The other security issue is the use of proprietary systems on network-connected equipment. A large portion of data packets from IoT units often appear asanomalous commands by intrusion detection systems (IDS) and intrusion protection systems (IPS) and depending ona system’s configurations, it is possible to ignore these issues. A study carried out by Jing et al. (2014) outlines that certain devices run odd protocols, which an IDS would see but not know how to address it. Previously, administrators would examine that; conclude that maybe it was a machine’s old heating unit and not investigate further, which brings to surfaceanother possible exploit. Coupled with inconsistent commands, IoT devices have long lead times, which mean they cannot be replaced as often as computers or mobile phones (Bertino and Islam 2017). For instance, a typical washing machine orheating system may be replaced after a decade, during which time firmware patches and security updates would have stopped. With invalidated command protocols and out-dated software, these devices leave the IoT with vulnerabilities in its network.Insecure cloud, web, and mobile interfacesare also network concerns faced in the use of IoT platforms. Given that IoT connects people and their devices remotely via the Internet, cloud and mobile data channels are possible attack points in the infrastructure (Medaglia and Serbanati 2010). The cloud is the main storage system for large data gathered from IoT sub-systems and poor authentication controls and unencrypted data transfers can allow third parties to access a user’s device or the underlying data. Besides,
Internet of Things 4lack of account lockout, account enumeration, and exposing credentials in network traffic are lures that draw in attackers to a particular system (Chasaki and Mansour 2015). Similar to the cloud, lack of strong authentication protocols andunencrypted data stations can give an attacker unlimited access to a device as well as the information stored within devices using insecure mobile interface forcommunication (Gan, Lu, and Jiang 2011).The mobile interface also suffers from account enumeration, exposure of credentials on networks, and account lockout, which are security vulnerabilities that could arise in IoT. Roman, Zhou, and Lopez (2013) posit that while web interfaces built into IoT devices enable users to interact with different devices, they can allow attackers to access various devices. Having ineffective default credentials, SQL-injection and cross-site scripting, account enumeration, and session management as well as weak account lockout protocols imply that users’
As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.
Temple University Fox School of Business ‘17, Course Hero Intern
I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.
University of Pennsylvania ‘17, Course Hero Intern
The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.
Tulane University ‘16, Course Hero Intern
Stuck? We have tutors online 24/7 who can help you get unstuck.
Ask Expert Tutors
You can ask
You can ask
You can ask
(will expire )