The other security issue is the use of proprietary systems on network connected

The other security issue is the use of proprietary

This preview shows page 3 - 5 out of 7 pages.

The other security issue is the use of proprietary systems on network-connected equipment. A large portion of data packets from IoT units often appear as anomalous commands by intrusion detection systems (IDS) and intrusion protection systems (IPS) and depending on a system’s configurations, it is possible to ignore these issues. A study carried out by Jing et al. (2014) outlines that certain devices run odd protocols, which an IDS would see but not know how to address it. Previously, administrators would examine that; conclude that maybe it was a machine’s old heating unit and not investigate further, which brings to surface another possible exploit. Coupled with inconsistent commands, IoT devices have long lead times, which mean they cannot be replaced as often as computers or mobile phones ( Bertino and Islam 2017). For instance, a typical washing machine or heating system may be replaced after a decade, during which time firmware patches and security updates would have stopped. With invalidated command protocols and out-dated software, these devices leave the IoT with vulnerabilities in its network. Insecure cloud, web, and mobile interfaces are also network concerns faced in the use of IoT platforms. Given that IoT connects people and their devices remotely via the Internet, cloud and mobile data channels are possible attack points in the infrastructure ( Medaglia and Serbanati 2010). The cloud is the main storage system for large data gathered from IoT sub-systems and poor authentication controls and unencrypted data transfers can allow third parties to access a user’s device or the underlying data. Besides,
Image of page 3
Internet of Things 4 lack of account lockout, account enumeration, and exposing credentials in network traffic are lures that draw in attackers to a particular system ( Chasaki and Mansour 2015). Similar to the cloud, lack of strong authentication protocols and unencrypted data stations can give an attacker unlimited access to a device as well as the information stored within devices using insecure mobile interface for communication ( Gan, Lu, and Jiang 2011). The mobile interface also suffers from account enumeration, exposure of credentials on networks, and account lockout, which are security vulnerabilities that could arise in IoT. Roman, Zhou, and Lopez (2013) posit that while web interfaces built into IoT devices enable users to interact with different devices, they can allow attackers to access various devices. Having ineffective default credentials, SQL-injection and cross-site scripting, account enumeration, and session management as well as weak account lockout protocols imply that users’
Image of page 4
Image of page 5

You've reached the end of your free preview.

Want to read all 7 pages?

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes
A+ icon
Ask Expert Tutors