2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand
Moreover, this data can be sensitive data or may involve safety-critical operations (e.g., car and medical devices). Hence, security viewpoint is a part of the major concern in the development of IoT. Therefore, this paper studies the vulnerability of IoT network security. A better understanding of the security matters is crucial as adversary attacks are the major hindrance to the development of IoT. In section II, this paper describes the key elements that involve in IoT systems. Then, the relationship of all elements involves in IoT that might arise the security issues in various domains (smart home environment, healthcare domain, and transportation domain) discussed in section III. Climate topic of this paper presents in section IV about the taxonomy security attacks and last but not least is the conclusion (section V) of the studies. II. THE IOT K EY ELEMENTS The integration of smart devices ( “things”) achieves the well-functioning of IoT in various domains such as healthcare, smart home, smart city, smart transportation. However, the interconnection of “things” results in the unprecedented security issues [4]. The IoT concept requires several key elements in its operation. Four important IoT components are persons, intelligent object, technological ecosystem and process [19]. For example, in healthcare domain (as shown in Fig.2), the doctor checks the patient (person) to retrieve pa tient health’s problem. Then, medical activities (process) are performed through any communication system (technological ecosystem) by using any medical tools (intelligent object) like a stethoscope, X-ray machine, heart rate monitor. Failure to address the security issues within this domain can be fatal since it may result in an inaccurate diagnosis. The development of IoT brings out pitfall toward the user and also its devices if no security measures are taken on it. Subsequently, the IoT needs for the safety requirements such as identification/authentication, reliability, confidentiality, and non-repudiation to ensure that the IoT is secure from any attacks that might launch towards them. This paper discusses the security issues within three domains: the smart home environment, health-care and transportation domain.
III. SECURITY ISSUES IN VARIOUS DOMAINS UPON IOT CONCEPT The security issues on IoT should be enforced to achieve secure communication contexts at different domains to give benefits and advantages of this IoT system for humans. A. Smart Home Environment According to World Economic Forum, 92.1% rely on 10% of humans wear clothes that connected to the internet [20]. For instance, people can speak or give any command toward the devices (microphone) to ask any home appliances (light, fan, etc.) to operate. IoT in a smart home environment works by only allowing the authorized users to monitor all the IoT devices in the home. For security purpose, three criteria need to be valued: the confidentiality, auto-immunity, and reliability, to protect the house against theft and intrusion. Password of IoT devices should be confidential.IoT system needs to have auto-immunity to predict or alert any abnormal activities that occur (launched attacks to the device). The auto-immunity enables the house to be protected by alarming sound to alert the presence of an intrusion. B. Healthcare Domain The IoT concept in healthcare domain involves tracking, authentication, automatic data collection and sensing [16]. For example, the progress report of patients’ medical condition is confidential, and this requires security mechanism to prevent the data expose to an unauthorized party. By doing so, no one can monitor and alter the informatio n or give a false patients’ medical report as well as to prevent a doctor from doing the mistake to treat their patient. If no security mechanism was adopted, this might cause the doctor to prescribe wrong medicines or give bad treatments to their patient. For instance, changes to a blood test result may worsen the patient ’s condition due to accepting a mismatched blood during transferring blood process. C. Transportation Domain A new revolution in the passenger experiences is brought by the investment of IoT. Apple’s iBeacon are used to enable the entire operation can corporate each other to easier the passengers’ life [6]. For example, Virgin Atlantic applies iBeacons at Heathrow airport and American Airlines deploys iBeacons at Dallas-Fort Worth (DFW) International Airport [6]. Nowadays, most airlines allow passengers to use their mobile phone to self-check-in for fast and smooth check-in operation The airlines need to secure passenger’s information to ensure their customer feel safer and comfortable with all operation involving IoT. Therefore, security mechanism of IoT system should be confidential and kept from unauthorized users. Usually, one passenger has one tag to make them identifiable where to involve only the interaction between providers and products [19]. It is essential for baggage and claim later on. The sensor that identifiable needs to be protected from attackers by using the method of “block tag” introduced by Juels [4].
Fig. 2. IoT key elements in healthcare domain.
322
2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand
IV. TAXONOMY OF ATTACKS ON IOT Without enumerated of security in IoT, attacks will outweigh any of their intended benefits. There are several t ypes of attacks on IoT such as Spoofing/Altering/Replay Routing attack, Denial of Service (DoS) attack, Sybil attack, and node capture attack in IoT. T ABLE I explain a comparative analysis of different attacks on their target, weaknesses, and technique of the security attacks. TABLE I.
COMPARATIVE A NALYSIS OF ATTACKS WITHIN IOT
Attack
Target
Denial of Service (DoS) attacks
IoT devices that connected via the Internet.
Weaknesses
Wormholes
Spoofed, alter or replayed routing information
Location of the packets
Routing information Detectable of IoT devices.
Sybil
Integrity of data security and resource utilization
Reduction in network’s capacity Disable the network
Problematic in checking the routing information
High end to end latency Routes sources might be extended or shorten
Technique IP enable status contributes to a pool thing. Distributed attack utilized and auto shut the IoT system. Record the packets at one location then tunnel it to a different location. First, spoofer only listens. Only act when the transmitter stops sending a signal, then unreliable signal send.
Launch threat to geographic routing protocol Costly network
Propagate malware to a website. The adversary is masquerading the normal users.
A. Spoofed, Alter, Replay Routing Information The mutual direct attack is spoofing, altering and replay routing that target on routing information where data exchange between nodes occurs. During spoofing attacks the security issue of the IoT devices detectability in the systems problem. The attacks are created by generating a false error message, creating a routing loop and many more techniques [17]. In the beginning, spoofer does not transmit a signal, but they only listen to the appropriate transmitter. When the legitimate transmitter stops sending a signal to the legitimate receiver, spoofer starts sending the unreliable signal [9]. As an example, an attacker pollutes the whole network by sending fake routing information stating for instance that “I am the base station (dark square spot). On Facebook, a user is asked to “like” something befor e she/he is allowed to access the Internet and then be directed to a fake Facebook login page was stolen. As the user login, this fake page would record user’s credential, show a login error and then redirect the user to the real Facebook page. This example shows how user’s information stolen.
B. Sybil Attack The emerging of IoT exposes a system to Sybil attack, which is a single node that has multiple identities [17]. That means adversary can be in more than one location at a time. It is to degrade the integrity of data security and resource utilization. In the year 2012, the statistics records of Sybil attack in the online social network (OSNs), about 76 million (72%) fake users on Facebook and 20 million Sybil on Twitter per week [10]. Sybil attacks are launched to steal the information by propagating malware to a website. Comprehensively, Sybil is like a masquerade, which looks like ordinary users but it is not. New media like Facebook, Twitter, and Instagram, are prone Sybil attacks. Therefore, it is important to have a security defense to maintain the IoT system so that it can keep working correctly. C. Denial of Service (DoS) Blackmailer or activist endeavors to mess up or terminate the network by launching the Denial of Service attack. DoS attack is a particular attack on a network or a computational resource, and the effect of DoS attack may contribute to the reduction in network capacity. There are two categories of DoS attack in IoT; Distributed Denial Of Service (DDoS) and Ordinary DoS [11][12]. For common DoS attack, a tool is required to send packets to an intended system that crash the network or sometimes force the system to restart. Meanwhile, DDoS can be a single attacker but not powerful as a proxy attacker. From that, the impact of this attack not only disabled the network but also prevent it to be accessible to a very large network. D. Attacks based on Device Property Device property can be low-end devices class or high-end devices class. These types of attacks give a different impact toward the IoT system. IoT might result in a fatal error or only a part of the system might act in abnormal behavior due to the power of device property. 1) Low-end device class attack Low-end devices class attack is an attack that involves low power devices to attack the IoT system. By that, this class is low cost by only connecting the system to outside via radio link. They are same potential and network configuration that act in a similar way. It is accessible to few sensor nodes of IoT devices. For an example, the smartwatch can control remotely any devices in home appliances like smart TV, and smart refrigerator. 2) High-end device class attacks Unlikely to the low-end device, high-end device class attacks involves full-fledged devices to launch the attacks on IoT system. This class connects their IoT devices via the Internet so it can be accessed by a laptop (powerful device) that has better CPU from anywhere and anytime.
323
2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand
E. Attacks based on Access Level
H. Attacks based on Information Damage Level
Based on the access level, there are two ways for attackers to access the IoT system: passive and active. Access level attacks affect the availability of the IoT systems.
All IoT devices consist of sensors that monitor the variability of parameters. Information that floating or openness of the information easily modify by attackers. A set of information damage level divided into six categories.
1) Passive attacks Passive attacks involve monitoring and eavesdropping where they do not consent or do not know anything about the user and do not disturb the communication in IoT [5][12][13]. They only learn or make use the information from the system. For instance, Felix sends messages to Anne can be read the contents by Darren. So Darren is called a passive attacker. 2) Active attacks On contrary to passive attacks, active attacks try to evade or break the protection feature of the information or data by connecting to the district and messing up the networking communication [5][12][14][15]. When Darren reply the message to Anne, not Felix who suppose doing it. Darren becomes an active attack. F. Attacks based on Adversary Location An adversary can be launched at anywhere to attacks the IoT system. Insider or outsider attackers are attacks based on adversary location. 1) Internal attacks An internal attack is an attack that is started by a component inside the security IoT border (“Insider”). In order to launch the attack, the attacker tries to execute own malicious code toward IoT devices. Insider divided into four types of insider attacks; compromised actors, unintentional actors, emotional attackers and technology perception actors [21]. 2) External attacks Adversary located out of range t he IoT’s network (public) yet still can access the IoT devices by remotely known as external attackers. They do not know anything about the IoT architecture that they are trying to access. Usually, a try and error process is used to make it possible successful access in the right IoT native network. G. Attacks based on Attacks Strategy To launch the attack, the attacker tries to execute own malicious code toward IoT devices. Attackers have a strategy to launch and destroy the IoT development. There are two viewpoints of strategy attacks: physical or logical.
1) Interruption Interruption attacks mainly intention the availability of the system. By that, the resource exhaustion is one of the results when an interrupt occurs. While the IoT operate it is possible to interruption occurs in IoT device into shut down mode. 2) Eavesdropping An adversary blocks the receiver device from picking transmitted packet when it eavesdrops the communication channel. RFID devices have tendencies to be attacked through eavesdropping. Confidentiality of IoT systems drops when there is an eavesdropping in IoT devices. 3) Alteration Information in IoT devices being altered or modified by attackers threats the integrity of security requirements for IoT system to well-functioning as its design. The reason for attackers to do this unmannerly is to mislead the communication protocol. 4) Fabrication Fabrication threatens authentication of IoT system due to attackers insert the imitation data in normal architecture of IoT. By flooding the network of IoT system the fabrication damage the information level of IoT device. 5) Message Replay Allow interception and resend the original message and modified it to compromise the target IoT devices. Likely in Ethereal able seizure traffic that posted to a Web Service [12]. Attackers hold the current conversation or session to be replayed soon. At a later time, a replayed message will confuse the IoT recipient device and from that cause a dangerous toward the IoT system. 6) Man-in-the-middle Attackers secretly relay and possibly alter the communication between two parties who believe they are directly communicating with each other. As in Fig. 3 when “X” want to communicate to “Y” but attacker want to steal some information in “Y”, attacker place two others node in between (X’ that near to Y and Y’ near to X) [12][13].
1) Physical attacks One strategy to blunt the IoT devices successful is by the physical attack on the infrastructure of an IoT. For example, adversary changes the behavior or structure of devices that involve in IoT system. 2) Logical attacks A logical attack is an attack when the communication channel dysfunction after the adversary launched attacks on the IoT system. Attackers do not harm the physical devices to launch their attack. Fig. 3. Man in the middle attacks.
324
2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand
Once “X” have done sending information to “Y”, “Y” does not know the present of attacker they think the information purely true from “X”. Let say, in the theft of sensitive information call scenario between two peoples (Bankers and Customer). In between of their conversation on the phone another device allocated by the attacker so attackers can know security information (bank password) of that customer and steals their money in the bank.
K. Communication Protocol Stack attacks The layer-based attack and the attempt by an adversary to attack through communication protocol stack is shown in TABLE II below. There are five levels involve, where the attacker tries to compromise the objects of IoT. TABLE II. Layer Physical
I. Host-based attacks The types of host involve in launch upon security attacks of IoT are users, software, and hardware compromise. IoT devices are embedded devices where they consist of operating system and system software inside them. Therefore, the IoT devices can be attacks through the host of the IoT system.
Attacks
Jamming Tampering Collision
Data Link
1) User-compromise A user may reveal the information or data such as password or keys about the security credentials. For example, a building insider gives a password of that building to be accessible the IoT devices by an unauthorized user.
Exhaustion Unfairness Spoofed, altered or replayed routing information Selective forwarding
2) Software-compromise Software vulnerability where the attacker pushes the IoT device to be in exhaustion state or resources buffer overflows. For example, the laptop can be suddenly shutting down due to the low battery. B y that, other “things” cannot be interoperability due to most of the system in “sleeping” mode.
Sinkhole Network
Sybil Wormholes
HELLO flood
3) Hardware-compromise Within an IoT device, tampering with hardware is the way adversary launch their host-based attacks. The host-based attack on hardware compromise, where attackers inject malicious code or stealing the actual driver or connecting to a device. Moreover, an iPhone may be exploited by using a malicious duplicate charger which installs a Trojan into that device [18].
Acknowledgement spoofing Flooding Transport De-synchronization Attacks on reliability and Clone attack:
J. Protocol based attacks There are two standpoints the adversaries might compromise the protocol of IoT systems which can threat security mechanism on the availability of IoT. Either by deviation or disruption from the intentional protocol, the attackers become selfish where doing some modification toward the real information. 1) Deviation from protocol An attacker does not follow the protocol in a normal way. The tendency of outsider behaves normally as an insider and doing malicious code on IoT system. The deviations from protocol can possible attacks on two protocols. They are application and networking protocol.
LAYER BASED ATTACKS WITH THEIR ATTACKS STRATEGIES IN IOT SYSTEMS
Application
Clock skewing, Selective message forwarding, Data aggregation distortion
Methods/ Strategies attacks Creates radio interference and exhaustion on IoT devices. Creates compromised nodes. Simultaneously transmit two nodes of the same frequency. By repetitive collision the nodes. Using above link layer attacks Creates routing loops, extend or shortening sources routes, attracting or repelling network from select nodes. Choose what information that gathered before transmit it. Monitoring, Redundancy, Authentication Single node duplicates its node to be in multiple locations. Selectively tunneling or retransmit information to the IoT devices. Uses HELLO packets as weapon to launch the attack on IoT system Spoof the link layer acknowledgments for overhead packets. Repeat the request of a new connection until the IoT system reach maximum level. Disruption of an existing connection. The adversaries usually masquerade like normal behavior in IoT system. Attackers also can still choose a message that he/she intend in the IoT system and launched their own malicious activities.
Fig.4 shows a taxonomy of security attacks on IoT by hoping to help the researchers clearer and easier to understand the insight of various types of security attack and summarizes all the above discussion. There are eight categories can be classified for attackers to attack the IoT system.
2) Protocol disruption In the security of IoT context, the availability is one of security attribute. This functional security requirement is important to have a great IoT system. Unfortunately, attackers can attack the protocol by disrupt either from inside or outside the native network of IoT and bring up the issues on the availability of IoT.
325
2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand
Fig. 4. Taxonomy of Security Attacks on IoT. [7]
Q. Gou, L. Yan, Y. Liu, and Y. Li, “Construction and Strategies in IoT Security System,” in Green Computing and Communications (GreenCom), 2013 IEEE and Internet of Things (iThings/CPSCom), IEEE International Conference on and IEEE Cyber, Physical and Social Computing. IEEE, 2013, pp. 1129 – 1132.
[8]
Y. W. and X. Zhang, “Internet of Things,”in [ International Workshop, IoT], © [Springer] 2012,Changsha, China, August 2011.
[9]
M. Harun Yilmaz and H. Arslan, “A Survey : Spoofing Attacks in Physical Layer Security,” in 40th Annual IEEE Conference on Local Comp. Networks, IEEE, pp. 812 – 817, 2015.
V. CONCLUSION Considering a significant amount of sensitive data to be put online and the enabling of remote access of smart devices across the world, security flaws within Internet of Things may bring a huge drawback to the entire world. Such security failures may disrupt the whole network of devices and may cause fatal effects to the users. Therefore, security concern is a major part that needs to be well studied before developing more advanced Internet of Things (IoT) systems. In this paper, we attempt to outline various attacks within IoT systems into a well-structured taxonomy to assist researchers and developers to plan appropriate security measures in their IoT developments. ACKNOWLEDGMENT The research reported in this paper is supported by Research Acculturation Grant Scheme (RAGS). The authors would also like to express gratitude to the Malaysian Ministry of Education (MOE) and University Malaysia Perlis for the facilities provided. R EFERENCES [1]
E..Y., “Cybersecurity and The Internet of Things,”EY. global, UK, 2015.
[2]
T.Borgohain, U.Kumar, and S.Sanyal, “Survey of Security and Privacy Issues of Things,” arXiv preprint arXiv:1501.02211, 2015.
[3]
H. Zhou, “The Internet of Things in the Cloud,” in A Middleware Perspective:CRC Press, 2012.
[4]
S. Li, L. Da Xu, and S. Zhao, “The Internet of Things: A Survey,” in [ Information Systems Frontiers], ©[Springer]. doi: [10.1007/s10796014-9492-7], New York, 2014, pp.243-299.
[5]
[6]
M. Mahmud Hossain, M.Fotouhi, and R. Hasan, “ Towards an Analysis of Security Issues, Challenges and Open Problems in the Internet of Things,” in Services (SERVICES), 2015 IEEE World Congress on . IEEE, 2015, pp.21-28. S.Singh and N.Singh, “Internet of Things (IoT):Security Challenges, Business Opportunities & Reference Architecture for E-Commerce,” in Green Computing and Internet of Things (GCIoT), 2015 International Conference on. IEEE, 2015, pp.1577-1581.
[10] K. Zhang, X. Liang, R. Lu, and X. Shen, “Sybil attacks and their defenses in the internet of things,” IEEE Internet Things J ., vol. 1, no. 5, pp. 372 – 383, 2014. [11] E. Alsaadi and A. Tubaishat, “Internet of Things : Features , Challenges , and,” vol. 4, no. 1, pp. 1– 13, 2015. [12] Belapurkar, A. (2009). Distributed systems security: Issues, processes, and solutions. Chichester, UK: John Wiley & Sons [13] S. Alam and D. De, “Analysis of Security Threats in Wireless Sensor Network ,” vol. 6, no. 2, pp. 35– 46, 2014. [14] I. Grand, E. Nancy, and T. Nancy, “A Taxonomy of Attacks in RPL based Internet of Things,” vol. 18, no. 3, pp. 459– 473, 2016. [15] U. Sabeel and N. Chandra, “Categorized Security Threats in the Wireless Sensor Networks : Countermeasures and Security Management Schemes,” vol. 64, no. 16, pp. 19– 28, 2013. [16] L. Atzori, A. Iera, and G. Morabito, “The Internet of Things : A Survey,” Comput. Networks, vol. 54, no. 15, pp. 2787– 2805, 2010. [17] D. Nandal and V. Nandal, “Security Threats in Wireless Sensor Networks,” vol. 11, no. 01, pp. 59– 63, 2011. [18] R. Billure, V. M. Tayur, and V. Mahesh, “A Study on the Security Challenges,” pp. 247– 252, 2015. [19] A. Riahi, Y. Challal, E. Natalizio, Z. Chtourou, and A. Bouabdallah, “A Systemic Approach for IoT Security,” in Distributed Computing in Sensor Systems (DCOSS), 2013 IEEE International Conference on . IEEE, 2013, pp. 351 – 355 [20] G.Press (2013, Feb), Internet of Things (IoT) Predictions | What’s The Big Data? on WordPress.com. [Online]. Available: http://whatsthebigdata.com/2016/02/13/internet-of-things-iot predictions/. [Accessed: 23-Feb-2016]. [21] I.Infosec (2015, June), Insider vs. Outsider Threats: Identify and Prevent [Online]. Available: http://resources.infosecinstitute.com/insider-vsoutsider-threats-identify-and-prevent/.[Accessed: 13-June-2016].
326