Security And Privacy Issues In IoT Essay.

In recent decades, the development of Internet and communications technologies has introduced a virtual world to everyone’s daily life. In this virtual world, people are able to do a large number of activities similar in the real world. Subsequently, a question is raised, which is how to build a bridge between the real and the virtual world. To answer this question, an innovative technology has been studied for many years and now is being widely used, which is called Internet of Things (IoT). By taking the advantages of affordable sensors and wireless communications, the sensor
networks are capable of digitising human activities in the real world, which can be utilised directly in the virtual world.

However, from the security point of view, IoT is not flawless. Actually, a large number of security issues can also be observed in IoT system. Consequently, not only the IoT system will be attacked, but end users’ privacy will also lose. Therefore, in recent years, the security and privacy issues in IoT have been a hot topic in research field.Below is a list of possible essay topics. In this assignment, you are required to complete an essay relating the security or privacy problem, consisting of 1500-2000 words (at least 4 pages, single spaced, 12pt fonts, on a normal A4 paper) on one of
these topics.

Possible essay topics
1. Security in IoT. In this essay, you investigate specifically the security problem in the context of IoT. You need to describe why security issues exist in IoT and what types of security issues are commonly observed. You then select a
security issue and analyse it in detail. After that, you describe and compare existing methods to defend against and solve the security issue according to some criteria, such as effectiveness and cost of deployment. Alternatively, you
can propose a new or improved method or technique to defend against or solve the security issue and describe the effectiveness of your method / technique.

2. Privacy in IoT. In this essay, you investigate the other problem, namely the privacy issue, in the context of IoT. You need to describe why privacy problems exist in IoT and what kinds of privacy information is more likely to lose in IoT. You then select an attack that may lead to the loss of privacy and analyse it in detail. After that, you describe and compare existing methods to defend against this attack according to some criteria, such as effectiveness and cost of deployment. Alternatively, you can propose a new or improved method or technique to defend against the attack and describe the effectiveness of your method / technique.

Sometimes diagrams and examples may help you to explain your thought. You mayreceive some bonus marks if you propose new architecture, method, algorithm, technique, etc. However, these proposals will be closely examined by the assessor. You need to make sure (e.g., prove formally or informally) that your proposal is correct and meets your design goals (for example, improves the performance, be more secure, or be more scalable). 

Internet of Things (IoT)

Internet of Things is a newly developed technology that creates the bridge between the real world and the virtual world. In today’s world every device is connected through internet and the application of sensors and wireless technology make these devices utilizing the internet in advanced way. There are many advantages regarding the Internet of Things. As the time has passed several security related issues have come over in the IoT system and those are affecting the reliability of this system.

In this report the overview of the IoT system is discussed with the possible security issues related to it. From the security point of view, IoT has many problems. Actually, a large number of security issues can also be observed in IoT system. Different solutions are also discussed in order to overcome the security related issues in the IoT system.

2.0 Internet of Things (IoT)

The term itself provides the idea about it which means the access of Internet and embedded system in different objects. These objects may be computers, mobiles, animals and people. Internet connectivity and the implementation of embedded systems and the applications of sensors, actuators, hardware and software through the objects help them to exchange and process information (Al-Fuqaha et al. 2015). This whole system is called Internet of System. Iot consists of different protocols, domains and applications.

The main essence of this system is to make a bridge between the virtual world and the real world by integrating computing system into the physical world. The applications of sensors make this cyber-physical system possible. As a result of using IoT in practical life different new technologies have come out like smart homes, smart grids, intelligent transportation, virtual power plants and smart cities (Yan, Zhang and Vasilakos 2014). According to experts almost 30 billion objects will be consisted in the Iot system within 2020 (Drucker 2015). The advantages of IoT are given below:

• Devices, systems and services have more advanced connectivity and this concept is generated to overcome the barrier of machine to machine communications.
• Iot brings automation and artificial intelligence to every field by implementing the embedded system in different objects (Whitmore, Agarwal and Da Xu, 2015).
• Iot can take a major role in bioinstrumentation by advancing devices like heart monitoring implants, biochip transponders on farm animals, electric clams in coastal waters. Many devices analyzing the DNA for monitoring environmental, food and pathogenic change.
• Smart city, smart traffic control, electronic toll collection are the biggest examples of implementation of the IoT.
•  Security problem in the context of IoT

Iot has a huge scope and applications but with the flow of time it is seen that due to the lack of proper development and the commercialization, it has not fulfill the expectations. It has also many security issues related to it (Chandrakanth et al. 2014). Due to the structure of the IoT, it is connected to many computers and living beings and thus creating a huge database. The flow of data is increasing day by day for connecting more and more objects through internet and embedded systems.

Thus data handling is becoming an issue for the system. There are many cases found where the hackers have easily overcome the defense system of IoT. The data or information is shared among different devices and systems and thus some confidential information can also be viewed by unwanted sources (Granjal, Monteiro, Silva 2015). Many reports are initiated against the IoT that the system is affected by many malwares and viruses. Thus the reliability of the system is decreased and the users have stopped believing the IoT system (Da et al. 2014).

There are also many possibilities of side channel attacks. Side channels attacks are not concerned with the information but with the type of presentation of the information. The architecture of the security system is also not updated frequently and thus the security is again hampered (Raza 2014). The sensors and hardware implemented or mounted in the IoT system should be accurate in performance as the error in their architecture can lead the Iot system to a verge of instability. Presence of threats is an important issue in the implementation of the Iot system. As the devices are connected in the main internet system, the presence of a threat can spread very fast.

Reasons behind the security issues in IoT

Reasons behind the security issues in IoT

There are many reasons behind the lack of security in the Iot system. As Iot consists of many computers and devices, the amount of information is large and it is shared among different entities. The security related to the data which are very confidential is hampered due to the sharing of the information. Unwanted threads are also one of the main causes that affect the use of the Iot system (Wortmann and Flüchter 2015).

Iot connects the whole system through a particular computer system and if a thread is detected in the computer system then it can expand in the devices connected to it. Sometimes the firewalls are not strong enough to secure the system and that is an important reason of the lack of security to the IoT (Sicari et al. 2015). The security system is also not up to date always. The structure of the internet system is also reliable for bad security. Sometimes encryption is not done in the websites. As a result the hackers can deploy their own firmware and spread the viruses nearly impossible to stop.

5.0 Analysis of the security issue related to threads

One of the main security issues is the presence of threat in the main computer system that connects the devices. Hackers spread threats and viruses in the internet and as the systems are connected through internet the viruses spread very easily (Yang 2014). Sometimes the firewalls are not able to protect the strong threads. The antivirus connected to the system is not up to date always and as a result the threats create serious security issues.

6.0 Description and comparison of existing methods to defend against and solve security issue

There are many methods that are used against the security issues and those are encryption, firewalls, protocols, antivirus and passwords protection. The encryption method is important in case of wireless communication and internet data handling. It keeps the information protected from unwanted interference (Roman, Zhou and Lopez 2013). There are also many protocols used to make the internet system more secured. The protocols are Secure Sockets Layer protocol or SSL in which the information is present online.

The main problems regarding the encryption and the protocol system is that if those are not updated frequently, then those can be easily overruled by the threads and the viruses which are spread by the hackers (Roman, Zhou, and Lopez 2013). Antivirus is also effective for the attack related to the threads and the viruses but it has also the same problem which is related to the update of the antivirus system. Passwords are also used as an important tool to use against the unwanted entry to a particular account in the internet handling system.

The password should be complex and contain number, alphabets and special characters. The effectiveness of these methods is good but can be more advanced by changing the structure a little bit. The cost of the antivirus and the original firewalls are quite high and those can be reduced in order to give more access of those to the people for having more security (Sivieri, Mottola and Cugola 2016). Hardware are connected to the IoT rapidly and thus connecting any unsecured hardware can lead to failure of the whole system. Malwares can also affect the hardware like routers.

Analysis of the security issue related to threads

7.0 New method to defend against or solve the security issue and describe the effectiveness of the method

The application of new encrypted protocols is an important method to increase the security of the IoT. The protocols should be more efficient by applying the cryptographic methods (Skarmeta and Moreno 2013). Protocols must contain secure sockets layer (SSL) and Transport Layer Security (TLS) for web traffic and Pretty Good Privacy (PGP) for email and the IPec for the security of the network layer (Jing et al. 2014). For making the hardware system more secure, it should have a centralized access logs under the control of IoT managers.

Hardware like routers should be protected with strong username and password. Proper maintenance of the hardware should be done in order to increase the security. Setting up off virtual LANs are important to increase the security. The devices should also be active when the internet connectivity is disrupted (Perera et al. 2014). The solution is to manually override the devices in case of lost connection. The making of a vulnerability reporting system and a bug boundary program is important for the security of the system. Application of cloud computing and big data also increase the security of the Internet of Things as they help to process the information fast and decrease the size of data and it results into better response and security.

8.0 Conclusion

From the above discussion the idea of Internet of Things is understood with different aspects. There are many advantages regarding the use of Internet of things as it connects devices with internet and with the flow of time many security issues have also come over this system. Main security related issues like malwares, viruses are discussed in details. The reasons behind the security related issues are also discussed in the report. Different solutions are discussed in order to decrease the security problems related to Internet of Things.

References

Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M. and Ayyash, M., 2015. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys & Tutorials, 17(4), pp.2347-2376.

Chandrakanth, S., Venkatesh, K., Uma Mahesh, J. and Naganjaneyulu, K.V., 2014. Internet of things. International Journal of Innovations & Advancement in Computer Science, 3(8), pp.16-20.

Da Xu, L., He, W. and Li, S., 2014. Internet of things in industries: A survey. IEEE Transactions on industrial informatics, 10(4), pp.2233-2243.

Drucker, P.F., 2015. Internet of Things. European Commission Information Society and Media.

Granjal, J., Monteiro, E. and Silva, J.S., 2015. Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys & Tutorials, 17(3), pp.1294-1312.

Jing, Q., Vasilakos, A.V., Wan, J., Lu, J. and Qiu, D., 2014. Security of the internet of things: Perspectives and challenges. Wireless Networks, 20(8), pp.2481-2501.

Perera, C., Zaslavsky, A., Christen, P. and Georgakopoulos, D., 2014. Context aware computing for the internet of things: A survey. IEEE Communications Surveys & Tutorials, 16(1), pp.414-454.

Raza, S., Duquennoy, S., Höglund, J., Roedig, U. and Voigt, T., 2014. Secure communication for the Internet of Things—a comparison of link?layer security and IPsec for 6LoWPAN. Security and Communication Networks, 7(12), pp.2654-2668.

Roman, R., Zhou, J. and Lopez, J., 2013. On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), pp.2266-2279.

Sicari, S., Rizzardi, A., Grieco, L.A. and Coen-Porisini, A., 2015. Security, privacy and trust in Internet of Things: The road ahead. Computer Networks, 76, pp.146-164.

Sivieri, A., Mottola, L. and Cugola, G., 2016. Building internet of things software with eliot. Computer Communications, 89, pp.141-153.

Skarmeta, A. and Moreno, M.V., 2013, August. Internet of things. In Workshop on Secure Data Management (pp. 48-53). Springer, Cham.

Whitmore, A., Agarwal, A. and Da Xu, L., 2015. The Internet of Things—A survey of topics and trends. Information Systems Frontiers, 17(2), pp.261-274.

Wortmann, F. and Flüchter, K., 2015. Internet of things. Business & Information Systems Engineering, 57(3), pp.221-224.

Yan, Z., Zhang, P. and Vasilakos, A.V., 2014. A survey on trust management for Internet of Things. Journal of network and computer applications, 42, pp.120-134.

Yang, S.H., 2014. Internet of things. In Wireless Sensor Networks (pp. 247-261). Springer London.