Iot Security: Ongoing Challenges and Research Opportunities

Download as pdf or txt
Download as pdf or txt
You are on page 1of 5

2014 IEEE 7th International Conference on Service-Oriented Computing and Applications

IoT Security: Ongoing Challenges and Research Opportunities

Zhi-Kai Zhang, Michael Cheng Yi Cho, Chia-Wei Wang, Chia-Wei Hsu, Chong-Kuan Chen, Shiuhpyng Shieh, IEEE Fellow
Department of Computer Science
National Chiao Tung University
Hsinchu, Taiwan
e-mail: {skyzhang, michcho, wangcw}@dsns.cs.nctu.edu.tw, {hsucw, ckchen, ssp}@cs.nctu.edu.tw

Abstract—The Internet of Things (IoT) opens opportunities for As for the communication medium of the “Things”, it is
wearable devices, home appliances, and software to share and expected that the networking environment for IoT will be
communicate information on the Internet. Given that the heterogeneous. Various communication media may face
shared data contains a large amount of private information, different security challenges. Overlooking these security
preserving information security on the shared data is an problems will compromise the availability of the “Things”.
important issue that cannot be neglected. In this paper, we As for the contents of the communication, the heterogeneous
begin with general information security background of IoT data structure and protocols also make content protection
and continue on with information security related challenges more complex.
that IoT will encountered. Finally, we will also point out
In this article, we will briefly state related research areas
research directions that could be the future work for the
in IoT and address the challenges in these research areas.
solutions to the security challenges that IoT encounters.
II. ONGOING RESEARCH IN IOT SECURITY
Keywords - Internet of Things, information security, naming,
identification, authenticity, malware. In this section, the ongoing research areas will be briefly
described for the aspects of IoT infrastructure, cryptography,
software vulnerability, malware, and mobile devices.
I. INTRODUCTION A. Object Identification and locating in IoT
When the term "Internet of Things" (IoT) was first To uniquely identify an object is the first important issue
introduced, the initial question could be what is considered that came before other security issues. A proper
as "Things". Till recent years, groups of researchers and identification method is the foundation of IoT. An ideal
organizations tried to clarify the definition of IoT. Haller et identification methodology not only identifies the objects
al. [1] proposed a definition of IoT with “A world where uniquely, but also reflects the property of the object. For
physical objects are seamlessly integrated into the example, DNS (Domain Name System) is a good
information network, and where the physical objects can identification method which uniquely identifies a host on the
become active participants in business process.” To extend Internet; it also reflects host's property through FQDN (Fully
the coverage of IoT definition, Sarma et al. [2] defines the Qualified Domain Name) naming policy, and provides
"Things" from physical objects to virtual objects which address mapping through DNS resolution. Based on the
represents as the identities with Internet connectivity. success of DNS, Object Name Service (ONS) [4] is
Although IEEE IoT Initiative is proceeding to draft a white published by the EPCglobal board in 2005 to locate the
paper [3] for the formal definition of IoT, there are still no metadata and services associated with a given Electronic
common agreements for the definition of IoT. In this article, Product Code (EPC). The proposal of ONS gives a hint that
we define a "Thing" on IoT that indicates a physical or a similar structure could be applicable to the object
virtual object which connects to the Internet and has the identification in IoT.
ability to communicate with human users or other objects. Since the objects are connected to the network, the
Along with the growth of IoT, new security issues arise network location of the objects is also an important issue.
while traditional security issues become more severe. The Currently, the most widely used locating method is based on
main reasons are the heterogeneity and the large scale of the IPv4/IPv6. Although IP addressing may still be one of the
objects. The impact factors can be further divided into two candidates in the future Internet, Named Data Networking
categories: the diversity of the “Things” and the (NDN) [5] is proposed as a naming infrastructure of Future
communication of the “Things”. It is divided into two Internet Architecture (FIA). In contrast to host-oriented IP
categories given that each of the category encounters addressing, NDN is a data-oriented method which combines
different security problems. naming and addressing where packet routing is based on
First, the security problem for the “Things” is created by object names directly.
vulnerabilities produced by careless program design; this
creates opportunities for malwares or backdoors installation. B. Authentication and Authorization in IoT
Based on the heterogeneity and the scale of the “Things” in How to authenticate the objects is also an important
IoT, such security problems are more complex compared to research area. Traditionally, authentication is achieved
the security problems that we have faced now. through many methods such as ID/password, pre-shared

978-1-4799-6833-6/14 $31.00 © 2014 IEEE 230


DOI 10.1109/SOCA.2014.58
secrets, and public-key cryptosystems. Authorization can be Program analysis can discover software vulnerabilities
achieved by database-based or crypto-based access control. before the product is released. To verify a program, the
Due to the heterogeneity and complexity of the objects and dynamic analysis approach monitoring the targeting program
networks in IoT, traditional authentication and authorization in a controlled environment is an effective approach. It
methods may not be applicable. For instance, authenticating empowers many advanced analysis techniques such as taint
and authorization through cryptographically pre-shared keys analysis and symbolic execution. These analysis tools, which
is not applicable. The rapidly growing number of objects usually require intensive computation power, are inadaptable
will make the key management become a difficult task. to IoT devices due to the resource-constraint problem.
Although research [6][7] has attempted to resolve the Moreover, most of these advanced analysis techniques are
problem of object authentication and authorization, there are highly dependent on the underlying system platform.
still no common agreements or standards in this area. Building these analysis techniques require ad-hoc
development for different platforms in the diversified IOT
C. Privacy in IoT environments [12][13].
At the current stage, information about user behavior Software vulnerabilities can lead to a number of
whilst browsing the Internet is collected to enrich the user backdoor problems. First, with software vulnerabilities,
experience on the Internet. As for IoT, the amount of attackers exercise malicious intents without any artifact in a
information collection is not limited to Internet browsing victim’s system. Consequently, a backdoor can be planted in
behavior; information about a user’s daily routine is also a vulnerable device by attackers to control the device. Due to
collected so that the “Things” around the user can cooperate the resource-constraints of IoT devices, security mechanisms
to provide better services that fulfill personal preference. such as IDS or antivirus that requires fair amount of
Owning to the collected information that describes a user in computation power are not applicable in IoT. Therefore, it is
detail, preserving the privacy of the collected data is an issue relatively easy for attackers to inject backdoor into victim’s
to be addressed in the case of personal information misusage. machine.
Another type of backdoor is deliberately inserted in a
D. Lightweight Cryptosystems and Security Protocols
software product by vendors for management or testing
In IoT, there are various resource-constrained devices purposes. However, these backdoors may be discovered and
such as sensor nodes, smart devices, and wearable devices, used by adversaries to steal user data. A skillful adversary
which only have limited computing power and battery can examine code and discover this type of backdoor by
capacity. Although many proposed cryptosystems and applying reverse engineering techniques. Even though users
security protocols are considered secure and robust, they can examine the device before deployment, the examination
may not be suitable for the resource-constrained devices. For requires knowledge of reverse engineering skills and
instance, some recent research work [8][9] targeted on this significant human effort. Moreover, the examination has to
research area. repeat with system upgrades. This procedure becomes a
E. Software Vulnerability and Backdoor Analysis in IoT daily operation when software received patches for security
updates. Therefore, this kind of backdoor is easy to deploy
In additional to the authentication and authorization but hard to examine. That is the main reason why some
problems, software vulnerability plays an important role in government agencies impose certain security policies on the
current security research domain. During the development deployment of untrusted devices.
stage of a piece of software, programming bugs produced by
developers are unavoidable. Bugs that result in security F. Malware in IoT
incidents are known as software vulnerabilities. Upon In Nov. 2013, Symantec confirmed the finding of the first
discovery of new software vulnerabilities, AKA 0-day, IoT malware, Linux.Darlloz, which brings up the malware
attackers can leverage this knowledge to exploit a large issue for IoT security. The IoT services embrace the great
number of machines. connectivity among various devices while attracting
In the traditional PC industry, system architectures are adversaries as a hotbed to widely spread out their crafted
similar amongst the machines. For example, Windows malware. Upon connection to a victim user, any of the
operating system on x86 machine architecture dominates the infected IoT devices could contaminate a device held by the
commercial market. Developers can focus on this victim and thus get one step further to the targeted critical
mainstream and implement popular software. Therefore, device with the massive data of interest it stored. In addition
security awareness on software programming is relatively to the rapid propagation advantage, malware can also simply
easy to enforce with proper education. In the heterogeneous lurk in an end-device, which is rarely equipped with strong
IOT, diversified hardware platforms and customized security defense, for the long-term profiling/control of IoT
operating systems make it difficult to educate programmers devices such as surveillance cameras. This seriously violates
on security awareness. Furthermore, with the explosive the privacy of Internet users. Previous research works
increase of software complexity, it is rigorous for software [14][15][16] also give the discussion over the possible
developers to take care of every aspect of secure threats caused by malware against IoT and further clarify its
programming. At the current stage, a number of research importance. However, to our best knowledge, at present
works identified that IoT devices have vulnerabilities there is little research work dedicated to the countermeasure
exposed to attackers. [10][11] of IoT-targeted malware. The reason could be the small

231
population of real-world IoT malware instances and thus for IoT. Furthermore, it may be infeasible to issue a
hard to generalize an effective solution. Nevertheless, the certificate to a object in IoT since the total number of objects
existence of Linux.Darlloz indicates that the IoT malware is is often huge. Therefore, the concept of delegated
no longer an imaginary enemy, but a serious threat to IoT authentication and delegated authorization must be taken into
devices. The malware threat and countermeasure in IoT will consideration for IoT.
become critical and should addressed.
C. Privacy
G. Android Platform In the previous section, we elaborated the importance of
Android platform, the most popular mobile operating preserving privacy in IoT. In this section, we will depict the
system, has overwhelmingly taken the mobile market share. challenges to IoT deployment on preserving privacy. The
Based on Android, more and more smart devices have been challenges can be divided into two categories: data collection
developed as personal assistants that surely headlined the IoT policy and data anonymization. Data collection policy
[17]. With its open and embedded-system oriented design, describes the policy during data collection where it enforces
the Android platform attracted IoT developers’ attention in the type of collectable data and the access control of a
many aspects. Many Android features have been adopted in “Thing” to the data. Through the data collection policy, the
IoT devices, such as power saving, near-field type and amount of information to be collected is restricted
communication, multi-sensors, voice control. Namely, in the data collection phase. Since the collection and storage
Android already has been part of IoT. Although there are of private information is restricted, privacy preservation can
other contenders such as Apple iOS, Windows phone, and be ensured. The second challenge is data anonymization. To
Mozilla Firefox OS, Android is supported by a large ensure data anonymity, both cryptographic protection and
development community bootstrapping IoT toward many concealment of data relations are desirable. Given the
possible directions. diversity of the “Things”, different cryptographic schemes
may be adopted. For example, lightweight cryptographic
III. CHALLENGES IN IOT SECURITY schemes are more suitable to devices that have resource-
As discussed, the main challenges for IoT security are constraints. The second category, concealment of data
from the heterogeneity and the large scale of objects. In this relation, investigates the removal of direct relations between
section, we will discuss these security issues with more the data and its owner. This also can be achieved by applying
details. data encryption where scrambled data has resistance against
data analysis. However, information needs to be shared
A. Object Identification amongst “Things” in IoT; therefore, computation on
The main challenge of object identification is to ensure encrypted data is another challenge for data anonymization.
the integrity of records used in the naming architecture. To cope with the problem, some of research works in
Although the Domain Name System (DNS) provides name homomorphic encryption may be applicable.
translation services to Internet users, it is an insecure naming
system. It remains vulnerable to various attacks, such as D. Lightweight Cryptosystems and Security Protocols
DNS cache poisoning attack, and man-in-the-middle attack. Compared with symmetric-key cryptosystems, public-
This poisoning attack injects counterfeit DNS records into key cryptosystems generally provide more security features
victims' cache and directly compromises the resolution but suffer high computational overhead. However, public-
mapping between naming architecture and addressing key cryptosystems are often desirable when data integrity
architecture. Therefore, without the integrity protection of and authenticity are needed. Therefore, computation
the records, the entire naming architecture is insecure. overhead reduction for public-key cryptosystems as well as
Domain Name Service Security Extension (DNSSEC, IETF complex security protocols remains a major challenge for
RFC4033) is deployed as the security extensions of DNS. IoT security.
DNSSEC can ensure the integrity and authenticity of a E. Software Vulnerability and Backdoor Analysis
Resource Record (RR), and at the same time serve as a
vehicle for the distribution of cryptographic public keys. Dynamic analysis is an effective approach to the
Although DNSSEC seems to be a remedy for naming discovery of vulnerabilities before product release. Due to
services, it is still challenging to deploy DNSSEC properly in resource constraints, dynamic analysis may be inefficient to
IoT. DNSSEC incur high computation and communication deploy in an IoT device. Therefore, the emulation, which can
overhead and may not be suitable for IoT devices. A new emulate the behavior of devices in a server with more
naming service is desirable. computing power, is needed to make dynamic analysis
applicable. However, the semantic gap between real device
B. Authentication and Authorization and emulated system is an important issue to be addressed.
Although public-key cryptosystems have advantage for The discrepancy between device and emulated system is
constructing authentication schemes or authorization difficult to avoid. Moreover different components in a device
systems, the lack of a global root certificate authority (global such as GPS and gyroscope make it even more difficult to
root CA) hinders many theoretically feasible schemes from close the semantic gap.
actually being deployed. Without the global root CA, it Many analysis techniques, such as taint analysis and
becomes very challenging to design an authentication system symbolic execution, are highly dependent on the underlying

232
system. With highly diversified environments, an analysis [18] is desirable. On the other hand, users may violet the
system must be flexible enough to adopt different systems. policy enforced by an organization. Military and companies
Proper interface and intermediate layer must be provided to should carefully use even it will be more convenient with
separate system dependency. Thus, the extensibility can be IoT. Insider’s attacks are always the most challenging issue
achieved to adopt a variety of systems. to deal with. So far this issue is not well addressed, but some
To eliminate backdoors, the aforementioned dynamic research [19][20] made attempts to address policy
analysis technique is also a promising solution. However, it enforcement. A good auditing system is necessary while IoT
is not merely a technical issue. Both management and comes into the map. Audit logs can help developers refine
policies also play an important role. Multi-level examination the access control mechanism of Android. It is a more
to reduce software vulnerabilities, discovery of backdoors passive way without disturbing users. Leveraging Android
with reverse engineering, and software auditing are all useful and its experience, developers and manufacturers can
to prevent the usage of backdoors. facilitate IoT technology and enrich our life soon after.
F. Malware in IoT IV. CONCLUSION
As aforementioned, the threat of IoT-targeted malware is The main features that differentiate IoT security issues
serious due to the limited resources of IoT devices. from the traditional ones are the heterogeneous and large-
Moreover, conventional security mechanisms against scale objects and networks. These two factors, heterogeneity
malware can be infeasible while being shifted directly from and complexity, make IoT security much more difficult to
the common x86 architecture platforms to the IoT platform. deal with. This article addressed ongoing challenges and
For instance, it is believed that the antivirus is one of the research opportunities in IoT security. New research topics
most effective security tools to detect known malware in the and their possible solutions are also discussed.
real-time paradigm. However, unlike the x86-architectured
PC, the computing power of the IoT devices is relatively
small. The real-time scanning functionality of antivirus may
results in unaffordable overhead to IoT devices. Meanwhile, ACKNOWLEDGEMENT
malware authors considering the computing power issue of This work is supported in part by Ministry of Science and
IoT will also craft their malware into the separated Technology (MOST), Ministry of Education of Taiwan,
downloader and the main body. The downloader as a pioneer Taiwan Information Security Center (TWISC), ITRI, III,
to infect any of IoT devices has tiny program body and thus iCAST, HTC, D-Link, Trend Micro Inc., Promise Inc.,
embarrasses the extraction of its unique, malicious signature. Chungshan Institute of Science and Technology, Bureau of
In addition to the example above, there are still the other Investigation, and Chunghwa Telecomm.
issues such as the divergence of hardware architectures
among various devices. Without a generic abstraction of the
IoT malware, current solutions can be ad-hoc and even REFERENCES
inapplicable.
G. Security Issues from Android [1] S. Haller, S. Karnouskos, and C. Schroth, "The Internet of Things in
an Enterprise Context," in Future Internet – FIS 2008 Lecture Notes
If heterogeneous devices connect to the Android system in Computer Science Vol. 5468, 2009, pp 14-28.
forming personal area network (PAN), the security issues [2] A. C. Sarma, and J. Girão, "Identities in the Future Internet of
specifically for Android will be brought into IoT. The main Things," in Wireless Personal Communications 49.3, 2009, pp. 353-
concern is sensitive data leakage. The current permission 363.
protection only provides course-grain management, namely [3] Roberto Minerva, Abiy Biru, "Towards a Definition of the Internet of
Things," IEEE IoT Initiative white paper.
all-or-nothing choice, to restrict the type of connected
devices and disable the runtime control. Complicated [4] GS1, Object Name Service (ONS) Standard [Online].
http://www.gs1.org/gsmp/kc/epcglobal/ons/, accessed on October 8,
environments and application scenarios should be considered 2014.
to include more possible granted permissions. Google [5] L. Zhang, A. Afanasyev, J. Burke, claffy, L. Wang, V. Jacobson, P.
accidentally released runtime permission control, AppOps, in Crowley, C. Papadopoulos, B. Zhang, "Named Data Networking," in
Android 4.3, but soon removed in 4.4. AppOps shows that ACM SIGCOMM Computer Communication Review, July 2014
dynamic management is feasible. On the other hand, [6] W. Shang, Q. Ding, A. Marianantoni, J. Burke, and L. Zhang,
Android malware is another serious problem when IoT meets "Securing building management systems using named data
Android. Unlike iOS, Android is open-sourced. That makes networking," IEEE Network Special Issue on Information-Centric
Networking, April 2014.
it easy to discover vulnerabilities of the system. Once
[7] J. Liu, Y. Xiao, and C. L. P. Chen. "Authentication and Access
malware compromises front end devices, the network of IoT Control in the Internet of Things," In IEEE 32nd International
is exposed to threats. These ubiquitous devices provide Conference on Distributed Computing Systems Workshops, June
abundant computing power and information for interested 2012.
attackers to exploit. Although Google announced the [8] Cole, Peter H., and Damith C. Ranasinghe. "Networked RFID systems
Bouncer for vetting apps, the price of being penetrated rises and lightweight cryptography," London, UK: Springer. doi 10 (2008):
and the attack will be amplified when IoT is involved. 978-3.
Deeper apps analysis such combining static and symbolic

233
[9] S. Raza, H. Shafagh, K. Hewage, R. Hummen, and T. Voigt, "Lithe: [16] X. Xu, "Study on Security Problems and Key Technologies of the
Lightweight Secure CoAP for the Internet of Things," in IEEE Internet of Things," Computational and Information Sciences
Sensors Journal, Vol. 13(10), 2013. (ICCIS), 2013 Fifth International Conference on , vol., no.,
[10] A. Cui and S. J. Stolfo, "Reflections on the engineering and operation pp.407,410, 21-23 June 2013 doi: 10.1109/ICCIS.2013.114
of a large-scale embedded device vulnerability scanner," In [17] “Android will power the Internet of things,” InfoWorld, 06-Feb-2014.
BADGERS. ACM, Apr. 2011. [Online]. Available: http://www.infoworld.com/article/2610361/big-
[11] A. Costin, J. Zaddach, A. Francillon, and D. Balzarotti. "A Large data/android-will-power-the-internet-of-things.html. [Accessed: 08-
Scale Analysis of the Security of Embedded Firmwares," In USENIX Oct-2014].
Security Symposium, August 2014. [18] Z. Yang, M. Yang, Y. Zhang, G. Gu, P. Ning, and X. S. Wang,
[12] D.Davidson, B.Moench, S.Jha, and T.Ristenpart. "FIE on Firmware: "Appintent: Analyzing sensitive data transmission in android for
Finding Vulnerabilities in Embedded Systems Using Symbolic privacy leakage detection," in Proceedings of the 2013 ACM SIGSAC
Execution," In USENIX Security Symposium, August 2013. conference on Computer & communications security, 2013, pp.
1043–1054.
[13] J. Zaddach, L. Bruno, A. Francillon, and D. Balzarotti. "Avatar: A
Framework to Support Dynamic Security Analysis of Embedded [19] M. Conti, V. T. N. Nguyen, and B. Crispo, "Crepe: context-related
Systems' Firmwares," In Network and Distributed System Security policy enforcement for android," in Information Security, Springer,
Symposium, February 2014 2011, pp. 331–345.
[14] R. Roman, P. Najera, J. Lopez, "Securing the Internet of Things," [20] K. Z. Chen, N. M. Johnson, V. D’Silva, S. Dai, K. MacNamara, T. R.
Computer , vol.44, no.9, pp.51,58, Sept. 2011 Magrino, E. X. Wu, M. Rinard, and D. X. Song, "Contextual Policy
Enforcement in Android Applications with Permission Event
[15] H. S. Ning, H. Liu; Y, L.T. "Cyberentity Security in the Internet of Graphs," in NDSS, 2013.
Things," Computer, vol.46, no.4, pp.46,53, April 2013

234

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy