The internet of things (IoT) is a complex system of heterogeneous devices connected to a network. While IoT can significantly add value to people's everyday activities around the world, there are numerous security risks and privacy breaches imposed by the IoT landscape. Traditional security solutions are not applicable for the IoT as they require high-end processing capacity. The objective of this chapter is two-fold. Firstly, it provides a comprehensive summary of the recent advancements in the IoT and identifies their vulnerabilities. Secondly, it proposes the paradigm of self-learning as an intelligent and sustainable mechanism that is capable of automatically detecting suspicious activities in the IoT. Overall, this chapter presents a contemporary coverage of the recent developments in the IoT scene, the security and privacy challenges confronting the security experts, a proposal of a self-learning framework for performing health check of the IoT environment, and finally a set of high-level implementation guidelines and conclusions.
TopIntroduction
In the past decade, we witnessed the deployment of a large number of sensors and devices for various applications ranging from monitoring of specific health conditions to tracking of shipments or even living things, and this has resulted in the Internet of Things (IoT) (Evans, 2011; Hung, 2018). The IoT provides a new connectivity paradigm by integrating heterogeneous devices of the physical world with the online computing world via the computer networks and applications (apps) (Al-Fuqaha et al, 2015; EMC & IDC, 2014). IoT is offering a new paradigm of opportunities to solve some of the world’s most challenging problems in every industry, such as construction, healthcare, agriculture, energy and retail in the development of smart environment (Grindovall et al, 2012; Parvin et al, 2018). On one hand, the IoT promises a smarter world with intelligent systems leveraging on Big Data that facilitates the management of both personal and business activities more efficiently (Guo et al, 2013; Bovet et al, 2014). On the other hand, the effective use of IoT can only be possible with a continuous monitoring of such a complex device infrastructure in the deployed environment and the collection of large volumes of data that need to be processed by specialised apps (Kumar et al, 2014; FTC, 2015). Such apps warrant utmost privacy and security measures to be in place for robust performance of the IoT. For instance, it is growingly becoming common to use wearable devices for monitoring one’s health via smartphones that can access the health data collected from these devices. In such scenarios, privacy and information leakage are key aspects that required to be addressed sufficiently well (FTC, 2015).
Unlike computer peripheral connectivity, in the IoT scenario, more and more smaller devices are getting connected to the network every day on an ad hoc basis, and one cannot expect them in reality to work automatically when plugged in. Currently, they require human intervention for setup, connectivity and security configurations (Liu et al, 2017; Maene et al, 2017). In addition, for an effective use of the IoT system, software apps and upgrades need to be installed from time to time. All these requirements and inherent parameters of the IoT make privacy and security mechanisms to be of high priority for the correct functioning of the devices. A typical IoT consisting of several communication technologies such as radio frequency identifications (RFIDs), Bluetooth, wireless sensor networks (WSNs), and cloud computing, IoT systems are more vulnerable to malicious attacks such as intrusions, jamming, eavesdropping, malwares, spoofing attacks, denial of service (DoS). attacks and distributed denial of service (DDoS). attacks (Li et al, 2016; Han et al, 2017).
Traditionally, much research has been conducted for several decades to arrive at security protocols and best practices for servers, personal computers, and smartphones. While these are well-understood and are reaching a maturity stage, privacy and security for IoT devices are still at the infancy stage. It is estimated that in the next 5 years, 50 billion new devices would be connected online and security is earmarked as the foremost challenge for the future of IoT (Hung, 2018).
This chapter presents the state-of-the-art advancements in the IoT systems and identifies their vulnerabilities that succumb to different malicious attacks. It further proposes a self-learning framework as a possible solution to address these security challenges. The chapter describes how the concept of self-learning derived from the autonomic computing paradigm could be adopted for the future IoT systems in achieving the desired privacy and security goals.