Siga este enlace para ver otros tipos de publicaciones sobre el tema: Security of IoT.
Tesis sobre el tema "Security of IoT"
Crea una cita precisa en los estilos APA, MLA, Chicago, Harvard y otros
Consulte los 50 mejores tesis para su investigación sobre el tema "Security of IoT".
Junto a cada fuente en la lista de referencias hay un botón "Agregar a la bibliografía". Pulsa este botón, y generaremos automáticamente la referencia bibliográfica para la obra elegida en el estilo de cita que necesites: APA, MLA, Harvard, Vancouver, Chicago, etc.
También puede descargar el texto completo de la publicación académica en formato pdf y leer en línea su resumen siempre que esté disponible en los metadatos.
Explore tesis sobre una amplia variedad de disciplinas y organice su bibliografía correctamente.
1
Laaboudi, Younes. "Reactive security of IoT communications". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-249633.
Texto completoResumen
IoT networks’ intrinsic vulnerabilities can be protected through intru- sion detection and response systems (IDRS). Anomaly-based intrusion detection offers multiple advantages: it can detect unknown attacks and it can adapt to multiple types of protocols. However, intrusion response is harder to carry out in combination with an anomaly-based detection system in part due to the possibility of false positive alerts. Through two implementations of IDRS in two distinct IoT networks, this thesis will highlight ways to improve anomaly-based detection and allow for appropriate response when possible. The results show that anomaly-based detection can be used in the case of a ZigBee IoT network to detect different types of attacks without previous knowl- edge of these attacks. Moreover, soft response methods that improve the quality of detection with a low impact on the IoT network behavior are achievable.IoT-nätverks sårbarheter kan skyddas genom intrångsdetektering och svarsystem (IDRS). Anomalibaserad intrångsdetektering erbjuder flera fördelar: det kan upptäcka okända attacker och det kan anpassa sig till flera typer av protokoll. Inbrottssvaret är svårare att genomföra i kombination med ett anomalibaserat detekteringssystem, delvis på grund av möjligheten till falska positiva varningar. Det här exjobbet söker sätt att förbättra anomalibaserad detektering och svar genom två implementeringar av IDRS i två distinkta IoT-nätverk. Resultaten visar att anomalibaserad detektering kan användas vid ett ZigBee IoT- nätverk för att upptäcka olika typer av attacker utan tidigare kunskaper om den här attackerna. Dessutom kan mjuka svarmetoder användas för att förbättrar detekteringskvaliteten med låg inverkan på IoT- nätverksbeteendet.
2
Shakra, Mohamed y Ahmad Jabali. "Evaluating Security For An IoT Device". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-289631.
Texto completoResumen
IoT systems usage is rapidly growing, and is involved in many industries causing more potential security flaws to a freshly new field. Even light bulbs, have a new generation called smart light bulbs have taken a step into the IoT world. In this project an affordable and available light bulb has it’s security evaluated by using a well known attacks to test the device security. It was concluded that the studied light bulb was found to be secured by the array of penetration tests carried in this project. However, the methods used for evaluating the device can be applicable to any other IoT for any future security evaluation.IoT-systemanvändningen växer snabbt och är involverad i många branscher som orsakar fler potentiella säkerhetsbrister i ett nyligen nytt fält. Även glödlampor, har en ny generation som heter textit smarta glödlampor har tagit ett steg in i IoT- världen. I det här dokumentet utvärderas en prisvärd och tillgänglig glödlampa genom att använda en välkänd attack för att testa enhetens säkerhet. Det drogs slutsatsen att den studerade glödlampan befanns vara säkrad genom den mängd penetrationstester som utfördes i detta dokument. Metoderna som används för att utvärdera enheten kan dock tillämpas på vilken annan IoT som helst för framtida säkerhetsutvärdering.
3
Makkar, Ankush. "Enhancing IoT Security Using 5G Capabilities". Thesis, Luleå tekniska universitet, Digitala tjänster och system, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-85109.
Texto completoResumen
Internet of Things (IoT) is an ecosystem comprises CT (Communication Technology),IT (Information Technology) and sometime OT (Operational Technologies) wheredifferent machines and devices can interact with each other and exchange useful datawhich can be processed using different IoT applications to take decisions and performrequired actions. Number of IoT devices and IoT networks are growing exponentially.Security is of utmost importance and without proper security implementation, IoTNetworks with billions of devices will be hacked and used as botnets which can createdisaster. The new IoT use cases cannot be realized using the current communicationtechnologies due to the QoS (Quality of Service) and business requirements. 5Gnetwork are designed keeping IoT use cases in mind and with the development of 5Gnetwork, it will be easier to implement more secured IoT network and enable differentIoT use cases which are not feasible today.To build the future IoT networks with 5G, it’s important to study and understand 5Gsecurity features. Security is perceived as one of the most important considerationwhile building IoT solutions and to implement 5G network for IoT solutions require anoverall understanding of 5G security features. In the thesis, work have been done toidentify the gap in the current research with respect to 5G security features anddescribe 5G features that will enhance IoT security. After identifying key 5G securityfeatures, the implementation of the identified 5G security features will be describedwith the 5G based smart grid and smart factory use cases. The key finding is howdifferent 5G security capabilities secure IoT communication and another importantfinding is that not all security capabilities are applicable to all IoT use cases. Hence,security capabilities to be used based on the 5G use case requirement.
4
Söderquist, Mårten. "Tiny Security : Evaluating energy use for security in an IoT application". Thesis, Mittuniversitetet, Institutionen för data- och systemvetenskap, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-36860.
Texto completoResumen
IoT devices are increasingly used in the process of gathering scientific data. In environmental monitoring IoT devices can be used as remote sensing devices to collect information about e.g. temperature. To keep data reliable, various security aspects have to be considered. Constrained devices are limited by memory size and battery life, a security solution has to be developed with this in mind. In this study an IoT security solution was developed in collaboration with a research group in environmental science at Umeå University. We selected commonly used algorithms and compared them with the goal to provide authentication and integrity for an IoT application, while minimizing energy use running on an Atmega 1284P. The results showed that the encryption algorithm AES-256-GCM is a good choice for a total security solution. AES-256-GCM provides authenticated encryption with additional data while, in relation to the other tested algorithms, using energy at a low level and leaving a small program size footprint.
5
Mansouri, Mohamad. "Performance and Verifiability of IoT Security Protocols". Electronic Thesis or Diss., Sorbonne université, 2023. http://www.theses.fr/2023SORUS065.
Texto completoResumen
L'internet des objets (IoT) est l'une des technologies les plus importantes de notre monde actuel. Il est composé d'appareils connectés dotés de capteurs et de capacités de traitement, tous reliés à une plateforme unique qui les orchestre. L'intégration de ces dispositifs IoT dans de nombreuses applications de la vie réelle (par exemple, le transport, les soins de santé, les industries, ...) a impliqué des améliorations significatives de la performance et de l'efficacité. En conséquence, nous avons assisté à un boom du nombre de dispositifs IoT déployés et de leurs plateformes correspondantes. Ces dispositifs IoT utilisent les données réelles de leur environnement de déploiement et les envoient à la plateforme. Les données collectées par ces dispositifs sont souvent des informations sensibles. Par conséquent, la confidentialité des données des utilisateurs est l'une des principales préoccupations de l'IoT. En outre, les applications IoT reposent sur l'automatisation de tâches fréquentes pour une meilleure efficacité. Malheureusement, le transfert du contrôle d'opérations habituellement contrôlées par l'homme vers l'IoT risque de compromettre la sécurité des utilisateurs de l'IoT. Cette thèse traite des problèmes de confidentialité et de sécurité soulevés par l'IoT. Nous proposons des protocoles de sécurité qui préservent la confidentialité des données des utilisateurs. En plus de la confidentialité, nous voulons concevoir des solutions vérifiables qui garantissent l'exactitude des calculs effectués par les dispositifs IoT et la plateforme. Nous concevons ces solutions en nous concentrant sur leurs performances spécifiquement pour l'IoT. Plus précisément, nous proposons des protocoles qui sont évolutifs pour faire face au nombre croissant de dispositifs IoT. Nous considérons également des protocoles tolérants aux pannes pour faire face à la mobilité et aux abandons fréquents des dispositifs IoT. Nous nous concentrons sur deux protocoles de sécurité : l'agrégation sécurisée et l'attestation à distance. L'agrégation sécurisée est un protocole où un agrégateur calcule la somme des entrées privées d'un ensemble d'utilisateurs. Dans cette thèse, nous proposons le premier protocole d'agrégation sécurisée vérifiable (VSA) qui donne des garanties formelles de sécurité dans le modèle malveillant. Notre solution préserve la confidentialité des entrées de tous les utilisateurs et l'exactitude du résultat de l'agrégation. En outre, nous proposons un nouveau protocole d'agrégation sécurisée tolérant aux pannes (FTSA) basé sur le cryptage additif-homomorphe. Le schéma permet aux utilisateurs de l'agrégation sécurisée de se retirer du protocole et offre un mécanisme pour récupérer l'agrégat sans affecter la confidentialité des données. Nous montrons que le FTSA surpasse les solutions de l'état de l'art en termes d'évolutivité par rapport au nombre d'utilisateurs. D'autre part, un protocole d'attestation à distance est un protocole qui permet à un dispositif IoT (agissant en tant que prouveur) de prouver son intégrité logicielle à la plateforme IoT (agissant en tant que vérificateur). Nous proposons un nouveau protocole collaboratif d'attestation à distance (FADIA) dans lequel les dispositifs collectent des attestations les uns des autres et les agrègent. FADIA traite de l'hétérogénéité et de la nature dynamique de l'IoT en tenant compte de l'équité dans sa conception. L'évaluation de FADIA montre une augmentation de la durée de vie d'un réseauThe Internet of Things (IoT) is one of the most important technologies in our current world. It is composed of connected devices with sensors and processing abilities, all connected to a single platform that orchestrates them. The integration of these IoT devices into many real-life applications (eg., transportation, industries, ...) implies significant performance and efficiency improvements. As a consequence, we have seen a boom in the number of IoT devices deployed and their corresponding platforms. These IoT devices use real-time data from their deployment environment and send them to the platform. The collected data by these devices often consist of sensitive information belonging to the individual who uses this technology. Hence, the privacy of users' data is one of the important concerns in IoT. Moreover, IoT applications rely on automating frequent tasks to achieve better efficiency. Unfortunately, moving control of usually human-controlled operations to the IoT presents some non-negligible risks to the safety of IoT users. This thesis deals with the privacy and safety concerns raised by IoT. We propose security protocols that preserve the privacy of the users' data. In addition to privacy, we design verifiable solutions that guarantee the correctness of the computations performed by the IoT devices and the platform and hence increase trust toward this technology. We design these solutions while focusing on their performance. More precisely, we propose protocols that are scalable to cope with the increasing number of IoT devices. We also consider protocols that are fault-tolerant to cope with the frequent dropouts of IoT devices. We particularly focus on two security protocols: Secure Aggregation and Remote Attestation. Secure aggregation is a protocol where an aggregator computes the sum of the private inputs of a set of users. In this thesis, we propose the first verifiable secure aggregation protocol (VSA) that gives formal guarantees of security in the malicious model. Our solution preserves the privacy of users' inputs and the correctness of the aggregation result. Moreover, we propose a novel fault-tolerant secure aggregation protocol (FTSA) based on additively-homomorphic encryption. The scheme allows users in secure aggregation to drop from the protocol and offers a mechanism to recover the aggregate without affecting the privacy of the data. We show that FTSA outperforms the state-of-the-art solutions in terms of scalability with respect to the number of users. On the other hand, a remote attestation protocol is a protocol that allows an IoT device (acting as a prover) to prove its software integrity to the IoT platform (acting as the verifier). We propose a new collaborative remote attestation protocol (FADIA) in which devices collect attestations from each other and aggregate them. FADIA deals with the heterogeneity and dynamic nature of IoT by considering fairness in its design. The evaluation of FADIA shows an increase in the lifetime of the overall network
6
Tjäder, Hampus. "End-to-end Security Enhancement of an IoT Platform Using Object Security". Thesis, Linköpings universitet, Informationskodning, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-138838.
Texto completoResumen
The Internet of Things (IoT) is seen as one of the next Internet revolutions. In a near future the majority of all connected devices to the Internet will be IoT devices. These devices will connect previously offline constrained systems, thus it is essential to ensure end-to-end security for such devices. Object Security is a concept where the actual packet or sensitive parts of the packet are encrypted instead of the radio channel. A compromised node in the network will with this mechanism still have the data encrypted ensuring full end-to-end security. This paper proposes an architecture for using the object security format COSE in a typical constrained short-range radio based IoT platform. The IoT platform utilizes Bluetooth Low Energy and the Constrained Application Protocol for data transmission via a capillary gateway. A proof-of-concept implementation based on the architecture validates that the security solution is implementable. An overhead comparison between current channel security guidelines and the proposed object security solution results in a similar size for each data packet. The thesis concludes that object security should be seen as an alternative for ensuring end-to-end security for the Internet of Things.
7
Shahidi, Hamed. "Security Challenges of Communication Protocols in IoT : Comparing security features of ZigBee and Z-Wave communication protocols in IoT devices". Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40113.
Texto completoResumen
This research studies the security challenges in IoT devices. At first, security challenges have been described and then specifically the security of communication protocols in the IoT has been addressed. Finally, among different communication protocols, ZigBee and Z-Wave protocols have been chosen for this study. The criterion for choosing these two protocols is the level of security they provide for IoT devices to protect them against unauthorized access and hacking. Security, frequency, power consumption and data rate are the characteristics that have been discussed in the review of these two protocols. In the end, a comparison of the various features of these two protocols clarified that the security of IoT devices in each of these protocols depends on the type of the IoT device, the required range and other requirements, however, in most cases the ZigBee protocol showed more security than Z-Wave.
8
Blázquez, Rodríguez Alberto. "Security and AAA Architectures in an IoT Marketplace". Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-234660.
Texto completoResumen
Nowadays, the concept of Internet of Things has revolutionized the industry, making possible the existence of billions of devices worldwide that constantly produce vast amounts of data. This valuable information may only be processed and filtered by complex applications that will eventually sell the information as products. As a consequence, protection of this data and secure, authorized access turn out to be key priorities in this field. A study about authentication protocols has been carried out, according to certain security factors, giving as outcome that OpenID Connect might be the best solution to the problem. Therefore, an authentication / authorisation module has been developed for an IoT platform to protect its data. Evaluations made for the module stated that the protocol and its implementation assure enough levels of security. Nonetheless, accounting features and a better user privacy management are still open issues that avoid full protection of data in an open technology as the Internet.
9
Beaulaton, Delphine. "Security Analysis of IoT Systems using Attack Trees". Thesis, Lorient, 2019. http://www.theses.fr/2019LORIS548.
Texto completoResumen
L’Internet des Objects (IoT) est un modèle qui évolue rapidement et qui permet à des utilisateursd’utiliser et contrôler une large variété d’objets connectés entre eux. Ces environnementsconnectés augmentent la surface d’attaque d’un système puisque les risques sont multipliés parle nombre d’appareils connectés. Ces appareils sont responsables de tâches plus ou moinscritiques, et peuvent donc être la cible d’utilisateurs malveillants. Dans ce travail de thèse nousprésentons une méthodologie pour évaluer la sécurité de systèmes IoT. Nous proposons unemanière de représenter les systèmes IoT, couplée avec des arbres d’attaques afin d’évaluer leschances de succès d’une attaque sur un système donné. La représentation des systèmes est faitevia un langage formel que nous avons développé : SOML (Security Oriented Modeling Language).Ce langage permet de définir le comportement des différents acteurs du système et d’ajouterdes probabilités sur leurs actions. L’abre d’attaque nous offre un moyen simple et formel dereprésenter de possibles attaques sur le système. L’analyse probabiliste est ensuite effectuée viaun outil de Statistical Model Checking : Plasma. Nous utilisons deux algorithmescomplémentaires pour effectuer cette analyse : Monte Carlo et importance splittingLoT is a rapidly emerging paradigm that provides a way to the user to instrument and control a large variety of objects interacting between each other over the Internet. In IoT systems, the security risks are multiplied as they involve hetero- geneous devices that are connected to a shared network and that carry critical tasks, and hence, are targets for malicious users. In this thesis, we propose a security-based framework for modeling IoT systems where attack trees are defined alongside the model to detect and prevent security risks in the system. The language we implemented aims to model the IoT paradigm in a simple way. The IoT systems are composed of entities having some communication capabilities between each other. Two entities can communicate if (i) they are connected through a communication protocol and (ii) they satisfy some constraints imposed by the protocol. In order to identify and analyze attacks on the security of a system we use attack trees which are an intuitive and practical formal method to do so. A successful attack can be a rare event in the execution of a well-designed system. When rare, such attacks are hard to detect with usual model checking techniques. Hence, we use importance splitting as a statistical model checking technique for rare events
10
Szreder, Mikael. "IoT Security in Practice : A Computer Security Analysis of the IKEA “TRÅDFRI” Platform". Thesis, Linköpings universitet, Informationskodning, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-161042.
Texto completoResumen
In order to develop secure Internet of Things (IoT) devices, it is vital that security isconsidered throughout the development process. However, this is not enough as vulnerabledevices still making it to the open market. To try and solve this issue, this thesis presentsa structured methodology for performing security analysis of IoT platforms. The presented methodology is based on a black box perspective, meaning that theanalysis starts without any prior knowledge of the system. The aim of the presentedmethodology is to obtain information in such a way as to recreate the system design fromthe implementation. In turn, the recreated system design can be used to identify potentialvulnerabilities. Firstly the potential attack surfaces are identified, which the methodology calls inter-faces. These interfaces are the point of communication or interaction between two partsof a system. Secondly, since interfaces do not exist in isolation, the surrounding contextsin which these interfaces exist in are identified. Finally the information processed by theseinterfaces and their contexts are analyzed. Once the information processed by the iden-tified interfaces in their respective contexts are analysed, a risk assessment is performedbased on this information. The methodology is evaluated by performing an analysis of the IKEA “TRÅDFRI”smart lighting platform. By analysing the firmware update process of the IKEA “TRÅD-FRI” platform it can be concluded that the developers have used standardized protocolsand standardized cryptographic algorithms and use these to protect devices from ma-licious firmware. The analysis does however find some vulnerabilities, even though thedevelopers have actively taken steps to protect the system.
11
Nazim, Umair. "Securing Internet of Things (IoT)". Thesis, The University of Sydney, 2018. http://hdl.handle.net/2123/20275.
Texto completoResumen
The Internet of Things (IoT) is our future and human life is now entering in to a generation where everyone will be using sensory information and artificial intelligence to make day to day life decisions in real-time. With implementation and enhancements around Internet protocol (IP) now it’s possible to connect and control these devices from anywhere around the globe they can be control by either human or even machines. Security is a critical element and building block for Internet of things (IoT) success. First, we have worked finding out possibility of detecting different types of attacks in Internet of things Wireless networks and identify them based on throughput, delay and energy consumed. Attack that we have work on include DOS attacks and DDOS attacks. Motivated by current use of Blockchain in resolving various problems we have evaluated its implementation to find solutions to secure Internet of Things. This become possible by utilising block chain network and smart contracts to validate any IoT communication . Using Blockchain network allowed IoT to detect securely authenticate without over utilizing device resource keeping in mind the limited hardware and bandwidth. IoT node or nodes communicates to a validator node within Blockchain network to get the most current binary of contracts status and in order to achieve this all the devices required to be in sync with Blockchain version of accounts stored by this validator node. We have worked out how this communication will work in order to ensure security and privacy while doing performance analysis of overheads. In conclusion IoT and Blockchain combine together is very promising solution to solve many current security issues in order to take it to mass scale deployment which allow implementation of Internet of things for a purposeful manner.
12
Lu, Lu. "IoT Network Watchdog". Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-34008.
Texto completoResumen
The Internet of Things (IoT) plays an important role in the coming era of the Internet development. In addition to the convenience and opportunities it brings to us, there comes with the security issues, which could lead to the privacy leakage, it’s a threaten to the whole IoT system. To deal with the potential dangerous element hidden behind this technology, monitoring on the network would be indispensable. To develop and implements the digital network watchdog system that monitors the local network and the connected device, firstly, I surveyed the area related to the IoT attacks. The network monitor system provides basic network monitoring function, connected device tracking and monitoring function, reliable device operating function. I used the packages provided by Raspberry Pi to realize the general monitoring and transferred the captured result for further analysis. Also, I made use of SNMP and drawing tool to create graphs of different parameters in the monitoring of both network and connected devices. Then I implemented database with web service on Raspberry Pi to realize device operating. In evaluation, the system works well in general monitoring with all information provided and low lost package percentage, the graphs can provide situation of different parameters, and the respond time in the operation time of database is short. I discussed the ethical thinking and proposed the ethical thinking and future work.
13
Tiburski, Ram?o Tiago. "Security services provision for SOA-based IoT middleware systems". Pontif?cia Universidade Cat?lica do Rio Grande do Sul, 2016. http://tede2.pucrs.br/tede2/handle/tede/6859.
Texto completoResumen
Submitted by Setor de Tratamento da Informa??o - BC/PUCRS (tede2@pucrs.br) on 2016-07-27T17:56:43Z
No. of bitstreams: 1
DIS_RAMAO_TIAGO_TIBURSKI_COMPLETO.pdf: 2123547 bytes, checksum: e9ad13edc13527a81d422052d71a67fa (MD5)Made available in DSpace on 2016-07-27T17:56:43Z (GMT). No. of bitstreams: 1 DIS_RAMAO_TIAGO_TIBURSKI_COMPLETO.pdf: 2123547 bytes, checksum: e9ad13edc13527a81d422052d71a67fa (MD5) Previous issue date: 2016-03-16
The evolution of the Internet of Things (IoT) requires an infrastructure of systems that can provide services for devices abstraction and data management, and also support the development of applications. IoT middleware has been recognized as the system that can provide this necessary infrastructure of services and has become increasingly important for IoT over the last years. The architecture of an IoT middleware is usually based on SOA (Service-Oriented Architecture) standard and has security requirement as one of its main challenges. The large amount of data that flows in this kind of system demands security services able to ensure data protection in the entire system. In addition, some IoT applications, mainly those from e-health environments, have brought new requirements in terms of secure communication and acceptable response time for critical services. Although IoT middleware technologies have been used to cope with the most relevant requirements demanded by different IoT applications, security is a special topic that is not mature enough in this kind of technology. The security challenges regarding e-health scenarios are concentrated mainly on issues surrounding the communication layer, specially those cases in which patient data are transmitted in open networks where they are more vulnerable to attacks. In this sense, there is a need for ensure data confidentiality and integrity in middleware system layers to enable a reliable understanding of a patient current life state. This work proposes the definition of four security services focused on data protection in order to minimize security problems found in SOA-based IoT middleware systems. We implemented only one of these services (CCP - Communication Channel Protection) which is composed of two security approaches: TLS and DTLS. Both approaches are known security protocols able to provide confidentiality, integrity, and authenticity. The implemented service was focused on protecting data transmission in an IoT middleware system (COMPaaS - Cooperative Middleware Platform as a Service) and was validated through a specific e-health scenario. The main goal was to verify if our security implementations compromise, in terms of response time, the communication performance of the middleware system, which is the key requirement of the e-health scenario. Tests revealed a satisfactory result since the implemented approaches respected the response time requirement of the application and protected the transmitted data.
A evolu??o da IoT (do ingl?s, Internet of Things) requer uma infra-estrutura de sistemas que seja capaz de fornecer servi?os tanto para abstra??o de dispositivos e gerenciamento de dados, quanto para suporte ao desenvolvimento de aplica??es. Middleware para IoT tem sido reconhecido como o sistema capaz de prover esta infra-estrutura necess?ria de servi?os e vem se tornando cada vez mais importante para a Internet das Coisas ao longo dos ?ltimos anos. A arquitetura de um sistema de middleware para IoT geralmente est? baseada no padr?o SOA (do ingl?s, Service-Oriented Architecture) e tem o requisito de seguran?a como um dos seus principais desafios. A grande quantidade de dados que trafega nesse tipo de sistema exige servi?os de seguran?a capazes de garantir a prote??o dos dados em toda a extens?o do sistema. Al?m disso, algumas aplica??es para IoT, pricipalmente aquelas voltadas para ambientes de sa?de, fizeram surgir novos requisitos em termos de comunica??o segura e tempo de resposta aceit?vel para servi?os cr?ticos. Embora diversas tecnologias de middleware para IoT t?m sido utilizadas para lidar com os requisitos mais relevantes exigidos pelas diferentes aplica??es existentes para IoT, seguran?a ainda ? um tema especial que n?o est? maduro o suficiente neste tipo de tecnologia. Os desafios de seguran?a relacionados ? cen?rios de sa?de est?o concentrados, principalmente, nas quest?es relacionadas com a camada de comunica??o, especialmente nos casos em que dados de pacientes s?o transmitidos em redes abertas, onde s?o mais vulner?veis a ataques. Neste sentido, existe a necessidade de garantir confidencialidade e integridade de dados nas camadas do middleware para permitir um entendimento mais confi?vel a respeito do estado de vida de um paciente. Este trabalho prop?e a defini??o de quatro servi?os de seguran?a voltados para prote??o de dados a fim de minimizar os problemas de seguran?a encontrados em sistemas de middleware para IoT baseados em SOA. Apenas um dos servi?os de seguran?a propostos foi implementado neste trabalho (o CCP - Communication Channel Protection), o qual ? um servi?o composto pela implementa??o de dois protocolos de seguran?a: TLS e DTLS. Ambas abordagens est?o baseadas em protocolos de seguran?a j? conhecidos e capazes de garantir confidencialidade, integridade e autenticidade. O servi?o implementado visa proteger a transmiss?o de dados em um sistema de middleware para IoT (COMPaaS - Cooperative Middleware Platform as a Service), e foi validado atrav?s de um cen?rio de aplica??o espec?fico para a ?rea da sa?de. O principal objetivo da valida??o foi verificar se as implementa??es dos servi?os de seguran?a estavam comprometendo, em termos de tempo de resposta, o desempenho das camadas de comunica??o dos sistemas do middleware COMPaaS, o qual ? o requisito fundamental do cen?rio de sa?de. Testes revelaram resultados satisfat?rios visto que as abordagens implementadas respeitaram o requisito de tempo de resposta da aplica??o e protegeram os dados transmitidos.
14
Bisiach, Jonathon y Victor Elfving. "PUF-enabled blockchain for IoT security : A comparative study". Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-45589.
Texto completoResumen
The introduction of Physical Unclonable Functions (PUFs) and lightweight consensus algorithms to aid in the bolstering of security and privacy in both IoT and IoE does show a great deal of promise not only in these areas, but in resource cost over traditional methods of blockchain. However, several previous studies make claims regarding performance of novel solutions without providing detailed information as to the physical components of their experiments. This comparative study shows that Proof of Authentication (PoAh) performs the best out of three selected consensus algorithms and that the claims made regarding the performance of PUFChain and Proof of PUF-enabled Authentication (PoP) could not be replicated in this instance.
15
Andersen, Adelina. "Exploring Security and Privacy Practices of Home IoT Users". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-303002.
Texto completoResumen
Internet of Things (IoT) devices are becoming more and more common in homes, making the security and privacy of these increasingly important. Previous research has found that home IoT users can become a threat to themselves if they lack knowledge of their devices and awareness of potential threats. To investigate how the users’ security and privacy practices can be improved, it is necessary to understand the current everyday practices and what impacts these. This is examined in 10 interviews, revealing that the practices are primarily influenced by convenience, motivation and the effort required from the user. Using these insights, this thesis suggests that tangible interaction needs to be used as a complement to digital solutions to improve the security and privacy practices. By having a physical object that in a simple way can inform everyone of the current security and privacy situation and is equally accessible for all members of a household, the security and privacy can become more attainable for all users no matter their level of knowledge and experience.Internet of Things (IoT) enheter har blivit vanligt förekommande i hem vilket gör deras säkerhet och integritet allt viktigare. Det har tidigare visats att användare av IoT i hemmet kan utgöra ett hot mot sig själva om de saknar kunskap om enheterna och kännedom om potentiella hot. För att undersöka hur användarnas vanor kring säkerhet och integitet kan förbättras är det först nödvändigt att utforska de nuvarande vanorna och vad som påverkar dessa. Detta undersöks i tio intervjuer som visar att vanorna främst påverkas av bekvämlighet, motivation och ansträngningen som krävs av användaren. Utifrån dessa insikter föreslås det att fysisk interaktion används som ett komplement till digitala lösningar för att förbättra vanorna kring säkerhet och integritet. Genom att ha ett fysiskt objekt som på ett enkelt sätt kan förmedla enheternas nuvarande status och är lika tillgängligt för alla medlemmar i ett hushåll kan säkerhet och integritet bli mer uppnåeligt för alla användare, oavsett deras nivå av kunskap och erfarenhet.
16
Almosawi, Massar y Kristoffer Djupsjö. "IoT Security Applied on a Smart Door Lock Application". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-230153.
Texto completoResumen
This thesis describes the development of an IOT application based upon Digitizing a smart door lock for making it connected to the internet and able to recognize employees that work in the office. This thesis concentrates primarily on the security aspects by listing the typical security challenges in IOT systems in general and summing these challenges up to develop a functional and secure product from scratch. A microcontroller is chosen for this project and a test environment is built to experiment and develop the security breaches. Architectural designs are chosen for the API being developed and even for the Android Application. A detailed description is made of the multi-master database represented by Azure active directory and its importance to achieving the security of an essential security breach. A new technique called Eddystone is introduced in the project to serve the transmission protocol with Bluetooth beacons. The final stage of this project is completing the development of the Android application and making sure that all the subsystems developed do communicate with each other, to deliver a functional and secure flow of the IoT system.Följande examensarbete beskriver utvecklingen av en IoT-produkt baserad på digitalisering av ett smart dörrlås där applikationen ansluts till internet för igenkänning av anställda som arbetar på ett kontor. Examensarbetet fokuserar primärt på säkerhetsaspekterna genom att notera de typiska säkerhetsutmaningarna som generella IOT-system utsätts för och summerar dessa utmaningar för att utveckla en funktionell och säker produkt från start av projektet. En mikrokontroller väljs ut specifikt för projektet och en testmiljö byggs för att undersöka och motverka eventuella säkerhetsbrister. Rapporten ger även detaljerad beskrivning av multi-master databasen Azure Active Directory och dess betydelse för att uppnå önskad säkerheten i systemet. En ny teknik som heter Eddystone introduceras i projektet för att betjäna som överföringsprotokoll till Bluetooth-beacons. Det sista steget i detta projekt kompletteras utvecklingen av systemet med Androidapplikation som ser till att alla utvecklade delsystem kommunicerar med varandra och levererar ett funktionellt och säkert flöde av IOT-systemet.
17
Sandor, Alexander. "Security of dynamic authorisation for IoT through Blockchain technology". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-231868.
Texto completoResumen
The use of Internet of Things devices is an integral part of our modern society. Communication with internet of things devices is secured with asymmetric key encryption that is handled by the centralized certificate authority infrastructure. The emerging Blockchain technology now provides a safe way to change ownership of digital resources through a decentralized system that challenges the traditional centralized view of trust in digital systems. This project studies the security of building public key infrastructures and access communication protocols on Blockchain technology for IoT devices. An informal cryptographic analysis that used proof by contradiction showed that it is cryptographically safe to build Blockchain based Public Key Infrastructures. The analysed Blockchain based public key infrastructure was implemented with smart contracts and tested on the Ethereum platform along with a dynamic access control protocol ensuring dynamic authentication and distributed logging. The project also concluded that advancements in the software clients of nodes are required before Blockchain can be used in Internet of Things devices. This is due to the high storage demands required by currently available nodes.Användandet av "Internet of Things"-enheter är en integral del av vårt moderna samhälle. Kommunikation med "Internet of Things"-enheter är säkras genom asymmetrisk nyckelkryptering som hanteras i ett centraliserat system administrerat av certifieringsmyndigheter. Den banbrytande Blockchain-tekniken erbjuder nu ett säkert sätt att byta ägandeskap av digitala resurser i ett decentraliserat system, och utmanar den traditionella synen på tillit i digitala system. Det här projektet studerar säkerheten i att bygga en infrastruktur för publik nyckeldistribuering samt protokoll för accesskontrollering med hjälp av Blockchain-teknik för "Internet of Things"-enheter. Genom en informell kryptografisk analys och metoden motsägelsebevis visades det att det är kryptografiskt säkert att bygga infrastrukturer för publik nyckeldistribuering på Blockchain-teknik. En Blockchain-baserad infrastruktur för public nyckeldistribuering implementerades med smarta kontrakt och testades på Ethereum-plattformen tillsammans med ett protokoll för dynamisk accesskontroll som säkerställde dynamisk autentisering och distribuerad loggning. Projektet kom även fram till att ny mjukvara för noder behövs för att tekniken ska bli applicerbar i "Internet of Things"-enheter. Detta eftersom nuvarande noder behöver stort datautrymme för att fungera.
18
Ivancevic, Dean. "Privacy and security of IoT : A smart home perspective". Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-99071.
Texto completoResumen
In a world where technological progress is constant, understanding the views and experiences of users is essential. With the use of technology, there are many dangers. Issues with privacy and security are among them. This thesis deals with understanding the perception of privacy and security of smart home IoT devices. The literature review consists of understanding concepts of trust, possible ways of intrusion, and prevention and elaborating more about the Internet of Things technology and smart homes. The review also contains notes on previous findings of the user's perception. The review of the literature also connects possible ways of intrusion with the underlying IoT architecture as well as explains notions of privacy by design, compliance, and GDPR. To understand the phenomenon of privacy and security in the context of a smart home, a simple qualitative study was conducted. Sixteen participants who are part of the general public were interviewed. The collected information was analyzed using a general inductive approach, and answers were grouped into categories as suggested by Thematic Analysis. Interviews were done online and a transcript summary can be found in the last Appendix. The findings from the interviews suggest that privacy and convenience matter most to the users. Participants demonstrated a willingness to purchase if they perceived a device as something that will increase their quality of life and were willing to share data such as location but they were not willing to lose anonymity. What type of data and for what purpose was mentioned as most important. When it comes to security attacks, participants were less worried about how it might happen and more worried about what might happen to them and what are the consequences for them. In the conclusion of the study, I present advice for students and academia, device manufacturers, and service providers as well as the general public as the last main stakeholder. Since technology is not static, it would be of importance to revisit topics of privacy and security of IoT.
19
Shahid, Mustafizur Rahman. "Deep learning for Internet of Things (IoT) network security". Electronic Thesis or Diss., Institut polytechnique de Paris, 2021. http://www.theses.fr/2021IPPAS003.
Texto completoResumen
L’internet des objets (IoT) introduit de nouveaux défis pour la sécurité des réseaux. La plupart des objets IoT sont vulnérables en raison d'un manque de sensibilisation à la sécurité des fabricants d'appareils et des utilisateurs. En conséquence, ces objets sont devenus des cibles privilégiées pour les développeurs de malware qui veulent les transformer en bots. Contrairement à un ordinateur de bureau, un objet IoT est conçu pour accomplir des tâches spécifiques. Son comportement réseau est donc très stable et prévisible, ce qui le rend bien adapté aux techniques d'analyse de données. Ainsi, la première partie de cette thèse tire profit des algorithmes de deep learning pour développer des outils de surveillance des réseaux IoT. Deux types d'outils sont explorés: les systèmes de reconnaissance de type d’objets IoT et les systèmes de détection d'intrusion réseau IoT. Pour la reconnaissance des types d’objets IoT, des algorithmes d'apprentissage supervisé sont entrainés pour classifier le trafic réseau et déterminer à quel objet IoT le trafic appartient. Le système de détection d'intrusion consiste en un ensemble d'autoencoders, chacun étant entrainé pour un type d’objet IoT différent. Les autoencoders apprennent le profil du comportement réseau légitime et détectent tout écart par rapport à celui-ci. Les résultats expérimentaux en utilisant des données réseau produites par une maison connectée montrent que les modèles proposés atteignent des performances élevées. Malgré des résultats préliminaires prometteurs, l’entraînement et l'évaluation des modèles basés sur le machine learning nécessitent une quantité importante de données réseau IoT. Or, très peu de jeux de données de trafic réseau IoT sont accessibles au public. Le déploiement physique de milliers d’objets IoT réels peut être très coûteux et peut poser problème quant au respect de la vie privée. Ainsi, dans la deuxième partie de cette thèse, nous proposons d'exploiter des GAN (Generative Adversarial Networks) pour générer des flux bidirectionnels qui ressemblent à ceux produits par un véritable objet IoT. Un flux bidirectionnel est représenté par la séquence des tailles de paquets ainsi que de la durée du flux. Par conséquent, en plus de générer des caractéristiques au niveau des paquets, tel que la taille de chaque paquet, notre générateur apprend implicitement à se conformer aux caractéristiques au niveau du flux, comme le nombre total de paquets et d'octets dans un flux ou sa durée totale. Des résultats expérimentaux utilisant des données produites par un haut-parleur intelligent montrent que notre méthode permet de générer des flux bidirectionnels synthétiques réalistes et de haute qualitéThe growing Internet of Things (IoT) introduces new security challenges for network activity monitoring. Most IoT devices are vulnerable because of a lack of security awareness from device manufacturers and end users. As a consequence, they have become prime targets for malware developers who want to turn them into bots. Contrary to general-purpose devices, an IoT device is designed to perform very specific tasks. Hence, its networking behavior is very stable and predictable making it well suited for data analysis techniques. Therefore, the first part of this thesis focuses on leveraging recent advances in the field of deep learning to develop network monitoring tools for the IoT. Two types of network monitoring tools are explored: IoT device type recognition systems and IoT network Intrusion Detection Systems (NIDS). For IoT device type recognition, supervised machine learning algorithms are trained to perform network traffic classification and determine what IoT device the traffic belongs to. The IoT NIDS consists of a set of autoencoders, each trained for a different IoT device type. The autoencoders learn the legitimate networking behavior profile and detect any deviation from it. Experiments using network traffic data produced by a smart home show that the proposed models achieve high performance.Despite yielding promising results, training and testing machine learning based network monitoring systems requires tremendous amount of IoT network traffic data. But, very few IoT network traffic datasets are publicly available. Physically operating thousands of real IoT devices can be very costly and can rise privacy concerns. In the second part of this thesis, we propose to leverage Generative Adversarial Networks (GAN) to generate bidirectional flows that look like they were produced by a real IoT device. A bidirectional flow consists of the sequence of the sizes of individual packets along with a duration. Hence, in addition to generating packet-level features which are the sizes of individual packets, our developed generator implicitly learns to comply with flow-level characteristics, such as the total number of packets and bytes in a bidirectional flow or the total duration of the flow. Experimental results using data produced by a smart speaker show that our method allows us to generate high quality and realistic looking synthetic bidirectional flows
20
Lindström, Hannes y Gustav Marstorp. "Security Testing of an OBD-II Connected IoT Device". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-239367.
Texto completoResumen
The Internet of Things (IoT) is a rapidly growing network. As society begins to trust the devices in the IoT with increasingly complex tasks, issues regarding the security of these devices are of high priority. An example of an IoT-device in which failure of security could be fatal, is the Telia Sense. Telia Sense is an OBD-II dongle which together with a mobile application connects a car to a smartphone.In this paper, the discoveries that was made during security testing of Telia Sense will be discussed. The system was investigated through a black box perspective. Primarily, a model of the system was produced. Threats were then identified, ranked and tested accordingly.No major vulnerabilities were found. The results all indicated that Telia Sense is a well secured system. The main reasons to this is the fact that the device has very limited functionality and its communications are bounded. Even though no major vulnerabilities were found, this paper can still be used as a guide for future testing of security in IoT devices.
21
Wang, Han. "Homomorphic Encryption on the IoT". Thesis, Mittuniversitetet, Avdelningen för informationssystem och -teknologi, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-33998.
Texto completoResumen
Security is always a big problem in IoT (internet of things),when it comes to IoT, there must have cloud computing because many devices in IoT are small embedded devices and they don’t always have enough power to finish some complex calculations. Then, they need to take advantage of a third party system especially cloud at present to finish some operations, but the cloud is not safe enough now, in which some important and private information may be leaked, then people introduce homomorphic encryption which can do calculation on encrypted data. To meet the modern needs for random calculations in which the operation can have random times’ addition and multiplication, researchers are trying to make fully homomorphic encryption practical. So in my thesis, I would choose one fully homomorphic encryption scheme to implement a detailed IoT scenario using some IoT devices such as laptop and raspberry pi. Then I would use performance measurements such as response time calculations to do the performance evaluation such as effectiveness and scalability for this technique. Finally, I find some relationship between different parameters and response time, and also effectiveness, scalability in results and conclusion part.
22
Budda, Shiva Tarun. "Performance Analysis of Proxy based Encrypted communication in IoT environments : Security and Privacy ~ Distributed Systems Security". Thesis, Blekinge Tekniska Högskola, Institutionen för datalogi och datorsystemteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-15500.
Texto completo
23
Sethi, Mohit. "Security in Smart Object Networks". Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-104168.
Texto completoResumen
Internet of Things (IoT) refers to an inter-connected world where physical devices are seamlessly integrated into the Internet and become active participants of business, information and social processes. This involves the inter-connection of a large number of heterogeneous networked entities and networks. Emergence of technologies such as Zigbee, Bluetooth low energy and embedded sensors has transformed simple physical devices into smart objectsthat can understand and react to their environment. Such smart objects form the building blocks for the Internet of Things. The communication infrastructure for these objects is based on an extension of the Internet protocol stack. Although the need for security is widely accepted, there is no clear consensus on how IP-based Internet security protocols can be applied to resource-constrained smart object networks. In this thesis we develop a new secure and energyefficient communication model for the Constrained Application Protocol (CoAP), a light-weight communication protocol designed for smart object networks. We contribute to the standardization of the generic communication architecture by adding security and delegation components for smart objects that sleep for large amounts of time during their operational phase. This architecture ensures data integrity and authenticity over a multi-hop network topology. It also provides a mirroring mechanism that uses a proxy to serve data on behalf of sleeping smart objects, thereby allowing them to act as always-online web servers. A working prototype implementation of the architecture is also developed. The security features in the architecture presented in this thesis are based on using strong public-key cryptography. Contrary to popular belief, our performance evaluation shows that asymmetric public-key cryptography can be implemented on small 8-bit micro-controllers without modifying the underlying cryptographic algorithms.Internet of Things (IoT, ”Föremålens Internet") syftar på en sammankopplad värld där fysiska apparater är sömlöst integrerade till Internet och blir aktiva deltagare i affärslivs-, informations- och sociala processer. Detta innefattar sammankopplingen av ett stort antal heterogeniskt nätverkade enheter och nätverk. Uppkomsten av teknologier som Zigbee, låg energi Bluetooth och inbyggda sensorer har förvandlat enkla fysiska apparater till smarta objekt som kan förstå och reagera till sin omgivning. Dessa smarta objekt utgör byggstenarna för Föremålens Internet. Kommunikationsinfrastrukturen för dessa objekt bygger på en utvidgning av internetprotokollstacken. Även om behovet av säkerhet är allmänt känt, finns det inget konsensus om hur IP-baserade internetsäkerhetsprotokoll kan tillämpas i resursbegränsade smartobjektnätverk. I denna avhandling utvecklas en ny säker och energisnål kommunikationsmodell för Constrained Application Protocol (CoAP, “Begränsat applikationsprotokoll"), ett lätt kommunikationsprotokoll avsett för smartobjektnätverk. Avhandlingen bidrar till standardiseringen av den generiska kommunikationsarkitekturen genom att tillsätta säkerhets- och delegationskomponenter för smarta objekt som sover under en stor del av sin operativa fas. Denna arkitektur garanterar dataintegritet och autenticitet över en flerhopps nätverkstopologi. Arkitekturen bidrar också med en återspeglingsmekanism som använder sig av en proxyserver för att erbjuda data för sovande smarta objekts del, vilket låter dem agera som alltid-online webbservrar. I avhandlingen utvecklas också en fungerande prototypimplementation av arkitekturen. Säkerhetsegenskaperna i den arkitektur som presenteras i denna avhandling är baserade på användningen av stark publik-nyckel kryptering. I motsatts till den allmänna förväntningen, visar prestationsbedömningen i denna avhandling att asymmetrisk kryptering med publik nyckel kan tillämpas i 8-bitars mikrokontrollrar utan att ändra på de underliggande kryptografiska algoritmerna.
24
Milinic, Vasilije. "Investigating Security Issues in Industrial IoT: A Systematic Literature Review". Thesis, Mälardalens högskola, Akademin för innovation, design och teknik, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-54980.
Texto completoResumen
The use of Internet-of-Things (IoT) makes it possible to inter-connect Information Technology (IT) and Operational Technology (OT) into a completely new system. This convergence is often known as Industrial IoT (IIoT). IIoT brings a lot of benefits to industrial assets, such as improved efficiency and productivity, reduced cost, and depletion of human error. However, the high inter-connectivity opens new possibilities for cyber incidents. These incidents can cause major damage like halting of production on the manufacturing line, or catastrophic havoc to companies, communities, and countries causing power outages, floods, and fuel shortages. Such incidents are important to be predicted, stopped, or alleviated at no cost. Moreover, these incidents are a great motive for researchers and practitioners to investigate known security problems and find potential moderation strategies. In this thesis work, we try to identify what types of IIoT systems have been investigated in the literature. We seek out to find if software-related issues can yield security problems. Also, we make an effort to perceive what are the proposed methods to mitigate the security threats.We employ the systematic literature review (SLR) methodology to collect this information. The results are gathered from papers published in the last five years and they show an increased interest in research in this domain. We find out software vulnerabilities are a concern for IIoT systems, mainly firmware vulnerabilities and buffer overflows, and there are a lot of likely attacks that can cause damage, mostly injection and DDoS attacks. There are a lot of different solutions which offer the possibility to stop the identified problems and we summarize them. Furthermore, the research gap considering the update process in these systems and devices, as well as a problem with the unsupervised software supply chain is identified.
25
Hashemi, Arshan. "Fingerprinting the Smart Home: Detection of Smart Assistants Based on Network Activity". DigitalCommons@CalPoly, 2018. https://digitalcommons.calpoly.edu/theses/1958.
Texto completoResumen
As the concept of the Smart Home is being embraced globally, IoT devices such as the Amazon Echo, Google Home, and Nest Thermostat are becoming a part of more and more households. In the data-driven world we live in today, internet service providers (ISPs) and companies are collecting large amounts of data and using it to learn about their customers. As a result, it is becoming increasingly important to understand what information ISPs are capable of collecting. IoT devices in particular exhibit distinct behavior patterns and specific functionality which make them especially likely to reveal sensitive information. Collection of this data provides valuable information and can have some serious privacy implications. In this work I present an approach to fingerprinting IoT devices behind private networks while only examining last-mile internet traffic . Not only does this attack only rely on traffic that would be available to an ISP, it does not require changes to existing infrastructure. Further, it does not rely on packet contents, and therefore works despite encryption. Using a database of 64 million packets logged over 15 weeks I was able to train machine learning models to classify the Amazon Echo Dot, Amazon Echo Show, Eufy Genie, and Google Home consistently. This approach combines unsupervised and supervised learning and achieves a precision of 99.95\%, equating to one false positive per 2,000 predictions. Finally, I discuss the implication of identifying devices within a home.
26
Cooper, Ke'ahi. "Security for the Internet of Things". Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-172526.
Texto completoResumen
The Internet of Things (IoT) is an emerging paradigm that will change theway we interact with objects and computers in the future. It envisions a globalnetwork of devices interacting with each other, over the Internet, to perform auseful action. As such, quite a number of useful and benecial applications ofthis technology have been proposed.Although a convenient technology, the use of IoT technology will add additionalrisks to our lives that the traditional Internet did not have. This is primarilybecause IoT technology allows the virtual world to directly aect the physicalworld.Therefore, ensuring security is of paramount importance for IoT technology. Assuch, this thesis has two aims. First, we will identify the security issues for IoTtechnology as well as highlight what approaches academia has developed to resolvethem. This will allow us to see the state of this technology along with whatstill needs to be done in the future. Secondly, we will analyze some security protocolsproposed by academia and evaluate whether they ensure condentialityand authenticity.A literature survey is used to achieve the rst goal and the results show thatalthough a lot of research has been performed regarding security for IoT environments.We still have quite a way to go before a full holistic system isdeveloped which ensures all the security requirements for IoT.The results for the security protocol analysis shows that less than half of theprotocols proposed ensured authenticity and condentiality; despite the factthat their respective papers claim that they did. Therefore, we emphasize thefact that good peer reviews need to be enforced and that protocols need to bevalidated to ensure what is proposed performs as described.
27
Bozios, Athanasios. "Fog Computing : Architecture and Security aspects". Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-80178.
Texto completoResumen
As the number of Internet of Things (IoT) devices that are used daily is increasing, the inadequacy of cloud computing to provide neseccary IoT-related features, such as low latency, geographic distribution and location awareness, is becoming more evident. Fog computing is introduced as a new computing paradigm, in order to solve this problem by extending the cloud‟s storage and computing resources to the network edge. However, the introduction of this new paradigm is also confronted by various security threats and challenges since the security practices that are implemented in cloud computing cannot be applied directly to this new architecture paradigm. To this end, various papers have been published in the context of fog computing security, in an effort to establish the best security practices towards the standardization of fog computing. In this thesis, we perform a systematic literature review of current research in order to provide with a classification of the various security threats and challenges in fog computing. Furthermore, we present the solutions that have been proposed so far and which security challenge do they address. Finally, we attempt to distinguish common aspects between the various proposals, evaluate current research on the subject and suggest directions for future research.
28
Kuna, Vignesh. "Performance Analysis of end-to-end DTLS and IPsec based communication in IoT systems : Security and Privacy ~ Distributed Systems Security". Thesis, Blekinge Tekniska Högskola, Institutionen för datalogi och datorsystemteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-15497.
Texto completo
29
Dutta, Saurabh. "Striking a balance between usability and cyber-security in IoT devices/". Thesis, Massachusetts Institute of Technology, 2017. http://hdl.handle.net/1721.1/113508.
Texto completoResumen
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2017.Cataloged from PDF version of thesis.
Includes bibliographical references (pages 67-74).
Today more and more physical objects are being connected to internet. The Internet of Things, or loT, is dramatically changing the way of living and the way we interact with things and each other. Home doors can be opened remotely with a watch, cars' performance can be upgraded remotely, devices monitor health and send updates to physicians remotely. loT technology has made some labor-intensive jobs simple and has the potential to simplify and enhance nearly every aspect of our lives. On the other hand, increased levels of high profile cyber security breaches in recent years have made it clear how important it is to make sure these devices are trustworthy and secure. While most users are aware of how critical it is to secure their laptops, mobile devices, and apps, due to the seamless ways in which loT devices integrates into our daily lives, users are often unaware of risks associated with them. At the same time, IoT device makers are aggressively releasing new products in a mad race to establish themselves in this emerging market. Increased pressure to differentiate on usability based functionalities has spurred products and features that are not properly vetted for security. Gartner predicts that by 2020, more than 25% of identified enterprise attacks will involve IoT, though loT will account for only 10% of IT security budgets. As loT continues to grow, vendors will favor usability over security and IT security practitioners remain unsure of the correct amount of acceptable risk.
by Saurabh Dutta.
S.M. in Engineering and Management
30
Larsson, Forsberg Albin y Theodor Olsson. "IoT Offensive Security Penetration Testing : Hacking a Smart Robot Vacuum Cleaner". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254233.
Texto completoResumen
IoT devices can be found in almost any type of situation as the availability and viability of them has surged in the last decade with technological advancements. The purpose of this project is to investigate how secure these types of devices, in particular a robot vacuum cleaner, actually are if an ill intended actor tries to interfere with the device. Different methods used in the sphere of threat modeling and penetration testing were applied and tested with the result coming back positive. The robot vacuum cleaner was successfully compromised and the privacy of the owner could be violated applying the attacks used. The current way of thinking about privacy and security of IoT devices could therefore need to be reviewed.
31
Gupta, Sandeep. "Next-generation user authentication schemes for IoT applications". Doctoral thesis, Università degli studi di Trento, 2020. http://hdl.handle.net/11572/278453.
Texto completoResumen
The unprecedented rise of IoT has revolutionized every business vertical enthralling people to embrace IoT applications in their day-to-day lives to accrue multifaceted benefits. It is absolutely fair to say that a day without connected IoT systems, such as smart devices, smart enterprises, smart homes or offices, etc., would hamper our conveniences, drastically. Many IoT applications for these connected systems are safety-critical, and any unauthorized access could have severe consequences to their consumers and society.
In the overall IoT security spectrum, human-to-machine authentication for IoT applications is a critical and foremost challenge owing to highly prescriptive characteristics of conventional user authentication schemes, i.e., knowledge-based or token-based authentication schemes, currently used in them. Furthermore, studies have reported numerous users’ concerns, from both the security and usability perspectives, that users are facing in using available authentication schemes for IoT applications. Therefore, an impetus is required to upgrade user authentication schemes for new IoT age applications to address any unforeseen incidents or unintended consequences.
This dissertation aims at designing next-generation user authentication schemes for IoT applications to secure connected systems, namely, smart devices, smart enterprises, smart homes, or offices. To accomplish my research objectives, I perform a thorough study of ways and types of user authentication mechanisms emphasizing their security and usability ramifications. Subsequently, based on the substantive findings of my studies, I design, prototype, and validate our proposed user authentication schemes. I exploit both physiological and behavioral biometrics to design novel schemes that provide implicit (frictionless), continuous (active) or risk-based (non-static) authentication for multi-user scenarios. Afterward, I present a comparative analysis of the proposed schemes in terms of accuracy against the available state-of-the-art user authentication solutions. Also, I conduct SUS surveys to evaluate the usability of
user authentication schemes.
32
Gupta, Sandeep. "Next-generation user authentication schemes for IoT applications". Doctoral thesis, Università degli studi di Trento, 2020. http://hdl.handle.net/11572/278453.
Texto completoResumen
The unprecedented rise of IoT has revolutionized every business vertical enthralling people to embrace IoT applications in their day-to-day lives to accrue multifaceted benefits. It is absolutely fair to say that a day without connected IoT systems, such as smart devices, smart enterprises, smart homes or offices, etc., would hamper our conveniences, drastically. Many IoT applications for these connected systems are safety-critical, and any unauthorized access could have severe consequences to their consumers and society.
In the overall IoT security spectrum, human-to-machine authentication for IoT applications is a critical and foremost challenge owing to highly prescriptive characteristics of conventional user authentication schemes, i.e., knowledge-based or token-based authentication schemes, currently used in them. Furthermore, studies have reported numerous users’ concerns, from both the security and usability perspectives, that users are facing in using available authentication schemes for IoT applications. Therefore, an impetus is required to upgrade user authentication schemes for new IoT age applications to address any unforeseen incidents or unintended consequences.
This dissertation aims at designing next-generation user authentication schemes for IoT applications to secure connected systems, namely, smart devices, smart enterprises, smart homes, or offices. To accomplish my research objectives, I perform a thorough study of ways and types of user authentication mechanisms emphasizing their security and usability ramifications. Subsequently, based on the substantive findings of my studies, I design, prototype, and validate our proposed user authentication schemes. I exploit both physiological and behavioral biometrics to design novel schemes that provide implicit (frictionless), continuous (active) or risk-based (non-static) authentication for multi-user scenarios. Afterward, I present a comparative analysis of the proposed schemes in terms of accuracy against the available state-of-the-art user authentication solutions. Also, I conduct SUS surveys to evaluate the usability of
user authentication schemes.
33
Yanambaka, Venkata Prasanth. "Exploring Physical Unclonable Functions for Efficient Hardware Assisted Security in the IoT". Thesis, University of North Texas, 2019. https://digital.library.unt.edu/ark:/67531/metadc1505261/.
Texto completoResumen
Modern cities are undergoing rapid expansion. The number of connected devices in the networks in and around these cities is increasing every day and will exponentially increase in the next few years. At home, the number of connected devices is also increasing with the introduction of home automation appliances and applications. Many of these appliances are becoming smart devices which can track our daily routines. It is imperative that all these devices should be secure. When cryptographic keys used for encryption and decryption are stored on memory present on these devices, they can be retrieved by attackers or adversaries to gain control of the system. For this purpose, Physical Unclonable Functions (PUFs) were proposed to generate the keys required for encryption and decryption of the data or the communication channel, as required by the application. PUF modules take advantage of the manufacturing variations that are introduced in the Integrated Circuits (ICs) during the
fabrication process. These are used to generate the cryptographic keys which reduces the use of a separate memory module to store the encryption and decryption keys. A PUF module can also be recon gurable such that the number of input output pairs or Challenge Response Pairs (CRPs) generated can be increased exponentially. This dissertation proposes three designs of PUFs, two of which are recon gurable to increase the robustness of the system.
34
Yu, Jiahui. "Physical-layer Security Based Authentication and Key Generation for Seamless IoT Communications". University of Dayton / OhioLINK, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=dayton1576178965071975.
Texto completo
35
Ceylan, Batuhan. "Evaluating APS Ecosystem Security : Novel IoT Enabled Medical Platform for Diabetes Patients". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-292735.
Texto completoResumen
Computing technology has been getting more reliable and cheaper every year for the past several decades. Consequently, IoT devices have now become a part of medical technology. One example of this is a new open-source technology that has emerged for type-1 diabetes patients, which regulates the patients’ blood glucose levels. One component of this open-source system is AndroidAPS, a mobile application that manages and controls the system by communicating with the two other components: a blood glucose sensor and an insulin pump. Another component is Nightscout, a web application for monitoring T1D patients. Together they form the APS ecosystem that automatically i) reads blood glucose values, ii) syncs the data with Nightscout, iii) stores patient information into Nightscout database, iv) calculates optimal treatment plan, and v) regulates pump for the ideal insulin intake. The whole system bears several critical assets to guarantee patient health. In this thesis, the security of a representative APS ecosystem is studied. We found 5 critical vulnerabilities in the ecosystem: 1) an XSS vulnerability in the web application due to ineffective input sanitization which lead to stealing administrator password from browser cache, 2) highly sensitive patient data is open to public by default, 3) the web application login mechanism, where all system data is managed, is weak against password guessing attacks together with 4) insecure GET requests used for authentication, and lastly 5) any type of database hijack does not trigger any alarms for Nightscout. Successful attacks result in malicious values synchronized from Nightscout to tamper correct insulin delivery calculations. Possible attack scenarios, devised from existing vulnerabilities in this work, show how an attacker can physically harm their victims through their internet-connected insulin pump.Datorteknik har blivit mer pålitlig och billigare varje år under de senaste decennierna. Följaktligen har IoT-enheter nu blivit en del av medicinsk teknik. Ett exempel på detta är en ny öppen källkodsteknik som har utvecklats för typ 1- diabetespatienter, som reglerar patienternas blodsockernivåer. En komponent i detta öppen källkodssystem är AndroidAPS, en mobilapplikation som hanterar och kontrollerar systemet genom att kommunicera med de två andra komponenterna: en blodsockersensor och en insulinpump. En annan komponent är Nightscout, en webbapplikation för övervakning av T1D-patienter. Tillsammans bildar de APSekosystemet som automatiskt i) läser blodsockervärden, ii) synkroniserar data med Nightscout, iii) lagrar patientinformation i Nightscout-databasen, iv) beräknar optimal behandlingsplan och v) reglerar pumpen för perfekt insulinintag. Hela systemet har flera kritiska tillgångar för att garantera patientens hälsa. I denna avhandling studeras säkerheten för ett representativt APS-ekosystem. Vi hittade 5 kritiska sårbarheter i ekosystemet: 1) en XSS-sårbarhet i webbapplikationen på grund av ineffektiv sanering av ingångar som leder till att stjäla administratörslösenord från webbläsarens cache, 2) mycket känsliga patientdata är öppna för allmänheten som standard, 3) webben applikationsinloggningsmekanism, där all systemdata hanteras, är svag mot gissningar av lösenord tillsammans med 4) osäkra GET-förfrågningar som används för autentisering, och slutligen 5) någon typ av databaskapning utlöser inga larm för Nightscout. Framgångsrika attacker resulterar i skadliga värden som synkroniseras från Nightscout för att manipulera korrekta insulinleveransberäkningar. Möjliga attackscenarier, utformade utifrån befintliga sårbarheter i detta arbete, visar hur en angripare fysiskt kan skada sina offer genom sin internetanslutna insulinpump.
36
Classen, Jiska [Verfasser], Matthias Akademischer Betreuer] Hollick y Paul [Akademischer Betreuer] [Patras. "Security and Privacy for IoT Ecosystems / Jiska Classen ; Matthias Hollick, Paul Patras". Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2020. http://d-nb.info/1210165627/34.
Texto completo
37
Classen, Jiska [Verfasser], Matthias [Akademischer Betreuer] Hollick y Paul [Akademischer Betreuer] Patras. "Security and Privacy for IoT Ecosystems / Jiska Classen ; Matthias Hollick, Paul Patras". Darmstadt : Universitäts- und Landesbibliothek Darmstadt, 2020. http://d-nb.info/1210165627/34.
Texto completo
38
van, Leeuwen Daniel y Leonel Taku Ayuk. "Security testing of the Zigbee communication protocol in consumer grade IoT devices". Thesis, Högskolan i Halmstad, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40189.
Texto completoResumen
With the ever increasing number of Internet of Things devices going out on the market for consumers that are Zigbee certified there is a need for security testing. This is to make sure that security standards are upheld and improved upon in order to make sure networks are protected from unauthorized users. Even though a lot of research and testing has been done on the Zigbee key exchange mechanism, called Zigbee commissioning, improvements have still not been enough with severe vulnerabilities in consumer grade devices still existing today. The devices tested in this study use EZ-mode commissioning in order to exchange the network key between a Zigbee coordinator and a Zigbee end device in order to encrypt later communication after being paired. By using a simple radio receiver and a packet capturing program such as Wireshark an eavesdropping attack was conducted in order to capture the network key. The experiment demonstrates that this is still a weak point as the network key was successfully captured using eavesdropping. The analysis of the results show that previous criticisms of Zigbee commissioning have still not fully been addressed and can be a potential weak point in networks that use Zigbee certified IoT products.
39
Wallström, Andreas y Mohammad-Ali Omer. "Implementing Security Techniques to Lower the Probability of IoT-devices Getting Hacked". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259359.
Texto completoResumen
IoT security is something that is becoming more important with the exponential growing number of IoT devices. It is important to find methods that can make IoT devices more secure and are feasible to install and use. This paper investigates how effective the security features geographical IP based blocking (GeoIP) and a limit on the number of allowed sign-in attempts to a server (fail2ban) are at reducing the number of successful hacker attacks. By launching honeypots with and without these security features data was collected about the number of hacking attempts. The results shows that the GeoIP security feature can reduce attacks by roughly 93% and that fail2ban can reduce the attacks by 99%. Further work in this field is encouraged to create better GeoIP tools and to better understand the potential for these security techniques on a larger scale.IoT-säkerhet är ett fält med en allt mer ökad relevans i dagens samhälle i och med den exponentialla tillväxten av IoT-enheter. Det är viktigt att hitta metoder som kan göra IoT-enheter säkrare och är enkla att installera och använda. Den här rapporten undersöker hur effektiva geografiskt baserad IP-blockningar (GeoIP) och en begränsning i antalet tillåtna inloggningsförsök till en server (fail2ban) kan vara i att minska antalet lyckade attacker mot IoT-enheter. Genom att sätta upp honeypots med och utan de tidigare nämnda säkerhetsfunktionerna kunda vi samla data på hur de påverkade antalet attacker. Resultaten visade att GeoIP reducerade antalet med ungefär 93% och att fail2ban reducerade antalet med ungefär 99%. Framtida arbete inom detta fält kan vara att skapa en snabbare och mer simpel GeoIP modul och att försöka förstå hur dessa säkerhetstekniker kan påverka IoT-enheter i en större skala.
40
Kamin, Daud Alyas. "Exploring Security, Privacy, and Reliability Strategies to Enable the Adoption of IoT". ScholarWorks, 2017. https://scholarworks.waldenu.edu/dissertations/4382.
Texto completoResumen
The Internet of things (IoT) is a technology that will enable machine-to-machine communication and eventually set the stage for self-driving cars, smart cities, and remote care for patients. However, some barriers that organizations face prevent them from the adoption of IoT. The purpose of this qualitative exploratory case study was to explore strategies that organization information technology (IT) leaders use for security, privacy, and reliability to enable the adoption of IoT devices. The study population included organization IT leaders who had knowledge or perceptions of security, privacy, and reliability strategies to adopt IoT at an organization in the eastern region of the United States. The diffusion of innovations theory, developed by Rogers, was used as the conceptual framework for the study. The data collection process included interviews with organization IT leaders (n = 8) and company documents and procedures (n = 15). Coding from the interviews and member checking were triangulated with company documents to produce major themes. Through methodological triangulation, 4 major themes emerged during my analysis: securing IoT devices is critical for IoT adoption, separating private and confidential data from analytical data, focusing on customer satisfaction goes beyond reliability, and using IoT to retrofit products. The findings from this study may benefit organization IT leaders by enhancing their security, privacy, and reliability practices and better protect their organization's data. Improved data security practices may contribute to social change by reducing risk in security and privacy vulnerabilities while also contributing to new knowledge and insights that may lead to new discoveries such as a cure for a disease.
41
Yesilyurt, Halim Burak. "A Simplified Secure Programming Platform for Internet of Things Devices". FIU Digital Commons, 2018. https://digitalcommons.fiu.edu/etd/3788.
Texto completoResumen
The emerging Internet of Things (IoT) revolution has introduced many useful applications that are utilized in our daily lives. Users can program these devices in order to develop their own IoT applications; however, the platforms and languages that are used during development are abounding, complicated, and time-consuming. The software solution provided in this thesis, PROVIZ+, is a secure sensor application development software suite that helps users create sophisticated and secure IoT applications with little software and hardware experience. Moreover, a simple and efficient domain-specific programming language, namely Panther language, was designed for IoT application development to unify existing programming languages. In addition to these contributions, PROVIZ+ supports a novel secure over-the-air programming framework, namely SOTA, using Bluetooth and WiFi as well as serial programming.
In this thesis, we explain the features of PROVIZ+’s components, how these tools can help develop IoT applications, and SOTA. We also present the performance evaluations of PROVIZ+ and SOTA.
42
Tian, Yuan. "Privacy Preserving Information Sharing in Modern and Emerging Platforms". Research Showcase @ CMU, 2018. http://repository.cmu.edu/dissertations/1186.
Texto completoResumen
Users share a large amount of information with modern platforms such as web platforms and social platforms for various services. However, they face the risk of information leakage because modern platforms still lack proper security policies. Existing security policies, such as permission systems and isolation, can help regulate information sharing. However, these policies have problems, such as coarse granularity, bad usability, and incompleteness, especially when new features are introduced. I investigate the security impacts of new features in web and mobile platforms and find design problems that lead to user information leakage. Based on these analyses, I propose design principles for permission systems that mediate how information should be shared in modern and emerging platforms, such as web and social platforms, to provide functionality with privacy preserved. I aim to design permission systems that only allow least-privilege information access. Specifically, I utilize program analysis and natural language processing to understand how applications use sensitive data and correlate these data with their functionality. With this understanding, I design schemes that ask for user consent about unexpected information access and automatically reduce overprivileged access. I provide guidelines for platform designers to build their permission systems according to respective adversary models and resources. In particular, I implement the new permission system for social platforms and Internet of Things (IoT) platforms that enable least-privilege information sharing. For the social platforms, I incorporate the primitives of Opaque handle, Opaque display, and User-driven access control (OOU) to design a least-privilege, user-friendly, developer-friendly, and feature-rich permission system. According to my study on Facebook, OOU can be applied to remove or replace 81.2% of sensitive permission instances without affecting functionality. For IoT platforms, I present a new authorization framework, SmartAuth, that supports user-centric, semantic-based authorization. SmartAuth automatically collects security-relevant information from an IoT application’s description, code, and annotations, and generates an authorization user interface to bridge the gap between the functionalities explained to the user and the operations the application actually performs.
43
Lindström, Oskar y August Magnusson. "Säkerhetsmedvetenhet och integration av IoT : En kvantitativ studie på konsumenters säkerhetsmedvetenhet och syn på integration av IoT". Thesis, Linnéuniversitetet, Institutionen för informatik (IK), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-104554.
Texto completoResumen
Internetuppkopplade apparater blir allt vanligare att se i våra hem. Samlingsordet för dessa enheter är Internet of Things (IOT). Med införande av IoT i våra hem skapas fler accesspunkter till internet, vilket även skapar en större attackyta. I kombinationmed den ständigt växande cyberkriminalliteten och införandet av IoT i våra hem ökar risken för att utsättas för en attack. Tidigare forskning inom området gällande konsumenters informationssäkerhetsmedvetenhet visar att konsumenterna har låg medvetenhet och bristande kunskaper för de hot som tillkommer vid integrationen av en IoT-enhet ihemmet. Det finns även tidigare forskning som undersökt vilka faktorer som påverkar individernas inställning till att anta ny teknologi. Mycket av den tidigare forskningen inom området har fokuserat på de tekniska aspekterna och fokuset har inte varit på konsumenternas informationssäkerhetsmedvetenhet och deras inställning till den ökande integrationen av IoT. Den här studien syftade till att undersöka svenska konsumenters informationssäkerhetsmedvetenhet och deras inställning till den ökande integrationen av IoT. Studien avsåg att undersöka hur medvetna konsumenterna är för de informationssäkerhetsrisker som tillkommer vid integreringen av IoT i hemmet i kombination med att undersöka deras syn på den ökade integrationen av IoT ivardagen. Studien har fokuserat på två olika enheter. Dessa enheter genererar data via ljudupptagning samt videoinspelning. En kvantitativ metod med en enkätundersökning tillämpades för att se ifall den låga kunskapen hos respondenter fanns, men även för att lättare nå ut till fler respondenter. För att förstå konsumenternas beteende utformades enkätfrågorna utifrån den allmänt tillämpade beteendemodellen Theory of planned behavior (TPB). Studien fann att majoriteten av respondenterna hade en låg medvetenhet för de risker som tillkommer med integreringen av IoT-enheter, samt låga kunskap för de säkerhetsåtgärder som går att implementera. Trots den låga medvetenheten för riskerna visade det sig att respondenterna hade en mycket positiv inställning till den ökade integrationen av IoT och att de funderar på att införskaffa fler IoT-enheter.Internet-connected devices are becoming more common to see in our homes. The collective word for these devices is Internet of Things (IoT). With the introduction of IoT in our homes, more access points to the internet are created, which also creates alarger attack area. Combined with the ever-growing cybercrime and the introduction of IoT in our homes, the risk of being attacked increases. Previous research in the field of consumer information security awareness shows that consumers have low awareness, and lack of knowledge about the threats posed by the integration of an IoT device in the home. Previous research has examined the factors that influence individuals attitudes towards adopting new technology. Much of the previous research in the field has focused on the technical aspects and the focus has not been on consumers information security awareness and their attitude to the increasing integration of IoT. This study aimed to examine Swedish consumers' information security awareness and their attitude towards the increasing integration of IoT. The study aimed to examine how aware consumers are of the information security risks that arise from the integration of IoT in the home in combination with examining their stand on the increased integration of IoT in their everyday life. The study has focused on two specific IoT-devices. These devices generate data via audio recording and video recording. A quantitative method with a survey was applied to examine how aware the consumers where of the information security risks, but also to be able to include more respondents in the study. To understand consumer behavior, the questionnaires were designed based on the generally applied behavioral model Theory of plannedbehavior (TPB).The study found that the majority of respondents had a low awareness of the risks involved with the integration of IoT devices, as well as low knowledge of the security measures that can be implemented. Despite the low awareness of the risks, it turnedout that the respondents had a very positive attitude towards the increased integrationof IoT, and that they also are considering acquiring more IoT devices.
44
Carlsson, Fredrik y Klas-Göran Eriksson. "Comparison of security level and current consumption of security implementations for MQTT". Thesis, Tekniska Högskolan, Högskolan i Jönköping, JTH, Datateknik och informatik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-40760.
Texto completoResumen
IoT is a rapidly growing area with products in the consumer, commercial and industrial market. Collecting data with multiple small and often battery-powered devices sets new challenges for both security and communication. There has been a distinct lack of a IoT specific communication protocols. The industry has had to use bulky interfaces not suitable for resource-constrained devices. MQTT is a standardised communication protocol made for the IoT industry. MQTT does however not have built-in security and it is up to the developers to implement a suitable security countermeasure. To evaluate how different security countermeasures impact MQTT in complexity, current consumption and security the following research questions are answered. How do you derive a measurement from the SEF that can be compared with a current consumption measurement? Which level of security, according to the SEF, will RSA, AES and TLS provide to MQTT when publishing a message to a broker? What level of complexity is added to MQTT when using chosen security countermeasure? Which of the analysed security countermeasure upholds an adequate security level while also having a low current consumption? To answer the above research questions an experiment approach has been used. Implementations of TLS, RSA and AES have been evaluated to measure how they affect the security level and current consumption of an MQTT publication, compared to no security countermeasures at all.Both RSA and AES had the same security level, but the current consumption for RSA was four times higher. The experiment showed that the security level is significantly higher for TLS, while it also has the highest current consumption. The security countermeasure evaluated differs greatly. TLS provides complete protections, while RSA and AES lacks authentication and does not ensure integrity and non-repudiation.Even if the current consumption for TLS is higher, the security it provides make it unreasonable to recommend any of the other security countermeasure implementations.
45
Kulle, Linus. "Intrusion Attack & Anomaly Detection in IoT Using Honeypots". Thesis, Malmö universitet, Fakulteten för teknik och samhälle (TS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20676.
Texto completoResumen
This thesis is presented as an artifact of a project conducted at MalmöUniversity IoTaP LABS. The Internet of Things (IoT) is a growing field and its usehas been adopted in many aspects of our daily lives, which has led todigitalization and the creation of smart IoT ecosystems. However, with the rapidadoption of IoT, little or no focus has been put on the security implications,device proliferations and its advancements. This thesis takes a step forward toexplore the usefulness of implementing a security mechanism that canproactively be used to aid understanding attacker behaviour in an IoTenvironment. To achieve this, this thesis has outlined a number of objectivesthat ranges from how to create a deliberate vulnerability by using honeypots inorder to lure attacker’s in order to study their modus operandi. Furthermore,an Intrusion Attack Detection (Model) has been constructed that has aided withthis implementation. The IAD model, has been successfully implemented withthe help of interaction and dependence of key modules that have allowedhoneypots to be executed in a controlled IoT environment. Detailed descriptionsregarding the technologies that have been used in this thesis have also beenexplored to a greater extent. On the same note, the implemented system withthe help of an attack scenario allowed an attacker to access the system andcircumnavigate throughout the camouflaged network, thereafter, the attacker’sfootprints are mapped based on the mode of attack. Consequently, given thatthis implementation has been conducted in MAU environment, the results thathave been generated as a result of this implementations have been reportedcorrectly. Eventually, based on the results that have been generated by thesystem, it is worth to note that the research questions and the objective posedby the thesis have been met.
46
Han, Jun. "Advantages and Risks of Sensing for Cyber-Physical Security". Research Showcase @ CMU, 2018. http://repository.cmu.edu/dissertations/1161.
Texto completoResumen
With the the emergence of the Internet-of-Things (IoT) and Cyber-Physical Systems (CPS), modern computing is now transforming from residing only in the cyber domain to the cyber-physical domain. I focus on one important aspect of this transformation, namely shortcomings of traditional security measures. Security research over the last couple of decades focused on protecting data in regard to identities or similar static attributes. However, in the physical world, data rely more on physical relationships, hence requires CPS to verify identities together with relative physical context to provide security guarantees. To enable such verification, it requires the devices to prove unique relative physical context only available to the intended devices. In this work, I study how varying levels of constraints on physical boundary of co-located devices determine the relative physical context. Specifically, I explore different application scenarios with varying levels of constraints – including smart-home, semi-autonomous vehicles, and in-vehicle environments – and analyze how different constraints affect binding identities to physical relationships, ultimately enabling IoT devices to perform such verification. Furthermore, I also demonstrate that sensing may pose risks for CPS by presenting an attack on personal privacy in a smart home environment.
47
Kadhum, Hamza. "Enhancing Zigbee Security for Industrial Implementation". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-279559.
Texto completoResumen
Zigbee network is a popular choice for deploying low power personal area network (LoWPAN). The application areas vary but the most popular are industrial area monitoring and home automation. But Zigbee has been identified to have weak security and is not applicable for industrial implementation. This paper is collaboration with Ericsson to investigate Zigbee network security and implementation. This paper will cover security solutions for Zigbee and touch on how to configure Zigbee network such that it can operate for a long period of time without battery changes. The security solutions will demonstrate how public-key respective symmetric key algorithm can be used for enhancing Zigbee security such that it provide authentication and authorization of joining devices while maintaining confidentiality and integrity of the network communication. Security solutions will also take regards to the power consumption of each proposed solution. For the network configuration part of the thesis, it will present node lifetime for different network configuration, i.e. how polling period between each message will affect the total cur- rent consumption of a node and how the joining procedure, depending on the security solution will affect the total node lifetime. Achieving longer node lifetime is desired because it is assumed that the network will be deployed in remote and unfavorable areas. The result of this paper compares different solutions for enhancing the security. Further, it concludes that Zigbee security with authentication and authorization of joining devices is reached through secret-splitting key establishment - which is the best solution. This is possible while maintaining low power consumption in the network.Zigbee nätverk är ett populärt val vid uppsättning av ett nätverk med låg strömförbrukning. Zigbees användningsområde är olika men den är väldigt populär inom industriell områdesövervakning och hemautomation. Däremot har Zigbees säkerhet varit en nackdel, då det har framkommit att den inte möter kraven för industriell användning. Arbetet kom till genom ett samarbete med Ericsson och KTH för att undersöka Zigbee nätverks implementation och säkerhet. Arbetet bearbetar olika säkerhetslösningar för Zigbee nätverk och hur den kan implementeras för att uppnå långtidsanvändning utan batteribyte. Säkerhetslösningar bygger på public-key samt symmetric key kryptografi algoritmer för att förbättra och öka Zigbees säkerhet genom autentisering och tillåtelse av noder som ansluter sig till nätverket. Nätverkets konfiguration för långtidsanvändning redovisas genom att jämföra olika polling tidsintervaller mellan meddelanden. Långtidsanvändning utan batteribyte är viktigt för att nätverket kommer implementeras i ett avlägset område som är svåråtkomlig. Arbetet redovisar och jämföra olika lösningar för att öka säkerheten för Zigbee nätverk. Den optimala lösningen för att uppnå autentisering samt tillåtelse av noder som ansluter sig uppnås med nyckel skapande genom secret-splitting metoden. Metoden följer NIST rekommendationer och anses vara säker, därav uppfyller den kraven för industriell implementation. Nätverkets säkerhet ökar samt bibehåller ett nätverk med låg strömförbrukning.
48
Olaide, Jamiu Olalekan. "Internet of Things Security : Encryption Capacity Comparison for IoT Based on Arduino Devices". Thesis, Blekinge Tekniska Högskola, Institutionen för datavetenskap, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-21183.
Texto completoResumen
Background: IoT is a system of devices with unique identifiers (UIDs) and can transfer data over a network. They are widely used in various sectors such as Health, Commercial, Transport, etc. However, most IoT devices are being exploited, as it is being recorded for the past few years, on how vulnerable users can be if they have any of these devices in their network. Arduino is one of the most commonly used IoT devices, notable products such as Uno and Mega2560 is highly acceptable in the market and the research world. It is important to know how these devices react to security measures such as encryptions. Objectives: To carry out a theoretical study and performance comparison on Arduino devices and standard cryptographic encryption. The devices and encryption used are Arduino Uno, Mega2560 and AES, XXTEA respectively. Methods: To gain knowledge and information about the selected algorithms and devices, a literature analysis was adopted. An experiment was also carried out to get measurements and record how the algorithms perform on these devices. Results: The literature analysis provides the design similarities and differences of the algorithms and devices. The controlled experiment shows the measurement of the stated encryptions on the Arduino devices. Conclusions: The conclusion is that Arduino Uno and Mega2560 have a similar design but differ in their memory allocation. The AES and XXTEA algorithm have different designs and performances. The result in the controlled experiment shows that the XXTEA outperforms the AES algorithm in terms of Memory and Time consumption significantly in both devices. The Arduino Uno device is slightly ahead of Mega2560 when comparing the result.
49
Edman, Johan y Wilhelm Ågren. "Legal and Security Issues of Data Processing when Implementing IoT Solutions in Apartments". Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-277917.
Texto completoResumen
The concept of the Internet of Things (IoT) and connected devices is a growing trend. New ways to integrate them with Smart Home Technology emerge each day. The use of sensors in IoT solutions enables large scale data collection that can be used in various ways. The European Union recently enforced a General Data Protection Regulation (GDPR) that sets guidelines for the collection and processing of personal information. The communication protocol M-Bus is a European standard (EN 13757-x) mainly used for remote reading of electrical, gas and water meters. M-Bus is being integrated with sensors because the protocol offers long battery times. There are however some known flaws with the protocol that might make it unsuitable for a large scale data collection system. A conceptualized data collection scenario with a system utilizing M- Bus is presented. The authors aim to investigate some of the security flaws with the M-Bus protocol, while also investigating the GDPR demands of the system. The thesis supplements a System Requirement Specification (SyRS) which can be used as a template for organizations implementing a similar system. An analysis of the system based on the SyRS is conducted to identify any shortcomings. Modifications to the system are proposed in order to comply with the defined SyRS. The authors concluded that M-Bus is a sufficiently reliable protocol to be used in the system, and has no inherent conflicts with GDPR. The system has a few flaws in terms of GDPR compliance, which require both administrative and technical work to comply with. The suggested modifications of the system are mainly focused on how the data is stored in various parts of it.Konceptet med Internet of Things (IoT) och uppkopplade enheter är en väx- ande trend, och nya sätt att integrera dem med det smarta hemmet framträder varje dag. Den Europeiska Unionen har nyligen verkställt en ny dataskydds- förordning, General Data Protection Regulation (GDPR), som sätter krav på insamling och behandling av personlig data. Användandet av IoT lösningar skapar möjligheten för storskalig datainsamling som kan användas på flera sätt. Kommunikationsprotokollet M-Bus är en europeisk standard (EN 13757-x) som huvudsakligen är framtagen för att avlägset läsa av el-, gas- och vattenmätare. På grund av ett litet avtryck och enkel implementation av sitt protokoll så är M-bus ofta ett val till uppkoplade sensorer för att möjliggöra lång drifttid. Det finns däremot ett antal säkerhetsbrister med protokollet som kan göra det olämpligt för ett datainsamlingssystem. Ett konceptualiserat datainsamlingscenario med ett system som utnyttjar M-Bus presenteras. Författarnas mål är att undersöka några av säkerhetsbristerna med M-Bus protokollet, samtidigt som det undersöker vilka krav GDPR ställer på ett sådant system. Uppsatsen sammanställer en kravspecifikation som kan användas som grund och riktlinje för organisationer som ska implementera liknande system. En analys av det konceptualiserade systemet baserat på kravspecifikationen genomförs för att identifiera potentiella brister. Modifikationer till system föreslås för att uppnå kraven definierade i kravspecifikationen. Författarna drog slutsatsen att M-Bus är ett tillräckligt tillförlitligt protokoll som kan användas för system likt detta. Det analyserade systemet har några brister gällande GDPR, som kräver både tekniska och administrativa åtgärder. De föreslagna modifikationerna av systemet är fokuserade primärt på hur den personliga informationen lagras i de olika delarna av systemet.
50
Almeida, Luís Guilherme Duarte de. "IoT Network Security". Master's thesis, 2020. http://hdl.handle.net/10316/92151.
Texto completoResumen
Dissertação de Mestrado em Segurança Informática apresentada à Faculdade de Ciências e TecnologiaO crescimento exponencial da adoção de tecnologias IoT por parte de consumidores eempresas é um fenómeno resultante do avanço tecnológico e da necessidade de melhorar,optimizar e facilitar as tarefas e desafios dos negócios e cidadãos do mundo pós-indústrial.Com esta adoção surge o aumento da produção e implementação desta categoria de dis-positivos, cujas características implicam a impossibilidade de utilização de sistemas desegurança avançados. No entanto, com a vasta implementação destes dispositivos em di-versos setores, surge a necessidade de eclosão de novas soluções de segurança com foconeste tipo de tecnologias.Este facto é destacado por alguns dos maiores ataques de Distributed Denial of Service(DDoS), sendo a grande maioria destes efetuados por redes de dispositivos IoT comprome-tidos (botnets).O presente documento projeta o desenvolvimento de um Motor de Deteção de Intrusõescom base em Netflow que visa abordar este problema, focando-se nos principais tipos deataques e intrusões executados contra e por dispositivos IoT.Para este efeito, foram exploradas as atuais abordagens e implementações que procuramsolucionar os problemas e necessidades supracitadas, utilizando para este fim tecnologiasMachine Learning, análise estatística e outras abordagens com base em Netflow.O Motor de Deteção de Intrusões desenvolvido cumpre a grande maioria dos requisitospara ele estipulados, apresentando capacidade de exercer múltiplas deteções em tempoútil, baseando-se apenas em operações de análise estatística sobre informação Netflow,verificação de padrões conhecidos e violações do comportamento autóctone das redes mo-nitorizadas
The exponential growth on the adoption of IoT technologies by consumers and industries isa phenomenon that results from the technological advancement and the necessity of enhan-cing, optimizing and facilitating processes and challenges faced by business and citizensof the developed world. This trend has caused a considerable increase in the productionand implementation of this type of devices, whose characteristics often preclude the use ofadvanced security mechanisms. However, with the vast distribution and implementationof these devices in several industrial sectors, arises the need to develop new security solu-tions focused on this type of technologies. This fact is underlined by some of the biggestDDoS attacks on record, with the vast majority of them being carried out by networks ofcompromised IoT devices (botnets).This document presents the plans for the development of an Intrusion Detection Enginebased on Netflow features which aims to tackle this problem by focusing on the main typesof attacks carried by and against IoT devices.For this effect, current aproaches and solutions to the aforementioned challenges, whichmake use of Machine Learning technologies, statistical analisys and other types of Netflow-based analisys, are explored.The developed Intrusion Detection Engine meets the vast majority of it’s requirements,presenting the ability to perform multiple detections in a timely manner, based only on sta-tistical analysis performed over Netflow information, on the verification of known patternsand on violations of the known behavior of the monitored networks.