Internet of Things and Security challenges

1. Prof. Anastasios A. Economides University of Macedonia, Thessaloniki, Greece economid@uom.gr http://conta.uom.gr Internet of Things (IoT) & Security Challenges

2. • IoT Definitions • Forecasting, Market & Economics • Applications • Technology • Research Challenges • Security Challenges • Wireless Sensor Network Security • Attacks & Defense • Security Visualization • Conclusions Presentation Outline IN3-UOC 2014 seminar by Prof. A.A. Economides 2

3. IN3-UOC 2014 seminar by Prof. A.A. Economides 3

4. IoT Definitions 4IN3-UOC 2014 seminar by Prof. A.A. Economides • IoT will connect objects around us to provide seamless communication and contextual services provided by them. IETF • IoT enables the objects in our environment to become active participants, i.e., – they share information with other members of the network or with any other stakeholder, – they are capable of recognizing events and changes in their surroundings and of acting and reacting autonomously in an appropriate manner. IERC (Internet of Things Research in Europe Cluster) “Worldwide ICT infrastructure that enables ubiquitous services among interacting humans, machines, data and applications” A.A. Economides

5. IoT Driving Forces IN3-UOC 2014 seminar by Prof. A.A. Economides 5

7. IoT Forecast 7IN3-UOC 2014 seminar by Prof. A.A. Economides Cisco: 25 billion devices connected to the Internet by 2015 and 50 billion by 2020. IDC: 30 billion devices will be communicating over the network by 2020. ABI Research: There are more than 10 billion wirelessly connected devices in the market today; with over 30 billion devices by 2020. Gartner: 26 billion units installed by 2020. Ericsson: 50 billion connected devices by 2020.

9. IoT Economic Impact, 1 9IN3-UOC 2014 seminar by Prof. A.A. Economides Harbor Research: Service Revenues for the IoT will reach $500 Billion by 2018, dwarfing the $33 Billion in revenue expected from devices in 2018. McKinsey Global Institute: the potential economic impact of IoT will be $2.7 trillion to $6.2 trillion per year by 2025. Across the healthcare applications, IoT technology could have an economic impact of $1.1 trillion to $2.5 trillion per year by 2025. GSMA & Machina Research: A $ 4.5 trillion global impact in 2020. The global business impact of the IoT can be split into two broad categories: ‘revenues’ ($2.5 trillion) and ‘cost reduction’ ($1 trillion) and ‘service improvements’ ($1 trillion).

10. IoT Economic Impact, 2 10IN3-UOC 2014 seminar by Prof. A.A. Economides Cisco: The IoE Value at Stake will be $19 trillion for companies and industries worldwide in the next decade (2013 – 2022). IDC: The market will increase 133% to $3.04 trillion by 2020. Gartner: IoT product and service suppliers will generate incremental revenue exceeding $300 billion, mostly in services, in 2020. It will result in $1.9 trillion in global economic value-add through sales into diverse end markets. The verticals that are leading its adoption are manufacturing (15 percent), healthcare (15 percent) and insurance (11 percent).

11. 75% of companies from across industries are already exploring the IoT. 15 % of organizations across the globe already have an IoT solution in place. 53 % plan to implement one within the next 24 months, and another 14 % in the next two to five years. 21 % of transportation and logistics companies already have IoT solutions in place. (Zebra Technologies / Forrester Consulting). IoT deployment IN3-UOC 2014 seminar by Prof. A.A. Economides 11

12. 12IN3-UOC 2014 seminar by Prof. A.A. Economides

13. Cisco predicts that IoT will cause IP traffic to reach 1.6 zettabytes by 2018 (300% increase compared to 2013). By 2018, 57% of IP traffic will come from devices other than PCs. Wi-Fi will generate 49% of IP traffic, other mobile-connected devices will generate 12% of it. Cisco will invest $1 billion to build the world's largest Intercloud network to tackle the IoT. Cisco to build a network 13IN3-UOC 2014 seminar by Prof. A.A. Economides

14. APPLICATIONS IN3-UOC 2014 seminar by Prof. A.A. Economides 14

15. • Personal Health, • Personal Devices (e.g. glass, watch, mobile), • Clothes, • Personal Exercise, • Infant/ Elderly/Patient Monitoring, • Special needs persons Assistance, • Hospitals, Health Retreat, • Pharmaceuticals, • Emergency, • Recreational activities, • etc. Smart Healthcare & Wellbeing IN3-UOC 2014 seminar by Prof. A.A. Economides 15

16. Fall Detection Assistance for elderly or disabled people living independent. Medical Fridges Control of conditions inside freezers storing vaccines, medicines and organic elements. Sportsmen Care Vital signs monitoring in high performance centers and fields. Patients Surveillance Monitoring of conditions of patients inside hospitals and in old people's home. Ultraviolet Radiation Measurement of UV sun rays to warn people not to be exposed in certain hours. eHealth 16IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

17. • Home equipment/appliances Control, • Safety Detectors (e.g. smoke, gas, motion), • Security, Surveillance, • Environment (e.g. heat, air, light), • Entertainment, • etc. Smart Home IN3-UOC 2014 seminar by Prof. A.A. Economides 17

18. Energy and Water Use Energy and water supply consumption monitoring to obtain advice on how to save cost and resources. Remote Control Appliances Switching on and off remotely appliances to avoid accidents and save energy. Intrusion Detection Systems Detection of windows and doors openings and violations to prevent intruders. Art and Goods Preservation Monitoring of conditions inside museums and art warehouses. Domotic & Home Automation 18IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

19. • Energy & Lighting, • Security, Surveillance, • Emergency (e.g. fire, gas), • Metering, • Offices, • Hotels, • etc. Smart Building IN3-UOC 2014 seminar by Prof. A.A. Economides 19

21. • Monitoring, Fault Detection, • Metering, • Electricity, • Waste Management, • Water, • Gas, • Tolls, • Bridges, etc. Smart Utilities IN3-UOC 2014 seminar by Prof. A.A. Economides 21 http://www.alcatel-lucent.com/

22. Smart Grid Energy consumption monitoring and management. Tank level Monitoring of water, oil and gas levels in storage tanks and cisterns. Photovoltaic Installations Monitoring and optimization of performance in solar energy plants. Water Flow Measurement of water pressure in water transportation systems. Silos Stock Calculation Measurement of emptiness level and weight of the goods. Smart Metering 22IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

23. Potable water monitoring Monitor the quality of tap water in cities. Chemical leakage detection in rivers Detect leakages and wastes of factories in rivers. Swimming pool remote measurement Control remotely the swimming pool conditions. Pollution levels in the sea Control real time leakages and wastes in the sea. Water Leakages Detection of liquid presence outside tanks and pressure variations along pipes. River Floods Monitoring of water level variations in rivers, dams and reservoirs. Smart Water 23IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

24. • E-Government, • Security, Surveillance, • Emergency (e.g. fire, flood, tsunami), • Energy Management (e.g. lighting), • Air & Water Quality Monitoring, • Traffic Control, Parking, • Transportation (e.g. cars, buses, metro, trams,…), • Tourism, • Culture, Arts, • Education, etc. Smart City/ Community IN3-UOC 2014 seminar by Prof. A.A. Economides 24 http://www.alcatel-lucent.com/

25. Smart Parking Monitoring of parking spaces availability in the city. Structural health Monitoring of vibrations and material conditions in buildings, bridges and historical monuments. Noise Urban Maps Sound monitoring in bar areas and centric zones in real time. Smartphone Detection Detect iPhone and Android devices and in general any device which works with WiFi or Bluetooth interfaces. Eletromagnetic Field Levels Measurement of the energy radiated by cell stations and and WiFi routers. Traffic Congestion Monitoring of vehicles and pedestrian levels to optimize driving and walking routes. Smart Lighting Intelligent and weather adaptive lighting in street lights. Waste Management Detection of rubbish levels in containers to optimize the trash collection routes. Smart Cities 25IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

26. There are sensors everywhere: monitoring traffic, parking spaces, street lights, air pollution, meteorological conditions, the humidity of green spaces in parks, the trash bins etc. Street lights in Born are shut down automatically if they don’t detect any activity nearby. They also gathers environmental information, humidity, temperature, pollution, and noise. It is expected to have 3,360 lights on 160 streets by 2015. The trash cans alert sanitation workers monitoring on a tablet that they need to be emptied. The irrigation systems in Pobleneau Central Park monitor the moisture in the soil and turning on pop-up sprinklers. Parks department employees can also access meteorological data and rain gauges and adjust the quantity of water used. Barcelona Smart City 26IN3-UOC 2014 seminar by Prof. A.A. Economides

27. • 83 projects across 12 areas • 47,000 jobs created • Smart Water: $58 million savings • Smart Parking: $53 million revenue • Smart Lighting: $47 million savings • Smart Buildings: $124 million savings www.cisco.com Barcelona Smart City economics 27IN3-UOC 2014 seminar by Prof. A.A. Economides

28. Perimeter Access Control Access control to restricted areas and detection of people in non- authorized areas. Liquid Presence Liquid detection in data centers, warehouses and sensitive building grounds to prevent break downs and corrosion. Radiation Levels Distributed measurement of radiation levels in nuclear power stations surroundings to generate leakage alerts. Explosive and Hazardous Gases Detection of gas levels and leakages in industrial environments, surroundings of chemical factories and inside mines. Security & Emergencies 28IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

29. • Farming, Agriculture, Livestock, • Water, • Pollution, • Weather, • Nature, etc. Smart Environment IN3-UOC 2014 seminar by Prof. A.A. Economides 29

30. Forest Fire Detection Monitoring of combustion gases and preemptive fire conditions to define alert zones. Air Pollution Control of CO2 emissions of factories, pollution emitted by cars and toxic gases generated in farms. Snow Level Monitoring Snow level measurement to know in real time the quality of ski tracks and allow security corps avalanche prevention. Landslide and Avalanche Prevention Monitoring of soil moisture, vibrations and earth density to detect dangerous patterns in land conditions. Earthquake Early Detection Distributed control in specific places of tremors. Smart Environment 30IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

31. Wine Quality Enhancing Monitoring soil moisture and trunk diameter in vineyards to control the amount of sugar in grapes and grapevine health. Green Houses Control micro-climate conditions to maximize the production of fruits and vegetables and its quality. Golf Courses Selective irrigation in dry zones to reduce the water resources required in the green. Meteorological Station Network Study of weather conditions in fields to forecast ice formation, rain, drought, snow or wind changes. Compost Control of humidity and temperature levels in alfalfa, hay, straw, etc. to prevent fungus and other microbial contaminants. Smart Agriculture & Animal Farming (1) 31IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

32. Hydroponics Control the exact conditions of plants grown in water to get the highest efficiency crops. Offspring Care Control of growing conditions of the offspring in animal farms to ensure its survival and health. Animal Tracking Location and identification of animals grazing in open pastures or location in big stables. Toxic Gas Levels Study of ventilation and air quality in farms and detection of harmful gases from excrements. Smart Agriculture & Animal Farming (2) 32IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

33. • Smart Factory, • Manufacturing, Robotics, • Financial Services, • Banking, • Insurance, etc. Smart Industry & Services IN3-UOC 2014 seminar by Prof. A.A. Economides 33

34. M2M Applications Machine auto-diagnosis and assets control. Indoor Air Quality Monitoring of toxic gas and oxygen levels inside chemical plants to ensure workers and goods safety. Temperature Monitoring Control of temperature inside industrial and medical fridges with sensitive merchandise. Ozone Presence Monitoring of ozone levels during the drying meat process in food factories. Indoor Location Asset indoor location by using active (ZigBee) and passive tags (RFID/NFC). Vehicle Auto-diagnosis Information collection from CanBus to send real time alarms to emergencies or provide advice to drivers. Industrial Control 34IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

35. Quality of Shipment Conditions Monitoring of vibrations, strokes, container openings or cold chain maintenance for insurance purposes. Item Location Search of individual items in big surfaces like warehouses or harbours. Storage Incompatibility Detection Warning emission on containers storing inflammable goods closed to others containing explosive material. Fleet Tracking Control of routes followed for delicate goods like medical drugs, jewels or dangerous merchandises. Smart Logistics & Supply Chain Management 35IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.libelium.com/

36. Smart Transportation (e.g. Airlines, Railways, Shipping), 36IN3-UOC 2014 seminar by Prof. A.A. Economides http://www.alcatel-lucent.com/

37. alcatel-lucent.com

38.  Sensors & Actuators  Wireless Communications: RFID, WiFi, Bluetooth, Cellular, Satellite  Networks (HW & SW)  Addressing  Cloud Computing (Storage, Processing, Analytics, Security, etc.) TECHNOLOGY IN3-UOC 2014 seminar by Prof. A.A. Economides 38

40.  Devices (Sensors, Actuators, etc.),  Networking & Communications,  Data Management,  Decision Making,  Security & Privacy,  Social & Legal issues,  Economics,  Human Behavior & Usability,  Marketing, etc. Research Challenges IN3-UOC 2014 seminar by Prof. A.A. Economides 40

41. Google wants to advance the Internet of things, offers grants for ‘open innovation’ research proposals Deadline: January 21, 2015 Individual Project Grants: US $50,000 to $150,000. Expedition Lead Grants: US$500,000 to $800,000. Google - Open Web of Things 41IN3-UOC 2014 seminar by Prof. A.A. Economides

42. Research at the intersection of disciplines including:  Human Computer Interaction (HCI)  Privacy & Security  Systems & Protocols 42IN3-UOC 2014 seminar by Prof. A.A. Economides

43. Deadlines: March 25th , 2015 & May 11th , 2015  open to young women between the ages of 13-18 New ideas on how technologies from the Internet of Things can improve:  education,  healthcare,  manufacturing,  energy,  retail,  transportation,  smart cities http://iotchallenge-cisco.younoodle.com/ Cisco IoT Challenge for Young Women IN3-UOC 2014 seminar by Prof. A.A. Economides 43

44. Any cyber-attack, large or small, is born from a weak link in the security chain. Weak links can be: • poorly written code, • outdated software, • an abandoned website, • Developer, • errors, • a user who blindly trusts, etc. Cisco on Cyber-attack effects 44IN3-UOC 2014 seminar by Prof. A.A. Economides

45.  The Center for Strategic and International Studies estimated that US$100 billion is lost annually to the US economy, and 508,000 US jobs are lost, because of malicious online activity.  Ponemon Institute estimated that the average cost of an organizational data breach was US$5.4 million in 2014, up from US$4.5 million in 2013. Losses due to attacks 45IN3-UOC 2014 seminar by Prof. A.A. Economides

46. + Companies’ considerations IN3-UOC 2014 seminar by Prof. A.A. Economides 46

47. Nearly half (46%) of the IT leaders who responded to Computer World poll said that they will invest more next year in:  access control,  intrusion prevention,  identity management,  virus and malware protection. 47IN3-UOC 2014 seminar by Prof. A.A. Economides

48. @Device: • stolen • modified • replaced • cloned @Software: • modified (firmware / OS / middleware) • decompiled to extract credentials • exhausted (denial of service) @Network Attack Examples 48IN3-UOC 2014 seminar by Prof. A.A. Economides

49. Routers will be a prime target for hackers looking to compromise network-connected devices as IoT grows. (Avast) Hackers are more likely to want to take over the local networks that connect devices rather than hack into the individual devices themselves. (Ondrej Vlcek, chief operation officer at Avast) 49IN3-UOC 2014 seminar by Prof. A.A. Economides

50.  A wireless network consisting of a large number of autonomous sensors that are spatially distributed in area of interest in order to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion, pollutants, etc.  Sensor: Wireless Sensor Network (WSN) 50IN3-UOC 2014 seminar by Prof. A.A. Economides Sensors ADC Processor Memory Transceiver Location finding system (optional) Mobilizer (optional) Sensing Unit Processing Unit Power unit Communication Unit

51. WSN Architecture 51IN3-UOC 2014 seminar by Prof. A.A. Economides Internet, Satellite Sink Sink Task Manager User Sensor Field Sensor Node Figure –The big picture

52. WSNs are vulnerable to various types of attacks 52IN3-UOC 2014 seminar by Prof. A.A. Economides Internet, Satellite Sink Sink Task Manager User Sensor Field Sensor Node Spoofed Routing information Wormhole Attack

53.  Eavesdropping: an attacker intercepts packets transmitted over the air for further cryptanalysis or traffic analysis.  Traffic analysis: allows an attacker to determine that there is activity in the network, the location of the BSs, and the type of protocols being used.  Message injection: an adversary injects bogus control information into the data stream.  Message modification: a previously captured message is modified before being retransmitted  Node capture: An embedded device is considered being compromised when an attacker, through various means, gains control to the node itself.  Denial-of-Service (DoS) attacks: can be grouped into two categories – Service degradation (e.g., collision attack), and – Service disablement through power exhaustion (e.g. jamming) Attack Models 53IN3-UOC 2014 seminar by Prof. A.A. Economides PassiveattacksActiveattacks

54.  Various security mechanisms have been proposed to address the security concerns of WSNs.  Despite the fast development of computer security mechanisms, the scale and complexity of the generated wireless data put major challenges to the representation and understanding of security-relevant network information.  To address this issue, efficient visualization techniques have been adopted by the researchers to bridge the gap. A new security discipline emerges! Network Security Visualization 54IN3-UOC 2014 seminar by Prof. A.A. Economides

55.  The power of visualization should go beyond the simple ”illustration” of network behavior in order to help the analysts discriminate between normal and abnormal network activities.  Network security visualization provides insight into areas that other system fail to enlighten by integrating visualization and machine learning techniques. In the near future… Visualization for network security 55IN3-UOC 2014 seminar by Prof. A.A. Economides

56. Security Visualization Techniques 56IN3-UOC 2014 seminar by Prof. A.A. Economides Node Links Glyphs Parallel Coordinates Bundle Diagrams Radial Panels

57.  IoT enables dramatic society transformation!  WSN is a main ingredient of IoT.  WSN Security is important! Conclusions IN3-UOC 2014 seminar by Prof. A.A. Economides 57

58. Thank you for your attention Prof. Anastasios A. Economides economid@uom.gr http://conta.uom.gr IN3-UOC 2014 seminar by Prof. A.A. Economides 58

Internet of Things and Security challenges

Du liest eine Vorschau.

Hier ansehen

Internet of Things and Security challenges

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie Internet of Things and Security challenges (20)

Aktuellste (20)