A

Seminar Report
On
Security and privacy challenges in IOT

Submitted by
Priyanka Patel [2205112110069]
Bhavesh chandegra [2205112110009]

as
Partial fulfilment of Semester II
of Master of Computer Applications
for A.Y. 2022-2023

Under the Guidance of

Prof. Dr.Hina Choksi

Submitted To
Department of MCA

Faculty of IT & Computer Science

Parul University
 CERTIFICATE

This is to certify that Ms. Priyanka Patel, Enrollment No.

2205112110069,Mr.Bhavesh Chandegra, Enrollment No.
2205112110009student(s) of Master of Computer Applications
has/have satisfactorily completed the Seminar on “Security and
privacy challenges in IOT” as fulfillment of MCA Semester II.

Seat No. Date of Submission:

Seat No. Date of Submission:

Internal Guide Director - MC

 ACKNOWLEDGEMENT

Acknowledging the security and challenges of using the Internet of Things (IoT)
is crucial because IoT devices are becoming increasingly popular and are used in
various industries, including healthcare, transportation, and manufacturing.
While IoT has many benefits, including increased efficiency and productivity,
there are also significant security challenges that need to be addressed.

One of the most significant challenges of IoT is security. IoT devices are
vulnerable to cyber-attacks because they are often connected to the internet and
can be accessed remotely. Hackers can exploit these devices to gain access to
sensitive data or take control of the devices themselves. Additionally, many IoT
devices have weak security measures, making them an easy target for cyber-
attacks.

Another challenge of IoT is the lack of standardization and compatibility among

devices. This means that devices from different manufacturers may not work
well together, creating issues with data integration and interoperability.

"We would like to express my sincere gratitude to my professor Dr. Hina Choksi
Ma’am, & Faculty of IT & computer science PIET – MCA PARUL
UNIVERSITY for their invaluable guidance, support, and expertise throughout
the course of this project. Their insightful feedback, encouragement, and
dedication have been instrumental in the success of this project. I am truly
grateful for the opportunity to work with them and for their unwavering
commitment to my academic growth and development. Thank you, Dr. Hina
Choksi ma’am for your guidance and support."
 ABSTRACT

Abstraction is a useful technique for designing and implementing complex

systems, including smartwatch devices in IoT.

Abstraction involves separating out the essential features of a system and

ignoring the rest, to make it easier to understand and work with.

In the context of a smartwatch device in IoT, abstraction could be used in a

number of ways. For example, the device's hardware and software components
could be abstracted into layers, with each layer providing a different level of
functionality and hiding the complexity of the layer below it.

This could help developers to write software for the device more easily, without
needing to understand every detail of the hardware.

Another way abstraction could be used in a smartwatch device in IoT is to

abstract away the details of the device's connectivity to the internet and other
devices.

This could be done using APIs or other software tools that provide a high-level
interface to the device's network capabilities. This would allow developers to
focus on the functionality of their applications, without worrying about the
details of how the device is connected to the network.

abstraction is a powerful technique that can be used to make the development of

smartwatch devices in IoT more manageable and efficient.

By breaking down complex systems into simpler, more manageable components,

abstraction can help developers to focus on the functionality of their applications
and improve the overall user experience of the device.
 TABLE OF CONTENTS

No. Description Page No.

1. Introduction 7
1.1 Advantages of Iot
1.2 Dis-Advantages of Iot
2. Application Areas 10
2.1 Wearable Devices
2.1.1 SmartWatch Device in Iot
2.1.2 Advantages of SamrtWatch
2.1.3 Dis-advantsges of SamrtWatch
2.1.4 Security And Privacy Challenges
2.1.5 Solution of security Chanllenges

3. Methodologies 16

4. Algorithms / Techniques 17
4.1 lack of Encryption Algorithms
4.2 Advantages of Algorithms
5. Tools & Technologies 19

6. Current R&D works in the field 20

7. Bibliography / References 22
7.1 Books
7.2 Research paper
 1.INTRODUCTION

The Internet of Things (IoT) is a network of connected machines, objects, and

gadgets that exchange data and communicate with one another online. These
gadgets include everything from commonplace items like household appliances,
automobiles, and wearable technology to more complicated systems like business
machinery and smart city infrastructure.

The Internet of Things (IoT) gathers environmental data using sensors and other
hardware components, which is then processed and analysed to produce
informative insights. In a variety of businesses, this data can be used to increase
productivity, cut costs, and improve decision-making.

By enabling more connectivity and automation in our daily lives, the IoT has the
potential to completely change the way we work and live. Wearable technology,
for instance, may track our fitness and health levels, while smart homes can let us
control heating, lighting, and appliances remotely.

Figure 1: Internet Of Things

The increased use of IoT devices has, however, led to worries about security and
privacy. There is a chance that the massive amounts of data that these devices
capture and transmit could be intercepted or utilized improperly by third parties.

Overall, the Internet of Things (IoT) has the potential to transform how we live
and work, but it is critical that we address the security and privacy problems to
guarantee that the advantages of this technology are realised.

It is a challenging endeavour that necessitates cooperation between industry

players, researchers, and legislators to ensure the security and privacy of IoT
devices. It has been difficult to implement complete security measures due to the
absence of standardisation in device communication protocols and security
mechanisms. Additionally, it is challenging to efficiently manage and secure the
enormous number of devices in IoT networks.

1.1 Advantages of IoT:

Efficiency: IoT devices can streamline and automate tasks, improving overall
efficiency in a wide range of industries.

Improved decision-making: The data collected by IoT devices can provide

valuable insights that can inform better decision-making and improve business
operations.

Cost savings: By automating tasks and improving efficiency, IoT devices can help
reduce costs across various industries.

Convenience: IoT devices can offer greater convenience and control over
everyday tasks and activities.

Improved safety and security: IoT devices can enhance safety and security in
various settings, such as smart homes, industrial plants, and transportation
systems.
1.2 Disadvantages of IoT:

Security risks: As IoT devices collect and transmit large amounts of data, they are
susceptible to hacking and other cyber attacks, which can compromise personal
and sensitive information.

Privacy concerns: The data collected by IoT devices can be highly personal, and
there are concerns that this information could be misused or accessed by
unauthorized parties.

Interoperability issues: Different IoT devices may use different communication

protocols, which can make it difficult to connect and integrate them into larger
systems.

Reliability concerns: IoT devices may be prone to malfunctions, resulting in lost

data and other issues.

Lack of standardization: There is currently no standardization across IoT devices,

which can make it difficult for manufacturers, developers, and users to ensure
compatibility and interoperability.
 2.APPLICATION AREA

The Internet of Things (IoT) has a wide range of applications in various industries,
and each of these applications presents unique security and privacy challenges.

The common application areas of IoT and the associated security and privacy
challenges:

1. Smart City
2. Wearable device
3. Health monitoring
4. Smart Home
5. Self-driving Car
6. Smart Farming
7. Fitness Trackers
8. Smart Factories
9. Hospitals & Tour
10. Retail IOT

2.1 Wearable Devices:

Wearable devices are an important category of IoT devices that have gained
widespread popularity in recent years. These devices are typically worn on the
body, such as on the wrist, and can collect data and communicate with other
devices or networks.

wearable devices in IoT offer a wide range of benefits, including improved

health and fitness, increased productivity, and enhanced connectivity.
 Figure 2: Wearable device chart

Some technologies use of Wearable device:

1. Smartwatch
2. Smart ring
3. Smart cloths
4. Fitness tracker
5. Health Monitors

2.1.1 Smartwatch Device in IOT:

A smartwatch is a wearable device that offers advanced features beyond traditional
watches, such as the ability to connect to the internet and other devices.
Figure 3: SamrtWatch
It typically includes a touchscreen display and may have additional features such
as fitness tracking, heart rate monitoring, and GPS tracking. Smartwatches can
receive notifications from smartphones, allow users to make calls, and control
smart home devices.

They may also have access to a variety of apps and services, such as music
streaming and voice assistants.

Smartwatches are often designed to be paired with a smartphone, using Bluetooth

or Wi-Fi connectivity to communicate with the phone.

This allows for a more seamless integration with the user's digital life, as well as
the ability to control certain smartphone functions from the watch.

In addition to their convenience and functionality, smartwatches have also become

popular fashion accessories, with a wide range of designs and styles available to
suit different tastes and needs.

2.1.2 Advantages of smartwatch in IOT:

1 Instant notifications and messages. Keeping track of notifications

and messages has never been easier.
2 Managing phone calls effortlessly.
3 It's fashionable.
4 Battery saving.
5 Health and fitness tracker.
6 It's a travel buddy.
7 Safety.
8 Entertainment and music directly on your wrist.
2.1.3 Disadvantages of smartwatch in IOT:

1 They're Expensive.
2 Potential Risks of Smartwatches.
3 Smartwatches Need Regular Charging.
4 Not Convenient for Calling.
5 Never-Ending Notifications Can Be a Curse.
6 You Still Need to Have Your Phone With You.
7 Smartwatch Screens Have Limited Functionality

2.1.4 Security and privacy challenges in smartwatch in IOT:

1. Data privacy
2. Authentication
3. Encryption
4. Malware
5. Physical security
6. Third-party app vulnerabilities
7. Firmware and software vulnerabilities

Vulnerability in smartwatch in IOT:

Weak or easily guessable passwords: Smartwatches may use weak passwords or

default passwords that are easily guessable, making it easier for attackers to gain
access to the device.

Lack of encryption: Smartwatches may transmit data over unencrypted channels,

making it easier for attackers to intercept and steal data.

Malware: Smartwatches can be infected with malware, such as viruses or Trojan

horses, that can steal data, hijack the device, or perform other malicious actions.
Unpatched vulnerabilities: Smartwatches may contain vulnerabilities in their
firmware or software that have not been patched or updated, making them
vulnerable to exploitation by attackers.

Social engineering: Attackers may use social engineering techniques to trick

users into revealing sensitive information or downloading malicious apps.

Physical security: Smartwatches can be lost or stolen, providing attackers with

physical access to the device and any data stored on it.

2.1.5 Solution to solved the vulnerabilities in smartwatches in IoT

Strong passwords: Users should choose strong and unique passwords for their
smartwatches and avoid using default passwords. Additionally, the smartwatch
should have a feature that locks the device after a certain number of incorrect
password attempts.

Encryption: Smartwatches should use encryption to protect data in transit. This

means that all data transmitted from the device should be encrypted, making it
difficult for attackers to intercept and steal data.

Regular updates: Smartwatch manufacturers should release regular updates and

patches to fix any vulnerabilities in the device's firmware or software. Users
should ensure that their smartwatch is always up-to-date with the latest security
patches.

Antivirus software: Users should install antivirus software on their smartphones

and other devices that are connected to the smartwatch. This can help detect and
remove any malware that may have infected the smartwatch.

User awareness: Users should be educated on how to recognize and avoid social
engineering attacks. This includes not clicking on suspicious links or downloading
apps from untrusted sources.

Physical security: Users should keep their smartwatches secure, such as by using
a password or PIN to lock the device, and avoiding leaving the device unattended
in public places.
 3.METHODOLOGIES
Smartwatches are a popular category of IoT devices that combine various sensors,
connectivity technologies, and computing capabilities to provide a range of useful
functions to users.

Sensor Integration: Smartwatches typically come with a range of sensors,

including accelerometers, heart rate monitors, GPS sensors, and more. These
sensors are used to collect data on the wearer's movements, activities, and health
metrics. This data can be used by IoT applications to provide personalized
insights, such as fitness tracking, sleep monitoring, and location-based services.

Connectivity: Smartwatches use various connectivity technologies such as Wi-Fi,

Bluetooth, and cellular networks to connect with other devices and networks. This
enables the watch to communicate with IoT-enabled devices and services, such as
smart home appliances, health monitors, anxd entertainment systems.

Data Processing: Smartwatches have limited computing power and storage, so

they typically rely on cloud-based services to process data. The watch can collect
data and send it to a cloud-based IoT platform for further processing and analysis.
The platform can then send back personalized insights and recommendations to
the user's watch.

Security: IoT devices, including smartwatches, are vulnerable to security threats

such as hacking, data breaches, and malware attacks. To ensure the security of
smartwatches, IoT developers use various security measures such as encryption,
user authentication, and secure communication protocols.

User Experience: Smartwatches need to be designed with the user experience in

mind. They should have intuitive interfaces, easy-to-use controls, and personalized
settings. To achieve this, IoT developers use user-centered design principles, such
as usability testing, user feedback, and user research.
 4. ALOGORITHMS & TECHNQUES

4.1 Lack Of Encryption Algorithms:

Encryption is an important security measure that helps to protect data from

unauthorized access and tampering. While many smart watches use encryption to
secure data, some algorithms used to track steps or other activities may not
incorporate encryption.

def encrypt(data, key):

cipher = Fernet(key)
encrypted_data = cipher.encrypt(data)
return encrypted_data
def decrypt(encrypted_data, key):
cipher = Fernet(key)
decrypted_data = cipher.decrypt(encrypted_data)
return decrypted_data

figure 4 : AES base encryption figure 5 : Simple base encryption

(Advanced encryption standard)

The lack of encryption in these algorithms could potentially leave the data vulnerable
to interception or unauthorized access. For example, an attacker may be able to
intercept the data being transmitted from the smart watch to a mobile app or server
and read the data in plain text. This could potentially allow the attacker to view
sensitive information such as the wearer's location, activity patterns, and health data.
It's important to note that the lack of encryption in smart watch algorithms is not a
universal problem. Many smart watch manufacturers take security seriously and
implement encryption and other security measures in their devices and software.
Additionally, the risk of data interception or unauthorized access may be low in
many cases, especially if the data is only stored locally on the smart watch and not
transmitted over the internet.

It's important for smart watch manufacturers to prioritize security and implement
strong encryption and other security measures in their devices and software to protect
user data. Consumers should also take steps to protect their smartwatches, such as
setting strong passwords and keeping their devices and software up-to-date with the
latest security patches.

4.2 Advantages of lack of encryption algorithm:

Security: Fernet is a high-level symmetric encryption algorithm that provides strong

security for encrypting and decrypting data. It uses the AES encryption algorithm in
CBC mode with a 128-bit key, ensuring confidentiality and integrity of the data.

Ease of use: The code encapsulates the encryption and decryption operations within
separate functions, making it easy to implement and use. You can simply call the
encrypt function to encrypt your data and the decrypt function to decrypt it.

Key-based encryption: The encryption and decryption operations rely on a shared

key. As long as you keep the key secure and only share it with authorized parties,
you can ensure that only those with the key can decrypt the data.

Data integrity: Fernet automatically verifies the integrity of the encrypted data
during the decryption process. If the data has been tampered with or modified, the
decryption operation will fail, providing an additional layer of security.

Wide language support: Fernet is a standard encryption algorithm and is available

in many programming languages. This code can be easily adapted and used in
different environments and platforms.
 5. TOOLS & TECHNOLOGY

Smartwatches are wearable devices that offer a variety of functions beyond just
telling time. They can be connected to a smartphone or other devices and can
perform a wide range of functions, from tracking fitness to making phone calls and
sending messages.

Touchscreen display: Most smartwatches come with a touchscreen display that

allows users to navigate through various apps and features.

Sensors: Smartwatches often come with sensors such as heart rate sensors, GPS,
accelerometer, gyroscope, and barometer, which allow them to track fitness,
monitor activities, and provide health-related data.

Voice assistants: Many smartwatches have voice assistants such as Siri, Google
Assistant, or Amazon Alexa, which allows users to control their smartwatch with
voice commands.

NFC: Near Field Communication (NFC) technology is found in some

smartwatches, which allows users to make payments using their watch.

LTE/4G: Some smartwatches come with built-in cellular connectivity, allowing

them to make calls and send messages without the need for a smartphone.

WiFi and Bluetooth: Smartwatches use WiFi and Bluetooth to connect to other
devices, such as smartphones, headphones, and smart home devices.

Apps: Smartwatches often come with a variety of apps, including fitness tracking
apps, music streaming apps, weather apps, and messaging apps.

Battery life: Smartwatches have different battery life ranges, which can vary from
a few hours to several days depending on the usage and features.

Design and customization: Smartwatches come in a variety of designs and styles,

and some allow users to customize their watch faces, bands, and other features.
.
 6. CURRENT R&D WORKS IN
SMARTWATCHES
Smartwatches have been a subject of extensive research and development, and there
are several ongoing projects and studies that aim to improve the functionality and
usability of these devices. Here are some current/latest R&D works in
smartwatches:

Advanced health monitoring: Many researchers are working on developing

advanced health monitoring features that can track various health metrics such as
blood oxygen levels, blood glucose levels, and hydration levels. These features
could provide valuable insights to users and help them manage their health
proactively.

Wearable sensors: Researchers are exploring new wearable sensors that can be
integrated into smartwatches to track various physiological and environmental
parameters, such as temperature, humidity, and air quality. These sensors can
provide users with personalized and real-time feedback on their health and
environment.

Extended battery life: One of the major challenges of smartwatches is battery life,
and many researchers are working on developing new energy-efficient components
and technologies to extend the battery life of these devices. Some examples include
using solar cells, energy harvesting technologies, and low-power chips.

Machine learning and AI: Researchers are using machine learning and artificial
intelligence (AI) to improve the accuracy of smartwatch sensors and algorithms.
These technologies can analyze vast amounts of data and provide personalized
insights to users, such as predicting health risks and suggesting personalized
workouts.

Novel display technologies: Some researchers are exploring novel display

technologies, such as flexible and transparent displays, to enhance the functionality
and aesthetics of smartwatches. These displays can provide more intuitive and
immersive user experiences, such as touchless gestures and augmented reality.

Security and privacy: With the growing concerns around data privacy and
security, researchers are developing new technologies and protocols to secure
smartwatches and protect user data. Some examples include using biometric
authentication, encryption, and decentralized data storage.
Figure 6: Current work in Smart Watch
 7. BIBLIOGRAPHY/ REFERENCE

7.1 Books

1 Arirangnews. "Wearable Devices Raise Privacy Concerns." YouTube.

YouTube, 06 Aug. 2014. Web. 13 Mar. 2017.
https://www.youtube.com/watch?v=0e_QkV1vS94
2 Corbin, Kenneth. "IoT Makes Security and Privacy Top Challenges for
Wearables." CIO. CIO, 08 Mar. 2016. Web. 13 Mar. 2017.
http://www.cio.com/article/3041637/wearable-technology/iot-
makes-security-and-privacy-top-challenges-for-wearables.html
3 Drolet, Michelle. "7 Potential Security Concerns for Wearables."
Network World. Network World, 11 Apr. 2016. Web. 13 Mar. 2017.
http://www.networkworld.com/article/3054584/security/7-
potential-security-concerns-for-wearables.html
4 Tanzina Vega. "Rights Groups: Police Body Cameras Raise Privacy
Issues." CNN. Cable News Network, 15 May 2015. Web. 04 Mar. 2017.
http://edition.cnn.com/2015/05/15/politics/body-cameras-civil-
rights-privacy-coalition
5 Matt Pearce. "Growing Use of Police Body Cameras Raises Privacy
Concerns." Los Angeles Times. Los Angeles Times, 27 Sept. 2014. Web.
04 Mar. 2017. http://www.latimes.com/nation/la-na-body-cameras-
20140927-story.html

7.1 Research papers

1. "Wearable Technology -- Modern Marvel or Invasion of Privacy? |

Liberty Treehouse." YouTube. YouTube, 24 Mar. 2014. Web. 13 Mar.
2017. https://www.youtube.com/watch?v=B5hjNFR9hLQ
2. Nig, Cindy, Mrs. "5 Privacy Concerns about Wearable Technology."
Varonis Blog. Cindy Ng, 30 Oct. 2015. Web. 09 Sept. 2016.
https://blog.varonis.com/5-privacy-concerns-about-wearable-
technology
3. Thierer, Adam D. "The Internet of Things and Wearable Technology:
Addressing Privacy and Security Concerns without Derailing Innovation."
 By Adam D. Thierer :: SSRN. N.p., 12 Sept. 2014. Web. 13 Mar. 2017.
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2494382
4. "Wearable Technology and Privacy Concerns | MIT Sloan Executive
Education." Boston Business Leadership Training. MIT Sloan Executive
Education, 05 Dec. 2015. Web. 13 Mar.
5. Matt Pearce. "Growing Use of Police Body Cameras Raises Privacy
Concerns." Los Angeles Times. Los Angeles Times, 27 Sept. 2014. Web. 04
Mar. 2017. http://www.latimes.com/nation/la-na-body-cameras-20140927-
story.html
6. Tanzina Vega. "Rights Groups: Police Body Cameras Raise Privacy
Issues." CNN. Cable News Network, 15 May 2015. Web. 04 Mar. 2017.
http://edition.cnn.com/2015/05/15/politics/body-cameras-civil-rights-
privacy-coalition