Abstract
This chapter focuses on defining the key IoT security and privacy requirements. A three-domain IoT architecture is considered in the analysis where we analyze the attacks targeting the cloud domain, the fog domain, and the sensing domain. The analysis describes how the different attacks at each domain work and what defensive countermeasures can be applied to prevent, detect, or mitigate those attacks. The chapter ends by providing some future directions for IoT security and privacy that include fog domain security, collaborative defense, lightweight cryptography, lightweight network security protocols, and digital forensics.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
D. Willis, A. Dasgupta, S. Banerjee, Paradrop: a multi-tenant platform for dynamically installed third party services on home gateways, in SIGCOMM workshop on distributed cloud computing, (ACM, New York, NY, 2014)
W. Xu et al., Jamming sensor networks: attack and defense strategies. Network IEEE 20(3), 41–47 (2006)
W. Ye, J. Heidemann, D. Estrin, Medium access control with coordinated adaptive sleeping for wireless sensor networks. Networking, IEEE/ACM Transactions 12(3), 493–506 (2004)
T. Van Dam, and K. Langendoen, An adaptive energy-efficient MAC protocol for wireless sensor networks. in Proceedings of the 1st international conference on Embedded networked sensor systems, ACM, 2003
K.P. Dyer, et al., Peek-a-boo, i still see you: Why efficient traffic analysis countermeasures fail. in Security and Privacy (SP), 2012 IEEE Symposium, IEEE, 2012
J. Park, et al., An Energy-Efficient Selective Forwarding Attack Detection Scheme Using Lazy Detection in Wireless Sensor Networks. in Ubiquitous Information Technologies and Applications, (Springer, The Netherlands, 2013), pp. 157–164
L.K. Bysani, and A.K. Turuk, A survey on selective forwarding attack in wireless sensor networks. in Devices and Communications (ICDeCom), 2011 International Conference, IEEE, 2011
B. Xiao, B. Yu, C. Gao, CHEMAS: Identify suspect nodes in selective forwarding attacks. J. Parallel Distrib. Comput. 67(11), 1218–1230 (2007)
P. Thulasiraman, S. Ramasubramanian, and M. Krunz, Disjoint multipath routing to two distinct drains in a multi-drain sensor network. in INFOCOM 2007. 26th IEEE International Conference on Computer Communications, IEEE, 2007
H.-M. Sun, C.-M. Chen, and Y.-C. Hsiao, An efficient countermeasure to the selective forwarding attack in wireless sensor networks. in TENCON 2007–2007 IEEE Region 10 Conference, IEEE, 2007
A. Grau, Can you trust your fridge? Spectrum, IEEE 52(3), 50–56 (2015)
C. Li, A. Raghunathan, and N. K. Jha, Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. in e-Health Networking Applications and Services (Healthcom), 2011 13th IEEE International Conference, IEEE, 2011
D. Evans, The internet of things how the next evolution of the internet is changing everything. Technical report, CISCO IBSG, 2011
R. Thomas, et al., Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. in Proceedings of the 16th ACM conference on Computer and communications security, ACM, 2009
M. Dabbagh, B. Hamdaoui, M. Guizai and A. Rayes, Release-time aware VM placement. in Globecom Workshops (GC Wkshps), (2014), pp. 122–126
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes, Toward energy-efficient cloud computing: Prediction, consolidation, and overcommitment. Network, IEEE 29(2), 56–61 (2015)
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes, Efficient datacenter resource utilization through cloud resource overcommitment, in IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2015, pp. 330–335
R. Boutaba, Q. Zhang, and M. Zhani, Virtual Machine Migration in Cloud Computing Environments: Benefits, Challenges, and Approaches. in Communication Infrastructures for Cloud Computing, ed. by H. Mouftah and B. Kantarci (IGI-Global, Hershey PA, 2013), pp. 383–408
D. Perez-Botero, A Brief Tutorial on Live Virtual Machine Migration from a Security Perspective, University of Princeton, Princeton, 2011
W. Zhang, et al., Performance degradation-aware virtual machine live migration in virtualized servers. in International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2012
V. Venkatanathan, T. Ristenpart, and M. Swift, Scheduler-based defenses against cross-VM side-channels. Usenix Security, (2014)
T. Kim, M. Peinado, and G. Mainar-Ruiz, Stealthmem: System-level protection against cache-based side channel attacks in the cloud. in Proceedings of USENIX Conference on Security Symposium, Security’12. USENIX Association, 2012
H. Raj, R. Nathuji, A. Singh, and P. England, Resource management for isolation enhanced cloud services. in Proceedings of the 2009 ACM workshop on Cloud computing security, ACM, 2009, pp. 77–84
Y. Zhang and M. K. Reiter, Duppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. in Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security, CCS ‘13. ACM, 2013
P. Li, D. Gao, and M. K. Reiter, Mitigating access driven timing channels in clouds using stop-watch. in IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013, pp. 1–12
R. Martin, J. Demme, and S. Sethumadhavan, Timewarp: Rethinking timekeeping and performance monitoring mechanisms to mitigate sidechannel attacks, in Proceedings of the 39th Annual International Symposium on Computer Architecture, 2012
F. Zhou et al., Scheduler vulnerabilities and coordinated attacks in cloud computing. in 10th IEEE International Symposium on Network Computing and Applications (NCA), 2011
K. Panagiotis, and M. Bora, Cloud security tactics: Virtualization and the VMM. in Application of information and communication technologies (AICT), 2012 6th International Conference. IEEE, 2012
F. Zhang et al., CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, ACM, 2011
T. Taleb, A. Ksentini, Follow me cloud: interworking federated clouds and distributed mobile networks. IEEE Network 27, 12 (2013)
E. Damiani et al., A reputation-based approach for choosing reliable resources in peer-to-peer networks. in Proceedings of the 9th ACM conference on computer and communications security. ACM, 2002
W. Itani et al., Reputation as a Service: A System for Ranking Service Providers in Cloud Systems. in Security, Privacy and Trust in Cloud Systems. (Springer, Berlin Heidelberg, 2014). pp. 375–406
J. Sahoo, M. Subasish, and L. Radha, Virtualization: A survey on concepts, taxonomy and associated security issues. in Second International Conference on Computer and Network Technology (ICCNT), 2010
S.Yi, Q. Zhengrui, and L. Qun, Security and privacy issues of fog computing: A survey. in Wireless Algorithms, Systems, and Applications, (Springer International Publishing, 2015), pp. 685–695
E. Oriwoh, J. David, E. Gregory, and S. Paul, Internet of things forensics: Challenges and approaches. in 9th International Conference on Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom), IEEE, 2013, pp. 608–615
Z. Brakerski, V. Vinod, Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput. 43(2), 831–871 (2014)
E. Lauter, Practical applications of homomorphic encryption. in Proceedings of the 2012 ACM Workshop on Cloud computing security workshop, ACM, 2012
C. Hennebert, D. Jessye, Security protocols and privacy issues into 6lowpan stack: A synthesis. Internet of Things Journal IEEE 1(5), 384–398 (2014)
Daily Tech Blogs On Line, http://www.dailytech.com/Five+Charged+in+Largest+Financial+Hacking+Case+in+US+History/article32050.htm
M. Miller, Car hacking’ just got real: In experiment, hackers disable SUV on busy highway (The Washington Post, 2015), online: http://www.washingtonpost.com/news/morning-mix/wp/2015/07/22/car-hacking-just-got-real-hackers-disable-suv-on-busy-highway/
2015 Data Breach Investigation Report, Verizon Incorporation (2015)
M. Dabbagh et al., Fast dynamic internet mapping. Futur. Gener. Comput. Syst. 39, 55–66 (2014)
Forrester, Security: The Vital Element of the Internet of Things, 2015, online: http://www.cisco.com/web/solutions/trends/iot/vital-element.pdf
F. Adib and D. Katabi, See through walls with WiFi!, vol. 43. (ACM, 2013)
S. Kumar, S. Gil, D. Katabi, and D. Rus, Accurate indoor localization with zero start-up cost, in Proceedings of the 20th Annual International Conference on Mobile Computing and Networking, ACM, 2014, pp. 483–494
G. Wang, Y. Zou, Z. Zhou, K. Wu, and L. Ni, We can hear you with Wi-Fi!, in Proceedings of the 20th Annual International Conference on Mobile Computing and Networking, ACM, 2014, pp. 593–604
Y. Qiao, O. Zhang, W. Zhou, K. Srinivasan, and A. Arora, PhyCloak: Obfuscating sensing from communication signals, in Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2016
T. Yu, et al., Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things, Proceedings of the 14th ACM Workshop on Hot Topics in Networks, 2015
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes, Software-defined networking security: pros and cons. IEEE Commun. Mag. 53, 73 (2015)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Rayes, A., Salam, S. (2022). Internet of Things Security and Privacy. In: Internet of Things from Hype to Reality. Springer, Cham. https://doi.org/10.1007/978-3-030-90158-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-90158-5_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90157-8
Online ISBN: 978-3-030-90158-5
eBook Packages: Computer ScienceComputer Science (R0)