Internet of Things forecast, economics, applications, technology, research challenges, sensor networks security, attack models, countermeasures, network security visualization
A Beginners Guide to Building a RAG App Using Open Source Milvus
Internet of things_by_economides_keynote_speech_at_ccit2014_final
1. Prof. Anastasios A. Economides
University of Macedonia, Thessaloniki, Greece
economid@uom.gr
http://conta.uom.gr
Internet of Things (IoT)
&
Sensor Network Security
4. CONTA (COmputer Networks & Telematics Applications) lab
http://conta.uom.gr
University of Macedonia
Research on:
• NetworkingTechno-Economics
• E-Services (E-learning, E-Commerce, …)
CCIT 2014 Keynote speaker Prof. A.A. Economides 4
5. • Definitions
• Driving Forces
• Characteristics
• Forecasting & Economic Impact
• Applications
• Technology
• Experiments & Standardization
• Research challenges
• Cisco IoT Challenges
Overview
Internet of Things (IoT)
CCIT 2014 Keynote speaker Prof. A.A. Economides 5
6. Wireless Sensor Networks (WSN)
WSN Security
Defensive Measures
Security Visualization
Research Challenges & Open Issues
Conclusions
Overview
Sensor Network Security
CCIT 2014 Keynote speaker Prof. A.A. Economides 6
8. IoT Definitions, 1
8CCIT 2014 Keynote speaker Prof. A.A. Economides
• things, especially everyday objects, that are readable, recognizable, locatable, addressable,
and/or controllable via the Internet—whether via RFID, wireless LAN, wide-area network, or
other means. NIC
• IoT will connect objects around us (electronic, electrical, non electrical) to provide seamless
communication and contextual services provided by them. IETF
• An evolving convergent IoT and services that is available anywhere, anytime as part of an
all-pervasive omnipresent socio–economic fabric, made up of converged services, shared
data and an advanced wireless and fixed infrastructure linking people & machines to provide
advanced services to business and citizens. UK Future Internet Strategy Group
• IoT enables the objects in our environment to become active participants, i.e.,
– they share information with other members of the network or with any other
stakeholder,
– they are capable of recognizing events and changes in their surroundings and of acting
and reacting autonomously in an appropriate manner. IERC (Internet of Things
Research in Europe Cluster)
9. IoT Definitions, 2
9CCIT 2014 Keynote speaker Prof. A.A. Economides
• the network of physical objects that contain embedded technology to communicate and
sense or interact with their internal states or the external environment. Gartner
• A world-wide network of interconnected objects uniquely addressable, based on standard
communication protocol. Tata Consultancy
• an evolution in which objects are capable of interacting with other objects. IBM
• Interconnected objects having an active role in what might be called the Future Internet.
INFSO
• A global, immersive, invisible, ambient networked computing environment built through
the continued proliferation of smart sensors, cameras, software, databases, and massive
data centers in a world-spanning information fabric. PEW
“Worldwide ICT infrastructure that supports ubiquitous applications among
interacting humans, machines and objects/things” A.A. Economides
14. IoT Forecast
14CCIT 2014 Keynote speaker Prof. A.A. Economides
Cisco: 25 billion devices connected to the Internet by 2015 and 50 billion by
2020.
IDC: 15 billion devices will be communicating over the network by 2015 and
212 billion devices or things connected to networks by 2020.
ABI Research: There are more than 10 billion wirelessly connected devices in
the market today; with over 30 billion devices by 2020.
Gartner: 26 billion units installed by 2020.
IBM: 1 trillion cloud-ready devices by 2015.
Ericsson: 50 billion connected devices by 2020.
18. IoT Economic Impact, 1
18CCIT 2014 Keynote speaker Prof. A.A. Economides
Harbor Research: Service Revenues for the IoT will reach $500 Billion
by 2018, dwarfing the $33 Billion in revenue expected from devices
in 2018.
McKinsey Global Institute: the potential economic impact of IoT will
be $2.7 trillion to $6.2 trillion per year by 2025. Across the health-
care applications, IoT technology could have an economic impact
of $1.1 trillion to $2.5 trillion per year by 2025.
GSMA & Machina Research: A $ 4.5 trillion global impact in 2020.
The global business impact of the IoT can be split into two broad
categories: ‘revenues’ ($2.5 trillion) and ‘cost reduction’ ($1 trillion)
and ‘service improvements’ ($1 trillion).
19. IoT Economic Impact, 2
19CCIT 2014 Keynote speaker Prof. A.A. Economides
Cisco: The IoE Value at Stake will be $14.4 trillion for companies
and industries worldwide in the next decade (2013 – 2022).
IDC: The IoT technology and services revenue will expand from
$4.8 trillion in 2012 to $7.3 trillion by 2017 and $8.9 trillion by
2020.
Gartner: IoT product and service suppliers will generate
incremental revenue exceeding $300 billion, mostly in
services, in 2020. It will result in $1.9 trillion in global
economic value-add through sales into diverse end markets.
The verticals that are leading its adoption are manufacturing
(15 percent), healthcare (15 percent) and insurance (11
percent).
23. 75% of companies from across industries are already
exploring the IoT.
15 % of organizations across the globe already have an IoT
solution in place.
53 % plan to implement one within the next 24 months,
and another 14 % in the next two to five years.
21 % of transportation and logistics companies already
have IoT solutions in place.
(Zebra Technologies / Forrester Consulting).
APPLICATIONS
CCIT 2014 Keynote speaker Prof. A.A. Economides 23
44. IERC (Internet of Things European Research Cluster)
projects: CASAGRAS2, IoT-A, IoT Lab,…
IoT-I (IoT Initiative)
Smart Santander project
Auto-ID lab
IPSO (Internet Protocol for Smart Objects) etc.
IoT Experiments
CCIT 2014 Keynote speaker Prof. A.A. Economides 44
45. Devices (Sensors, Actuators, etc.),
Networking & Communications,
Data Management,
Decision Making,
Security & Privacy,
Social & Legal issues,
Economics,
Human Behavior & Usability,
Marketing, etc.
Research Challenges
CCIT 2014 Keynote speaker Prof. A.A. Economides 45
46. • Deadline: July 1, 2014.
• Three winners of the IoT Innovation Grand Challenge will
share US $250,000 in award money.
• Submissions must be entered into one of five categories:
Applications and Application Enablement, Analytics,
Management, Networking, or Things.
• Each submission must map to one of a variety of industries:
Education, Energy, Healthcare, Manufacturing, Oil and Gas,
Retail, Smart Cities, Sports and Entertainment or
Transportation
• https://iotchallenge.cisco.spigit.com/Page/AboutTheContest
Cisco IoT Innovation Grand Challenge
CCIT 2014 Keynote speaker Prof. A.A. Economides 46
47. • Deadline: June 17, 2014.
• Cisco will be awarding $300,000 for breakthrough
approaches in malware defense, security credential
management, and privacy protection to secure the
IoT.
• Cisco will select up together six winners with awards
from $50,000 to $75,000.
• https://www.ninesights.com/community/cisco
Cisco Security Grand Challenge
CCIT 2014 Keynote speaker Prof. A.A. Economides 47
48. +
Wireless Sensor Network (WSN)
(co-author: Dr. E. Karapistoli)
A wireless network consists of a large number of autonomous
sensors that are spatially distributed in area of interest in
order to cooperatively monitor physical or environmental
conditions, such as temperature, sound, vibration, pressure,
motion, pollutants, etc.
Sensor:
Sensors
ADC
Processor
Memory
Transceiver
Location finding system
(optional)
Mobilizer
(optional)
Sensing Unit Processing Unit
Power unit
Communication Unit
48
50. +
Design factors
Power Consumption
Fault Tolerance (Reliability)
Scalability
Production Costs
Operating
Hardware Constraints CCIT 2014 Keynote speaker Prof. A.A. Economides 50
51. + WSNs are vulnerable to various types of
attacks
Internet,
Satellite
Sink
Sink
Task
Manager
User
Sensor
Field
Sensor
Node
Spoofed
Routing
information
Wormhole
Attack
CCIT 2014 Keynote speaker Prof. A.A. Economides 51
52. +
Security Goals
Availability: ensuring the survivability of network services despite denial-
of-service (DoS) attacks
Confidentiality: ensuring that information is accessible only to those
authorized to have access.
Integrity: guaranteeing that a message being transferred is never
corrupted.
Data Freshness: ensuring that the data is recent, and that no old messages
have been replayed.
Authentication: enabling a node to ensure the identity of the peer node
with which it communicates.
Non-repudiation: ensuring that the origin of a message cannot deny
having sent the message.
CCIT 2014 Keynote speaker Prof. A.A. Economides 52
53. +
Threats and Attacks
• An attack can be either internal or external (origin-based classification):
– External attacks include attacks launched by a node that does not
belong to the logical network.
– Internal attacks include attacks launched by a compromised node or an
authorized participant of the network that has gone bad by running
malicious code.
• Moreover, attacks can be either passive or active (nature-based classification):
– Passive attacks are able to retrieve data from the network that might be
used later when launching an active attack.
• These attacks do not influence over the behavior of the network.
– Active attacks, on the other hand, directly hinder the provisioning of
services.
• Most of these attacks result in a denial of service (DoS), which is a
degradation or a complete halt in communication between nodes.
CCIT 2014 Keynote speaker Prof. A.A. Economides 53
54. +
Attack Models
Eavesdropping: an attacker intercepts packets transmitted over the air for further
cryptanalysis or traffic analysis.
Traffic analysis: allows an attacker to determine that there is activity in the
network, the location of the BSs, and the type of protocols being used.
Message injection: an adversary injects bogus control information into the data
stream.
Message modification: a previously captured message is modified before being
retransmitted
Node capture: An embedded device is considered being compromised when an
attacker, through various means, gains control to the node itself.
Denial-of-Service (DoS) attacks: can be grouped into two categories
– Service degradation (e.g., collision attack), and
– Service disablement through power exhaustion (e.g. jamming)
PassiveattacksActiveattacks
54
56. +
Overview of Countermeasures
Confidentiality is provided through the use of encryption technologies.
Cryptographic algorithms such as the DES, RC5, RSA are used to protect
the secrecy of a message.
MAC (Message Authentication Code) or Digital Signature Algorithms
(DSA) can be used to assure the recipient’s integrity of the data and
authenticity of the message
Digital Signatures can be used to ensure non-repudiation.
Availability can be achieved by adding redundant nodes. Multi path and
probabilistic routing can also be used to minimize the impact of
unavailability.
Data freshness is ensured by adding a counter value in each message.
CCIT 2014 Keynote speaker Prof. A.A. Economides 56
57. +
IEEE 802.15.4 (ZigBee): Security Suites
Name Description
Null No security
AES-CTR Encryption only, CTR mode
AES-CBC-MAC-128 128-bit MAC
AES-CBC-MAC-64 64-bit MAC
AES-CBC-MAC-32 32-bit MAC
AES-CCM-128 Encryption and 128-bit MAC
AES-CCM-64 Encryption and 64-bit MAC
AES-CCM-32 Encryption and 32-bit MAC
CCIT 2014 Keynote speaker Prof. A.A. Economides 57
58. +
Standalone Security Protocols for WSNs
• Secure Network Encryption Protocol (SNEP)
– SNEP provides with confidentiality, two-party data
authentication, and data freshness
• μTESLA
– extension of the TESLA protocol (by considering resource
limitations)
– focuses on the need for authenticated broadcast in WSNs
• TinySec
– A lightweight and generic link-layer security package
– Supports two different security options:
1. authenticated encryption (TinySec-AE)
Data payload is encrypted
MAC is used to authenticate packet
2. authentication only (TinySec-Auth)
CCIT 2014 Keynote speaker Prof. A.A. Economides 58
59. +
Network Security Visualization
• Various security mechanisms have been proposed to address the
security concerns of WSNs.
• Despite the fast development of computer security mechanisms,
the scale and complexity of the generated wireless data put major
challenges to the representation and understanding of security-
relevant network information.
• To address this issue, efficient visualization techniques have been
adopted by the researchers to bridge the gap.
A new security discipline emerges!CCIT 2014 Keynote speaker Prof. A.A. Economides 59
60. + Until now…Visualization only for
network traffic monitoring
• Network traffic visualization is one of the first directions to take when it
comes to understanding, and analyzing information in vast amounts of
network data.
• Many visualization tools graphically monitor real-world or simulated WSNs
(e.g. Surge, MoteView, Octopus, SNA, TOSSIM, OPNET, NS-2).
• While these tools offer some form of visualization, they are designed for
applications other than wireless security. Accordingly, these tools:
– lack the specialized techniques in visualizing security-related data.
– tend to miss abnormalities and security attacks that occur unpredictably.
CCIT 2014 Keynote speaker Prof. A.A. Economides 60
61. + In the near future…
Visualization for network security
• Visualization should go beyond the simple ”illustration” of network behavior in
order to help the analysts discriminate between normal and abnormal network
activities.
• Network security visualization provides insight into areas that other system fail to
enlighten by integrating visualization and machine learning techniques. 61
63. +
Research Challenges
Security is somewhat difficult to achieve in WSNs:
Public-key cryptographic systems are inefficient on low-end devices. Moreover,
cryptography by itself is not enough for insiders.
Link layer security with key management can prevent the majority of outsider attacks.
However, it provides little protection against insiders, HELLO floods, and wormholes.
Wormholes and DoS attacks are difficult to defend against and can be mounted
effectively by both laptop-class insiders and outsiders.
Nodes that are near to base stations are attractive to compromise requiring protocols
to reduce their significance.
The development of secure routing protocols is challenging because sensor nodes are
prone to failures and the topology of a sensor network changes frequently due to node
failures and possible mobility.
CCIT 2014 Keynote speaker Prof. A.A. Economides 63
64. +
Open Issues
Improving the efficiency of symmetric key operations on sensor nodes is still an open
research issue.
Although most secure schemes are able to limit the effects of attacks, intelligent attack
detecting mechanisms are still of need for security.
Currently, there are some protocols that let routing paths bypass the detected
compromised nodes or attacks. However, current secure routing algorithms have no
effect to conquer undetected attacks. Hence, new secure routing protocols that can
defend against undetected attacks or even node compromise are highly desirable.
Most approaches assume the base station is secure and robust enough. However, in
some special application environments, such as battlefield surveillance, base stations
may be easy to be destroyed or attacked. Under such conditions, base station
protection must be carefully investigated.
Most current security studies focus on individual topics of security issues. However,
security overhead will degrade other performances of the WSN. Hence, the tradeoff
between security and Quality of Service (QoS) needs to be evaluated.
CCIT 2014 Keynote speaker Prof. A.A. Economides 64
65. IoT enables dramatic society transformation!
WSN is a main ingredient of IoT.
WSN Security is important!
Visualization for IoT security.
Conclusions
CCIT 2014 Keynote speaker Prof. A.A. Economides 65
66. Thank you for your attention
Prof. Anastasios A. Economides
66
economid@uom.gr
http://conta.uom.gr