Beruflich Dokumente
Kultur Dokumente
Internet of Things
Devamekalai Nagasundaram
National Advanced IPv6 center
University Sains Malaysia
mekalai.deva@gmail.com
Abstract - The vast increase in the IoT technology have
opened a new channel for attackers to attack IoT devices. Despite
various empirical research studies carried out on vulnerabilities
of IoT devices, there are no meta-analysis research have been
done. Therefore, the purpose of this study is to perform metaanalysis study on security vulnerabilities in IoT. The metaanalysis study method was performed on 7 related articles
collected from research paper databases. The findings of this
study reveals that Less significant Privacy concern on data,
Insecure Software and Firmware, Insufficient Authentication
and authorization and Insecure web Interface as main
vulnerabilities. The paper also discussed on the suggestion to
solve this issue and future studies that need to be done in this
area.
KeywordsIoT; Vulnerabilities; security
I. INTRODUCTION
IoT is becoming vast growing technology in both social and
business networking. The perception of IoT is many-folded at
the present time, it includes numerous different expertise,
services, technologies and standards. [1] IoT is seeming to be
the peak of attention of the computing market. From a rational
view, IoT can be defined as group of sensors or smart devices
working together to complete a common task. In a
technological view, IoT can be said as deployments of several
processing power and communication protocols, which work
collaborative basis by transferring data to each other via
connected environment. For example, IoT devices now can
been seen as the wired and interconnected devices available in
the home such as refrigerator and smart watch. Although these
devices make persons life easier, but they also have provided
new platform for hackers to get in. [2]
IoT devices said to be more important in persons life
compared to mobile devices nowadays. IoT devices also can be
considered to have more personal data info such as banking
details and private datas which need high security protection.
These leads to higher security concerns on the connected
devices. The increase in the number of connected device also
multiply the number of security concern [2]. It is very
important to understand the security risk and the vulnerabilities
II. VULNERABILITIES
In computer security, a vulnerability is a weakness which
permits an invader to decrease a system's data assurance.
Vulnerability can allows attackers to access unauthorized data,
run commands or conduct denial of service attack [3].
Vulnerability is the connection of three elements, which is a
systems defenselessness or flaw, invader access to the flaw,
and invader capability to identify and make use of the flaw.
Vulnerability can be found in variety of areas in the IoT
systems. In particular, they can be weaknesses in system
hardware or software, weaknesses in policies and procedures
used in the systems and weaknesses of the system users
themselves [4]. IoT applications are based on two main
constituents; system hardware and system software, and both
have design flaws pretty often. Hardware vulnerabilities are
harder to detect at the same time it is difficult to fix even if the
vulnerability were identified due to hardware compatibility and
interoperability. Software vulnerabilities can be found in
operating systems, application software, and control software
like communication protocols and devices drivers [5]. There
are a number of factors that lead to software design flaws,
including human factors and software complexity. Technical
vulnerabilities usually happen due to human weaknesses.
Results of not understanding the requirements comprise
starting the project without a plan, poor communication
between developers and users, a lack of resources, skills, and
knowledge, and failing to manage and control the system
[4].There are few vulnerabilities in IoT devices which leads to
security risk.
A. Less significant Privacy concern on data
Huge number of IoT devices collecting trillions of data per
second through network. These data are inclusive of personal
details such as name, address, credit card details, and health
III. SUGGESTION
The main stream of IoT devices and systems are visible to
common vulnerabilities as discussed earlier, like developers
and users mistakes. Taking simple steps to avoid such
vulnerabilities and dealing with system threats is not adequate;
thus, guaranteeing a smooth policy implementation process
braced by robust measures is necessary.
The security development process involves detailed
understanding of a systems properties, followed by
categorizing different vulnerabilities and threats that can exist.
It is compulsory to find what the system properties are and
what the properties should be endangered against. Some
common, IoT properties include system hardware, software,
IV. CONCLUSION
IoT devices and systems together faces a number of
vulnerabilities that must be recognized for protective action to
be taken. In this paper, security vulnerabilities and suggestion
to solve it were introduced. The overall goal was to identify
and document potential vulnerabilities faced by the IoT.
An overview of the most important IoT security
vulnerabilities was provided, with particular focus on security
challenges surrounding IoT devices and services.
It was concluded that plentiful work remains to be done in
the area of IoT security, by both developers and end-users. It
is significant for forthcoming standards to report the
deficiencies of current IoT security mechanisms. As future
work, the objective is to gain deeper understanding of the
threats facing IoT infrastructure as well as identify the
likelihood and consequences of threats against IoT.
Reference
[1]
[2]
[3]
[4]
[5]
[6]