SlideShare uma empresa Scribd logo

Assign 1_8812814ctm.pptx

Transferir como PPTX, PDF
pdevang
pdevang

Assign

Engenharia
1 de 17
Name : Prafful Rajendrasingh Patil Student ID: 8812814 Course: MACH8060 Current Trends in Mechatronics – Section 3 Taught By: Dr. Kimia Ghalkhani I.O.T Security Problems in Device Update Management
What is I.O.T? • I.O.T stands for Internet of things which means, Connectivity of ordinary things with the internet via the use of embedded computing devices that allow them to transmit and receive data. • The term "internet of things" describes the ever-expanding network of interconnected devices that can gather and share data in real-time through an embedded sensor. Thermostats, Automobiles, Lights, Refrigerators, and Many More Appliances can be linked to the Internet of Things.
In addition to their widespread usage in the healthcare industry, IoT devices are also finding widespread adoption in following areas: • Consumer applications: IoT consumer devices include smartphones, smartwatches, and intelligent houses that allow centralized control of functions as varied as temperature and access. • Business applications: IoT devices are used in various business applications, from smart security cameras and asset trackers to sensors that collect data from industrial gear. • Governmental applications: Devices that track animals, monitor traffic congestion, and issue natural calamity warnings are examples of government IoT applications. • There are currently billions of IoT devices in use throughout the globe. Because of how pervasive they have become in our everyday lives, we need to look further into the security concerns that have arisen.
Management strategies for IoT devices • Each IoT device is linked to a central management hub known as a command and control (C&C) facility to do this. Centers are in charge of duties, including device registration and the provisioning and authentication of software, settings, and firmware upgrades that fix bugs and security flaws. • Through an API (Application Program Interface), devices can exchange data with one another. When a device's maker makes its application programming interface available, it may be used by other devices or apps for data collection and interaction. A few APIs even provide command of hardware. By illustration, a building manager may shut the doors to a single office from afar by utilizing an application programming interface.
Security issues in the i.o.t devices • Everyday IoT activities are efficiently handled via C&C centers and APIs. However, due to their centralized structure, they have many easy-to-exploit vulnerabilities, such as: • Due to devices operating on outdated software due to connectivity challenges or the necessity for end-users to manually download updates directly from a C&C center, newly identified security vulnerabilities may quickly access the network. • Weak authentication — When it comes to the Internet of Things (IoT) devices, such as home routers, manufacturers frequently deliver products with readily decipherable passwords that may be left in place by vendors and end-users. When these devices are vulnerable to remote access, they are exploited in large numbers by malicious actors using automated scripts. Man- in-the-middle attacks and code injections such as distributed denial of service attacks are only some of the prevalent attacks that target APIs because of their role as a gateway to a command and control center.
• Exploitable gadgets provide two types of threats: those to the device's users and those to the broader world. • Problems for users: When an Internet of Things (IoT) device is hacked, it may put its users in danger in various ways. • Information Robbery: Massive quantities of data, some of which are specific to each user, are stored in an IoT device. This data includes shopping and browsing histories, financial information, and medical records. An inadequately protected device renders this data susceptible to theft. Additionally, compromised devices may operate as entry points to the rest of the network, making it possible to steal even more sensitive information. • Loss of Physical Condition: Pacemakers, heart monitors, and defibrillators are just a few examples of the Internet of Things devices that have widespread use in the medical field. While these devices have certain benefits for example, doctors may adjust a patient's pacemaker remotely, they pose a security risk. A patient's medical treatment might be jeopardized by hackers if a gadget wasn't adequately protected. It's very unusual, but it's still something to consider when formulating a plan to protect your Internet of Things gadgets.
• Hidden dangers to Others: Insecure internet of things devices may be taken over and utilized as a part of a botnet, a network of infected computers on the internet that can number in the millions and is controlled remotely. • For attackers, identifying unsecured devices is not difficult and may be performed by using freely accessible programs or tools. In this regard, the availability of Shodan, a publicly accessible search engine tailored to identify such devices, is an excellent example. • As IoT devices have become more sophisticated, so have the risks they represent. This has taken the form of various assaults, such as DDoS attacks, spam campaigns, and phishing schemes. The proliferation of poorly secured IoT devices has contributed significantly to the latter's growth in recent years.(How Internet of Things Devices Are Managed, 2009) One notable event that exemplifies this pattern happened in 2016 when the Mirai software was made public, prompting criminals to build enormous IoT botnets and employ them in DDoS attacks. This triggered a previously unseen series of assaults, the most infamous of which knocked down Dyn DNS services and blocked users from accessing websites including Etsy, GitHub, Netflix, Spotify, and Twitter. The virus was a simple script that attempted to scan open remote access ports and gain entry using a small set of widely used login credentials. However, since IoT security mechanisms are so weak, these direct attacks are highly effective.
Challenges to security in the Internet of Things
Weakness in software and firmware • Since many smart devices are restricted in their capacity and resources, ensuring their security is complex work. As a result, they are more vulnerable to attacks than non-IoT devices since they can't execute robust, resource-intensive security mechanisms. The security flaws in many IoT systems may be attributed to the following issues, which are as follows: • Inadequate processing resources prevent the implementation of robust, built-in security. • Lack of resources for testing and enhancing firmware security, which leads to insecure IoT devices, Poor access control in IoT systems. • Due to financial and technical hardware restrictions, IoT devices often go without timely security upgrades and fixes. • Inability to fix bugs due to users not updating their devices. In the future, it's possible that older devices won't be able to get software upgrades. Moreover, in the upcoming days, it's possible that older devices won't be able to get software upgrades. Very little protection from physical harm; an attacker may easily insert a chip or hack the gadget through radio waves if they get near enough.
Insecure communications • However, most current security methods were developed for desktop computers, challenging their implementation on resource-constrained IoT devices. This means that conventional security procedures are inadequate for safeguarding the data exchanged between IoT devices. • A man-in-the-middle assault is a serious concern when there is a lack of communication protection. If your smartphone's update process doesn't employ strong encryption and authentication, it's vulnerable to man-in-the-middle attacks, which allow hackers to take control of your device. Malware may be installed or the device's functionality modified by an attacker. If your device delivers data in cleartext communications, attackers may intercept it even if it doesn't fall victim to attack. • The Internet of Things makes all connected devices vulnerable to assault. For instance, attackers need only compromise a single machine on a home network to access the rest of the network’s unisolated devices.
Data leaks from i.o.t systems • Data leaks are pretty common these days because hackers can easily encrypt data and even private information like where you live, how much money you have in the bank, or your medical history might be at risk. However, there are other ways in which attackers might get sensitive information besides exploiting unsecured communication channels. • The cloud is used for everything from storing data to transmitting it, yet it is also vulnerable to outside threats. This means that the devices and the cloud services they use might potentially leak sensitive information.
Malware risks • When a Mirai assault occurs, it acts as a self-replicating virus. Using the predetermined credentials set by the manufacturer, this virus attacks open systems like IoT. • A large number of devices may be infected with it at once. After gaining access, they exploit the compromised devices to perform a distributed denial-of-service assault. Though police apprehended the perpetrators of the first hacking attempt, the attack code they used was made public. As a result, other hackers still use it to conduct attacks today.
Cyberattacks • Many other types of assaults may be launched against IoT devices, not only malware and MITM attacks like we've already covered. The most prevalent attacks against Internet of Things devices include the following. • DoS Attacks, or ("Denial of Service): IoT devices are especially susceptible to denial-of-service attacks because of their low computing power. When under assault from a denial of service (DoS) attack, a device's capacity to respond to legitimate requests is hindered by the overwhelming volume of malicious data.
• Tricking a device into thinking it's something it's not. Insecure implementation of digital signatures and encryption leaves devices vulnerable to this kind of attack. For instance, hackers may be able to "spoof" a network device and cause disruptions in IoT installations if the public key infrastructure supporting it is inadequate. • Physical Intrusion: It was an actual break in the law. Even though most assaults are carried out remotely, a device may still be compromised if it falls into the wrong hands. Components of devices may be tampered with by attackers to cause them to behave unexpectedly.
• The term "application-based assaults" describes a specific kind of cyber attack. These attacks are feasible because of security flaws in device firmware or software used in embedded devices and in cloud servers or backend applications. • Device Spoofing: Tricking a device into thinking it's something it's not. Insecure implementation of digital signatures and encryption leaves devices vulnerable to this attack. For instance, hackers may be able to "spoof" a network device and cause disruptions in IoT installations if the critical public infrastructure (PKI) supporting it is inadequate.
I.O.T Securities Issues
References • User, S. (2022, February 17). Internet of Things (IoT) Security: Challenges and Best Practices. Apriorit. (https://www.apriorit.com/dev-blog/513-iot-security) • Avital, N., S.L., Lynch, B., Lynch, B., Lynch, B., Lynch, B., Hasson, E., Hewitt, N., & Johnston, D. (2019, December 29). What is Internet of Things Security | IoT Device Management | Imperva. Learning Center. (https://www.imperva.com/learn/application-security/iot-internet-of-things- security/) • User, S. (2022b, February 17). Internet of Things (IoT) Security: Challenges and Best Practices. Apriorit. (https://www.apriorit.com/dev-blog/513-iot-security) • Internet of things IoT security issues. (2016, February 7). YouTube. (https://www.youtube.com/watch?v=u1ymmRQ_p3k)

Recomendados

The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
IJCSIS Research Publications
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
ezzAyman1
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
Ahmed Banafa
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
online Marketing
 
sample assignment
sample assignmentsample assignment
sample assignment
#essaywriting
 
assignment help experts
assignment help expertsassignment help experts
assignment help experts
#essaywriting
 
IoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintIoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital Footprint
SurfWatch Labs
 
IoT Device Security: Best Practices for Enhanced Protection
IoT Device Security: Best Practices for Enhanced ProtectionIoT Device Security: Best Practices for Enhanced Protection
IoT Device Security: Best Practices for Enhanced Protection
Syscraft Information System Pvt. Ltd.
 

Recomendados

The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
IJCSIS Research Publications
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
ezzAyman1
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
Ahmed Banafa
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
online Marketing
 
sample assignment
sample assignmentsample assignment
sample assignment
#essaywriting
 
assignment help experts
assignment help expertsassignment help experts
assignment help experts
#essaywriting
 
IoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintIoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital Footprint
SurfWatch Labs
 
IoT Device Security: Best Practices for Enhanced Protection
IoT Device Security: Best Practices for Enhanced ProtectionIoT Device Security: Best Practices for Enhanced Protection
IoT Device Security: Best Practices for Enhanced Protection
Syscraft Information System Pvt. Ltd.
 
IoT security
IoT securityIoT security
IoT security
YashKesharwani2
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptx
TurboAnchor
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdf
RahimMakhani2
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
KARANSINGHD
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
tjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
lmelaine
 
IoT Security.pdf
IoT Security.pdfIoT Security.pdf
IoT Security.pdf
SudhanshiBakre1
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsChristopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
Chapter-5.pptx
Chapter-5.pptxChapter-5.pptx
Chapter-5.pptx
Renu875977
 
Strengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdfStrengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdf
SeasiaInfotech2
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
SecPod Technologies
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
vrickens
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
IRJET Journal
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
IRJET Journal
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
SKS
 
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptxDomain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Infosectrain3
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
AkshayKhade21
 
Cybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - SkillmineCybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - Skillmine
Skillmine Technology Consulting
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 

Mais conteúdo relacionado

Semelhante a Assign 1_8812814ctm.pptx

Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
tjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
lmelaine
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
vrickens
 

Semelhante a Assign 1_8812814ctm.pptx (20)

IoT security
IoT securityIoT security
IoT security
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptx
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdf
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
IoT Security.pdf
IoT Security.pdfIoT Security.pdf
IoT Security.pdf
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsChristopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
 
Chapter-5.pptx
Chapter-5.pptxChapter-5.pptx
Chapter-5.pptx
 
Strengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdfStrengthening IoT Security Against Cyber Threats.pdf
Strengthening IoT Security Against Cyber Threats.pdf
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptxDomain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - SkillmineCybersecurity in the Age of IoT - Skillmine
Cybersecurity in the Age of IoT - Skillmine
 

Último

VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
tanu pandey
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
ranjana rawat
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Christo Ananth
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
ranjana rawat
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 

Último (20)

VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 

Assign 1_8812814ctm.pptx

  • 1. Name : Prafful Rajendrasingh Patil Student ID: 8812814 Course: MACH8060 Current Trends in Mechatronics – Section 3 Taught By: Dr. Kimia Ghalkhani I.O.T Security Problems in Device Update Management
  • 2. What is I.O.T? • I.O.T stands for Internet of things which means, Connectivity of ordinary things with the internet via the use of embedded computing devices that allow them to transmit and receive data. • The term "internet of things" describes the ever-expanding network of interconnected devices that can gather and share data in real-time through an embedded sensor. Thermostats, Automobiles, Lights, Refrigerators, and Many More Appliances can be linked to the Internet of Things.
  • 3. In addition to their widespread usage in the healthcare industry, IoT devices are also finding widespread adoption in following areas: • Consumer applications: IoT consumer devices include smartphones, smartwatches, and intelligent houses that allow centralized control of functions as varied as temperature and access. • Business applications: IoT devices are used in various business applications, from smart security cameras and asset trackers to sensors that collect data from industrial gear. • Governmental applications: Devices that track animals, monitor traffic congestion, and issue natural calamity warnings are examples of government IoT applications. • There are currently billions of IoT devices in use throughout the globe. Because of how pervasive they have become in our everyday lives, we need to look further into the security concerns that have arisen.
  • 4. Management strategies for IoT devices • Each IoT device is linked to a central management hub known as a command and control (C&C) facility to do this. Centers are in charge of duties, including device registration and the provisioning and authentication of software, settings, and firmware upgrades that fix bugs and security flaws. • Through an API (Application Program Interface), devices can exchange data with one another. When a device's maker makes its application programming interface available, it may be used by other devices or apps for data collection and interaction. A few APIs even provide command of hardware. By illustration, a building manager may shut the doors to a single office from afar by utilizing an application programming interface.
  • 5. Security issues in the i.o.t devices • Everyday IoT activities are efficiently handled via C&C centers and APIs. However, due to their centralized structure, they have many easy-to-exploit vulnerabilities, such as: • Due to devices operating on outdated software due to connectivity challenges or the necessity for end-users to manually download updates directly from a C&C center, newly identified security vulnerabilities may quickly access the network. • Weak authentication — When it comes to the Internet of Things (IoT) devices, such as home routers, manufacturers frequently deliver products with readily decipherable passwords that may be left in place by vendors and end-users. When these devices are vulnerable to remote access, they are exploited in large numbers by malicious actors using automated scripts. Man- in-the-middle attacks and code injections such as distributed denial of service attacks are only some of the prevalent attacks that target APIs because of their role as a gateway to a command and control center.
  • 6. • Exploitable gadgets provide two types of threats: those to the device's users and those to the broader world. • Problems for users: When an Internet of Things (IoT) device is hacked, it may put its users in danger in various ways. • Information Robbery: Massive quantities of data, some of which are specific to each user, are stored in an IoT device. This data includes shopping and browsing histories, financial information, and medical records. An inadequately protected device renders this data susceptible to theft. Additionally, compromised devices may operate as entry points to the rest of the network, making it possible to steal even more sensitive information. • Loss of Physical Condition: Pacemakers, heart monitors, and defibrillators are just a few examples of the Internet of Things devices that have widespread use in the medical field. While these devices have certain benefits for example, doctors may adjust a patient's pacemaker remotely, they pose a security risk. A patient's medical treatment might be jeopardized by hackers if a gadget wasn't adequately protected. It's very unusual, but it's still something to consider when formulating a plan to protect your Internet of Things gadgets.
  • 7. • Hidden dangers to Others: Insecure internet of things devices may be taken over and utilized as a part of a botnet, a network of infected computers on the internet that can number in the millions and is controlled remotely. • For attackers, identifying unsecured devices is not difficult and may be performed by using freely accessible programs or tools. In this regard, the availability of Shodan, a publicly accessible search engine tailored to identify such devices, is an excellent example. • As IoT devices have become more sophisticated, so have the risks they represent. This has taken the form of various assaults, such as DDoS attacks, spam campaigns, and phishing schemes. The proliferation of poorly secured IoT devices has contributed significantly to the latter's growth in recent years.(How Internet of Things Devices Are Managed, 2009) One notable event that exemplifies this pattern happened in 2016 when the Mirai software was made public, prompting criminals to build enormous IoT botnets and employ them in DDoS attacks. This triggered a previously unseen series of assaults, the most infamous of which knocked down Dyn DNS services and blocked users from accessing websites including Etsy, GitHub, Netflix, Spotify, and Twitter. The virus was a simple script that attempted to scan open remote access ports and gain entry using a small set of widely used login credentials. However, since IoT security mechanisms are so weak, these direct attacks are highly effective.
  • 8. Challenges to security in the Internet of Things
  • 9. Weakness in software and firmware • Since many smart devices are restricted in their capacity and resources, ensuring their security is complex work. As a result, they are more vulnerable to attacks than non-IoT devices since they can't execute robust, resource-intensive security mechanisms. The security flaws in many IoT systems may be attributed to the following issues, which are as follows: • Inadequate processing resources prevent the implementation of robust, built-in security. • Lack of resources for testing and enhancing firmware security, which leads to insecure IoT devices, Poor access control in IoT systems. • Due to financial and technical hardware restrictions, IoT devices often go without timely security upgrades and fixes. • Inability to fix bugs due to users not updating their devices. In the future, it's possible that older devices won't be able to get software upgrades. Moreover, in the upcoming days, it's possible that older devices won't be able to get software upgrades. Very little protection from physical harm; an attacker may easily insert a chip or hack the gadget through radio waves if they get near enough.
  • 10. Insecure communications • However, most current security methods were developed for desktop computers, challenging their implementation on resource-constrained IoT devices. This means that conventional security procedures are inadequate for safeguarding the data exchanged between IoT devices. • A man-in-the-middle assault is a serious concern when there is a lack of communication protection. If your smartphone's update process doesn't employ strong encryption and authentication, it's vulnerable to man-in-the-middle attacks, which allow hackers to take control of your device. Malware may be installed or the device's functionality modified by an attacker. If your device delivers data in cleartext communications, attackers may intercept it even if it doesn't fall victim to attack. • The Internet of Things makes all connected devices vulnerable to assault. For instance, attackers need only compromise a single machine on a home network to access the rest of the network’s unisolated devices.
  • 11. Data leaks from i.o.t systems • Data leaks are pretty common these days because hackers can easily encrypt data and even private information like where you live, how much money you have in the bank, or your medical history might be at risk. However, there are other ways in which attackers might get sensitive information besides exploiting unsecured communication channels. • The cloud is used for everything from storing data to transmitting it, yet it is also vulnerable to outside threats. This means that the devices and the cloud services they use might potentially leak sensitive information.
  • 12. Malware risks • When a Mirai assault occurs, it acts as a self-replicating virus. Using the predetermined credentials set by the manufacturer, this virus attacks open systems like IoT. • A large number of devices may be infected with it at once. After gaining access, they exploit the compromised devices to perform a distributed denial-of-service assault. Though police apprehended the perpetrators of the first hacking attempt, the attack code they used was made public. As a result, other hackers still use it to conduct attacks today.
  • 13. Cyberattacks • Many other types of assaults may be launched against IoT devices, not only malware and MITM attacks like we've already covered. The most prevalent attacks against Internet of Things devices include the following. • DoS Attacks, or ("Denial of Service): IoT devices are especially susceptible to denial-of-service attacks because of their low computing power. When under assault from a denial of service (DoS) attack, a device's capacity to respond to legitimate requests is hindered by the overwhelming volume of malicious data.
  • 14. • Tricking a device into thinking it's something it's not. Insecure implementation of digital signatures and encryption leaves devices vulnerable to this kind of attack. For instance, hackers may be able to "spoof" a network device and cause disruptions in IoT installations if the public key infrastructure supporting it is inadequate. • Physical Intrusion: It was an actual break in the law. Even though most assaults are carried out remotely, a device may still be compromised if it falls into the wrong hands. Components of devices may be tampered with by attackers to cause them to behave unexpectedly.
  • 15. • The term "application-based assaults" describes a specific kind of cyber attack. These attacks are feasible because of security flaws in device firmware or software used in embedded devices and in cloud servers or backend applications. • Device Spoofing: Tricking a device into thinking it's something it's not. Insecure implementation of digital signatures and encryption leaves devices vulnerable to this attack. For instance, hackers may be able to "spoof" a network device and cause disruptions in IoT installations if the critical public infrastructure (PKI) supporting it is inadequate.
  • 17. References • User, S. (2022, February 17). Internet of Things (IoT) Security: Challenges and Best Practices. Apriorit. (https://www.apriorit.com/dev-blog/513-iot-security) • Avital, N., S.L., Lynch, B., Lynch, B., Lynch, B., Lynch, B., Hasson, E., Hewitt, N., & Johnston, D. (2019, December 29). What is Internet of Things Security | IoT Device Management | Imperva. Learning Center. (https://www.imperva.com/learn/application-security/iot-internet-of-things- security/) • User, S. (2022b, February 17). Internet of Things (IoT) Security: Challenges and Best Practices. Apriorit. (https://www.apriorit.com/dev-blog/513-iot-security) • Internet of things IoT security issues. (2016, February 7). YouTube. (https://www.youtube.com/watch?v=u1ymmRQ_p3k)