Threat and Attack Models in IoT Devices

Abstract

IoT devices consist of systems of integrated objects, computing devices, and digital or mechanical machines whose area units have the power to transmit and receive information over a network, requiring no human intervention. As we stepped into the IoT era, the demand for connected devices to make our lives comfortable and seamless showed exponential growth, as did cyberattacks. All such devices operate inside present web infrastructure. Problems increase as devices become a lot of prevailing and instantly cessantly evolve to counter newer threats and schemes. The attack surface of a network sums up all penetration points, otherwise called attack vectors. An offender or an unauthorised user will profit from those attack vectors to penetrate the system, then alter or extract knowledge from the threat surroundings. This chapter focuses on how threats, attacks and vulnerabilities are exposed by hackers to gain information from IoT devices, resulting in a great volume of data theft due to weak and unfocused security protocols in IoT architecture. The chapter has a few important concepts, like the need for security in IoT devices, IoT architecture, IoT attacks taxonomy, attacks, threats and vulnerabilities, design of malware attacks, and finally impact of attacks on security objectives. We have discussed the root causes of successful cyberattacks on realtime IoT applications. Estimation of impact of attacks is examined and analyzed by implementing the testbed for IoT security. Two important research phases, extensive analysis and the automated-testing mechanism, are discussed for examining the attack surface of IoT devices embedded into many realworld applications. Lastly, we have illustrated the outbreak of cyberattacks on confidentiality, integrity and availability of applications controlled by IoT environment. There is need of hour research into secure coding and designs to create more secure and safe future gadgets.