Internet of Things (IoT) will enable dramatic society transformation. This seminar presents an introduction to the IoT and explains why IoT Security is important.
Then it presents security issues in wireless sensor networks that constitute a main ingredient of IoT.
Seminar given at Centre Tecnològic de Telecomunicacions de Catalunya (CTTC) on 28 January 2015.
2. • Introduction to IoT & Market
• Smart Applications
• Technology & Research Challenges
• Security Threats
• Wireless Sensor Network Security
• Security Visualization
• Conclusions
Outline of the Presentation
CTTC 2015 seminar by Prof. A.A. Economides 2
3. Introduction to Internet of Things (IoT)
3CTTC 2015 seminar by Prof. A.A. Economides
2020 forecast :
• 25 - 50 billion devices (Cisco, Ericsson, IDC, ABI, Gartner)
• 26 objects/ person (Intel)
• Economic impact: $ 2 - 5 trillion (Cisco, McKinsey Global Institute,
IDC, GSMA & Machina Research, Gartner, Harbor)
“Worldwide ICT infrastructure that enables ubiquitous services
among interacting humans, machines, data and applications”
4. 75% of companies are already exploring the IoT.
15 % of companies already have an IoT solution in place
(21 % of transportation & logistics companies)
53 % plan to implement one within the next 24 months,
and another 14 % in the next two to five years.
(source: Zebra Technologies / Forrester Consulting).
IoT deployment
CTTC 2015 seminar by Prof. A.A. Economides 4
6. Cisco predicts that IoT will cause IP traffic to reach
1.6 zettabytes by 2018 (300% increase compared to 2013).
By 2018,
57% of IP traffic will come from devices other than PCs.
Wi-Fi will generate 49% of IP traffic,
other mobile-connected devices will generate 12% of it.
Cisco will invest $1 billion to build the world's largest
Intercloud network to tackle the IoT.
Cisco plans an Intercloud network
6CTTC 2015 seminar by Prof. A.A. Economides
7. Healthcare & Wellbeing, e.g. Angel Sensor, Fitbit, Hexoskin, Intraway, Jawbone,
Nymi, InKol Health Hub, Pebble, Philips Lifeline, Withings, Zebra MotionWorks,
Home & Building, e.g. Belkin, Nest, Neurio, Quirky, Sensorflare, SMA, SmartThings,
Vivint, WallyHome, Withings, ZEN Thermostat,
City & Community, e.g. Bigbelly, Bitlock¸ FUKUSHIMA Wheel, Kiunsys, Placemeter,
Silver Spring Networks, Waspmote,
Utilities, e.g. Enevo, Mayflower CMS, MeterNet, Osprey Informatics, Paradox,
Trilliant,
Environment, Agriculture & Livestock, e.g. FilesThruTheAir, Fruition Sciences,
OnFarm, Semios, Topcon Precision Agriculture,
Car & Transportation, e.g. Audi, CarKnow, Connected Rail, Dash drive smart, Delphi
Connect, Ericsson, Libelium, Logitrac, PowerFleet,
Industry & Services, e.g. Argon Underground Mining Safety, Condeco Sense,
DAQRI’s Smart Helmet, Numerex, Perch.
Smart Applications
7CTTC 2015 seminar by Prof. A.A. Economides
8. 83 projects across 12 areas: sensors monitor traffic, parking spaces,
street lights, air pollution, meteorological conditions, humidity of
green spaces in parks, trash bins ...
Street lights in Born are shut down automatically if they don’t detect
any activity nearby. They also monitor humidity, temperature,
pollution, and noise. Expected to have 3,360 lights on 160 streets
by 2015.
The trash cans alert sanitation workers on a tablet that they need to
be emptied.
The irrigation systems in Poblenou Central Park monitor the moisture
in the soil and turning on pop-up sprinklers. Parks employees can
also access meteorological data and rain gauges and adjust the
quantity of water used.
Barcelona Smart City
8CTTC 2015 seminar by Prof. A.A. Economides
9. Technology
CTTC 2015 seminar by Prof. A.A. Economides 9
Sensors & Actuators
Wireless Communications:
RFID, WiFi, Bluetooth, Cellular, Satellite, etc.
Cloud Computing –
Storage, Processing, Analytics, Security, etc.
Networks (HW & SW)
Addressing
12. • AllSeen Alliance
• Eclipse Foundation
• Industrial Internet Consortium
• Internet of Things Consortium
• Internet Protocol for Smart Objects (IPSO) Alliance
• IoT Alliance
• Oasis
• OneM2M
• Open Interconnect Consortium (OIC)
• Thread Group
• ZigBee Alliance
IoT Alliances
12CTTC 2015 seminar by Prof. A.A. Economides
13. 13CTTC 2015 seminar by Prof. A.A. Economides
Source: D.Culler (2011). The Internet of Every
Thing - steps toward sustainability. CWSN.
14. Devices (Sensors, Actuators, etc.),
Networking & Communications,
Data Management,
Decision Making,
Security & Privacy,
Social & Legal issues,
Economics,
Human Behavior & Usability,
Marketing, etc.
Research Challenges
CTTC 2015 seminar by Prof. A.A. Economides 14
15. #1 New threats to data / physical security
(42 % responders)
#2 Inability of IT systems to keep pace with change
(38 % responders)
#3 Regulatory or compliance challenges
(32 % responders)
Biggest Drawbacks of IoT (Cisco survey)
15CTTC 2015 seminar by Prof. A.A. Economides
16. The Center for Strategic and International Studies
estimated that $100 billion is lost annually to the US
economy, and 508,000 US jobs are lost, because of
malicious online activity.
Ponemon Institute estimated that the average cost
of an organizational data breach was $5.4 million in
2014 ($4.5 million in 2013).
Losses due to attacks
16CTTC 2015 seminar by Prof. A.A. Economides
17. Nearly half (46%) of the IT leaders said that they
will invest more next year in:
access control,
intrusion prevention,
identity management,
virus and malware protection.
ComputerWorld Survey
17CTTC 2015 seminar by Prof. A.A. Economides
18. M2M Network Security market will grow at a CAGR
of 22.9 % over the period 2013-2018 (TechNavio)
IoT and Industrial Security Market to exceed
$ 675 million by 2018 (Infonetics)
Network Security market
18CTTC 2015 seminar by Prof. A.A. Economides
19. What do you think the greatest threat IoT will
be over the next 5 years?
19CTTC 2015 seminar by Prof. A.A. Economides
source: SANS survey
20. Where do you consider the greatest risk to be in
“Things” connecting to your network and the Internet?
20CTTC 2015 seminar by Prof. A.A. Economides
source: SANS survey
21. Given the current state of your security program, how
would you rate your ability to provide security to IoT ?
21CTTC 2015 seminar by Prof. A.A. Economides
source: SANS survey
22. • 25 % - 50 % of remote workers and IT personnel who work
remotely in critical infrastructure industries report that they
have at least one IoT device connected to corporate
networks.
• 75 % admit to accessing corporate documents from their
home networks.
• only 30 % of IT professionals believe their company has the
technology necessary to adequately evaluate the security of
IoT devices,
• 59 % of IT personnel are concerned that IoT could become
“the most significant security risk on their network.”
• 20 % of respondents state that they have “no visibility” into
current protection levels.
Tripwire & AtomicResearch surveys
22CTTC 2015 seminar by Prof. A.A. Economides
23. Chief Information Security Officers and Security Operations
executives at 1700 companies in nine countries (2015):
• Only 10% of Internet Explorer users run the latest
version.
• Less than 50% of respondents use standard tools
such as patching and configuration to help prevent
security breaches and ensure that they are running
the latest versions.
Cisco Security Capabilities Benchmark
23CTTC 2015 seminar by Prof. A.A. Economides
24. • 6 out of the 10 popular IoT devices did not use
encryption when downloading software updates.
• 90 % of the devices collected at least one piece of
personal information via the device, the cloud, or its
mobile application.
• 70 % of the devices used unencrypted network
service and transmitted credentials in plain text.
Hewllet Packard tested 10 IoT devices
24CTTC 2015 seminar by Prof. A.A. Economides
25. 1. Insecure web interface
2. Insufficient authentication
3. Insecure network services
4. Lack of transport encryptions
5. Privacy concerns
6. Insecure cloud interface
7. Insecure mobile interface
8. Insufficient security configurability
9. Insecure software
10. Poor physical security OWASP
Top 10 security problems with IoT devices
25CTTC 2015 seminar by Prof. A.A. Economides
26. Avast: Routers will be a prime target for hackers.
Hackers may want to take over the local network.
WatchGuard: - criminals stealing billions in digital assets,
- nation states launching long-term attacks.
NOT to worry about IoT security (for now):
NOT much value attacking your watch or TV.
Symantec: Attacks on IoT will focus on smart home.
NOT expect any large-scale attacks, but instead
one-off attacks against connected devices, e.g.
home routers, smart TVs & connected car apps.
Security predictions for 2015
26CTTC 2015 seminar by Prof. A.A. Economides
27. A wireless network consisting of a large number of
autonomous sensors that are spatially distributed in area of
interest in order to cooperatively monitor physical or
environmental conditions, such as temperature, sound,
vibration, pressure, motion, pollutants, etc.
Sensor:
Wireless Sensor Network (WSN)
27CTTC 2015 seminar by Prof. A.A. Economides
Sensors
ADC
Processor
Memory
Transceiver
Location finding system
(optional)
Mobilizer
(optional)
Sensing Unit Processing Unit
Power unit
Communication Unit
28. WSN Architecture
28CTTC 2015 seminar by Prof. A.A. Economides
Internet,
Satellite
Sink
Sink
Task
Manager
User
Sensor
Field
Sensor
Node
Figure –The big picture
29. WSNs are vulnerable
to various types of attacks
29
CTTC 2015 seminar by Prof. A.A. Economides
Internet,
Satellite
Sink
Sink
Task
Manager
User
Sensor
Field
Sensor
Node
Spoofed
Routing
information
Wormhole
Attack
30. Eavesdropping: an attacker intercepts packets transmitted over the air for further
cryptanalysis or traffic analysis.
Traffic analysis: allows an attacker to determine that there is activity in the
network, the location of the BSs, and the type of protocols being used.
Message injection: an adversary injects bogus control information into the data
stream.
Message modification: a previously captured message is modified before being
retransmitted
Node capture: An embedded device is considered being compromised when an
attacker, through various means, gains control to the node itself.
Denial-of-Service (DoS) attacks: can be grouped into two categories
Service degradation (e.g., collision attack), and
Service disablement through power exhaustion (e.g. jamming)
Attack Models
30CTTC 2015 seminar by Prof. A.A. Economides
PassiveattacksActiveattacks
31. Layer-based attack categorization
CTTC 2015 seminar by Prof. A.A. Economides
31
Application Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
FloodingAttack | Desynchronization attacks
ReplayAttack | SybilAttack | Spoofed, altered, or replayed routing
information | Sinkhole, Wormhole Attack | Hello FloodAttack
CollisionAttack | SybilAttack | Node Replication |Acknowledgement
SpoofingAttack
Eavesdropping | Jamming | Battery Exhaustion
PowerManagementPlane
MobilityManagementPlane
TaskManagementPlane
DataAggregation Distortion | Message Injection or Modification
Figure – Sensor Network Protocol Stack
32. Attacks on specific protocols
Selective forwarding: A malicious node refuses to forward all or a subset of
the packets it receives and simply drops them. If a malicious node drops all
the packets, the attack is then called black hole.
CTTC 2015 seminar by Prof. A.A. Economides
32
Acknowledgement spoofing: Spoof link layer
acknowledgements (ACKs) to trick other
nodes to believe that a link or node is either
dead or alive.
Attack against TinyOS beaconing: The base
station periodically broadcasts beacons or
“route updates”. An attacker can use this
mechanism to create routing loops by
announcing a different node as the BS.
Figure-Attack againstTinyOS beaconing
33. Spoofed, altered, or replayed routing
information
33
CTTC 2015 seminar by Prof. A.A. Economides
This type of attack may be used for:
loop construction
attracting or repelling
traffic,
extending or shortening
the source route
In this example, an adversary
pollutes the entire network by
sending bogus routing
information stating for instance
that “I am the base station”. Figure -An adversary spoofing a routing update from a
base station
34. Wormhole and Sinkhole Attacks
The attacker uses two
transceivers and one high
quality out-of-band channel in
order to create a ‘wormhole’.
Then, the attacker tunnels the
packets received at one
location of the network and
replays them in another
location.
The wormhole can drop packets
directly (sinkhole) or more
subtly selectively forward
packets to avoid detection.
CTTC 2015 seminar by Prof. A.A. Economides
34
Wormhole link
Figure -A laptop-class adversary using a wormhole to create a
sinkhole inTinyOS beaconing.
35. HELLO Flood Attack
CTTC 2015 seminar by Prof. A.A. Economides
35
Every new node broadcasts “Hello messages” to
find its neighbors. Also, it broadcasts its
route to the BS.
Other nodes may choose to route data through
this new node if the path is shorter.
A laptop-class adversary that can retransmit a
routing update with enough power to be
received by the entire network leaves many
nodes stranded.
Target nodes attempt to reply, but the adversary
node is out of radio range. However, they
have chosen this node as their parent
This attack puts the network in a state of
confusion.
Figure - HELLO flood attack.
36. Sybil Attack
“a malicious node
illegitimately claims
multiple identities”
The Sybil attack can
disrupt geographic and
multi-path routing
protocols.
36
Adversary A at actual location (3,2) forges location advertisements for
non-existent nodes A1, A2, and A3 as well as advertising her own
location. After hearing these advertisements, if B wants to send a
message to C: (0,2), it will attempt to do so through A3. This
transmission can be overheard and handled by the adversary A.
37. Confidentiality is provided through the use of encryption technologies.
Cryptographic algorithms such as the DES, RC5, RSA are used to
protect the secrecy of a message.
MAC (Message Authentication Code) or Digital Signature Algorithms
(DSA) can be used to assure the recipient’s integrity of the data and
authenticity of the message
Digital Signatures can be used to ensure non-repudiation.
Availability can be achieved by adding redundant nodes. Multi path and
probabilistic routing can also be used to minimize the impact of
unavailability.
Data freshness is ensured by adding a counter value in each message.
Overview of Countermeasures
37CTTC 2015 seminar by Prof. A.A. Economides
38. • SNEP (Secure Network Encryption Protocol)
• μTESLA
• TinySec
1. authenticated encryption (TinySec-AE)
Data payload is encrypted
MAC is used to authenticate packet
2. authentication only (TinySec-Auth)
Standalone Security Protocols for WSNs
38CTTC 2015 seminar by Prof. A.A. Economides
40. • Link layer security
– Simple link layer encryption and authentication using a globally
shared key can prevent the majority of outsider attacks: bogus
routing information, Sybil, Selective Forwarding, Sinkholes.
– Link layer security mechanisms provide little protection against
insiders, HELLO floods, and Wormholes.
• Wormhole and sinkhole attacks
– Routing protocols that construct a topology initiated by a base station
are the most vulnerable against these types of attacks.
Solution: Geographic protocols that construct topology on demand
using localized node interactions instead of using the base station.
Secure Routing – Countermeasures
40CTTC 2015 seminar by Prof. A.A. Economides
41. • Various security mechanisms have been proposed to address the
security concerns of WSNs.
• Despite the fast development of computer security mechanisms,
the scale and complexity of the generated wireless data put major
challenges to the representation and understanding of security-
relevant network information.
• To address this issue, efficient visualization techniques have been
adopted by the researchers to bridge the gap.
A new security discipline emerges!
Network Security Visualization
41CTTC 2015 seminar by Prof. A.A. Economides
42. • Network traffic visualization is one of the first directions to take when it
comes to understanding, and analyzing information in vast amounts of
network data.
• Many visualization tools graphically monitor real-world or simulated
WSNs (e.g. Surge, MoteView, Octopus, SNA, TOSSIM, OPNET, NS-3).
• While these tools offer some form of visualization, they are designed for
applications other than wireless security. Accordingly, these tools:
– lack the specialized techniques in visualizing security-related data.
– tend to miss abnormalities and security attacks that occur
unpredictably.
Until now…Visualization only for
network traffic monitoring
42CTTC 2015 seminar by Prof. A.A. Economides
43. The power of visualization should go beyond the simple ”illustration” of network
behavior in order to help the analysts discriminate between normal and
abnormal network activities.
Network security visualization provides insight into areas that other system fail to
enlighten by integrating visualization and machine learning techniques.
In the near future…
Visualization for network security
43CTTC 2015 seminar by Prof. A.A. Economides