Dear Sir,
Please review the attached file. It may help you to supported your knowledge
Best regards,
Dear Dr,
I'm a student of CS742 course, please review the attached file
The emerging IoT applications pose severe security challenges some of which are listed below:
1.Addition of Wi-fi enabled devices to local area networks (LANs) without proper security
2.Absence of effective channels for delivering upgradations and patches for IoT endpoints
3. Existence of vulnerable points - Protecting physical access
4.Increasing pressure on developers
5.Lack of trust in hardware
Dear Dr Muneer
In my opinion there are two main kind of risks related to IoT
A) technical Risks as mentioned by Sheela Sobana Rani and previous answers
B) Social and Environmental Risks :
I think that the second is more dangerous than the the first ,Jeremy Rifkin talk about that in his most recent book The Zero Marginal Cost Society (published in 2014) , Specifically in CHAPTER SIXTEEN A BIOSPHERE LIFESTYLE , the book is attached ....
https://s3.amazonaws.com/arena-attachments/678574/8d936dd16fbf9d282402b7311e488200.pdf
Hello Doctor,
I think it is possible that information collected from sensors is exposed to be theft or damage for the purpose of tapping the patient's health leading to increase the range of cyber-crime.
A sensor -in its nature - helps the attacker to predict where does the base station located, through the traffic analysis of the traffic patterns. For example, the sensors that are close to the base station would make more transmission than other sensors. If the central station became known, it will be easy to target and destroy the rest of the network structure. In addition, the attacker aim is to disrupt the sensor app, by direct the attack against the logical units which influence the outputted data. Thus data could be corrupted or changed in its values to be useless or incomplete.
Hijacking is also one of the hardest attacks that could happen, by choosing a set of sensors that contained in one actuator then hijack specific one that leads all other sensors and organize them. This hijacked sensor -as a trusted node- now would be the malicious node that will destroy the entire sensor network. If the malicious node could not inject messages to other sensors, it may still be able to exhaust the batteries with spurious queries.
On the other hand, Jamming is a kind of attack which interferes with the radio frequencies that a network’s nodes are using. A jamming source may either be strong enough to outface the network internally or weaker enough to only able to disrupt a smaller fraction of the network.
Thanks,
Sanaa I. Abu Alasal
Usually the design for sensor devices has very limited security features. Hence, it is more vulnerable for attacks and security challenges. Furthermore, while transmitting important health data over wireless network, eavesdropping (secretly listening on the channel without being in it) is considered the main security issue due to the open nature of wireless networks.
Here are some security challenges resulted from eavesdropping the channel:
1. The attacker could modify the vital health data (delete, replace all or part of it) and send back the modified information to the receiver in order to achieve some illegal purpose.
2. The attacker could also impersonates the identity information of some wireless network node and use it to cheat other nodes.
3. The attacker could make the routing inconsistent and change the destination of packets.
The implications of eavesdropping are very serious, dangerous and threats the social life of the patient. Such as tracking down the location of the patient and using such private information to harm this person.
The major security challenges for IOT on sensor component that I notify are:
1-Data Privacy Concerns that relate to the explosion of these interconnected devices: when navigate the sea of data, identify them become a challenge (Insufficient Identity Authentication)
2-Unsecure Network Services and Unsecure Web Interfaces that may device used them.
3-Poor Transport Encryption Implementation when sending between device
4-IOT also has challenges of Unsecure Cloud Backend Systems
5-Poor Physical Device Security and trustiness of Software used in the device
Dear Muneer,
Please check the following links.
Best regards
SM Najim
http://www.iec.ch/whitepaper/pdf/iecWP-internetofthings-LR-en.pdf
https://www.ericsson.com/res/docs/whitepapers/wp-5g-security.pdf
http://www.journals.elsevier.com/computer-networks/call-for-papers/special-issue-on-5g-wireless-networks-for-iot-and-body-senso
https://www.brookings.edu/wp-content/uploads/2016/07/How-5G-tech-enables-health-iot-west.pdf
Hello Dr. Muneer,,,
After deep explorations of Security challenges in IOT and body sensors in 5G networks, I have found some issues that which might to be considered to looking for :
• Demand of connectivity for the Internet of Things(IoT) exploding.
• The global network must be able to securely and efficiently handle all these connections.
• Every single connection could make networks vulnerable.
• Every connected device has a network address. Internet Protocol (IPv6) extends the addressing space.
• Organizations will need to improve security standards and prevent DDoS and cache poisoning attacks.
**Below there are some technical security issues, that we must be very careful about it:
- Lack of Password Complexity
- Poorly Protected Credentials
- Vulnerable Services
- Buffer Overflow
- Open Ports via UPnP(Universal Plug and Play)
- Exploitable UDP Services (User Datagram Protocol).
- Denial-of-Service
- DoS via Network Device Fuzzing
- Unencrypted Services via the Internet
- Unencrypted Services via the Local Network
- Poorly Implemented SSL/TLS
- Misconfigured SSL/TLS
- Lack of Password Security Options
- No Security Monitoring
- No Security Logging
- Access to Software via USB Ports
- Removal of Storage Media
--------------------------
** I Recommend that you take a look to : (owasp) The Open Web Application Security Project, which is an online community creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. At This LINK : https://www.owasp.org.
Thanks..
Body sensors can send in real-time which make delay and costs to secure high constant data, we need to encrypt this data in real-time which need more costs. Also, we have many privacy challenges simply we can ask the question who can have an access to private network? We need to make policy and restrictions on third-party access such as Manufacturing company, Government powers, and Hackers.
What are the challenges of Internet of Things and body sensors in 5G networks? - ResearchGate. Available from: https://www.researchgate.net/post/What_are_the_challenges_of_Internet_of_Things_and_body_sensors_in_5G_networks/1 [accessed Nov 24, 2016].
On the one hand, it is clear that there are considerable opportunities to improve health care especially body sensors through 5G networks and IoT. The fast speed and intelligent design of these systems are creating new applications and devices that have the potential to transform the way health is diagnosed and treated. In reality, this hope needs to be done to facilitate an end-to-end system and connect devices to networks and the cloud in ways that are inter-operable and secure. That will enable doctors and patients to receive these benefits.
On the other hand, the key challenge going forward is to expand technological opportunities and make 5G and the internet of things a reality and not just a hope. There are a number of steps that are needed to advance the vision of 5G in body sensors. This includes Infrastructure development and prototyping; spectrum harmonization; adequate technical standards; effective regulation and standardization; changes in reimbursement policy, and data privacy protection.
Dear Dr.Muneer
- there are three key challenges for the future of IoT as Edith Ramirez saied:
*Any device that is connected to the Internet is at risk of being hijacked so like traditional computers and mobile devices, inadequate security on IoT devices could enable intruders to access and misuse personal information collected and transmitted by the device
* Data security : some of the developers entering the IoT market, unlike
hardware and software companies, have not spent decades thinking about how to secure their products and services from hackers And, the small size and limited processing power of many connected devices could inhibit encryption and other robust security measures. Moreover, some connected devices are low-cost and essentially disposable. If a vulnerability is discovered on
that type of device, it may be difficult to update the software or apply a patch
Gartner’s latest comprehensive IoT forecast was published in May 2014 and it also includes a list of potential challenges, some of which I’ve already covered:
Security: Increased automation and digitization creates new security concerns.
Enterprise: Security issues could pose safety risks.
Consumer Privacy: Potential of privacy breaches.
Data: Lots of data will be generated, both for big data and personal data.
Data Center Network: WAN links are optimized for human interface applications, IoT is expected to dramatically change patterns by transmitting data automatically.
Ref:
Ramirez, E. (2015). Privacy and the IoT: Navigating policy issues. US FTC.
You can apply standard computer security analysis to an IoT system, i.e. Confidentiality, Integrity, Availability, Authentication.
Confidentiality: can the data be intercepted by others than the intended recipient? Even if the data itself is secure (e.g. encrypted), can an adversary learn or infer the identity and/or location of the IoT device? Can the data be intercepted where it is collected, or from the data store where it ultimately rests?
Integrity. Can an adversary change the data anywhere in the system, either by hijacking the device, changing in transit (e.g. Man-in-the-middle attack) or compromising the server systems? Can they change the apparent identity or location of the device?
Availability. Could an attacker mount a denial of service attack on a device, or even knock out a data collection device, knocking out many IoT devices?
Authentication. Can the adversary spoof data and make it appear to be from a different device or location? Can the IoT devices be fooled into sending their data to an inauthentic collection device? Can an adversary fool the system into deploying an 'evil' node that will be accepted as an authentic device? Can fake registrations enable an attack on confidentiality?
Many of the security problems of IoT are the same problems that affect all distributed computer systems. IoT may have additional challenges due to limited CPU and storage (which may mean compromise on security capability), and also because large arrays of similar units will mean increased automation of deployment, which will need more careful design for security.
- there are four important security challenges facing the iot community .
1. wi-fi enabled devices are being added on local area networks (lan) without proper security.
2. there are issues with upgradability and patchability of iot endpoints.
3. problems have arisen around protecting physical access.
4. there’s a ton of hype from developers and consumers.
- 5G While there are still valid security approaches they need to be
revisited (trust models, devices, assurance)
- Badges
- Science topic