10. IOT Security Flashcards
What is IOT
- consumer wearables, household appliances
- assigned with IP
- less human intervention, greater machine autonomy
- better accuracy
- better efficiency
- higher productivity
Types of IOT applications
- consumer
- commercial
- industrial
- infrastructure
- military
security challenges for IOT
- IOT network implies that device connects to the outside world. World has access to device and everything it is connected to
- IOT devices are resources limited. Do not contain resources to implement strong security
- manufacturer may not build security as it may interfere with functionality and increase cost
- IOT devices are ‘set and forget’. Hardly receive security patches
- IOT devices has no security against modern threats
- No single agreed framework
- IOT exploits use device as entry point into network
Routing protocol for low power lossy network
iot devices have limited energy and computing resources. Often face unfavourable environmental factors. –> constrained nodes
constrained nodes optimise energy and network bandwidth usage –> constrained networks
constrained networks have:
- low throughput
- high packet loss
- assymetric link
RPL
- protocol that provides IPv6 connection to low power lossy network(LLN)
- manipulates vectors of distance to other networks
- periodic update neighbours of topology changes
- known as distance-vector protocol
- based on direction and distance
direction oriented directed acyclic graph (DODAG)
supports storing/ non storing mode
storing mode:
- downward routing table kept at each node
- travels as far as common parent
non storing mode:
- reduce memory usage
- non root node do not have routing table
- use root node/ src node to transmit data
DODAG network organisation
- only has directed cycles, with no cycles
2. OBJECTIVE FUNCTIONS determines which link to be used in selecting optimised route
Objective functions
defines how nodes select parents provides node rank(lower better) variables: - energy consumption - expected transmission count - packet delivery ratio
RPL collection and configuration
multipoint to point
- data collection from sensors(up)
point to multipoint
- network sensors configuration (down)
point to point
- RPL does not support point to point well
RPL rank computation ETX
rank
- 16 bit integer
- defines node position
- takes floor of number
rank(x) = rank(parent) + expected transmission count(x, parent)
RPL rank computation Residual Energy
high link quality = low link cost = higher residual energy
rank(x) = rank(parent) + (max energy - x energy)
Theory of rank computation DODAG
rank = floor(rank(node))/Min Hop Rank Increase
rank(A) < rank(B)
if floor(rank(A)/ MinHopRankIncrease)
is less than
floor(rank(B)/ MinHopRankIncrease)
eg
MHRI = 32
rank = 953
rank 928 to 959 will be siblings
MHRI can be used to detect sibling nodes
RPL rank computation Min Hop Rank Increase
once node has chosen its parents, node will compute its own rank. Preferred parent need not have lowest rank.
rank(x) = rank(parents) + rank_increase rank_increase = step + MHRI(Max Energy) step = Root_energy - Node_energy
therefore
rank(x) = rank(parents) +
floor(((Root_energy - Node_energy) + MHRI)/ MHRI)
RPL MHROF
finds path with minimum rank(lowest cost)
3 types of control messages
DODAG information object DIO
DODAG information solicitation DIS
Destination advertisement object DAO