INTRODUCTION:

The new revolution that is internet of things, which is rapidly facilate intelligent applications to make other domain “smatter”. Starting from health, industry, home, cities, agriculture, retail, environment, energy the scope of IOT is not limited, but it allows many sector not only connecting devices but also exchange and communicate data associated in the cloud. IOT platform is good because for its self configuring capability, allowing large no of devices to work together. It also have the capability of dynamically adopt the immediate changing of contexts but it takes appropriate operation according to changes applied. It has also unique identify i.e. as an IP address or a URI. It also allows interoperable protocols for communicate other devices and models. IOT device generic block diagram is shown in figure 1.

Fig. 1 IOT device generic block diagram

Different IOT devices are used namely camera, industrial machine, smart phone, home appliances, wearable electronics, retail payment system etc. . If we consider about home automation IOT includes smart appliances, smart lighting, smoke / gas detector . If we consider for cities IOT applications are smart parking, smart road lighting, smart control over roads, emergency response and emergency health information. If considering for environment the application includes like air pollution monitoring, whether monitoring, noise pollution monitoring, forest fire detection, river floods detection. In energy sector applications like smart renewable energy system, smart grid . Similarly for retail, one can say for smart payment, smart vending machine, inventory management remote vehicle diagnostic, Industry or mall air quality monitoring.

IOT applications provide interference that users are able to monitor various aspects of IOT system or devices. It providing functions like message, content integrity, authentication, authorization and data security. Some services are like device control, device monitoring to the users. Overall it provides sensing as well as actuating, monitoring, control function and security. The functional building blocks of IOT is shown in figure 2.

Fig. 2 IOT Functional block diagram

CATEGORIZATION OF SECURITY ISSUES:

Bases on categorization .security issues are of three types which is shown in figure 3.

Fig. 3 Security categorization.

Low Level Security Issues:

These kind of issues are in data link and physical layer of communication as well as in device hardware. Sleep deprivation attack [1], insecure initialization [2], low level Sybil [3,20] and spoofing attacks [4,21] and insecure physical interfaces comes under low level security issues.

Intermediate Level Security Issues:

These issues are mainly in session management, routing and in communication in network and transport layer of IOT architecture . Intermediate level security issues are just like insecure neighbor discovery [5], buffer reservation attack [6], authentication and secure communication [7], transport level end to end security [8], duplication attack due to fragmentation.[6].

High Level Security Issues:

It will be mainly creating issues while when device execution time when performing a application. Insecure software / firmware [4], CoAP security with internet, insecure interfaces comes under high level security issue.

IMPORTANCE OF SECURITY AND ATTACKS IN IOT:

Different challenges are in front of IOT systems [9]. So security is the prime factor because there is integration of the device with physical world, resources constants, communication between devices, privacy and lastly connection in a large scale with large volume.

IOT has similar attacks just like threats or attacks in cyber system for example feedback integrity attack [10,22], Sybil attack [11], packet spoofing, environmental threat, corruption of data, software malfunction, bounded attacks and different vigorous for software failure[12]. IOT security and privacy issues is shown in figure 4.

Fig. 4 IoT security and privacy issues [9].

Table 1 WSNs and IOT characterization.

Characteristics	Wireless Sensor Networks (WSNs)	IOT
Privacy	Some privacy expectation	Very high privacy expectation
Heterogeneity	Mostly homogeneous devices	Heterogeneous communications and devices
Scalability	Large scale	Very large scale
Communication	Mostly one-direction communication	Two-direction communication

Table 2 Traditional IT Security Versus IOT Security

Traditional IT Security	IOT Security
IT devices are located in close environment	IOT devices are located in open environment
Many security guards	Few security guards
Complex algorithm used	Light weight algorithm used
ADD-on security	Built in security

Table 1 describe the how the characteristic of IOT is better then wireless sensor networks. And in table 2 security difference in traditional and IOT security system.

DEVELOPED ALGORITHM FOR DIFFERENT ATTACKS:

There are different IOT protocols comes under different layers jus like under service and application level CoAP and MQTT protocols, similarly under physical level BLE, WI-FI, LTE and also IEEE 802.15.4. Protocols like RPL and IPv4/ IPv6 comes under network level. Secure MQTT solution with ABE [15]. Lithe solution is for data transits attack in CoAP protocol level [16]. EEA and EIA algorithm used for data transits attack [17] in physical protocol level. SecKit solution for secure and application level [18,23]. AES/CCM algorithm used for network level for data transits attack [19].

Layer removing/adding attack Countermeasure with Packet transmitting witness [13], aggregated transmission evidence . Similarly for Forward and backward security countermeasure by Cryptographic one-way hash chain [14] Identity privacy Pseudonym [14], group signature, connection anonymization and for Location privacy Pseudonym [14], one-way trapdoor permutation .

CONCLUSION:

Here we review some IOT security issues, IOT applications for the us of different domain. It also provide reliable, scale able and efficient solution to the research community . More suitable solution should be require to make more privacy, confidential and more trust with all kind of guarantee. More significant attention to industry and academic, though they will have to take different world to the user’s.

REFERENCES:

1. T. Bhattasali, R. Chaki, A survey of recent intrusion detection systems for wireless sensor network, in: D.C. Wyld, M. Wozniak, N. Chaki, N. Meghanathan, D. Nagamalai (Eds.), Advances in Network Security and Applications: 4th International Conference, CNSA 2011, Chennai, India, July 15–17, 2011, Springer Berlin Heidelberg, Berlin, Heidelberg, 2011, pp. 268–280.

2. S.H. Chae, W. Choi, J.H. Lee, T.Q.S. Quek, Enhanced secrecy in stochastic wireless networks: Artificial noise with secrecy protected zone, Trans. Info. for. Sec. 9 (10) (2014) 1617–1628. http://dx.doi.org/10.1109/TIFS.2014.2341453.

3. L. Xiao, L.J. Greenstein, N.B. Mandayam, W. Trappe, Channel-Based detection of sybil attacks in wireless networks, IEEE Transa. Inf. Forensics Secur. 4 (3) (2009) 492–503.

4. OWASP, Top IoT Vulnerabilities, 2016. URL https://www.owasp.org/index. php/Top_IoT_Vulnerabilities.

5. R. Hummen, J. Hiller, H. Wirtz, M. Henze, H. Shafagh, K. Wehrle, 6LoWPAN Fragmentation attacks and mitigation mechanisms, in: Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec ’13, ACM, New York, NY, USA, 2013, pp. 55–66. http://dx.doi. org/10.1145/2462096.2462107.

6. R. Riaz, K.-H. Kim, H.F. Ahmed, Security analysis survey and framework design for IP connected LoWPANs, in: 2009 International Symposium on Autonomous Decentralized Systems, 2009, pp. 1–6. http://dx.doi.org/10.1109/ ISADS.2009.5207373.

7. J. Granjal, E. Monteiro, J.S. Silva, Network-layer security for the Internet of Things using TinyOS and BLIP, Int. J. Commun. Syst. 27 (10) (2014) 1938– 1963. http://dx.doi.org/10.1002/dac.2444.

8. M. Brachmann, O. Garcia-Morchon, M. Kirsche, Security for practical CoAP applications: Issues and solution approaches, in: 10th GI/ITG KuVS Fachgespraech Sensornetze (FGSN 2011), 2011.

9. Čolaković, Alem, and Mesud Hadžialić. "Internet of things (IoT): A review of enabling technologies, challenges, and open research issues." Computer Networks (2018).

10. A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, M. Ayyash, Internet of Things: a survey on enabling technologies, protocols, and applications, IEEE Commun. Surv. Tutorials 17 (June (4)) (2015) 2347–2376 .

11. A . Al-Fuqaha, A . Khreishah, M. Guizani, A. Rayes, M. Mohammadi, Toward better horizontal integration among IoT services, IEEE Commun. Mag. 53 (September (9)) (2015) 72–79 .

12. R. Roman, P. Najera, J. Lopez, Securing the Internet of Things, Computer 44 (September (9)) (2011) 51–58 .

13. H. Zhu et al., “SMART: A Secure Multilayer Credit-Based Incentive Scheme for Delay-Tolerant Networks,” IEEE Trans. Vehic. Tech., vol. 58, no. 8, Oct. 2009, pp. 4628–39.

14. X. Lin et al., “TSVC: Timed Efficient and Secure Vehicular Communications with Privacy Preserving,” IEEE Trans. Wireless Commun., vol. 7, no. 12, 2008, pp. 4987–98.

15. M. Singh, M. A. Rajan, V. L. Shivraj, and P. Balamuralidhar, “Secure MQTT for Internet of Things (IoT),” in Proc. 5th Int. Conf. Commun. Syst. Netw. Technol., Gwalior, India, 2015, pp. 746–751.

16. S. Raza, H. Shafagh, K. Hewage, R. Hummen, and T. Voigt, “Lithe: Lightweight secure CoAP for the Internet of Things,” IEEE Sensors J., vol. 13, no. 10, pp. 3711–3720, Oct. 2013.

17. S. Chakrabarty and D. W. Engels, “Black networks for Bluetooth low energy,” in Proc. IEEE Int. Conf. Consum. Electron. (ICCE), Las Vegas, NV, USA, 2016, pp. 11–14.

18. C. Hennebert and J. D. Santos, “Security protocols and privacy issues into 6LoWPAN stack: A synthesis,” IEEE Internet Things J., vol. 1, no. 5, pp. 384–398, Oct. 2014.

19. J. Granjal, E. Monteiro, and J. S. Silva, “Security for the Internet of Things: A survey of existing protocols and open research issues,” IEEE Commun. Surveys Tuts., vol. 17, no. 3, pp. 1294–1312, 3rd Quart., 2015.

20. Mishra, Alekha Kumar, Asis Kumar Tripathy, Deepak Puthal, and Laurence T. Yang. "Analytical Model for Sybil Attack Phases in Internet of Things." IEEE Internet of Things Journal(2018).

21. Zhang, J., Blum, R. S., and Poor, H. V. (2018). Approaches to Secure Inference in the Internet of Things: Performance Bounds, Algorithms, and Effective Attacks on IoT Sensor Networks. IEEE Signal Processing Magazine, vol.35,no.5, pp. 50-63.

22. Battisti, F., Bernieri, G., Carli, M., Lopardo, M., and Pascucci, F. (2018, June). Detecting Integrity Attacks in IoT-based Cyber Physical Systems: a Case Study on Hydra Testbed. In 2018 Global Internet of Things Summit (GIoTS) (pp. 1-6). IEEE.

23. Ni, J., Zhang, K., Lin, X., and Shen, X. S. (2017). Securing fog computing for internet of things applications: Challenges and solutions. IEEE Communications Surveys and Tutorials, 20(1), 601-628.

Received on 11.12.2018 Accepted on 15.02.2019

Int. J. Tech. 2018; 9(1):01-04.

DOI: 10.5958/2231-3915.2019.00001.4