A Systemic Security and Privacy Review: Attacks and Prevention Mechanisms over IOT Layers

In this contemporary era internet of things are used in every realm of life. Recent software’s (e.g., vehicle networking, smart grid, and wearable) are established in result of its use: furthermore, as development, consolidation, and revolution of varied ancient areas (e.g., medical and automotive). The number of devices connected in conjunction with the ad-hoc nature of the system any exacerbates the case. Therefore, security and privacy has emerged as a big challenge for the IoT. This paper provides an outline of IoT security attacks on Three-Layer Architecture: Three-layer such as application layer, network layer, perception layer/physical layer and attacks that are associated with these layers will be discussed. Moreover, this paper will provide some possible solution mechanisms for such attacks. The aim is to produce a radical survey associated with the privacy and security challenges of the IoT. The objective of this paper is to rendering possible solution for various attacks on different layers of IoT architecture. It also presents comparison based on reviewing multiple solutions and defines the best one solution for a specific attack on particular layer.KeywordsInternet of thingsSecurity and privacyIoT layersAttacks with solution mechanism

By the end of 2013, the number of internet-connected mobile devices is expected to exceed that of humans. Omnipresent and context-aware, mobile devices enable people to communicate and exchange data anytime and almost anywhere. The myriad of ”digital footprints” that mobile devices leave can be used to infer a large amount of personal information about their owners. For instance, the IP address can be used to infer a coarse-grained location of the device, the temporary identifiers used in cellular networks can be used to track people’s whereabouts and infer numerous personal details. Similarly, online social networks often force members to share some personal information with all other users or service providers, de facto exposing users to unwanted profiling by advertisement companies and other private and state agencies. At each layer of the network stack, there is some information that can be used to track and profile mobile users; it is therefore crucial to investigate the privacy challenges present at different layers and design privacy protection mechanisms that work across these layers. In this thesis, we take a top-down approach on privacy in mobile networks by (i) studying the issues present in different network layers – the application, IP and link layers – and (ii) by proposing protection mechanisms and quantifying the extent of private information leakage. First, we look at the application layer, where we design protocols to protect users’ personal data from third-party entities and other unauthorized users. In particular, we focus on two relevant problems: meeting scheduling and optimal meeting location determination. For these two problems, we propose and evaluate privacy-preserving protocols that are both practical and more efficient than the existing approaches. Second, we study the privacy challenges that arise in the network and link layers, by quantifying the exposure of social community information in a large on-campus experiment. In addition, we evaluate the effect of the reconstructed community information on the inference of social ties among the participants to the experiment. For the first time in the same experiment, we compare the reconstruction accuracy of a realistic eavesdropper, who has only access to packet headers exchanged among the mobile devices, with that of a malicious application or entity that has access to the on-device data. Third, by taking a cross-layer approach, we design and evaluate a mobile social-networking application that enables users to share different kinds of personal information in a privacy-aware and inobtrusive way. In particular, we show how existing information-sharing policies are ineffective in correctly predicting users actual sharing behavior; then, based on a probabilistic decision-making framework, we demonstrate how machine learning can be used to automatically decide whether and how much to share – based on the users’ context and past behavior. Our results indicate that the proposed machine-learning-based approach is more comprehensive and practical than existing automated solutions and, at the same time, it is more effective than fixed policy-based rules – all while requiring a minimal effort from the users.

A flexible architecture is always required when trying to communicate with heterogeneous kind of systems, and IoT is the largest communication network of the history, which is bringing life to everything around us. Currently available three and four layered communication architectures are the popular basic structures to implement IoT. Where three Layers architecture is composed of perception, network and application layers and four layer architecture is composed of perception, network, service, application layer. The problem with existing architectures is that some layers are not well managed and complex in structure and lacks in the interoperability of different kind devices. In this research we present a virtualization enabled architecture Flexible Layered Architecture for Internet of Things (FLA-IoT) to overcome those challenges. FLA-IoT provides a simple structure with well-organized layers and introduces the creation of Virtual Mote (virtual object) from all real-world devices to enable the communication between unlike devices. This results in an indiscriminate communication between different real-world devices with a well-managed layered architecture.

One of the most interesting new approaches in the transportation research field is the Naturalistic Driver Behavior which is intended to provide insight into driver behavior during everyday trips by recording details about the driver, the vehicle and the surroundings through an unobtrusive data gathering equipment and without experimental control. In this paper, an Internet of Things solution that collects and analyzes data based on Naturalistic Driver Behavior approach is proposed. The analyzed and collected data will be used as a comprehensive review, and analysis of the existing Qatar traffic system, including traffic data infrastructure, safety planning, engineering practices and standards. Moreover, data analytics for crash prediction and the use of these predictions for the purpose of systemic and systematic network hotspot analysis, risk-based characterization of roadways, intersections, and roundabouts are developed. Finally, an integrated safety risk solution was proposed. This latter, enables decision makers and stakeholders (road users, state agencies, and law enforcement) to identify both high-risk locations and behaviors by measuring a set of dynamic variables including event-based data, roadway conditions, and driving maneuvers. More specifically, the solution consists of a driver behaviors detector system that uses mobile technologies. The system can detect and analyze several behaviors like drowsiness and yawning. Previous works are based on detecting and extracting facial landmarks from images. However, the new suggested system is based on a hybrid approach to detect driver behavior utilizing a deep learning technique using a multilayer perception classifier. In addition, this solution can also collect data about every day trips like start time, end time, average speed, maximum speed, distance and minimum speed. Furthermore, it detects for every fifteen seconds measurements like GPS position, distance, acceleration and rotational velocity along the Roll, Pitch and Yaw axes. The main advantage of the solution is to reduce safety risks on the roads while optimizing safety mitigation costs to a society. The proposed solution has three-layer architecture, namely, the perception, network, and application layers as detailed below. I. The perception layer is the physical layer, composed from several Internet of Thing devices that uses mainly use the smart phones equipped with cameras and sensors (Magnetometer, Accelerometers Gyroscope and Thermometer, GPS sensor and Orientation sensor) for sensing and gathering information about the driver behavior roads and environment as shown in Fig. 1. II. The network layer is responsible for establishing the connection with the servers. Its features are also used for transmitting and processing sensor data. In this solution, hybrid system that collect data and store them locally before sending them to the server is used. This technique proves its efficiency in case of Poor Internet coverage and unstable Internet connection. III. The application layer is responsible for delivering application specific services to end user. It consists in sending the data collected to web server in order to be treat and analyzed before displaying it to the final end user. The web service which part of the application layer is the component responsible for collecting data not only from devices but also from other sources such General Traffic Directorate at Minister of Interior to gather the crash details. This web service stocks all stored data in database server and analyses them. Then, the stored data and analysis will be available for end user via website that has direct access to the web services. Figure 1: Architecture of Car monitoring system Keywords: Driver Monitoring System, DrowsinessDetection, Deep Learning, Real-time Deep Neural Network, Fig. 1: Architecture of IoT solution Keywords: Driver Monitoring System, Drowsiness Detection, Deep Learning, Real-time Deep Neural Network,

Smart distribution grid is an important part of smart grid, which connects the main network and user-oriented supply. As an “immune system”, self-healing is the most important feature of smart grid. Major problem of self-healing control is the ‘uninterrupted power supply problem’, that is, real-time monitoring of network operation, predicting the state power grid, timely detection, rapid diagnosis and elimination of hidden faults, without human intervention or only a few cases. First, the paper describes major problems, which are solved by self-healing control in smart distribution grid, and their functions. Then, it analysis the structure and technology components of self-healing control in smart distribution grid, including the base layer, support layer and application layer. The base layer is composed of the power grid and its equipments, which is the base for smart grid and self-healing control. The support layer is composed of the data and communication. High-speed, bi-directional, real-time and integrated communications system is the basis of achieving power transmission and the use of high efficiency, reliability and security, and the basis for intelligent distribution network and the key steps of self-prevention and self-recovery in distribution grid. The application layer is composed of Monitoring, assessment, pre-warning/analysis, decision making, control and restoration. Six modules are interconnected and mutual restraint. The application layer is important means of self-prevention and self-recovery in distribution grid. Through the research and analysis on the relationship and the technical composition of six modules in the application layer, the paper divides running states of smart grid distribution grid having self-healing capabilities into five states, which are normal state, warning state, critical state, emergency state and recovery state, and defines the characteristics and the relationship of each state. Through investigating and applying self-healing control in smart distribution grid, smart distribution grid can timely detect the happening or imminent failure and implement appropriate corrective action, so that it does not affect the normal supply or minimize their effects. Power supply reliability is improved observably and outage time is reduced significantly. Especially in extreme weather conditions, the distribution grid will give full play to its self-prevention and self-recovery capability, give priority to protecting people's life and provide electricity for the people furthest.

This study includes what the concept of IoT (Internet of Objects) expresses conceptually. It is stated that there are three generally accepted layers even though IoT does not have a complete layer structure. These layers are; Object layer, Network layer and Application layer. In addition, the most common security epidemics at IOT are; Botnet, Man in the Middle Attacks, Social Engineering, Data and Identity Defeats and Denial of Service attacks are expressed by examples and analyzes. Finally, these attacks describe how to take precautions in the layers of IOT.

The design of Wireless Sensor Networks (WSN) requires the fulfillment of several design requirements. The most important one is optimizing the battery’s lifetime, which is tightly coupled to the sensor lifetime. End-users usually avoid replacing sensors’ batteries, especially in massive deployment scenarios like smart agriculture and smart buildings. To optimize battery lifetime, wireless sensor designers need to delineate and optimize active components at different levels of the sensor’s layered architecture, mainly, (1) the number of data sets being generated and processed at the application layer, (2) the size and the architecture of the operating systems (OS), (3) the networking layers’ protocols, and (4) the architecture of electronic components and duty cycling techniques. This paper reviews the different relevant technologies and investigates how they optimize energy consumption at each layer of the sensor’s architecture, e.g., hardware, operating system, application, and networking layer. This paper aims to make the researcher aware of the various optimization opportunities when designing WSN nodes. To our knowledge, there is no other work in the literature that reviews energy optimization of WSN in the context of Smart Energy-Efficient Buildings (SEEB) and from the formerly four listed perspectives to help in the design and implementation of optimal WSN for SEEB.

IoT makes the devices remotely accessible and these devices are used to collect data for analysis at a later stage. IoT was expected to bring revolutionary changes in the way people use technology. However, security vulnerabilities in IoT make it insecure towards the possible attacks like DoS/DDoS attacks. Detection of DDoS attacks is required to protect the IoT systems from attackers and evade financial losses. This paper presents a review of solutions proposed for the detection of DDoS attacks in the network layer and application layer of IoT. Application layer attacks have been increasing because they are sophisticated and are difficult to differentiate from real users. A huge number of papers have contributed to the network layer but issues are still faced in application layer in IoT. We have reviewed the issues in application layer protocols in IoT as well. The need of development of countering DDoS in application layer of IoT is also addressed.KeywordsDDoS attackAttack detectionIoTNetwork layerApplication layer

Development of a secure critical infrastructure, such as the power system, necessitates addressing the associated cybersecurity challenges at the network, physical, and application layers. With the continuously evolving cyberattacks in grid networks, including advanced persistent threats (APTs), the development of cybersecurity situational awareness (CSA) is an emerging trend that facilitates precise and detailed command and control to enhance the security and resilience of power systems. The comprehensive and timely CSA is necessary to predict cyberattacks at an early stage and provide an intelligent incident response to minimize their impacts on the power system. In this chapter, we present a high-level conceptual architecture of CSA against cyber threats in the smart grid. The proposed conceptual architecture integrates data-driven anomaly detection algorithms, heterogeneous database, and event visualization dashboard to monitor grid network and analyze and predict cybersecurity threats that can affect the normal grid operation. We then discuss the several components of Iowa State University PowerCyber (ISU PC) testbed that can be utilized to emulate substation and control center networks and further test and validate anomaly detection methods and intrusion detection system (IDS) tools in a cyber-physical testbed environment. As a proof of concept, we present a data-driven anomaly detection algorithm for wide-area monitoring system (WAMS) using synchrophasors and evaluated its performance by computing true positive rates for line fault and cyberattack events. Furthermore, we present the prototype demonstration at the commercial scale by integrating the proposed detection algorithm with the General Electric (GE)-based WAMS platform to support CSA in power system. Finally, we conclude this chapter by outlining how a cybersecurity training can enhance the overall CSA while emphasizing the need to develop robust anomaly detectors to secure the grid network.

The Internet of Things (IoT) has experienced constant growth in the number of devices deployed and the range of applications in which such devices are used. They vary widely in size, computational power, capacity storage, and energy. The explosive growth and integration of IoT in different domains and areas of our daily lives has created an Internet of Vulnerabilities (IoV). In the rush to build and implement IoT devices, security and privacy have not been adequately addressed. IoT devices, many of which are highly constrained, are vulnerable to cyber attacks, which threaten the security and privacy of users and systems. This survey provides a comprehensive overview of IoT in regard to areas of application, security architecture frameworks, recent security and privacy issues in IoT, as well as a review of recent similar studies on IoT security and privacy. In addition, the paper presents a comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented. Moreover, the study proposes mitigations and countermeasures, taking a multi-faceted approach rather than a per layer approach. Open research areas are also covered to provide researchers with the most recent research urgent questions in regard to securing IoT ecosystem.

Using three-layered architecture IoT can be methodically understood. These layers are sensing and data collection layer, data processing and network layer, and application layer. In sensing and data collection layer, sensors are used to sense its surrounding environment. The processing layer is moreover like a middleware layer. The application layer is liable for conveying a particular facility to the client. All of these layers are energy constrained. Hence, it is a sensitive issue to efficiently reduce the energy consumption in IoT. To increase energy efficiency in IoT networks, a large number of techniques have been developed by different researchers. The chapter introduces a classification of energy conservation techniques based on the IoT architecture layer in which they work. The energy-efficiency techniques are also discussed in brief. The chapter also analyses the techniques with respect to their advantages and disadvantages. Moreover, future directions have also been presented in brief.

The Long Island Power Authority (LIPA) has teamed with Stony Brook University (Stony Brook or SBU) and Farmingdale State College (Farmingdale or FSC), two branches of the State University of New York (SUNY), to create a “Smart Energy Corridor.” The project, located along the Route 110 business corridor on Long Island, New York, demonstrated the integration of a suite of Smart Grid technologies from substations to end-use loads. The Smart Energy Corridor Project included the following key features: -TECHNOLOGY: Demonstrated a full range of smart energy technologies, including substations and distribution feeder automation, fiber and radio communications backbone, advanced metering infrastructure (AM”), meter data management (MDM) system (which LIPA implemented outside of this project), field tools automation, customer-level energy management including automated energy management systems, and integration with distributed generation and plug-in hybrid electric vehicles. -MARKETING: A rigorous market test that identified customer response to an alternative time-of-use pricing plan and varying levels of information and analytical support. -CYBER SECURITY: Tested cyber security vulnerabilities in Smart Grid hardware, network, and application layers. Developed recommendations for policies, procedures, and technical controls to prevent or foil cyber-attacks and to harden the Smart Grid infrastructure. -RELIABILITY: Leveraged new Smart Grid-enabled data to increase system efficiency and reliability. more » Developed enhanced load forecasting, phase balancing, and voltage control techniques designed to work hand-in-hand with the Smart Grid technologies. -OUTREACH: Implemented public outreach and educational initiatives that were linked directly to the demonstration of Smart Grid technologies, tools, techniques, and system configurations. This included creation of full-scale operating models demonstrating application of Smart Grid technologies in business and residential settings. Farmingdale State College held three international conferences on energy and sustainability and Smart Grid related technologies and policies. These conferences, in addition to public seminars increased understanding and acceptance of Smart Grid transformation by the general public, business, industry, and municipalities in the Long Island and greater New York region. - JOB CREATION: Provided training for the Smart Grid and clean energy jobs of the future at both Farmingdale and Stony Brook. Stony Brook focused its “Cradle to Fortune 500” suite of economic development resources on the opportunities emerging from the project, helping to create new technologies, new businesses, and new jobs. To achieve these features, LIPA and its sub-recipients, FSC and SBU, each have separate but complementary objectives. At LIPA, the Smart Energy Corridor (1) meant validating Smart Grid technologies; (2) quantifying Smart Grid costs and benefits; and (3) providing insights into how Smart Grid applications can be better implemented, readily adapted, and replicated in individual homes and businesses. LIPA installed 2,550 AMI meters (exceeding the 500 AMI meters in the original plan), created three “smart” substations serving the Corridor, and installed additional distribution automation elements including two-way communications and digital controls over various feeders and capacitor banks. It gathered and analyzed customer behavior information on how they responded to a new “smart” TOU rate and to various levels of information and analytical tools. « less

Chapter 21 - ISA 2006 Stateful Inspection and Application Layer Filtering

The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

The largest potential of IoT implementation is in the smart grid. IoT technology is critical to the smart grid because it allows for large-scale communication between different components of the smart grid on a two-way basis. The Internet of Things can be used in all aspects of the smart grid by accessing real-time data from the power system and then monitoring and analyzing it. A Systematic Literature Review was used in this study to better understand the benefits, architectures, applications, and challenges of IoT-based smart grids. Several steps are taken to produce related articles. There are thirty-four research articles that related to research questions, then reviewed. It can be concluded that the most benefits of implementing IoT in smart grid will be improved reliability, efficiency, and stability of power systems. The major architectures of IoT-based smart grids consists of three layers which are perception, network, and application layers. IoT-based smart grid application can be implemented in every aspect of the power system, right from power generation to end consumer. Some challenges present when IoT is integrated into the smart grid, privacy and security issues become most challenging.