Security Threats

View Github Repository Open presentation in a new window

AmitThakurHzb

See all presentation from AmitThakurHzb

Security Threats

1 0

IOT-securityThreats

On Github AmitThakurHzb / IOT-securityThreats

Security Threats

IOT world security issues can be categorized as :

  • Physical security :includes sensor interference, signal intercepted .
  • Operation security:it exists in the various elements, related to the normal operation of the sensor, transmission systems and treatment systems.
  • Data security/ Information security :includes transmission system and the processing system will not be stolen, tampered, forged repudiation.

Information security in IoT other hidden dangers.

  • RFID tag information security
  • wireless communications information security
  • network transmission of information security
  • privacy information security
  • information processing security

RFID identification Issues

In RFID identification When labels receive the commands and data information from the receiving reader, may result in the error results: (1) Label error in response to reader commands; (2) Confuse the label working condition; (3) Label write error and go to sleep.

the attacker can block the communication link via interference signal, making the reader overload and cannot receive the normal tag data, manufacturing denial of service.

Network Transmission of Information Security.

  • Intruder can attack IOT through virtual nodes, inserting false routing information
  • flooding techniques allows, resulting in a lot of duplication of information and consume large amounts of energy.

Privacy Protection

  • Data Privacy Protection should be handled
  • Location Privacy Protection : the position privacy protection mechanism becomes the urgent needs of wireless sensor networks, handled properly

  • Identity Privacy Protection
Most of security concerns fly around effective way of data communication via diff available protocols which can fall under, S2S,D2D,D2S.
  • MQTT: a protocol for collecting device data and communicating it to servers (D2S)
  • DDS:a fast bus for integrating intelligent machines (D2D)
  • AMQP:a queuing system designed to connect servers to each other (S2S)

Would you agree that HTTP/2 with HPACK would certainly rule out any reason for using MQTT?

HTTP/2 supports multiplexing of requests. This means that a single HTTP connection can be reused by the server to send many requests and responses. Even better, a single request can receive multiple responses – so the server can effectively push more messages to the client than they requested.
  • Streams are a new concept in HTTP/2,server can send a PUSH_PROMISE message then immediately open a new stream to send the additional item without the client having to request it
  • streams make secure transmission over convention server push used by MQTT.
  • HPACK is part of HTTP/2 for header compression, makes header data secure

Deuterium is a lightweight implementation of HTTP/2 ideally suited for the Internet of Things

Supports IPv4 and/or IPv6, TLS via embed TLS or OpenSSL

Conclusion

Using HTTP2 protocol with managing external threat can be helpful to overcome from information security threats of IOT.

HACK-ME Challenge-5

Amit Thakur.
Security Threats