to the data. Network connectivity is essential for any IoT
system to communicate.
• LAN, WAN, PAN, etc are examples of network gateways.
Applications:
• Applications form another end of an IoT system. Applications are essential for properutilization
of all the data collected.
• These cloud-based applications which are responsible for rendering the effective meaning to the
data collected. Applications are controlled by users and are a delivery point of particular
services.
• Examples of applications are home automation apps, security systems, industrial control hub,
etc.
• More and more, we’re filling out homes with “smart” / connected devices beyond old school
computers, from thermostats to security systems to kitchen appliances.
• Enterprises are bringing a whole range of processes, objects and spaces online to amplify human
potential as well.
• The Internet of Things (IoT) has enormous potential, but connecting everything has a side
effect: increased vulnerability.
• We must consider the fundamentals of IoT cybersecurity to protect ourselves personally and
professionally. Top concerns are best practices, the concept of “security by design” and device
security certification programs.
Key steps to securing IoT devices include the following best practices:
∙ Perform routine updates. Manufacturers release updates as they recognize ways their
products can be improved. Once the product is in your hands, rapidly installing updates
will help protect you against the most recently discovered threats. But keep in mind that
imperfect updates can expose new security vulnerabilities.
∙ Control access. Consider whether you need to be connected to the internet in order to use
the device. If you don’t need to be connected, then you only want to grant access to your
home network.
∙ Turn off Universal Plug and Play. UPnP is a weak point for routers, cameras, printers and
other devices. At the same time, secure interoperability is a must for IoT.
∙ Improve the passwords. They should be long and alphanumeric, while avoiding repetition,
dictionary words and personal details. Many devices currently ship with incredibly horrible
passwords like “admin” and “password,” so always check with your hardware vendor and
make sure to secure your IoT endpoints.
∙ Secure your connections. Use a virtual private network (VPN) to connect your devices to
the Internet. To improve your stability, make sure the VPN you use is well-suited for the
type of device.
∙ Beyond knowing a few steps you can take with devices, it helps to choose a manufacturer that
follows security by design.
∙ Security by design is a set of principles within hardware and software development focused on
securing the system and reducing the risk of a compromise.
∙ Following these principles allows a manufacturer to know that they are protecting users and
complying with the European Union’s General Data Protection Regulation (GDPR).
∙ Systems built using this method incorporate elements such as abiding by coding best practices,
implementing authentication protections and deploying continuous testing.
∙ The key reason that secures by design is so important is that software is typically considered first
and foremost in terms of its function. Security becomes a secondary concern, and the
developers must address security holes and vulnerabilities as an ongoing concern rather than
building it with optimized security.
∙ With secure by design, you can be certain that the manufacturer is fixing security issues
effectively and rapidly.
∙ Secure defaults. Create a secure experience standardly. Allow users to remove protections if
desired.
∙ Correctly repair security issues. Be careful about design patterns, which can introduce
regressions when you attempt to fix your code. Test on all relevant applications. ∙ Keep
security simple. You want your code to be as simple as possible. It is easier to reduce your
attack surface area in that context.
∙ The principle of defense in depth. While it may be reasonable to just have a single control,
∙ The principle of least privilege. Accounts should be given the minimum possible level of
∙ Avoid security by obscurity. You should not attempt to protect critical data simply by
∙ Secure failures. Verify that your code never fails in a manner that makes the user an
administrator by default.
∙ Minimize attack surface area.The attack surface area should be restricted as much as