Internet of Things (IoT) provides an inter-connected framework of different components and devices. Internet of Things (IoT) is one of the emerging technologies which are being used by various industries and business sectors. The technology has given its users with connected and smart platforms along with several other benefits. There are certain concerns that are associated with the technology and its applications. Security and privacy are the two major concerns that are associated with IoT.
Some of the popular applications of IoT are used in the healthcare industry and these include smart healthcare systems, remote & tele-health monitoring system. The other applications include smart city application, smart parking system, office & home automation system, smart retail management system, and many more.
There are security and privacy issues in information security that are currently witnessed. These include cryptanalysis attacks, malware attacks, injection attacks, data breaches, data leakage, and device-based attacks.
There are vulnerabilities associated with IoT applications, such as unsecure network connections, unsecure access points, etc. These enhance the probability of the security and privacy attacks.
One of the most popular security techniques that are used is cryptography and encryption. However, the usual encryption processes do not succeed in the case of IoT applications due to multiple components involved. The author has covered the various cryptanalysis attacks that emerge as a result. These may be of varied forms, such as ciphertext-only attacks, plaintext attacks, differential attacks, integral attacks, etc. Side-channel attacks are also one of the cryptanalysis attacks that are carried out. The author has suggested that multi-path encryption and use of passwords along with cryptography algorithm shall be used to avoid such attacks. The author has not listed the use of communication protocols that may be done to put a check on the cryptanalysis attacks (Maple, 2017).
Malware attacks are also very common in the case of computing applications and IoT technology. One of the latest forms of malware that is being frequently launched by the attackers is ransomware. It is a malware in which the attackers block the access to a system or an application and demand ransom to unblock the same. The ransom is demanded in the form of cryptocurrency. IoT applications are also exposed to the ransomware attacks due to the presence of several access points in varied components that may be used to launch the attack. The authors have described the process that is involved in the ransomware attacks. The use of anti-malware tools with ransomware protection has been recommended to prevent and control the attack. The authors have not described the recent ransomware attacks in detail (Latif & Zafar, 2017).
IoT devices are developed for the end-users and these users can access these applications through a web interface that is developed as a website or mobile application. These web interfaces come with their own security loopholes. For example, the user may utilize weaker and common passwords which may be easily guessed by the attackers and an unauthorized access may be allowed. There may be security vulnerabilities that may be present with these interfaces and these are explored by the authors in the research work. There are different forms of injection attacks that may also be carried out as XML or SQL injection attacks and cross site scripting attacks. The authors have recommended the use of role-based access control as one of the measures to deal with the security vulnerabilities in web interfaces. The use of multi-fold authentication is also suggested by the authors (Gopi & Rao, 2018). The authors have not covered the use of session management as the security control.
Breaching of the data sets and the loss of the data over IoT network is frequently being observed. This is because IoT applications are made up of several components that may have different security architecture and protocols applied. The increased number of components also results in the increased number of access points and one or more than one such access points may not be secure. These unsecure access points may be utilized to cause data breach or steal the data sets. The mechanisms that are usually used by the malicious entities are explored by the authors and covered in the research work. The authors have recommended the use of basic and advanced security methods. However, the involvement of other technologies in IoT security is not covered (Pishva, 2017).
There are different devices that are used in the IoT applications. Computer systems or Smartphones are used by the end-users to access the web interface developed for the IoT application. There are other networking peripherals and devices along with sensors, servers, and mobile devices involved. Each of these devices includes data and information sets associated with the IoT application. The stealing of any of these devices by malevolent entity may compromise the security and privacy of the entire application as the critical data sets will be captured. The authors have covered these device-based security risks and the attack prevention methods that may be used. Device tracker is one such measure that may be used to track the device if it gets stolen or is lost. The authors have not covered the involvement of other technologies to prevent the attacks (Yang, Wu, Yin, Li & Zhao, 2017).
IoT applications work on the basis of the hardware, software, and networking components. Network security is essential for these applications and the same has been explored by the authors in the research work. The primary category of security and privacy attacks on the IoT applications are the network-based security attacks. These attacks are given shape to impact the information and data properties as availability, privacy, integrity, and confidentiality. (Geneiatakis et al., 2017). The authors have described some of these network attacks as data manipulation attacks, denial of service attacks, eavesdropping attacks, distributed denial of service attacks, man in the middle attacks, etc. The authors have also suggested the use of network security controls like intrusion detection and prevention systems and anti-denial tools to prevent these attacks from occurring. However, the other controls using Business Intelligence concepts are not illustrated.
Some of the critical issues that have been identified are network-based security attacks, ransomware attacks, device-based attacks, data breaches, and cryptanalysis attacks.
The authors in their research work have covered the privacy preserving techniques that may be used in association with the IoT applications. These techniques have been described in the categories as technical, administrative, and logical controls. The authors have described the use of anti-malware and anti-denial tools that may be done. They have also covered the use of basic security measures like firewalls and proxy servers that may be helpful. Access control measures and authentication processes have also been covered (Hussain & Kaliya, 2018). The authors have not described the role of other technologies, such as Big Data or Cloud Computing in IoT security and privacy.
Future Research Directions & Conclusion
The areas that have been addressed along with gaps & critical issues have been included in the section above. The future research processes must keep their focus on the use of other emerging technologies, such as Cloud Computing, Artificial Intelligence, smart sensor networks, and Big Data on the security and privacy of IoT. There are communication protocols that can be used along with the encryption algorithms to avoid the cryptanalysis attacks that shall be researched upon. Access control and authentication measures are also being improved and enhanced with the passage of time. The use of these controls along with user session management is one of the IoT security areas that shall be explored. There are business intelligence concepts and patterns that may be used to have a deeper understanding of the networking activities, user actions, and likewise. These shall be useful in putting a check on the security and privacy attacks.
The use of the security controls included in the literature review and the research on the gaps identified will result in the mitigation and control of such occurrences.
References
Geneiatakis, D., Kounelis, I., Neisse, R., Nai-Fovino, I., Steri, G., & Baldini, G. (2017). Security and privacy issues for an IoT based smart home. 2017 40Th International Convention On Information And Communication Technology, Electronics And Microelectronics (MIPRO). doi: 10.23919/mipro.2017.7973622
Gopi, A., & Rao, M. (2018). Survey of privacy and security issues in IoT. International Journal Of Engineering & Technology, 7(2.7), 293. doi: 10.14419/ijet.v7i2.7.10600
Hussain, M., & Kaliya, N. (2018). An Improvised Framework for Privacy Preservation in IoT. International Journal Of Information Security And Privacy, 12(2), 46-63. doi: 10.4018/ijisp.2018040104
Latif, S., & Zafar, N. (2017). A survey of security and privacy issues in IoT for smart cities. 2017 Fifth International Conference On Aerospace Science & Engineering (ICASE). doi: 10.1109/icase.2017.8374288
Maple, C. (2017). Security and privacy in the internet of things. Journal Of Cyber Policy, 2(2), 155-184. doi: 10.1080/23738871.2017.1366536
Pishva, D. (2017). Internet of Things: Security and privacy issues and possible solution. 2017 19Th International Conference On Advanced Communication Technology (ICACT). doi: 10.23919/icact.2017.7890229
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A Survey on Security and Privacy Issues in Internet-of-Things. IEEE Internet Of Things Journal, 4(5), 1250-1258. doi: 10.1109/jiot.2017.2694844
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download