The Internet of things (IoT) is the network of devices, vehicles, and home appliances that contain electronics, software, actuators, and connectivity which allows these things to connect, interact and exchange data.
IoT involves extending Internet connectivity beyond standard devices, such as desktops, laptops, smartphones and tablets, to any range of traditionally dumb or non-internet-enabled physical devices and everyday objects.
Embedded with technology, these devices can communicate and interact over the Internet, and they can be remotely monitored and controlled.
- Sensors
- Device
- Gateway
- Cloud
- Perception Layer : sensors that gather information about the environment (heat sensor)
- Transport Layer : transfer the sensor data through network (Wi-Fi, Bluetooth, ...)
- Processing Layer : stores, processes, analyses data (cloud computing, big data, ...)
- Application Layer : delivering application specific services to the user
- Business Layer : manage the whole IoT system (business and profit model, user's privacy)
- IoT uses IPv6 due to the limited number of IPv4 addresses
- Bluetooth Low Energy (BLE)
- Wi-FI
- Radio-Frequency Identification (RFID)
- Light-Fidelity (Li-Fi): similar to Wi-Fi, but using visible light for communication
- Near-Field Communication (NFC)
- LTE-Advanced : formally submitted as a candidate 4G, often being described as 3.9G (beyond 3G but pre-4G)
- Wi-Fi HaLow : uses 900MHz to provide extended range, lower energy consumption
- Low-Power Wild-Area Network (LPWAN) : designed to allow long range communication at a low bit rate among things
- Very Small Aperture Terminal (VSAT) : satellite communication technology uses small dish antennas
- Cellular
- Ethernet
- Power-Line Communication (PLC) : using electrical wiring to carry power and data
- Linux on embedded systems
- Windows IoT
- The devices communicating with each other without interfering any other device
- Using communication medium such as a wireless network
- The IoT device directly communicating with the application server
- The application server provide information exchange between these devices
- Gateway collects the data from the sensors, then send it to the application server
- Gateway provides security or information and protocol translation
- Used a collective partnership between different application providers
- Access granted to the uploaded data to third-parties
- An extended Device-To-Cloud model
- Lack of security
- Vulnerable interfaces
- Physical security risk
- Lack of vendor support
- Difficult ot update firmware and OS
- Interoperability issues
- Insecure web interface
- Insufficient authentication / authorization
- Insecure network services
- Lack of transport encryption / integrity verification
- Privacy concerns
- Insecure cloud interface
- Insecure mobile interface
- Insufficient security configurability
- Insecure software / hardware
- Poor physical security
- Device memory containing credentials
- Access control
- Firmware extraction
- Privilege escalation
- Resetting to an insecure state
- Removal of storage media
- Web attacks
- Firmware attack
- Network service attacks
- Unencrypted local data storage
- Confidentiality and integrity issues
- Cloud computing attacks
- Malicious updates
- Insecure APIs
- Mobile application threats
- DoS / DDoS
- Rolling Code Attack: attacker capture signal from transmitter device, simultaneously blocking the receiver to receive the signal, later it will used to gain unauthorized access (steal car with captured signal)
- BlueBorn Attack: using different exploits to gain unauthorized access to the target device
- Jamming Attack: jamming the signal to prevent the communication of devices
- Backdoor (not just IoT related)
- Eavesdropping
- Sybil attack
- Exploit kits
- Man-in-the-middle attack
- Replay attack
- Forged malicious devices
- Side channel attack
- Ransomware attack
- IP address
- Running protocols
- Open ports
- Type of device
- Vendor
- shodan is a helpful search engine for IoT
- Scanning the network and devices to find vulnerabilities
- Search for weak password
- Software and firmware vulnerabilities
- Tools: nmap, hping, ...
- Exploiting vulnerabilities
- Tools: HackRF
- Gain unauthorized access
- Privilege escalation
- Install backdoor
- Logging out
- Clearing logs
- Covering tracks
- Firmware update
- Block unnecessary ports
- Disable telnet
- Use encrypted communication (SSL/TLS)
- Use strong password
- Encrypt drives
- Periodic assessment of devices
- Secure password recovery
- Two-Factor Authentication
- Disable UPnP