INTERNET OF THİNGS — IOT
#alperenugurlu
IoT enables physical objects to communicate with each other or with larger systems. And it is the communication network that keeps it connected.
SCOPE OF APPLICATION
Smart home appliances (vacuum cleaner, refrigerator, oven, air conditioner etc.)
Smart city applications (traffic systems, vehicle parking applications etc.)
Sensor Technologies
Data analysis applications etc.
WHY IS IOT SECURITY IMPORTANT ?
It is obvious that the protection of our personal data will become even more difficult, as IoT technologies, which have started to surround four (4) aspects of our lives, communicate with devices over networks. I don’t think we need to be prophets to guess. =) Therefore, the need for people working in the field of “Cyber Security” will increase even more. In fact, my opinion is that IoT technologies are almost the same as we were at the beginning of technology in the early 90s. If you ask why because; I can say that IoT technologies are also cumbersome considering today’s technology. This does not mean that it will stay that way. In fact, I think it will integrate with today’s technology level much faster. For those who work in the field of ‘Cyber Security’ in another matter; I see IoT technologies as VERTICAL area. Come on now, the IoT technology architecture and how security vulnerabilities arise that may arise and how we can take precautions.
IoT Communication Architecture
IoT devices generally do not need Cloud systems when communicating. Of course, it does not mean that it will not be needed in the improvements made. The most common technologies used in interior architecture are MQTT, Coap technologies. There is also a “web socket” system under MQTT. The only reason why this communication system is preferred to be widely used is as follows; If you try to send a request with http, the system will try to detect it, it will start broadcasting to see if it came to me, and it will try to match, maybe even if there is a delay of seconds. However, there will be no such delay as the MQTT depends on the continuous application. My goal is not to drown you in technical details, but to try to explain it in its simplest form. =)
IOT SECURITY Weaknesses?
Man In The Middle (MITM) man-in-the-middle attack may be one of the clichés of cybersecurity.
But it is one of the main problems that can be encountered anywhere. Therefore, messages can be listened to in the man-in-the-middle attack by the interception method in IoT devices.
HOW CAN MITM ATTACK BE DONE?
Now I’m telling it like I’m telling the primary school kid. To put it in its simplest form;
As you can see in the figure above, ‘Attacker’ says to the ‘Client A’ machine: ‘I am I0T rooter, trust me send the message =).’ Then to the ‘IoT rooter’ machine it says: ‘I am Client A, I am waiting for your return. says . =) and thus “Attacker” captures the incoming and outgoing messages.
SO HOW DO WE PROTECT IT?
MITM attacks can be prevented or detected in two ways: Authentication and intrusion detection. The summary of the work is due to incorrect or incomplete configuration errors. If authentication is not done, etc., access to IoT devices can be obtained with one known information of another user.
DDoS Attacks
are a type of attack that temporarily or indefinitely disrupt the services of a host connected to the Internet, aiming to make a machine or network resources inaccessible to actual users.
How Are We Protected?
Regular security monitoring is essential and as with other threats you should be aware of the following;
Access Control
Authentication
Encryption
