Security and Privacy in the Internet of Things
Description
Provides the authoritative and up-to-date information required for securing IoT architecture and applications
The vast amount of data generated by the Internet of Things (IoT) has made information and cyber security vital for not only personal privacy, but also for the sustainability of the IoT itself. Security and Privacy in the Internet of Things brings together high-quality research on IoT security models, architectures, techniques, and application domains. This concise yet comprehensive volume explores state-of-the-art mitigations in IoT security while addressing important security and privacy challenges across different IoT layers.
The book provides timely coverage of IoT architecture, security technologies and mechanisms, and applications. The authors outline emerging trends in IoT security and privacy with a focus on areas such as smart environments and e-health. Topics include authentication and access control, attack detection and prevention, securing IoT through traffic modeling, human aspects in IoT security, and IoT hardware security. Presenting the current body of knowledge in a single volume, Security and Privacy in the Internet of Things:
* Discusses a broad range of IoT attacks and defense mechanisms
* Examines IoT security and privacy protocols and approaches
* Covers both the logical and physical security of IoT devices
* Addresses IoT security through network traffic modeling
* Describes privacy preserving techniques in smart cities
* Explores current threat and vulnerability analyses
Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications is essential reading for researchers, industry practitioners, and students involved in IoT security development and IoT systems deployment.
More details
Other editions
Additional editions
Persons
ALI ISMAIL AWAD, PhD, is currently an Associate Professor with the College of Information Technology (CIT), United Arab Emirates University (UAEU), Al Ain, United Arab Emirates. He is also an Associate Professor with the Department of Computer Science, Electrical and Space Engineering, Luleå University of Technology, Luleå, Sweden. He is an Associate Professor with the Electrical Engineering Department, Faculty of Engineering, Al-Azhar University at Qena, Qena, Egypt. He is also a Visiting Researcher at the University of Plymouth, United Kingdom. Dr. Awad is an Editorial Board Member of the Future Generation Computer Systems Journal, Computers & Security Journal, the Internet of Things, Engineering Cyber Physical Human Systems Journal, Health Information Science and Systems Journal, and IET Image Processing Journal. Dr. Awad is currently an IEEE senior member.
JEMAL H. ABAWAJY, PhD, is a full professor at Faculty of Science, Engineering and Built Environment, Deakin University, Australia. He is a Senior Member of IEEE Society; IEEE Technical Committee on Scalable Computing (TCSC); IEEE Technical Committee on Dependable Computing and Fault Tolerance and IEEE Communication Society. His leadership is extensive spanning industrial, academic and professional areas (e.g., IEEE Technical Committee on Scalable Computing, Academic Board, Faculty Board and Research Integrity Advisory Group). Professor Abawajy is currently the Director of the Distributing System Security (DSS).
Content
About the Editors xiii
List of Contributors xv
Preface xix
1 Advanced Attacks and Protection Mechanisms in IoT Devices and Networks 1
Lejla Batina, Nele Mentens, Markus Miettinen, Naila Mukhtar, Thien Duc Nguyen, Md Masoom Rabbani, Phillip Rieger, and Ahmad-Reza Sadeghi
1.1 Introduction 2
1.2 Physical Security in IoT Devices 3
1.2.1 Physical Attacks 3
1.2.1.1 Side-channel Analysis Attacks 3
1.2.1.2 Fault Analysis Attacks 4
1.2.2 Profiling Attacks 4
1.2.3 Machine Learning and SCA 5
1.2.4 Real-world Attacks 7
1.2.5 Countermeasures 8
1.3 Remote Attestation in IoT Devices 9
1.3.1 Types of Remote Attestation 10
1.3.1.1 Software-based Remote Attestation 10
1.3.1.2 Hardware-based Remote Attestation 11
1.3.1.3 Hybrid Architecture-based Remote Attestation 12
1.3.2 Remote Attestation for Large IoT Networks 12
1.3.2.1 Classical Swarm Attestation Techniques 12
1.3.2.2 Swarm Attestation for IoT Services 14
1.3.3 Future Directions 14
1.3.3.1 Cloud-based RA Techniques 15
1.3.3.2 RA in Novel Internet Technologies 15
1.3.3.3 Blockchain Based RA 15
1.4 Intrusion Detection in IoT Networks 15
1.4.1 IoT Malware 15
1.4.2 Vulnerability Patching 16
1.4.3 Signature- and Anomaly Detection-based Network Intrusion Detection 17
1.4.4 Deep Learning-based Anomaly Detection 17
1.4.4.1 System Overview 18
1.4.4.2 Modeling Packet Sequence Patterns 18
1.4.4.3 Anomalous Packet Detection 19
1.4.5 Federated Deep Learning-based IoT Intrusion Detection System 20
1.4.5.1 Federated Learning 20
1.4.5.2 Federated Self-Learning Anomaly Detection 20
1.4.5.3 Challenges of Federated Learning-based Anomaly Detection System for IoT 22
References 23
2 Human Aspects of IoT Security and Privacy 31
Sune Von Solms and Steven Furnell
2.1 Introduction 31
2.2 An Overview of the Domestic IoT Environment 33
2.3 Security Issues and the IoT Landscape 39
2.4 Human Factors Challenges in IoT Security and Privacy 41
2.4.1 Security Trade-offs for Individuals in IoT 43
2.4.2 Data Ownership and Use 44
2.4.3 Device Management and Administration Responsibilities 46
2.4.4 The Age of Unwanted Intelligence 47
2.5 Toward Improved User-facing Security in the IoT 49
2.6 Conclusion 51
Acknowledgments 51
References 51
3 Applying Zero Trust Security Principles to Defence Mechanisms Against Data Exfiltration Attacks 57
Hugo Egerton, Mohammad Hammoudeh, Devrim Unal, and Bamidele Adebisi
3.1 Introduction 57
3.2 Data Exfiltration Types, Attack Mechanisms, and Defence Techniques 59
3.2.1 Types of Data Exfiltration 59
3.2.1.1 Physical 59
3.2.1.2 Remote 60
3.2.2 Data Exfiltration Attack Techniques 60
3.2.2.1 Physical-based 60
3.2.2.2 Remote-based 61
3.2.3 Insider Data Exfiltration Threats 63
3.2.3.1 Types of Insider Threats 63
3.2.4 Approaches to Counter Data Exfiltration 65
3.2.4.1 Preventative 65
3.2.4.2 Detective 66
3.2.4.3 Investigative 66
3.2.5 Mechanisms to Defend Against Physical Data Exfiltration 67
3.2.5.1 Network-based 67
3.2.5.2 Physical-based 67
3.3 A Defence Mechanism for Physical Data Exfiltration Mitigation 68
3.3.1 Confidential Data Identification 68
3.3.2 Endpoint Access Rules 70
3.3.3 Data Fingerprinting 72
3.3.4 Relevance to Physical-Layer Protection 73
3.3.5 Complementing Existing Firewall and Application-based Measures 73
3.4 Implementation and Analysis 75
3.4.1 Experimental Setup 75
3.4.2 Threat Scenario 77
3.4.3 Scenario Execution and Analysis 77
3.5 Evaluation 80
3.5.1 Scenarios 81
3.5.2 Scenario 1 82
3.5.3 Scenario 2 82
3.5.4 Scenario 3 83
3.5.5 Results Analysis and Discussion 84
3.6 Conclusion 86
References 86
4 eSIM-Based Authentication Protocol for UAV Remote Identification 91
Abdulhadi Shoufan, Chan Yeob Yeun, and Bilal Taha
4.1 Introduction 91
4.2 Drone Security 93
4.2.1 Drone Security in UTM 93
4.2.1.1 Physical Attacks 94
4.2.1.2 Cyber Attacks 94
4.2.1.3 Cyber-Physical Attacks 94
4.2.2 Security Attacks on Drones 95
4.2.3 Security Attacks from Drones 96
4.2.3.1 Spying and Surveillance 96
4.2.3.2 Smuggling 96
4.2.3.3 Physical Attacks 97
4.2.3.4 Cyber Attacks 97
4.3 Drone Safety 98
4.3.1 Drone Detection and Classification 98
4.3.2 Interdiction Technologies 98
4.4 UAV Remote Identification 100
4.5 Authentication Protocol for Remote Identification 103
4.5.1 Preliminaries 104
4.5.1.1 Assumptions and Notations 104
4.5.2 Registration 106
4.5.3 Secure Communication Protocol 107
4.5.3.1 M1: A Challenge from the Operator (A) to the Drone (B) 108
4.5.3.2 M2: A Response from the Drone (B) to the Operator (A) 109
4.5.3.3 M3: Control Message from the Operator to the Drone 109
4.5.3.4 M4: Drone's Response to the Control Message 110
4.5.3.5 M5: Secure Broadcast of Remote Identification Message 110
4.5.4 Security Analysis 110
4.5.5 Formal Verification 112
4.5.5.1 Declaration of User-Defined Types and Terms 112
4.5.5.2 Declaration of Cryptographic Primitives 113
4.5.5.3 Examples 114
4.5.5.4 Reachability and Secrecy Checking 114
4.5.5.5 Verifying Mutual Authentication 115
4.6 Conclusion 117
References 117
5 Collaborative Intrusion Detection in the Era of IoT: Recent Advances and Challenges 123
Wenjuan Li and Weizhi Meng
5.1 Introduction 123
5.2 Background 124
5.2.1 Background on Intrusion Detection System 124
5.2.2 Collaborative Intrusion Detection Framework 126
5.3 Recent Development of Collaborative Intrusion Detection 128
5.4 Open Challenges and Future Trend 136
5.4.1 Advanced Insider Threats 136
5.4.1.1 Advanced Attacks 136
5.4.1.2 Solutions 137
5.4.2 Open Challenges and Limitations 138
5.4.3 Future Trend 139
5.5 Conclusion 141
References 141
6 Cyber-Securing IoT Infrastructure by Modeling Network Traffic 151
Hassan Habibi Gharakheili, Ayyoob Hamza, and Vijay Sivaraman
6.1 Introduction 151
6.2 Cyber-Attacks on IoT Infrastructure 153
6.2.1 Eavesdropping 154
6.2.1.1 Solutions 154
6.2.2 Network Activity Analysis 154
6.2.2.1 Solutions 154
6.2.3 Active Reconnaissance 155
6.2.3.1 Solutions 155
6.2.4 Volumetric Attack 156
6.2.4.1 Solutions 156
6.2.5 Masquerading Attack 157
6.2.5.1 Solutions 157
6.2.6 Access Attack 158
6.2.6.1 Solutions 158
6.2.7 Active Crypto Attack 158
6.2.7.1 Solutions 159
6.2.8 Data Exfiltration 159
6.2.8.1 Solutions 159
6.2.9 Blocking Attack 160
6.2.9.1 Solutions 160
6.2.10 Sleep Deprivation Attack 160
6.2.10.1 Solutions 161
6.2.11 Trigger Action Attack 161
6.2.11.1 Solutions 161
6.3 Network Behavioral Model of IoTs 162
6.3.1 Enforcing MUD Profile to Network 162
6.3.2 MUD Protection Against Attacks 164
6.3.2.1 To Internet 166
6.3.2.2 From Internet 166
6.3.2.3 From/To Local 168
6.3.3 Monitoring MUD Activity 169
6.4 Conclusion 170
References 170
7 Integrity of IoT Network Flow Records in Encrypted Traffic Analytics 177
Aswani Kumar Cherukuri, Ikram Sumaiya Thaseen, Gang Li, Xiao Liu, Vinamra Das, and Aditya Raj
7.1 Introduction 177
7.2 Background 180
7.2.1 Encrypted Traffic Analytics (ETA) 180
7.2.2 Techniques for ETA 181
7.2.3 Hashing for Flow Record Authentication 182
7.3 Flow Based Telemetry 183
7.3.1 Flow Metadata 183
7.3.2 Flow-Based Approaches 183
7.3.3 Threats on Flow Telemetry 185
7.4 Hashing-Based MAC for Telemetry Data 186
7.5 Experimental Analysis 189
7.5.1 Hashed Flow Records 189
7.5.2 Symmetric Encryption with Hashed Flow Records 192
7.5.3 Asymmetric Encryption with Hashed Flow Records 195
7.6 Conclusion 199
List of Abbreviations 200
Acknowledgment 200
References 200
8 Securing Contemporary eHealth Architectures: Techniques and Methods 207
Naeem F. Syed, Zubair Baig, and Adnan Anwar
8.1 Introduction 207
8.2 eHealth 208
8.2.1 Why IoT Is Important in eHealth? 209
8.2.2 Fog or Edge Computing for eHealth 210
8.2.3 Cloud Computing for eHealth 212
8.2.4 Applications of IoT in eHealth 212
8.2.4.1 Sleep Monitoring System 212
8.2.4.2 Real Time and Advanced Health Diagnoses 213
8.2.4.3 Emotion Detection 213
8.2.4.4 Nutrition Monitoring System 213
8.2.4.5 Detection of Dyslexia 213
8.2.5 eHealth Security 213
8.2.5.1 Implications of eHealth Security for Smart Cities 214
8.3 eHealth Threat Landscape 215
8.3.1 eHealth Threat Model 215
8.3.1.1 eHealth Assets 216
8.3.1.2 eHealth Attack Agents 216
8.3.2 eHealth IoT Vulnerabilities and Threats 218
8.3.2.1 Attacks in BAN 218
8.3.2.2 Attacks in Communication Layer 219
8.3.2.3 Attacks in Healthcare Provider Layer 219
8.3.3 Real-world Attacks 221
8.4 Countermeasures 221
8.4.1 Patient Data Protection 223
8.4.2 Device and Communication Security Measures 224
8.4.2.1 Securing Communication 225
8.4.3 Adaptive Security Framework 226
8.4.4 Use Cases 228
8.5 Conclusion 229
References 230
9 Security and Privacy of Smart Homes: Issues and Solutions 235
Martin Lundgren and Ali Padyab
9.1 Introduction 235
9.2 State-of-the-Art in Smart Homes' Security and Privacy 236
9.2.1 Smart Home Technologies 236
9.2.2 User-Centric Privacy 237
9.2.3 Consequences of Data Breaches 238
9.2.4 Dimensions of Privacy Concerns 239
9.2.5 Consequences of Information Security 240
9.2.6 A Framework for Security and Privacy Concerns 242
9.3 Privacy Techniques and Mechanisms 244
9.3.1 Cryptography 244
9.3.2 Access Control 246
9.3.3 Privacy Policy 247
9.3.4 Anonymity 248
9.3.5 UI/UX, User Awareness, and Control 249
9.4 Toward Future Solutions 250
9.5 Conclusion 251
References 252
10 IoT Hardware-Based Security: A Generalized Review of Threats and Countermeasures 261
Catherine Higgins, Lucas McDonald, Muhammad Ijaz Ul Haq, and Saqib Hakak
10.1 Introduction 261
10.2 Hardware Attacks 262
10.2.1 IoT Devices 262
10.2.1.1 Node-Level Threats 264
10.2.1.2 RFID Technology 266
10.2.2 Hardware Design Threats 269
10.2.2.1 Fake Replica 269
10.2.2.2 Reverse Engineering 269
10.2.2.3 Intellectual Property Hijacking 270
10.2.2.4 Hardware Trojans 270
10.2.3 Side-Channel Attacks 270
10.2.3.1 Types of Side-Channel Attacks 271
10.3 Physical Security Attacks Countermeasures 274
10.3.1 Mitigation Techniques for IoT Hardware Attacks 275
10.3.2 Side-Channel Attacks 275
10.3.2.1 Hardware Trojans 275
10.3.2.2 Power Analysis Attack 279
10.3.2.3 Timing Attacks 283
10.3.2.4 Electromagnetic Analysis Attacks 284
10.3.2.5 Acoustic Crypto-Analysis Attack 285
10.3.3 Integrated Circuits Security 286
10.3.3.1 Countermeasures 286
10.3.4 Radio Frequency Identification 287
10.3.4.1 Physical Unclonable Function-based Authentication 287
10.3.4.2 Preventing Physical Tampering Attacks (Enhancing Physical Security) 287
10.3.4.3 Preventing Information Leakage 288
10.3.4.4 Preventing Relay Attack 288
10.4 Conclusion 289
Acknowledgment 291
References 291
Index 297
Preface
The Internet-of-Things (IoT) is an emerging paradigm due to extensive developments in information and communication technology (ICT). The purpose of IoT is to expand the functions of the first version of the Internet by increasing the ability to connect numerous objects. The IoT model has expanded to span different applications such as manufacturing and Industry 4.0, eHealth, smart cities and homes, robotics and drones, transportation, and critical infrastructures. The wide facilities offered by IoT and other sensing facilities have led to a huge amount of data generated from versatile domains; thus, security and privacy have become inevitable requirements not only for the sake of personal safety but also for assuring the sustainability of the IoT paradigm itself. Moreover, the nature and significance of the IoT systems themselves can increase their desirability as targets of attack. To get the full benefits of the IoT systems, the highest possible levels of security and privacy must be accomplished. However, as with the wide diversity of IoT applications and environments, several security and privacy issues remain unaddressed.
This book fills in the gaps in IoT security and privacy by providing the readers with cutting-edge research findings in the IoT security domain. This book outlines key emerging trends in IoT security and privacy considering the entire IoT architecture (perception, network, and applications) layers, with a focus on different critical IoT applications. The up-to-date body of knowledge presented in this book is a need for researchers, practitioners, and postgraduate students who work in the IoT development and deployment domains. This volume introduces a collection of 10 chapters written by experts in the field that cover both security and privacy aspects implied on IoT. Furthermore, the material has been prepared in a way that makes each chapter independently readable from the others, while still contributing a collective overall insight into the topic area. The book comprises 10 chapters structured as follows:
The book begins with the chapter Advanced Attacks and Protection Mechanisms in IoT Devices and Networks, authored by Batina et al., which introduces a full picture of the possible attacks and the countermeasures spanning IoT perception and network layers. The chapter covers a wide spectrum of security attacks and countermeasures in the IoT paradigm and prepares the stage for a better understanding of security vulnerabilities and protection mechanisms. Physical attacks, profiling attacks, and IoT malware at the network level are covered and augmented by some real-world examples. Countermeasures like remote attestation, machine learning-based solutions, and the applications of deep learning and federated self-learning in anomaly detection are also covered. The chapter identifies some future research directions like employing Blockchain for solving IoT security challenges.
Humans form the weakest circle in the cybersecurity chain. Therefore, human-related and social security aspects should be taken into consideration in addition to the technical security solution. Chapter 2 titled Human Aspects of IoT Security and Privacy, written by Solms and Furnell considers the human aspects of security and privacy issues with particular focus upon the use of IoT in the domestic context, where the users are potentially the least prepared in terms of background knowledge and available support. The chapter examines the challenges that may be presented from the perspective of using and managing the range of IoT devices that are now to be found in smart home environments, and the related data storage and sharing that may be inherent in their use. The chapter demonstrates the need for user-facing security and privacy to receive comparable attention to that directed toward other elements of core functionality.
Back to the technical cybersecurity aspects, Chapter 3 named Applying Zero Trust Security Principles to Defence Mechanisms Against Data Exfiltration Attacks, authored by Egerton et al. describes data exfiltration threats that can emerge from within a company and external threats that seek to gain unauthorized access to sensitive information that could be used for personal gain or malicious purposes. Furthermore, the chapter presents a network-based mechanism that can mitigate the common physical attack methods that are used by malicious insiders. The chapter demonstrates that the network-based mechanism can defend against some network-level threats while also complementing existing security deployments.
Drones are becoming a key element in different applications and an integral part to facilitate people's lives. Yet, opening the airspace to drones will significantly increase the number of malicious users as well as cyber-physical attacks. Chapter 4 called eSIM-based Authentication Protocol for UAV Remote Identification, written by Shoufan, Yeun, and Taha proposes an authentic communication of drones' remote identification that is particularly relevant to the controlled operations of commercial and civil drones. The proposed authentication protocol ensures a secure communication of drone remote identification by employing an embedded Subscriber Identification Module (eSIM) where any user can verify the authenticity of a remote ID by using digital signatures. A security analysis of the proposed authentication protocol is presented along with formal verification using ProVerif.
In connection to security attacks and countermeasures, deep insights on the collaborative intrusion detection mechanism are given in Chapter 5 titled Collaborative Intrusion Detection in the Era of IoT: Recent Advances and Challenges, written by Li and Meng. The chapter starts by giving an overview of collaborative intrusion detection and then reports the cutting-edge research achievements in this direction. To build a complete picture, the authors highlight open challenges and limitations that can be considered for any future work related to the collaborative intrusion detection topic.
Network traffic is a rich source of information utilized by malware analysis and intrusion detection systems. IoT network traffic analysis has not received considerable attention yet. Chapter 6 authored by Gharakheili, Hamza, and Siavaraman and titled Cyber-Securing IoT Infrastructure by Modeling Network Traffic explores the privacy and security risks of IoT devices that can be systematically evaluated, demonstrating real-life threats to typical users posed by cyber attackers. Furthermore, the chapter presents a behavioral analysis of IoT network traffic that leads to the development of machine learning-based models for inferencing from flow-level network behavior of IoT devices. Lastly, flow-level inferencing models are trained for detecting anomalous patterns in network traffic of individual connected devices.
Encrypted network traffic analysis is an essential process to understand traffic characteristics and to identify normal and abnormal behaviors. Chapter 7 named Integrity of IoT Network Flow Records in Encrypted Traffic Analytics, written by Cherukuri et al. tackles the analysis of encrypted IoT traffic. The chapter proposes novel solutions for ensuring the integrity of the IoT traffic flow records. It proposes hashing and encryption-based mechanisms to address the integrity of flow records in encrypted traffic as a flow record authentication problem. Furthermore, the chapter demonstrates the proposed solutions in a simulated environment.
eHealth architectures are complex compositions of IoT devices. With the sophistication of a contemporary eHealth infrastructure, the benefits of technological advances can be reaped to render effective and efficient patient services. However, such a benefit is accompanied by an increasing cyber threat plan that has emerged owing to increasing connectivity between the eHealth devices, and the lack of proper mechanisms for ensuring the security of IoT devices of the eHealth system. Chapter 8 titled Securing Contemporary eHealth Architectures: Techniques and Methods, written by Syed, Baig, and Anwar presents a detailed overview of the security threats posed to eHealth systems, and the countermeasures thereof, with emphasis on IoT-enabled eHealth architectures.
Smart home devices have been adopted widely by household owners to fulfill a wide array of functions and needs. Investigating security and privacy issues from an end-user perspective, the deployment environment is often uncertain and basic security controls are lacking. Chapter 9 written by Lundgren and Padyab and titled Security and Privacy of Smart Homes: Issues and Solutions, proposes a user-centric model that furthers the research stream by extending the traditional CIA-triad from an enterprise-centric perspective to a user-centric privacy concerns perspective. The proposed model can help security professionals and developers to analyze smart home technology in terms of privacy violation consequences and concerns as perceived by end users.
Plenty of research endeavors to address several security challenges in IoT ecosystems have been conducted, but very little attention has been paid to the hardware-related security aspects of IoT devices. The final chapter of the book titled IoT Hardware-Based Security: A Generalized Review of Threats and Countermeasures written by Hakak et al. presents the status and concerns of hardware-based attacks on IoT devices. The chapter presents a general overview of IoT-based hardware attacks and discusses countermeasures that could...
