Security in IoT

Summary
The Internet of Things (IoT) is an emerging technology that has proved to be highly transformative. The technology enhances the interconnection of various computing devices. In various sectors, IoT has been widely adopted to protect individuals and organizations from internal and external attacks. To achieve the required security through the IoT involves a combination of various requirements including protocols, mitigation mechanisms, and countermeasures in consideration of existing issues, challenges, and the future of security through the IoT. 6LoWPAN is typically an IPv6 adaptation that provides mechanisms for IP connectivity for resource-constrained devices to communicate under low power and lossy links. Attackers can misuse 6LoWPAN routing mechanisms and fragmentation to prevent the correct processing of legitimate fragmentation packets. The attacks experienced in IoT devices can be countered by adopting 6LoWPAN fragmentation security plans. The most common problem experienced by IoT is that users are at the risk of experiencing node compromise attacks. In this case, an adversary extracts private information such as the secret key used in packets encryption. The private key used in the generation of signatures from resource-constrained IoT resources Despite the challenges, there are still several opportunities for improvement.
Security in IoT
The Internet of Things (IoT) enhances the interconnection of computing devices linked with daily objects to enhance the receiving and sending of data to achieve different technological and innovative operations. In this regard, IoT has been immensely adopted in security to protect individuals and organizations from internal and external attacks. According to Hummen et al. (2013), computing devices, digital machines, mechanical machines, animals, objects, and people are fitted with Unique Identifiers (UIDs) that make it possible to transfer data over the network without requiring human or computer interaction. The collected and sent data is responded to with the relevant actions without human intervention, thus ensuring that operations can run without a human’s input. The incorporation of IoT in the different operations enhances efficiency, understanding, and delivering customer services, improving decision making and enhancing the business’s value (Farooq et al., 2015). Consequently, IoT technologies have increasingly been adopted in the security field to ensure consistent monitoring of devices, properties, or individuals. Incorporating IoT in security provides different security opportunities that improve and enhance security (Hummen et al., 2013). The achievement of the desired security through the IoT takes a combination of different things and aspects such as protocols, mitigation mechanisms, and countermeasures in consideration of existing issues, challenges, and the future of security through the IoT.
Attacks And Mitigation Mechanisms Used Under The IoT Technology
6LoWPAN, as an IPv6 adaptation, provides mechanisms for IP connectivity for resource-constrained devices to communicate under low power and lossy links. The 6LoWPAN fragmentation mechanism experienced different attacks by preventing correct packet reassembly (Pongle, & Chavan, 2015). Thus, there is a need for relevant defence mechanisms. 6LoWPAN is the main building block for different Internet scenarios such as smart cities, industrial control systems, and home automation (Hummen et al., 2013). The 6LoWPAN has the capability of enabling the transmission of large IPv6 packets oversize constrained link-layer transmission. The 6LoWPAN provides buffering the forwards and processing of fragmented packets that challenge the resource-constrained devices (Pongle, & Chavan, 2015). It is vital to note that the appropriate processing of information is occasioned by receiving the correct packet and in its right format. The correct packet enhances communication between different devices such that the right counteraction can be adopted based on the communication passed through connectivity. Incorrect packet prevents the desired goals and objectives of the 6LoWPAN not to be achieved. The transmission of the correct packet through reassembly needs to be achieved through a series of operation. In this regard, the operators need to send an internet control message protocol (ICMP) packet to the destination of choice while the don’t fragment (DF) bit setting turn on. When sent on a network that needs fragmentation, a layer three device discards the package and sends an ICMP message back containing MTU value required to avoid the transmission of incorrect packages.
The attackers can misuse 6LoWPAN routing mechanisms and fragmentation to prevent the correct processing of legitimate fragmentation packets. The standard-compliant (Culler, Chakrabarti, & Infusion, 2009). In this regard, the attacker can base their attacks on the network. The link-layer technologies, network topologies, and generic network characteristics are resource-constrained devices (Hummen et al., 2013). Constrains shows that the available devices have limited computational power; thus, the adoption of security mechanisms is optional at the link-layer, thus making them prone to attacks. The misuse of routing mechanism under the 6LoWPAN threatens performance, scalability, security and reliability. Routing entails a fundamental communication and connectivity network mechanism while upholding security by enhancing availability and preventing attacks. The attackers launch misuse of the routing process to misuse the data at the expense of the owner. The attackers can divert traffic to an attacker-controlled router through denial of service attacks or route-hijacking. The counter mechanism to prevent the misuse of routing expanding and developing safe and secure routing mechanisms in various routing mechanisms.
Consequently, the attackers can develop different models to attack the 6LoWPAN, such as Eve, Malice, Mallory (Hummen et al., 2013). Eve and Mallory are placed in the target network range and used in exploiting the system through the extraction of security keys from legitimate nodes to gain admission. The security keys need to be held by legitimate parties to open documents and communication. The attackers adopt the Eve and Maloy attacking models to exploit the system to retrieve the secret security key. The security keys enable the adversary to gains access in the system and launch different forms of attacks.
Fragment duplication attack where the recipient cannot differentiate between the legitimate fragments from spoofed duplicates, thus compromising internet security (Hummen et al., 2013). The original fragment is duplicated under the fragment duplication, and the fake fragment is sent to the intended destination. The receiver interaction with the fake fragment leads to an attack being launched in the system without knowing the sender or the receiver. This fact makes the attacker gain access to the system to commit fraud or other illegitimate operations at the sender’s expense or the receiver. The fragmentation attacks are prevented by inspecting incoming packets using intrusion detection systems, firewalls, secured proxy server and router. The blocking of fragmented IP packets can be launched to effectively cut the connection with the attackers.
Moreover, the buffer reservation attack exploits the scarce memory of the resource-constrained leverages and nodes. The recipient of a fragmented packet cannot establish a priority when the fragments are received correctly. When the reassembly buffer is occupied, the recipient’s fragments are dropped (Hummen et al., 2013). The buffer reservation attack compromises the reassembly buffer, thus advancing the attacker’s capability to launch attacks. Additionally, the attacks on 6LoWPAN can be implemented through the routing schemes susceptibility. The buffer reservation attacks and identified fragment duplication determine the target node used in the fragmented packets’ reassembling (Hummen et al., 2013). This makes the attackers dwell on different nodes and use them in the implementation of attacks. Buffer reservation attacks on 6LoWPAN are implemented through a process. The packet’s fragments are buffered to the receiver’s buffer till the packet is fully obtained then it is passed to the network layer, and a buffer is cleared to acquire new packets. In the case the malicious node sends one fragment and fails to send anything else, the receiver waits for other fragments until time goes out. The malicious node sends one fragment and reserves the buffer until time passes, thus establishing a constraint to other nodes. The concerned parties need to adopt relevant measures to ensure that buffer reservation attacks are prevented. Different measures can be adopted, including updating vendor issues patches and software updates, enhancing running protection of the operating systems, adopting space layout randomization, manual testing of buffer overflows and using a programming language that prevents buffer overflow attacks. Therefore, the IoT arrangements on the 6LoWPAN layer are prone to different forms of attacks.
The different types and forms of attack on the IoT can be countered by adopting 6LoWPAN fragmentation security plans. In this regard, security mechanisms are adopted to enhance resource-constrained nodes’ protection from the fragmented based attacks (Hennebert, & Dos Santos, 2014). In this regard, a content chaining scheme is adopted in defending against fragment duplication attacks when the sender is identified through the per-fragment basis. The content chaining scheme is implemented through a process characterized by content chain construction, content chain verification, processing of out-of-order fragments, and consideration implementations (Hummen et al., 2013). More so, the split buffer approach is adopted in that it enhances the blocking of the reassembly buffer of a target node for the time of the reassembly timeout.
Furthermore, security considerations need to be adopted based on the different perceived adversaries such as Mallory and eve (Sion, 2007). In this regard, security considerations need to be adopted to consider the impact of an on-path attacker, content chaining and fragi spoofing, and the attacker’s reordering and splitting buffer and unfair competition (Hummen et al., 2013). There is a need to understand the strategies and approaches adopted by different attackers and the techniques used. The understanding enables the users to develop effective countermeasure strategies to protect the system and ensure that it operates productively. The different approaches ensure that attacks are prevented and contained, improving IoT security.
IoT Security
IoT takes the transfer of sensitive and critical data to implement operations in different fields; thus, it is prone to attacks in the existing protocols. IoT applications enhance the connectivity of devices through IP communication protocols and current internet architecture. IoT interconnections enhance power efficiency, internet connectivity, and reliability. However, securing IoT connections and communications is a vital element that must be considered to ensure that the IoT systems and application’s benefits are attained with certainty (Gormus, Aydin, and Ulutas, 2018). There are different protocols and security mechanisms adopted in securing IoT connectivity and communications.
Security requirements based on mechanisms are designed communications using different protocols. Therefore, an IoT protocol stack is adapted to secure IoT communications. The protocols are designed based on low-energy sensing devices’ constraints and characteristics and low-rate wireless connections (Gormus, Aydin, and Ulutas, 2018). The IoT protocol stack is viewed as an extension of the TCP/IP layered protocol model. The model comprises different layers, including link layer, physical layer, transport layer, network layer application services layer and protocol layer. The different layers offer a secure mechanism to protect IoT communication and related resources.
Additional components included include the Wireless Sensor Networks (WSN), standardized solutions enhancing interoperability with existing internet standards, and guarantee sensing devices (Gormus, Aydin, and Ulutas, 2018). The protocol stack involved low energy communication at Medium Access Control (MAC) and physical layers, low energy communication environments using IEEE, routing over 6LoWPAN environments, and constrained Application Protocol. The wireless Sensor Networks incorporate different sensing units, transceiver, power unit and transceiver that ensure that the system operates under effective security measures. Consequently, security requirements and mechanisms protect communication in conjunction with different protocols, thus assuring authentication, integrity, confidentiality, and non-repudiation (Gormus, Aydin, and Ulutas, 2018). Therefore, the security requirements complement the relevant protocols to uphold high-security levels.
Securing for IoT PHY and MAC Layer Communication takes different approaches and aspects, thus securing the IoT. PHY communications are protected by adopting standardized technologies such as CoAP or 6LoWPAN in higher layers. The MAC layer communication with IEEE incorporates a Full-function device (FFD) to coordinate a network of devices while the RFD (Reduced function device) enhances secure communication with other devices (Gormus, Aydin and Ulutas, 2018). The routing securing of the IoT is achieved by adopting adaptable requirements for various classes of applications. Securing IoT application layer communications is done through application layer communications with CoAP, securing the CoAP protocol (Gormus, Aydin, and Ulutas, 2018). Therefore, the incorporation of protocols in the security of the Internet of things ensures that security is assured at every level.
Equally important, the IoT incorporates different layers that play a vital role in securing operations and enhancing efficiency. The different layers include the sensor connected IoT devices layer, IoT gateway devices layer, cloud layer and IoT analytics layer. In this regard, the sensor-connected IoT devices layer contains small, memory-constrained electronic devices with sensors and actuators embedded on bigger machinery. The devices are composed of sensors. The second layer involves the IoT gateway devices. The devices need to be connected to the Internet through powerful computing devices; thus, they work as networking devices. The third layer of the IoT comprises the cloud that carries different cloud-hosted servers. The servers are used in accepting, storing and processing data to enhance analysis and decision making. Additionally, the fourth layer involves the IoT analytics. The analytic layer converts the raw data to actionable insights that enhance organizational operations. The layer uses analytics techniques, such as machine learning algorithms. The four layers are arranged in shapes, sizes and functionality to ensure that IoT security is observed while meeting their duties and obligations.
Opportunities and Limitations in the IoT
IoT technologies enhance and miniaturization have improved communication that considers huge data captured and made available to different IoT devices. The increased adoption of IoT in different operations and field is negatively affected by increased security issues (Selvaraj, & Sundaravaradhan, 2020). The IoT security infrastructure is implemented based on threats affecting the wireless internet faces (Trappe, Howard, and Moore, 2015). In this regard, confidentiality, availability, integrity, non-repudiation, and authentication are considered to develop IoT devices’ security infrastructure.
The IoT security faces energy concerns that need to be effectively solved to ensure that they are productive. The energy concerns need to be handled using technological and innovative solutions. The IoT devices include RFID transponders to resourced smartphones and tablets (Jia et al., 2012). The IoT devices run for a limited time due to energy constraints. For instance, the security protocols and requirements drain the battery. The energy issues’ solutions include giving minimum security to ubiquitous sensing and actuation nodes, increasing electronic and battery performance, and adopting harvesting energy from energy approaches (Trappe, Howard, and Moore, 2015). Addressing the different energy issues and requirements ensures that solves and devices are supplied with energy based on their needs; thus, they can operate efficiently based on energy demands.
IoT incorporates conventional cryptography in securing the Internet, thus upholding internet integrity. According to Trappe, Howard, and Moore (2015), several aspects of modern cryptography make porting over to ultra-low-end devices impossible. The challenges arise due to implementing basic encryption algorithms, limited code space, and limited resources to use in the security (Lee, & Lee, 2015). More so, the storage requires space for the lookup tables. The challenge of adopting cryptography to enhance IoT security can be addressed by adopting technological advances and innovations (Trappe, Howard, and Moore, 2015). In this regard, the parties involved need to adopt lightweight cryptographic algorithms necessary for resource-constrained devices and adoption of dedicated cryptographic coprocessor to ensure that energy is effectively saved and utilized appropriately to ensure that IoT security, communication, and interconnection goals are attained (Lee, & Lee, 2015).
There is also a need to ensure that security is effectively attained for the low-end IoT devices when they come into contact with the broad Internet. Security for low-end devices needs to be addressed by reusing existing functions, thus not introducing additional energy burden or even preventing and being selective in adopting additional functionality (Trappe, Howard, and Moore, 2015). Parties using the low-end devices need to take advantage of inherent asymmetry in the deployment scenario where low-end devices communicate to more powerful base stations or back-end servers with no computational or energy restrictions (Trappe, Howard, and Moore, 2015). Therefore, the IoT technology and innovations have different security challenges limiting their operations; thus, there is a need to adopt technological solutions and innovations to eliminate challenges and take advantage of the available opportunities and benefits.
IoT Challenges, Solutions, and Future
The IoT has immense advantages to the users, but there are challenges and constraints involved, thus requiring the incorporation of countermeasures to attain a bright future for IoT usage in different fields. According to Zhou et al. (2017), IoT enhances integration and interaction between the physical world and computer communication networks, thus achieving accuracy, efficiency, and economic benefits. Different security threats define the challenges of IoT (Van Kranenburg, & Bassi, 2012). In this regard, the IoT faces an identity privacy threat where the IoT user’s identity can be exposed to the public, thus compromising their wellbeing. The identity privacy threat is effectively countered by adopting the pseudonyms technique regularly updated, thus hiding the true identity of an individual (Zhou et al., 2017). Consequently, the location privacy threat involves exposing the location of the IoT user to the public. The threat to location threat can be countered through pseudonyms and one-way trapdoor permutation.
Furthermore, the IoT users are at the risk of experiencing node compromise attacks where an adversary extracts private information such as the secret key used in packets encryption, the private key used in the generation of signatures from resource-constrained IoT resources (Zhou et al., 2017). The extracted information is reprogramed or replaced with malicious ones and controlled by the adversary. The issue is countered through secret sharing, game theory, and the dynamic population model (Kumar, Vealey, & Srivastava, 2016). Moreover, the layer removes and adds attack threat where selfish IoT users remove forwarding layers between them, thus increasing their credits by increasing total obtainable utility (Zhou et al., 2017). The layer removing threat can be countered through aggregated transmission evidence and packet transmitting witness.
Conclusion
The IoT devices and applications are faced with security challenges; thus, there is a need to counter the issues to attain maximum potential and capability. The security issues involve threats and risks that negatively affect the operations, thus introducing constraints to IoT’s benefits. The IoT devices and applications need to incorporate technological solutions and innovations to ensure that security issues are effectively countered.

References
Culler, D., Chakrabarti, S., & Infusion, I. P. (2009). 6LoWPAN: Incorporating IEEE 802.15. 4 into the IP architecture. IPSO Alliance, White paper. Retrieved from: http://snes.hhuc.edu.cn/_upload/article/files/39/9d/1299a7d94eca96753da917d52f0a/b608927f-608f-46e8-b907-0f3278dd56ab.pdf
Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A review on internet of things (IoT). International journal of computer applications, 113(1), 1-7. Retrieved from: https://www.researchgate.net/publication/273693976_A_Review_on_Internet_of_Things_IoT
Görmüş, S., Aydın, H., & Ulutaş, G. (2018). Security for the internet of things: a survey of existing mechanisms, protocols and open research issues. Journal of the Faculty of Engineering and Architecture of Gazi University, 33(4), 1247-1272. Retrieved from: https://www.guvenliweb.org.tr/dosya/BoTMq.pdf
Hennebert, C., & Dos Santos, J. (2014). Security protocols and privacy issues into 6LoWPAN stack: A synthesis. IEEE Internet of Things Journal, 1(5), 384-398. Retrieved from: https://iotone.ir/shop/public/upload/article/5b8e2a03cf762.pdf
Hummen, R., Hiller, J., Wirtz, H., Henze, M., Shafagh, H., & Wehrle, K. (2013, April). 6LoWPAN fragmentation attacks and mitigation mechanisms. In Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks (pp. 55-66). Retrieved from: https://www.comsys.rwth-aachen.de/fileadmin/papers/2013/2013-hummen-6lowpan.pdf
Jia, X., Feng, Q., Fan, T., & Lei, Q. (2012, April). RFID technology and its applications in Internet of Things (IoT). In 2012 2nd international conference on consumer electronics, communications and networks (CECNet) (pp. 1282-1285). IEEE. Retrieved from: https://www.scirp.org/(S(i43dyn45teexjx455qlt3d2q))/reference/ReferencesPapers.aspx?ReferenceID=1621984
Kumar, S. A., Vealey, T., & Srivastava, H. (2016, January). Security in internet of things: Challenges, solutions and future directions. In 2016 49th Hawaii International Conference on System Sciences (HICSS) (pp. 5772-5781). IEEE. Retrieved from: https://www.researchgate.net/publication/301281714_Security_in_Internet_of_Things_Challenges_Solutions_and_Future_Directions
Lee, I., & Lee, K. (2015). The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 58(4), 431-440. Retrieved from: https://fardapaper.ir/mohavaha/uploads/2018/03/Fardapaper-The-Internet-of-Things-IoT-Applications-investments-and-challenges-for-enterprises.pdf
Pongle, P., & Chavan, G. (2015, January). A survey: Attacks on RPL and 6LoWPAN in IoT. In 2015 International conference on pervasive computing (ICPC) (pp. 1-6). IEEE. Retrieved from: https://www.researchgate.net/publication/275353396_A_survey_Attacks_on_RPL_and_6LoWPAN_in_IoT
Selvaraj, S., & Sundaravaradhan, S. (2020). Challenges and opportunities in IoT healthcare systems: a systematic review. SN Applied Sciences, 2(1), 139. Retrieved from: https://link.springer.com/article/10.1007/s42452-019-1925-y
Sion, R. (2007, September). Secure Data Outsourcing. In VLDB (Vol. 7, pp. 1431-1432). Retrieved from: https://www.vldb.org/conf/2007/papers/tutorials/p1431-sion.pdf
Trappe, W., Howard, R., & Moore, R. S. (2015). Low-energy security: Limits and opportunities in the internet of things. IEEE Security & Privacy, 13(1), 14-21. Retrieved from: https://www.wadetrappe.com/s/IoTSecurity_Opportunities.pdf
Van Kranenburg, R., & Bassi, A. (2012). IoT challenges. Communications in Mobile Computing, 1(1), 9. Retrieved from: https://link.springer.com/article/10.1186/2192-1121-1-9
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33. Retrieved from: https://ieeexplore.ieee.org/abstract/document/7823334/

Published by
Essays
View all posts