IoT Security: Ongoing Challenges and Research Opportunities

The Internet of Things (IoT) opens opportunities for wearable devices, home appliances, and software to share and communicate information on the Internet. Given that the shared data contains a large amount of private information, preserving information security on the shared data is an important issue that cannot be neglected. In this paper, we begin with general information security background of IoT and continue on with information security related challenges that IoT will encountered. Finally, we will also point out research directions that could be the future work for the solutions to the security challenges that IoT encounters.

[1]  Xu Xiaohui,et al.  Study on Security Problems and Key Technologies of the Internet of Things , 2013, 2013 International Conference on Computational and Information Sciences.

[2]  Towards a definition of the Internet of Things ( IoT ) , 2015 .

[3]  Somesh Jha,et al.  FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution , 2013, USENIX Security Symposium.

[4]  Salvatore J. Stolfo,et al.  Reflections on the engineering and operation of a large-scale embedded device vulnerability scanner , 2011, BADGERS '11.

[5]  Lixia Zhang,et al.  Securing building management systems using named data networking , 2014, IEEE Network.

[6]  Amardeo Sarma,et al.  Identities in the Future Internet of Things , 2009, Wirel. Pers. Commun..

[7]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[8]  Christoph Schroth,et al.  The Internet of Things in an Enterprise Context , 2009, FIS.

[9]  Luca Bruno,et al.  AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares , 2014, NDSS.

[10]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[11]  Patrick Crowley,et al.  Named data networking , 2014, CCRV.

[12]  Laurence T. Yang,et al.  Cyberentity Security in the Internet of Things , 2013, Computer.

[13]  Dawn Xiaodong Song,et al.  Contextual Policy Enforcement in Android Applications with Permission Event Graphs , 2013, NDSS.

[14]  Mauro Conti,et al.  CRePE: Context-Related Policy Enforcement for Android , 2010, ISC.

[15]  Damith C. Ranasinghe,et al.  Networked RFID Systems and Lightweight Cryptography , 2008 .

[16]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[17]  Aurélien Francillon,et al.  A Large-Scale Analysis of the Security of Embedded Firmwares , 2014, USENIX Security Symposium.

[18]  Yuan Zhang,et al.  AppIntent: analyzing sensitive data transmission in android for privacy leakage detection , 2013, CCS.