Lecture 9 - Part 2: IOT Security

Question 1

What is the background of IOT security?

Answer 1

• Internet-of-Things (IoT) will improve the quality of life in various domains.
• Example: People-centric IoT solutions for elderly and disabled people
• Implantable and wearable IoT devices
• Reduced response time
• Advanced solutions for in-home rehabilitation,thus reducing load at hospitals

Question 2

What are some IOT security flaws?

Answer 2

• Profit driven businesses
• Time-to-market constraint
• Absence of related legislation
• Manufacturers overlook security considerations that result in potentially vulnerable IoT devices.

Question 3

What is an example of IOT security issue?

Answer 3

• Cyber attack launched by the IoT-specific malware Mirai (open source) that identifies vulnerable IoT devices using a table of more than 60 common factory default usernames and passwords, and logs into them to infect them with the Mirai malware.
• Networked devices running Linux were infected.
• Since the source code was published, the techniques have been adapted in other malware project.
• Mirai launched Denial of Service (DoS) attack on the primary DNS provider in the U.S. Dyn in Oct, 2016.

REFER TO SLIDES FOR MORE

Question 4

What are some technical difficulties of IOT security?

Answer 4

• Limited Computational Capabilities
• Limited storage
• Limited Power
• Limited Update mechanism
• Lack of IoT-relevant empirical data and IoT-specific attack signatures limit the development of robust mechanism.
• IoT communication protocols and technologies differ from traditional IT realms, their security solutions ought to be different as well

Question 5

What are some IOT vulnerabilities?

Answer 5

Deficient physical security
* Unauthorized physical access possible
Insufficient energy harvesting
* Stored energy can be drained by an attacker by legitimate or corrupt messages.
Inadequate authentication
* Simple authentication due to limited processingpower and energy
Improper Encryption
* Resource limitations of IoT affects encryption
Unnecessary open ports
* IoT devices have unnecessarily open ports while running vulnerable services
Insufficient Access control
* IoT devices in conjunction with their cloud management solutions do not force a password of sufficient complexity
* Default user credentials not forced to change
* Most of the users have elevated permissions and can be misused.
Improper patch management capabilities
* Manufacturers either do not recurrently maintain security patches or do not have in place automated patch-update mechanisms.
* Moreover, even available update mechanisms lack integrity guarantees, rendering them susceptible to being maliciously modified
Weak programming practices
* IoT manufacturers release firmware with known vulnerabilities
Insufficient audit mechanisms
* IoT devices lack thorough logging procedures, rendering it possible to conceal IoT-generated malicious activities

Question 6

What are the 3 architectural layers of IOT vulnerabilities?

Answer 6

Device based - Deficient physical security and Insufficient energy harvesting
Network based - Inadequate authentication, Improper Encryption and Unnecessary open ports
Software based - Insufficient Access control, Improper patch management capabilities, Weak programming practices, Insufficient audit mechanisms

Question 7

What is Confidentiality (as part of CIA Triad)?

Answer 7

• This security objective is designed to protect assets from unauthorized access and is typically enforced by strict access control, rigorous authentication procedures, and proper encryption.
• IoT vulnerabilities which enable unauthorized access to IoT resources and data would be related to Confidentiality.

Question 8

What is Integrity (as part of CIA Triad)?

Answer 8

• The integrity objective typically guarantees the detection of any unauthorized modifications and is routinely enforced by strict auditing of access control, rigorous hashing and cryptographic primitives (low level encryption algorithms), interface restrictions, input validations and intrusion detection methods.
• Integrity issues consist of vulnerabilities which allow unauthorized modifications of IoT data and settings to go undetected.

Question 9

What is Availability (as part of CIA Triad)?

Answer 9

• This security objective is designed to guarantee timely access to resources (including data, applications and network infrastructure).
• Vulnerabilities which hinder the continuous access to IoT would be related to Availability.

Question 10

What is Accountability (as part of CIA Triad extension (AAA))?

Answer 10

• The accountability objective typically guarantees the feasibility of tracing actions and events to the respective user or systems aiming to establish responsibility for actions.
• Vulnerabilities that hinder proper logging would be related to Accountability.

Question 11

What is a countermeasure?

Answer 11

a classification of the available remediation techniques to mitigate the identified IoT vulnerabilities.

Question 12

What are some examples of countermeasures?

Answer 12

Access and Authentication Controls,
* Firewalls, algorithms & authentication schemes, biometric-based models, and context aware permissions
Software Assurance,
* Software assurance is defined as “the level of confidence that software is free from vulnerabilities, and that the software functions in the intended manner”
* Software Assurance elaborates on the available capabilities to assert integrity constraints
Security Protocols
* Lightweight security schemes for proper remediation (improving the security situation).

Question 13

What is situation awareness?

Answer 13

Situation Awareness Capabilities categorizes available techniques for capturing accurate and sufficient information regarding generated malicious activities in the context of the IoT.
* Vulnerability Assessment
* Honeypots -Generally, a honeypot consists of data that appears to be a legitimate part of the site which contains information or resources of value to attackers. It is actually isolated, monitored, and capable of blocking or analyzing the attackers.
* Intrusion Detection

Question 14

What are Attacks Against Confidentiality and Authentication

Answer 14

• Aim: To gain unauthorized access to IoT resources and data to conduct further malicious actions.
• Mechanism: executing brute force events, eavesdropping IoT physical measurements, or faking devices identities.
• Dictionary attacks aim at gaining access to IoT devices through executing variants of brute force events, leading to illicit modifications of settings or even full control of device functions.

Question 15

What are Attacks Against Data Integrity

Answer 15

• Injecting false data or modification of device firmware
• False Data Injection (FDI) attacks fuse legitimate or corrupted input towards IoT sensors to cause various integrity violations. For instance, launching such attacks could mislead the IoT device’s data, causing dramatic economic impact or even loss of human life
• Firmware modification is rendered by malicious alteration of the firmware, which induces a functional disruption of the targeted device

Question 16

What are Attacks Against Availability

Answer 16

• Denial of Service (DoS) attacks against IoT is to prevent the legitimate users’ timely access to IoT resources (i.e., data and services).
• By revoking device from the network or draining IoT resources until their full exhaustion.
• Device capture: capture, alter or destroy a device to retrieve stored sensitive information, including secret keys
• Battery draining attacks by flooding with messages