Wireless communications systems are vulnerable to network security attacks due to the broadcast nature of the transmission medium. Basically attacks are classified as active and passive attacks. Examples of passive attacks include monitor and eavesdropping, Traffic analysis, camouflage adversaries, etc. Examples of active attacks include denial of service attacks, node subversion, node malfunction, node capture, node outage, message corruption, false node, routing attacks, etc
19 1.5.2 Threat Taxonomy for IoT
IoT is coupled with new security threats and alters overall information security risk profile.
Although the implementation of technological solutions may respond to IoT threats and vulnerabilities, security for IoT is primarily a management issue. Effective management of the threats associated with IoT requires a sound and thorough assessment of risk given the environment and development of a plan to mitigate identified threats [23]. Figure 1.6 presents threat taxonomy to understand and assess the various threats associated with the use of IoT.
Figure 1.6: Threat Taxonomy for IoT
Identification covers determination of unique device/user/session with authentication, authorization, accounting and provisioning.
Communication threats covers a denial-of-service attack (DoS) and it occurs when an attacker continually bombards a targeted AP (Access Point) or network with bogus requests, premature successful connection messages, failure messages, and/or other commands.
Physical threat includes micro probing and reverse engineering causing serious security problem by directly tampering the hardware components. Some types of physical attack
20 require expensive material because of which they are relatively hard to perform. Some examples are: de-packaging of chip, layout reconstruction, micro-probing.
Embedded security threat model will span all the threats at physical and MAC layer.
Security threats like device and data tampering, side channel analysis, bus monitoring, etc will be the concerns at device level.
Storage management has crucial impact on the key management to achieve confidentiality and integrity. We must also be careful in choosing which cryptographic components to use as the building blocks since, for example, the cipher texts for some public key encryption schemes can reveal identifying information about the intended recipient.
1.5.3 Security Model for IoT
The different possible attacks on IoT and the threat taxonomy give new challenges to security and privacy in end to end communication of things. Protection of data and privacy of things is one of the key challenges in the IoT. Lack of security measures will result in decreased adoption among users and therefore is one of the driving factors in the success of the IoT[24-27]. Figure 1.7 depicts the cube structure model for IoT.
Figure 1.7: Security Model for IoT
Integrated and interrelated perspective on security, trust, privacy can potentially deliver an input to address protection issues in the IoT. Therefore, we have chosen a cube structure as a modelling mechanism for security, trust, and privacy in the IoT. A cube has three dimensions with the ability to clearly show the intersection thereof. Therefore, a cube is an ideal modelling structure for depicting the convergence of security, trust, and privacy for the IoT.
In IoT access information, required to grant/reject access requests, is not only complex but also composite in nature. This is a direct result of the high level of interconnectedness between things, services, and people. It is clear that the type and structure of information required to grant/reject such an access request is complex and should address the following
21 IoT issues: security (authorization), trust (reputation), and privacy (respondent). The incremental deployment of the technologies that will make up the IoT must therefore provide adequate security and privacy mechanisms from the start. We must be sure that adequate security and privacy is available before the technology gets deployed and becomes part of our daily live.
1.6 Novelty and Contributions
Figure 1.8: Problem Evolution and Thesis Contribution
The goal of this thesis is to design the security framework for IoT and design the security solutions to save from different jamming attacks and perform efficient key management in cluster based WSN. Major factors of influence are the energy consumption, delay, throughput and computational overheads for resource constrained devices in IoT. This study contributes to find out efficient attack detection and defense mechanism for jamming attack, which is the biggest threat in IoT. The thesis compares the performance evaluation of the proposed techniques with the existing state of art solution. The thesis also provides a novel key management scheme for cluster based mobile WSNs. Figure 1.8 provides an overview of the contributions presented in this thesis. The major contributions of thesis are as follows,
Threat taxonomy for IoT
Security model for IoT
Security framework for IoT
Jamming attack modelling
Intelligent cluster head jamming attack
Attack detection and defence mechanism against jamming attack
Key management for cluster-based WSN
22 1. Threat Taxonomy for IoT
In this contribution of thesis the attack classification and threat taxonomy for IoT is proposed which will help to build the security framework for IoT. Security assessment for IoT is a tough problem, and attack classification and threat taxonomies will definitely aid in this process. The attack classification and threat taxonomy for IoT will be used as a framework for systematically examining new systems for similar but as yet unknown vulnerabilities.
This Taxonomy relates to the needs of security model developers and will provide a more useful information tool for security analysts[28].