Vulnerabilities In Internet Of Things Devices Research Articles

Empirical evaluation of feature selection methods for machine learning based intrusion detection in IoT scenarios

This paper delves into the critical need for enhanced security measures within the Internet of Things (IoT) landscape due to inherent vulnerabilities in IoT devices, rendering them susceptible to various forms of cyber-attacks. The study emphasizes the importance of Intrusion Detection Systems (IDS) for continuous threat monitoring. The objective of this study was to conduct a comprehensive evaluation of feature selection (FS) methods using various machine learning (ML) techniques for classifying traffic flows within datasets containing intrusions in IoT environments. An extensive benchmark analysis of ML techniques and FS methods was performed, assessing feature selection under different approaches including Filter Feature Ranking (FFR), Filter-Feature Subset Selection (FSS), and Wrapper-based Feature Selection (WFS). FS becomes pivotal in handling vast IoT data by reducing irrelevant attributes, addressing the curse of dimensionality, enhancing model interpretability, and optimizing resources in devices with limited capacity. Key findings indicate the outperformance for traffic flows classification of certain tree-based algorithms, such as J48 or PART, against other machine learning techniques (naive Bayes, multi-layer perceptron, logistic, adaptive boosting or k-Nearest Neighbors), showcasing a good balance between performance and execution time. FS methods' advantages and drawbacks are discussed, highlighting the main differences in results obtained among different FS approaches. Filter-feature Subset Selection (FSS) approaches such as CFS could be more suitable than Filter Feature Ranking (FFR), which may select correlated attributes, or than Wrapper-based Feature Selection (WFS) methods, which may tailor attribute subsets for specific ML techniques and have lengthy execution times. In any case, reducing attributes via FS has allowed optimization of classification without compromising accuracy. In this study, F1 score classification results above 0.99, along with a reduction of over 60% in the number of attributes, have been achieved in most experiments conducted across four datasets, both in binary and multiclass modes. This work emphasizes the importance of a balanced attribute selection process, taking into account threat detection capabilities and computational complexity.

Distributed and Collaborative Lightweight Edge Federated Learning for IoT Zombie Devices Detection

The fast development of artificial intelligence and Internet of Things (IoT) technologies has enabled various applications of smart cities, e.g., smart monitoring and surveillance. However, vulnerabilities of IoT devices bring new threats to the security of smart cities. To identify ubiquitous IoT botnet attacks, a distributed and collaborative lightweight edge federated learning model for IoT zombie devices detection is proposed, named FIOT. To reduce computational complexity and enhance the adaptability to new attack environment at the network edge, FIOT is designed in a lightweight manner based on feature dimensionality reduction and transfer learning. Three IoT botnet datasets are used to validate the effectiveness of the proposed FIOT. Experimental results show that FIOT has an accuracy loss of less than 3% in terms of F1 value compared to the centralized learning, but the training time of FIOT is only 14.3% of that of centralized learning. While ensuring high detection accuracy, the number of parameters of FIOT is compressed to 37.58% of the comparison method.

Cybersecurity in the Internet of Things (IoT) Era: Safeguarding Connected Systems and Data

In the era of the Internet of Things (IoT), where devices are interconnected at an unprecedented scale, ensuring cybersecurity has become paramount. This journal article explores the challenges and strategies associated with safeguarding connected systems and data in the IoT landscape. The study delves into the unique cybersecurity risks posed by the proliferation of IoT devices and analyzes the evolving threat landscape. The article begins by elucidating the significance of IoT in contemporary society, emphasizing its transformative impact on various sectors. Subsequently, it identifies the vulnerabilities inherent in interconnected systems, ranging from privacy concerns to potential disruptions caused by cyber-attacks. A comprehensive review of current cybersecurity frameworks and protocols follows, assessing their efficacy in addressing the dynamic threats faced by IoT ecosystems. The study highlights the importance of encryption, authentication, and intrusion detection in fortifying IoT networks against cyber threats. Case studies and real-world examples are employed to illustrate the practical implications of cybersecurity vulnerabilities in IoT devices. Furthermore, the article examines emerging technologies and innovative approaches aimed at enhancing the resilience of connected systems. The findings underscore the need for a holistic cybersecurity approach that integrates technological advancements with robust policies and user awareness. Recommendations include the adoption of standardized security measures, continuous monitoring, and collaborative efforts among stakeholders to mitigate IoT-related risks. In conclusion, this article contributes to the discourse on IoT cybersecurity, offering insights into the evolving nature of threats and effective countermeasures. As society becomes increasingly reliant on interconnected devices, ensuring the security of IoT ecosystems is imperative for fostering a trustworthy and resilient digital environment.

Security Concerns of IoT Against DDoS in 5G Systems

The Internet of Things (IoT), which enables seamless connectivity and communication between gadgets and the internet has completely changed how people interact with and use technology in 5G. Distributed Denial of Service (DDoS) assaults are now recognized as a serious security concern because of the rapid expansion of IoT devices, which has also brought about new security issues. DDoS attacks plan massive, coordinated attacks that overwhelm target systems and impair their functions by taking advantage of the interconnectedness of IoT devices. This paper explores the vulnerabilities in IoT devices and their possible exploitation by hostile actors, providing an in-depth examination of IoT and DDoS assault dynamics in 5G. The report emphasizes the need for preventative security measures by highlighting the growing size and complexity of DDoS attacks employing compromised IoT botnets. The examination of various DDoS attack channels and methodologies against IoT devices sheds light on the growing strategies used by attackers to infiltrate and manage IoT botnets. To emphasize how urgent it is to mitigate such risks, the effects of DDoS assaults on vital infrastructures, companies, and end-users are also emphasized. The paper also evaluates current mitigation techniques and security safeguards intended to counter IoT-based DDoS attacks. These include the use of security in Nexus that prioritize device authentication, encryption, and secure communication protocols as well as network traffic filtering and anomaly detection. Relevant case studies and real-world examples are provided to give readers a thorough understanding of the topic while demonstrating the scope and effects of recent IoT-based DDoS attacks. The paper guides different approaches through which DDOS can harm the server/ system (or anything, which is belonging to the family of the Internet of things) through different types; DDOS can be minimized but impossible to overcome. In this paper, we also have proved that due to IOT, the ratio of DDOS has increased by implementing these measures and continuously monitoring the network for potential threats. 5G systems can enhance their security posture and provide a safer and more reliable communication infrastructure for users and businesses by mitigating DDoS.

Managing cyber-security risks associated with IoT devices for conducting financial transactions within the smart home ecosystem

The proliferation of Internet of Things (IoT) devices in smart homes facilitates and the increase of financial transactions like reordering groceries by a smart refrigerator but also introduces significant cybersecurity risks. This paper examines the inherent vulnerabilities of IoT devices, including weak authentication, rare software updates, and susceptibility to malware. These vulnerabilities can expose smart homes to unauthorized access, leading to unauthorized money transfers and identity theft. Additionally, as the IoT ecosystem is interconnected, the risk increases, as a compromised device becomes an entry point for a broader network breach. The lack of standardized security protocols and regulatory frameworks further exacerbates this challenge. Therefore, addressing these risks requires collaboration among manufacturers, regulatory authorities, and users to establish robust security standards. In this way, the security of financial transactions using smart homes can be enhanced, and potential threats can be mitigated.

Exploring the Dark Side of IoT: A Survey on Blackhole Attacks

The Internet of Things (IoT) is rapidly growing and becoming an integral part of our daily lives. However, the increasing use of IoT devices also raises significant security concerns. One of the most pressing threats to IoT security is the blackhole attack, where an attacker can selectively drop or discard packets to disrupt communication between IoT devices. In this paper, we conduct a comprehensive survey on blackhole attacks in IoT networks. We explore the types of blackhole attacks, the methods attackers use to exploit vulnerabilities in IoT devices, and the potential impact of these attacks. We also review existing solutions and strategies for mitigating the effects of blackhole attacks in IoT networks. Through our survey, we provide a deeper understanding of the blackhole attack's nature and the potential implications for the security and reliability of IoT networks. Ultimately, our findings highlight the need for increased awareness of this type of attack and the implementation of robust security measures to protect IoT devices and networks.

Vulnerability of information, on the internet of things

Introduction: This article is a product of the review of the "Vulnerability of information, on the Internet of Things", developed from the Juan de Castellanos University Foundation in 2021. Methods: Review of articles and relevant literature on the exposure of information and some vulnerabilities in devices that are part of the Internet of Things (IoT). Results: Information, as one of the most valuable assets, is essential, which is why it is important to have technology, devices that are part of the IoT, despite vulnerabilities. Conclusions: Keeping information secure has become a challenge, because it is one of the most important assets of any organization. Its manipulation requires many actors and involves many factors, making it is difficult to control and protect. The constant emergence of technology and their applications in various fields, along with their relative ease of use and smaller sizes, have made significant inroads possible; we must accept that they are a part of the IoT. Originality: In the bibliographic review of the information, which results from the use of technology, how the IoT is vulnerable and even more so when it is configured with the Internet. Limitation: Technology is becoming more and more dependent on it, despite the vulnerabilities of IoT devices and the Internet.

The baseline of global consumer cyber security standards for IoT: quality evaluation

ABSTRACT The popularity of the Internet of Things (IoT) devices has been gaining interest amongst consumers. The rise of consumers benefiting from IoT devices has increased the threat of cyber-attacks. The safety, security, and privacy of consumers can be negatively affected if vulnerabilities of IoT devices are exploited. Therefore, there is a need of understanding what within IoT devices is necessary to secure. Further, the implementation of necessary and important requirements is needed to ensure protection against cyber-attacks on IoT devices. The recently published Cyber Security for Consumer Internet of Things (CSCIoT) standard, called ETSI EN 303 645, is a global standard that describes requirements on implementing a minimum level of security for IoT devices. This paper evaluates the sufficiency of cyber security of the consumer IoT standards’ requirements and gradation. The evaluation is done by comparing CSCIoT to the international professional IoT standard, called IEC 62443, and with the other related work, such as the Secure by Design report of the UK Department for Digital, Culture Media & Sport. Also, this paper discusses implications regarding consumer responsibility on security. This paper aims to stimulate more precision and extension of requirements for consumer IoT devices to lower the risk of cyber-attacks.

Features-Aware DDoS Detection in Heterogeneous Smart Environments based on Fog and Cloud Computing

Nowadays, urban environments are deploying smart environments (SEs) to evolve infrastructures, resources, and services. SEs are composed of a huge amount of heterogeneous devices, i.e., the SEs have both personal devices (smartphones, notebooks, tablets, etc) and Internet of Things (IoT) devices (sensors, actuators, and others). One of the existing problems of the SEs is the detection of Distributed Denial of Service (DDoS) attacks, due to the vulnerabilities of IoT devices. In this way, it is necessary to deploy solutions that can detect DDoS in SEs, dealing with issues like scalability, adaptability, and heterogeneity (distinct protocols, hardware capacity, and running applications). Within this context, this article presents an Intelligent System for DDoS detection in SEs, applying Machine Learning (ML), Fog, and Cloud computing approaches. Additionally, the article presents a study about the most important traffic features for detecting DDoS in SEs, as well as a traffic segmentation approach to improve the accuracy of the system. The experiments performed, using real network traffic, suggest that the proposed system reaches 99% of accuracy, while reduces the volume of data exchanged and the detection time.

Chronos: DDoS Attack Detection Using Time-Based Autoencoder

Cognitive network management is becoming quintessential to realize autonomic networking. However, the wide spread adoption of the Internet of Things (IoT) devices, increases the risk of cyber attacks. Adversaries can exploit vulnerabilities in IoT devices, which can be harnessed to launch massive Distributed Denial of Service (DDoS) attacks. Therefore, intelligent security mechanisms are needed to harden network security against these threats. In this paper, we propose Chronos, a novel time-based anomaly detection system. The anomaly detector, primarily an Autoencoder, leverages time-based features over multiple time windows to efficiently detect anomalous DDoS traffic. We develop a threshold selection heuristic that maximizes the F1-score across various DDoS attacks. Further, we compare the performance of Chronos against state-of-the-art approaches. We show that Chronos marginally outperforms another time-based system using a less complex anomaly detection pipeline, while out classing flow-based approaches with superior precision. In addition, we showcase the robustness of Chronos in the face of zero-day attacks, noise in training data, and a small number of training packets, asserting its suitability for online deployment.

A Time-Efficient Approach Toward DDoS Attack Detection in IoT Network Using SDN

As the usability of Internet of Things (IoT) devices increases, the security threats and vulnerabilities associated with these resource-constrained IoT devices also rise. One of the major threats to IoT devices is Distributed Denial of Service (DDoS). To make the security of IoT devices effective and resilient, continuous monitoring and early detection, along with adaptive decision making, are required. These challenges can be addressed with software-defined networking (SDN), which provides an opportunity for effectively managing the DDoS threats faced by IoT devices. This research proposes a novel SDN-based secure IoT framework that can detect the vulnerabilities in IoT devices or malicious traffic generated by IoT devices using the session IP counter and IP Payload analysis. The framework’s DDoS attack detection module consisting of the proposed algorithms can easily detect the DDoS attack in the SD-IoT network by analyzing different parameters even with a large traffic volume. These techniques are implemented on an SDN controller and tested by generating a large volume of traffic from a compromised node, which is then detected and notified. According to the results and comparative analysis, the proposed framework detects DDoS attacks in the early stage with high accuracy and detection rate from 98% to 100%, having a low false-positive rate.

Blockchain Based Solutions to Mitigate Distributed Denial of Service (DDoS) Attacks in the Internet of Things (IoT): A Survey.

Internet of Things (IoT) devices are widely used in many industries including smart cities, smart agriculture, smart medical, smart logistics, etc. However, Distributed Denial of Service (DDoS) attacks pose a serious threat to the security of IoT. Attackers can easily exploit the vulnerabilities of IoT devices and control them as part of botnets to launch DDoS attacks. This is because IoT devices are resource-constrained with limited memory and computing resources. As an emerging technology, Blockchain has the potential to solve the security issues in IoT. Therefore, it is important to analyse various Blockchain-based solutions to mitigate DDoS attacks in IoT. In this survey, a detailed survey of various Blockchain-based solutions to mitigate DDoS attacks in IoT is carried out. First, we discuss how the IoT networks are vulnerable to DDoS attacks, its impact over IoT networks and associated services, the use of Blockchain as a potential technology to address DDoS attacks, in addition to challenges of Blockchain implementation in IoT. We then discuss various existing Blockchain-based solutions to mitigate the DDoS attacks in the IoT environment. Then, we classify existing Blockchain-based solutions into four categories i.e., Distributed Architecture-based solutions, Access Management-based solutions, Traffic Control-based solutions and the Ethereum Platform-based solutions. All the solutions are critically evaluated in terms of their working principles, the DDoS defense mechanism (i.e., prevention, detection, reaction), strengths and weaknesses. Finally, we discuss future research directions that can be explored to design and develop better Blockchain-based solutions to mitigate DDoS attacks in IoT.

Survey on Blockchain-Based IoT Payment and Marketplaces

The ever-growing smart applications will expand the Internet of Things (IoT) ecosystem to connect over 75 billion devices by 2025. IoT ecosystems comprise sensors that act as data suppliers and applications where monetary transactions are required to compensate the data producers. This signifies the importance of IoT payments and marketplaces to facilitate micro-transactions of billions of connected devices in the IoT ecosystem, which is heterogeneous, decentralized, and diverse. However, realizing such an ecosystem raises multiple challenges such as overcoming poor inter-operability, resource constraints, and security and privacy vulnerabilities of IoT devices and platforms. Blockchain is a Distributed Ledger Technology (DLT) that can be identified as a potential solution to overcome the challenges in realizing IoT payments and marketplaces. This is due to the characteristics of blockchain such as decentralization, traceability, immutability, and non-repudiation. This paper presents a comprehensive survey on blockchain-based IoT payments and marketplaces. This paper provides a brief introduction to the concepts of IoT payments and IoT marketplaces. Then the technical challenges involved in realizing IoT payment and marketplaces are discussed by highlighting the blockchain-based solutions. Furthermore, blockchain-based smart applications which use IoT marketplace and IoT payment concepts are presented marking the role of blockchain in each of the application. Subsequently, the paper discussed the integration challenges while also highlighting possible solutions. It is envisaged that this paper would shed light on the development of blockchain-based solutions to realize IoT payments and marketplaces.

Features-Aware DDoS Detection in Heterogeneous Smart Environments based on Fog and Cloud Computing

Nowadays, urban environments are deploying smart environments (SEs) to evolve infrastructures, resources, and services. SEs are composed of a huge amount of heterogeneous devices, i.e., the SEs have both personal devices (smartphones, notebooks, tablets, etc) and Internet of Things (IoT) devices (sensors, actuators, and others). One of the existing problems of the SEs is the detection of Distributed Denial of Service (DDoS) attacks, due to the vulnerabilities of IoT devices. In this way, it is necessary to deploy solutions that can detect DDoS in SEs, dealing with issues like scalability, adaptability, and heterogeneity (distinct protocols, hardware capacity, and running applications). Within this context, this article presents an Intelligent System for DDoS detection in SEs, applying Machine Learning (ML), Fog, and Cloud computing approaches. Additionally, the article presents a study about the most important traffic features for detecting DDoS in SEs, as well as a traffic segmentation approach to improve the accuracy of the system. The experiments performed, using real network traffic, suggest that the proposed system reaches 99% of accuracy, while reduces the volume of data exchanged and the detection time.

A Heuristic Local-sensitive Program-Wide Diffing Method for IoT Binary Files

Code reuse brings vulnerabilities in third-party library to many Internet of Things (IoT) devices, opening them to attacks such as distributed denial of service. Program-wide binary diffing technology can help detect these vulnerabilities in IoT devices whose source codes are not public. Considering the architectures of IoT devices may vary, we propose a data-aware program-wide diffing method across architectures and optimization levels. We rely on the defined anchor functions and call relationship to expand the comparison scope within the target file, reducing the impact of different architectures on the diffing result. To make the diffing result more accurate, we extract the semantic features that can represent the code by data flow dependence analysis. Earth mover distance is used to calculate the similarity of functions in two files based on semantic features. We implemented a proof-of-concept DAPDiff and compared it with baseline BinDiff, TurboDiff and Asm2vec. Experiments showed the availability and effectiveness of our method across optimization levels and architectures. DAPDiff outperformed BinDiff in recall and precision by 41.4% and 9.2% on average when making diffing between standard third-party library and the real-world firmware files. This proves that DAPDiff can be applicable for the vulnerability detection in IoT devices.

A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools.

With the expansion of the Internet of Things (IoT), security incidents about exploiting vulnerabilities in IoT devices have become prominent. However, due to the characteristics of IoT devices such as low power and low performance, it is difficult to apply existing security solutions to IoT devices. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are increasing every year. The most representative is the Mirai malware that caused distributed denial of service (DDoS) attacks by creating a massive IoT botnet. Moreover, Mirai malware has been released on the Internet, resulting in increasing variants and new malicious codes. One of the ways to mitigate distributed denial of service attacks is to render the creation of massive IoT botnets difficult by preventing the spread of malicious code. For IoT infrastructure security, security solutions are being studied to analyze network packets going in and out of IoT infrastructure to detect threats, and to prevent the spread of threats within IoT infrastructure by dynamically controlling network access to maliciously used IoT devices, network equipment, and IoT services. However, there is a great risk to apply unverified security solutions to real-world environments. In this paper, we propose a malware simulation tool that scans vulnerable IoT devices assigned a private IP address, and spreads malicious code within IoT infrastructure by injecting malicious code download command into vulnerable devices. The malware simulation tool proposed in this paper can be used to verify the functionality of network threat detection and prevention solutions.

On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids

The 5G communication network will underpin a vast number of new and emerging services, paving the way for unprecedented performance and capabilities in mobile networks. In this setting, the Internet of Things (IoT) will proliferate, and IoT devices will be included in many 5G application contexts, including the Smart Grid. Even though 5G technology has been designed by taking security into account, design provisions may be undermined by software-rooted vulnerabilities in IoT devices that allow threat actors to compromise the devices, demote confidentiality, integrity and availability, and even pose risks for the operation of the power grid critical infrastructures. In this paper, we assess the current state of the vulnerabilities in IoT software utilized in smart grid applications from a source code point of view. To that end, we identified and analyzed open-source software that is used in the power grid and the IoT domain that varies in characteristics and functionality, ranging from operating systems to communication protocols, allowing us to obtain a more complete view of the vulnerability landscape. The results of this study can be used in the domain of software development, to enhance the security of produced software, as well as in the domain of automated software testing, targeting improvements to vulnerability detection mechanisms, especially with a focus on the reduction of false positives.

SIoTFuzzer: Fuzzing Web Interface in IoT Firmware via Stateful Message Generation

Cyber attacks against the web management interface of Internet of Things (IoT) devices often have serious consequences. Current research uses fuzzing technologies to test the web interfaces of IoT devices. These IoT fuzzers generate messages (a test case sent from the client to the server to test its functionality) without considering their dependency, which is unlikely to bypass the early check of the server. These invalid test cases significantly reduce the efficiency of fuzzing. To overcome this problem, we propose a stateful message generation (SMG) mechanism for IoT web fuzzing. SMG addresses two problems in IoT fuzzing. First, we retrieve the message dependency by using web front-end analysis and status analysis. These dependent messages, which can easily bypass the server check, are used as a valid seed. Second, we adopt a multi-message seed format to preserve the dependency of the messages when mutating the seed to get a valid test case, so that the test case can bypass the state check of the server to make a valid test. Message dependency preservation is implemented by our proposed parameter mutation and structural mutation methods. We implement SMG in our IoT fuzzer, SIoTFuzzer, which applies IoT firmware on the latest Linux-based simulation tool, FirmAE. We test nine IoT devices including a router and an IP camera and adopt a vulnerability detection mechanism. Our evaluation results show that (1) SIoTFuzzer is capable of finding real-world vulnerabilities in IoT devices; (2) our SMG is effective as it enables Boofuzz (a popular protocol fuzzer) to find command injection and cross-site scripting (XSS) vulnerabilities; and (3) compared to FirmFuzz, SIoTFuzzer found all the vulnerabilities in our benchmarks, while FirmFuzz found only four—the efficiency of our tool increased by 20.57% on average.

FIRM-COV: High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation

With the growing prevalence of the Internet of Things (IoT), related security threats have kept pace. The need to dynamically detect vulnerabilities in IoT devices cannot be overstated. In this work, we present FIRM-COV, the first high coverage-oriented greybox fuzzer for IoT firmware. FIRM-COV leverages newly optimized process emulation by targeting IoT programs and mining real-world vulnerabilities. FIRM-COV focuses on solving problems of IoT fuzzing based on empirical analyses, using the required structured input, the inaccuracy and instability of emulation, and the required high code coverage. By optimizing the existing emulation technique, FIRM-COV always maintains a stable state and achieves high accuracy when detecting vulnerabilities. We also implement a dictionary generation algorithm to provide structured input values and synergy scheduling to achieve high coverage and throughput. We compare FIRM-COV with other IoT fuzzing frameworks for eight real-world IoT devices. As a result, FIRM-COV achieves the highest coverage and throughput, finding the fastest and most 1-day vulnerabilities with almost no false-positives. It also found two 0-day vulnerabilities in real-world IoT devices within 24 h.

Internet of things: financial perspective and its associated security concerns

The internet of things (IoT) has expanded at a very rapid rate over the last decade and revolutionised much of internet and devices technologies. Though much of transformation was driven by IoT, however, its implementation, security issues and other associated aspects still remain a matter of concern. The literature on the financial aspect of IoT is very scarce and this paper aims to fill this void and provide financial perspectives on IoT. The analysis of IoT banking and financial services industry is projected to expand from $249.5 million to USD2.03 billion by 2023: eight-time rise or a compound annual growth rate (CAGR) of around 52%. Furthermore, it was noted that the financial results of selected IoT firms had seen decent development over the past many years. In addition, there are several mergers and acquisitions in the IoT market, culminating in USD75.44 billion increase in the sector. One of the major challenges in IoT implementation in the financial industry is security and privacy. The inherent vulnerabilities in IoT devices can be exploited by the attacker, which makes it increasingly onerous for financial services firms to safeguard the system against phishing, data breaches, ransomware and other attacks.