Abstract
This chapter outlines the main security and privacy issues in IoT and surveys the techniques that were proposed to address them. Some of the discussed techniques prevent security breaches from taking place while others try to detect malicious behavior and trigger an appropriate mitigating countermeasure.
Notes
- 1.
Light-computational applications may also reside in the Fog Domain.
References
D. Willis, A. Dasgupta, S. Banerjee, in Paradrop: A Multi-Tenant Platform for Dynamically Installed Third Party Services on Home Gateways. SIGCOMM workshop on distributed cloud computing. (ACM, 2014)
W. Xu et al., Jamming sensor networks: attack and defense strategies. IEEE Netw. 20(3), 41–47 (2006)
W. Ye, J. Heidemann, D. Estrin, Medium access control with coordinated adaptive sleeping for wireless sensor networks. IEEE/ACM Trans. Netw. 12(3), 493–506 (2004)
T. Van Dam, K. Langendoen, in An Adaptive Energy-Efficient MAC Protocol for Wireless Sensor Networks. Proceedings of the 1st international conference on embedded networked sensor systems. (ACM, 2003)
K.P. Dyer et al, Peek-a-boo, i still see you: Why Efficient Traffic Analysis Countermeasures Fail. IEEE Symposium on Security and Privacy (SP). (IEEE, 2012)
J. Park et al, in An Energy-Efficient Selective Forwarding Attack Detection Scheme Using Lazy Detection in Wireless Sensor Networks. Ubiquitous Information Technologies and Applications. (Springer, Netherlands, 2013), pp. 157–164
L.K. Bysani, A.K. Turuk, in A Survey on Selective Forwarding Attack in Wireless Sensor Networks. IEEE International Conference on Devices and Communications (ICDeCom), 2011
B. Xiao, B. Yu, C. Gao, CHEMAS: identify suspect nodes in selective forwarding attacks. J. Parallel Distrib. Comput. 67(11), 1218–1230 (2007)
P. Thulasiraman, S. Ramasubramanian, M. Krunz, in Disjoint Multipath Routing to Two Distinct Drains in a Multi-Drain Sensor Network. 26th IEEE International Conference on Computer Communications, INFOCOM 2007
H.-M. Sun, C.-M. Chen, Y.-C. Hsiao, in An Efficient Countermeasure to the Selective Forwarding Attack in Wireless Sensor Networks. TENCON 2007–2007 IEEE Region 10 Conference, 2007
A. Grau, Can you trust your fridge? IEEE Spectrum 52(3), 50–56 (2015)
C. Li, A. Raghunathan, N.K. Jha, in Hijacking an Insulin Pump: Security Attacks and Defenses for a Diabetes Therapy System. 13th IEEE International Conference on e-Health Networking Applications and Services (Healthcom), 2011
D. Evans, in The Internet of Things How the Next Evolution of the Internet is Changing Everything. Technical report, CISCO IBSG, April 2011
R. Thomas et al, Hey, you, get off of my cloud: Exploring Information Leakage in Third-Party Compute Clouds. Proceedings of the 16th ACM Conference on Computer and Communications Security. (ACM, 2009)
M. Dabbagh, B. Hamdaoui, M. Guizai, A. Rayes in Release-Time Aware VM Placement. Globecom Workshops (GC Wkshps), 8–12 Dec 2014, pp. 122–126
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes, Toward energy-efficient cloud computing: prediction, consolidation, and overcommitment. IEEE Network 29(2), 56–61 (2015)
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes in Efficient Datacenter Resource Utilization Through Cloud Resource Overcommitment. IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2015, pp. 330–335
R. Boutaba, Q. Zhang, M. Zhani, Virtual Machine Migration in Cloud Computing Environments: Benefits, Challenges, and Approaches, in Communication Infrastructures for Cloud Computing, ed. by H. Mouftah, B. Kantarci (IGI-Global, USA, 2013), pp. 383–408
D. Perez-Botero, A Brief Tutorial on Live Virtual Machine Migration From a Security Perspective (University of Princeton, USA, 2011)
W. Zhang et al, in Performance Degradation-Aware Virtual Machine Live Migration in Virtualized Servers. International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2012
V. Venkatanathan, T. Ristenpart, M. Swift, in Scheduler-Based Defenses Against Cross-VM Side-Channels. Usenix Security. 2014
T. Kim, M. Peinado, G. Mainar-Ruiz in Stealthmem: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud. Proceedings of USENIX Conference on Security Symposium, Security’12. USENIX Association, 2012
H. Raj, R. Nathuji, A. Singh, P. England in Resource Management for Isolation Enhanced Cloud Services. Proceedings of the 2009 ACM Workshop on Cloud Computing Security. (ACM, 2009), pp. 77–84
Y. Zhang. M.K. Reiter, in Duppel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the Cloud. Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security, CCS ’13. (ACM, 2013)
P. Li, D. Gao, M.K. Reiter, in Mitigating Access Driven Timing Channels in Clouds Using Stopwatch. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013, pp. 1–12
R. Martin, J. Demme, S. Sethumadhavan, in Timewarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Sidechannel Attacks. Proceedings of the 39th Annual International Symposium on Computer Architecture, 2012
F. Zhou et al, in Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing. 10th IEEE International Symposium on Network Computing and Applications (NCA), 2011
K. Panagiotis, M. Bora, in Cloud Security Tactics: Virtualization and the VMM. 6th International Conference on Application of Information and Communication Technologies (AICT), IEEE, 2012
F. Zhang et al, in CloudVisor: Retrofitting Protection of Virtual Machines in Multi-Tenant Cloud With Nested Virtualization. Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. (ACM, 2011)
T. Taleb, A. Ksentini, Follow me cloud: interworking federated clouds and distributed mobile networks. IEEE Netw. 2013
E. Damiani et al, in A Reputation-Based Approach for Choosing Reliable Resources in Peer-To-Peer Networks. Proceedings of the 9th ACM Conference on Computer and Communications Security. (ACM, 2002)
W. Itani et al, in Reputation as a Service: A System for Ranking Service Providers in Cloud Systems. Security, Privacy and Trust in Cloud Systems (Springer, Heidelberg, 2014), pp. 375–406
J. Sahoo, M. Subasish, L. Radha, in Virtualization: A Survey on Concepts, Taxonomy and Associated Security Issues. Second International Conference on Computer and Network Technology (ICCNT), 2010
S. Yi, Q. Zhengrui, L. Qun, in Security and Privacy Issues of Fog Computing: A Survey. Wireless Algorithms, Systems, and Applications (Springer International Publishing, 2015), pp. 685–695
E. Oriwoh, J. David, E. Gregory, S. Paul, in Internet of Things Forensics: Challenges and Approaches. 9th International Conference Conference on Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom), (IEEE, 2013), pp. 608–615
Z. Brakerski, V. Vinod, Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput. 43(2), 831–871 (2014)
E. Lauter, in Practical Applications of Homomorphic Encryption. Proceedings of the 2012 ACM Workshop on Cloud Computing Security Workshop. (ACM, 2012)
C. Hennebert, D. Jessye, Security protocols and privacy issues into 6lowpan stack: a synthesis. IEEE Internet of Things J. 1(5), 384–398 (2014)
Daily Tech Blogs On Line: http://www.dailytech.com/Five+Charged+in+Largest+Financial+Hacking+Case+in+US+History/article32050.htm
M. Miller, in Car Hacking’ Just Got Real: In Experiment, Hackers Disable SUV on Busy Highway, the Washington Post, 2015, online: http://www.washingtonpost.com/news/morning-mix/wp/2015/07/22/car-hacking-just-got-real-hackers-disable-suv-on-busy-highway/
“2015 Data Breach Investigation Report”, Verizon Incorporation, 2015
M. Dabbagh et al, Fast dynamic internet mapping. Future Gener. Comput. Syst. 39, 55–66 (2014)
Forrester, Security: The Vital Element of the Internet of Things, 2015, Online: http://www.cisco.com/web/solutions/trends/iot/vital-element.pdf
F. Adib, D. Katabi, in See Through Walls With WiFi!, vol 43 (ACM, 2013)
S. Kumar, S. Gil, D. Katabi, D. Rus, in Accurate Indoor Localization With Zero Start-Up Cost. Proceedings of the 20th Annual International Conference on Mobile Computing and Networking. (ACM, 2014), pp. 483–494
G. Wang, Y. Zou, Z. Zhou, K. Wu, L. Ni, in We Can Hear You With Wi-Fi!. Proceedings of the 20th Annual International Conference on Mobile Computing and Networking. (ACM, 2014), pp. 593–604
Y. Qiao, O. Zhang, W. Zhou, K. Srinivasan, A. Arora, in PhyCloak: Obfuscating Sensing from Communication Signals. Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2016
T. Yu et al, in Handling a Trillion (Unfixable) Flaws on a Billion Devices: Rethinking Network Security for the Internet-of-Things. Proceedings of the 14th ACM Workshop on Hot Topics in Networks, 2015
M. Dabbagh, B. Hamdaoui, M. Guizani, A. Rayes, Software-defined networking security: pros and cons. IEEE Commun. Mag. (2015)
Doctors disabled winless in Dick Cheney’s pacemaker to thwart hacking: Naked Secuirty by Sophos. Oct 22 (2013) https://nakedsecurity.sophos.com/2013/10/22/doctors-disabled-wireless-in-dick-cheneys-pacemaker-to-thwart-hacking/
A. Peterson, Yes, terrorist could have hacked Dick Cheney’s heart. The Washington Post. Oct 21 (2013) https://www.washingtonpost.com/news/the-switch/wp/2013/10/21/yes-terrorists-could-have-hacked-dick-cheneys-heart/
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Dabbagh, M., Rayes, A. (2017). Internet of Things Security and Privacy. In: Internet of Things From Hype to Reality. Springer, Cham. https://doi.org/10.1007/978-3-319-44860-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-44860-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44858-9
Online ISBN: 978-3-319-44860-2
eBook Packages: EngineeringEngineering (R0)