Proposed IoT Security Framework

Several architectures were proposed by different authors and researchers [58], [44], [31]. All have several layers from the sensing layer to the application layer according to the requirements of industries, applications, and societies. A three-layer reference model [23] was the first reference model in which authors described an extended version of a wireless sensor network with cloud services. Another four-layer model [348] is an alternative that has been proposed to interact with a complex system. And a five-layer reference model [58] was a generic layered architecture for loT based on service-oriented architecture (SOA). This model has the potential to interact with several applications and well-defined components. It is observed there is no standard framework that can provide a security mechanism or a well-recognized manner. Hence, there is a critical requirement of a framework that can provide an operational guarantee for loT applications to bridge that gap between physical devices and the virtual platforms. We propose a security framework for loT as shown in Figure 7.2. It consists of seven layers. The description of every layer is as follows:

Figure 7.2: Security Framework for loT

Perception Layer

This is the lowest layer that consists of several physical devices like sensors, actuators, Microcontrollers, RFID tags, embedded systems, micro-operating systems, and RFID readers, etc. Data are captured or sensed by different sensors and shared between the components by using a network. The main concerns of this layer are the deployment of the nodes, heterogeneity of devices, Cost, size, and energy consumption by end nodes. The Perception layer is the most vulnerable layer in the security framework because of the availability and accessibility of the hardware components. Some natural calamities (such as earthquakes, floods, storms, etc.) and environmental threats (such as fire, chemical accident, etc.) can destroy the whole infrastructure of the system. An attacker can easily deploy an attack to a sensory node and can also modify the data collected from the sensors. There are a wide variety of security concerns [154] at this layer including device authentication, trusted devices, physical protection, and temper proof designing [34]. Hash-based techniques, intrusion detection systems and granular segmentation are some of the techniques to deal with several attacks.

Wireless Sensor Network Layer

Wireless sensor network has enabled the low cost and low power network that can collect information from heterogeneous sensors. In this network, there are two components: aggregation and base station. Aggregation point is used to collect information from nearby sensors. Then the information is integrated and sent to the base station to process the collected data [274]. Various types of networks exist at this layer such as Bluetooth, Zigbee network, Infrared network, and Wi-Fi network. This layer is vulnerable due to unencrypted information movement and unprotected communication channels. Some of the different attacks that can be possible with wireless sensor network are injecting false data in WSN, Impersonating, unauthorized access, overloading the WSN, and monitoring and eavesdropping [366]. To deal with different attacks, some of the techniques can be used such as limiting the administration control rate, access control, secure routing, and strong and proper authentication techniques.

Data Sensing and acquisition layer

Sensors and hardware devices can collect ample data that are not useful for further processing and analysis purposes. Hence there is a requirement of data abstraction to get a faster response in real-time applications. This layer is used to collect data on a local server or a gateway to process and extract useful data. The main features of this layer are the collection and filtering of data, triggering the event, data aggregation, and gateway to the network. Some vulnerabilities of this layer include insufficient validation, inadequate testing mechanism, and information leakage [20]. Malicious code, traffic monitoring, and inefficient logging are major attacks that can target this layer. To deal with these kinds of attacks different techniques are available, such as a pretesting mechanism, encrypting the log file, and pattern finding.

Internet Layer

This layer is also known as a communication layer or network layer. The data abstracted in previous layers can be shared in remote places or far from the physical setup using the Internet. The Internet can have billions of interconnected devices that use traditional Internet protocol (TCP/IP). A large range of information and data services are provided by the Internet like the connection between email sharing, World Wide Web applications, etc. Internet layer is responsible for the routing of the packets, Plug-ins, the protocols, IP based communication, network security implementation, and reliable delivery of packets. Some of the vulnerabilities at this layer are: IP address spoofing, route spoofing, wireless access points, and vulnerable transmission media. There are several attacks at this layer such as low rate denial of service, traffic analysis attack, false routing, eavesdropping, and spoofing [309]. To deal with different attacks, some tech?niques are Hilbert Huang transform, tools to analyze packets, bi-verification of the route, deterministic path loss model, and trust anchor interconnection loop.

Service Layer

The service layer is a kind of middleware that is an enabler of services and applications. This layer is designed to provide a common platform to the applications of loT with common application programming interfaces (APIs) and protocols [64]. The main responsibilities of this layer include information storage, data processing, analytics services, integration of services, and event processing, etc. To enable any service with an application of loT, the following components are used: service discovery, service composition, and service APIs, and trust management [222]. Some main actors of this layer are cloud services, backend services, database and storage management, and data storage components. Some vulnerabilities of this layer are the reliability of service, insecure cryptography, data protection, and Internet dependency. The security requirement of this layer includes authorization, service authentication, privacy protection, antireplay, and availability. Data loss and modifications, VM escape, malicious VM creation, insecure VM migrations, and brute force attacks are some attacks that may occur at this layer [271]. To handle these attacks, some of the techniques can be applied such as backup and retention, trusted cloud computing, mirage, VNSS, and site scanner [248].

Data Abstraction Layer

For better performance of any application, it is required to relinquish some data and enhance data storage. Sensors can generate repeated data that, at the same time, can lead to the delicacy of data that cannot be handled at the application layer [277]. So the normalization, consolidation, filtering, and indexing are the ways through which data can be controlled for further analysis. Some rules and algorithms, decision-making analyzers, and big data tools can simplify the data. Some responsibilities of this layer include reformatting of data, preserving data for an authentic user, normalizing and indexing data for faster response [227]. Software vulnerability, redundant data, and sensitive information leakages are security vulnerabilities that may occur at this layer. Some attacks that may occur in this layer are an excessive privilege, improper queries, and the malicious insider. To handle such attacks, authentication mechanisms, access control policies, preparing statements, auditable processes, and effective logging are major techniques.

Interface Layer

This layer includes several interfaces for a variety of applications from small RFID applications to large, smart city applications, which can be implemented using standard protocols. This is the highest layer at which users and different computing devices can interact with the smart system using cloud services or application software [34]. This layer provides information interpretation with the help of software cooperation between the cloud server and its applications. There are different actors to support at this layer like analytics and visualization tools, loT support applications, web sites, and cloud software, etc. Some security vulnerabilities like third party failure, software bugs, unauthenticated access, and configuration errors may generate serious issues at this layer. The attacks of this layer include malicious code injection, reprogramming attack, DDoS, reverse engineering, backdoor, and phishing attack [144]. Some security mechanisms that can be applied to handle those attacks are security checks, internet firewall, temper proof design, lightweight cryptography algorithms, etc.

Case Study: Implementation of Denial of Service Attack in Home Automation

Recently, many literatures have been published in the field of loT security. Some of them were dealing with privacy, authentication of a user, trust management, etc. And another group of researchers works with the several attacks made possible in loT. We are dealing with one of the attacks known as Denial of Service attack.

A brief description of attack

As the number of application areas increases using loT, the vulnerability of the system will increase. Although loT provides substantial benefits to the users, there are various security challenges implicit with the system. Denial of Service (DoS) [393] is one of the major attacks, in which the attacker attempted to prevent an authentic user to access the services. In DoS attack generally, attacker floods the data on the network to block the channel to prevent the access of other legitimate users. The attacker sends the messages to the server and asks the server to authenticate the request with a false return address. The server does not detect the false address of the attacker, leading to the waiting state till the termination of a connection. When the connection is closed, the attacker again sends more messages with a false address. The server starts the authentication process again; this procedure is repeated, leading to the waiting state of legitimate users [298]. DoS attacks can exploit security vulnerabilities in the network or the server. Some DoS attacks were implemented in history: i) Smurf. In this, an attacker used the broadcast address of the network by sending some spoofed packets and flooded the targeted IP address; ii) Ping flood. In this type of attack, attacker floods ping packets to overwhelm the target server; iii) Ping of death. In this type of attack, a malformed packet is sent to the target machine that can crash the whole network or server.

Experimental Test bed Details

To implement the Denial of Service attack, we setup a home automation circuitry in which a Raspberry Pi 3B + module is used to control lights, fans, and other home appliances. To implement this setup, we have to install Raspbian or Noobs 3.2.0 operating system using some external storage such as a micro storage card. After installation of the operating system, Raspberry Pi can coordinate with other devices using some small code upload in the system. After the configuration of the system, we can control the home devices like fans, lights, and other devices using the Internet from a remote place. Now, Raspberry Pi provides facilities using the Internet or home gateway. In case an attacker wants to access this gateway in an unauthenticated way then it has to hack the home gateway. In this scenario, we have performed DoS (distributed denial of service) attack on the home gateway to de-authenticate the raspberry Pi from the network. We will send de-authenticated packets to the gateway in a large amount. To perform this, we have to install KALI LINUX 2019.1 operating system with 4.19.13 kernel version for this experimental setup. And some tools such as airmon-ng, AIRODUMP-NG, AIREPLAY-NG are used to perform monitoring and for accessing purposes. (These tools are inbuilt with the kali Linux.) To perform the DoS attack, we have to follow some steps:

Execution Steps

Step 1- Putting Wi-Fi adapter in monitor mode using airmon-ng tool First of all, we have to enable our network interface card in monitor mode. To check the functionalities of an interface card, the command is airmon-ng start wlanOmon as shown in Figure 7.3. In this command airmon-ng is used, which is a tool of Kali Linux and wlanOmon is an interface card (change according to the machine). It provides details about all running processes in the background.

Figure 7.3: Monitoring of Wi-Fi Adapter

Step 2- Abort running processes After the execution of the above command, we have a list of running processes. Each process can be identified with its process id and process name. These processes must be killed by using a command kill process-id so that there is no interruption in the background. In the current case, the terminal shows three processes with id 1252, 1308, and 1344 running on an interface and a chipset as shown in Figure 7.4.

Step 3- Capture the traffic When all background processes are killed, we can capture the wireless traffic that lies in our Wi-Fi range. Now with the help of Airodump-Ng tool, wireless adapter can be set in capturing mode using a simple command Airodump-Ng wlanO as shown in Figure 7.5. This command is used

Figure 7.4: Abort Running Process

to detect all MAC addresses of devices lies in a particular range. This command

Figure 7.5: Capture Traffic

provides monitoring of all wireless devices that facilitate nearby and the output (as shown in Figure 7.6) will be like- where BSSID is the MAC address of the gateway, and PWR provides the information about station number and data rate with authentication technique.

Figure 7.6: Output window with MAC address of Gateway devices

Step 4- Focus on target access point In the above output, we have different gateways with their BSS ID and channel number. Thus, we can check every gateway device one by one if we do not have the MAC address of the target device. To detect the MAC address of the targeted device, which facilitates the home gateway, open the terminal again and type command: airodump-ng -BSS ID 96:14:7A:10:08:B4 -c 7 wlanO (as shown in Figure 7.7). Where BSS ID is MAC address of the access point and c is the channel number. The output of the above

Figure 7.7: Focus on Target Access Point

command (as shown in Figure 7.8) contains information about the particular access point with its MAC address, Beacon number, rate, frame number, etc.

Figure 7.8: Output window with MAC address of Access Point

Step 5- Perforin the attack We have the MAC address of Raspberry Pi under STATION section. Now, we can flood the data packet to the network to JAM the traffic. Or we can de-authenticate the gateway by sending a large amount of traffic on the home gateway leading to perform DoS (Denial of service) attack. In our example, we will use MAC address of Raspberry Pi and MAC address of access point which is B8:27:EB:72:AC:F8 and 96:14:7A:10:08:B4, respectively. Now, type a small command to perform the attack: Aireplay-ng -0 0 -a 96:14:7A:10:08:B4 -c B8:27:EB:72:AC:F8 wlanO as shown in Figure 7.9. Where -0 is a de-authentication attack and 0 is the number of packets sent to the access point. It may vary 100 or 200, etc.

Figure 7.9: Perform DoS Attack

Step 6: Validation Finally after performing a DoS attack, we are not able to get a reply from the Raspberry Pi (as shown in Figure 7.10). We can check this by using a command: ping 192.168.43.86, where 192.168.43.86 is an IP address of Raspberry Pi. Thus, we cannot communicate to the home network or automated system using the Internet. In the current scenario, de-authentication of the access point is implemented with the help of transmitting data packets by an

Figure 7.10: Output of Ping Command

unauthorized user. This approach is based on a type of denial of service attack. Several tools and techniques are available to prevent DoS attacks such as identifying the DoS attack in earlystage, over-provision bandwidth, and defending at the network perimeter.

Research and Challenges

loT opens the door of opportunities in distinguished application areas such as wearable devices, home appliances, agriculture equipment, medical areas and many more. Although the growth in loT contributes to distinguished fields, to implement these applications, a large amount of data must be shared on the Internet which is the most vulnerable thing for information security, physical objects of loT, and other third party information. There are several research challenges in loT security [400]:

• 1. Object identification and locating: Unique identification of an object is the very first important issue that can be handled using Object Naming Scheme (ONS) [336]. Locating an object on the Internet can be possible with the help of Named Data Network [259]. Still, there exist several challenges for researchers to provide an efficient approach for identification and locating the objects in loT.
• 2. Inadequate Authentication: A traditional authentication mechanism of the user is to provide user name and password, but this is not a sufficient approach to deal with authentication of objects on the Internet.
• 3. Privacy: User's behavior and activities collected on the Internet may generate privacy issues about the information. There are lots of companies that share that information with third parties for the sake of money. So, it is a great challenge for the researchers to provide privacy for a large information set on the Internet in loT.
• 4. Energy Constrained: loT devices contain limited energy resources due to battery power. An attacker can drain the battery by generating a flood of messages and stop the services for legitimate users. So, this one is another big challenge to deal with small energy loT devices.

• 5. Software vulnerability: Software bugs may be the reason of vulnerability in the system. The programmer can be focused on the implementation of the functionalities of the software. It is very difficult to handle security with the mainstream of the software.
• 6. Access Privilege: After installation of the system, devices cannot request a change in the password or credentials. So, the attacker can access the functionalities of devices in an unauthorized way.

Conclusion

Internet of Things is one of the emerging areas of this era which helps in connecting things with communication networks and applications. Securing such an outgrowing technology is one of the key concerns. loT environment is prone to various attacks such as Distributed Denial of Service (DDoS) attacks, spoofing, eavesdropping and malware attacks, etc. In this chapter, a detailed classification of loT attacks has been proposed. We also proposed a novel loT security framework in which various attacks, vulnerabilities, and countermeasure techniques have been discussed for each layer. We further implemented a real-time case study on denial of service attack to de-authenticate the access point of home automation application with the help of tools based on the Kali-Linux platform. In the future, we will analyze and investigate different techniques to deal with loT attacks.