Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Research project (Report)Value:20%Due date:05-May-2018Return date:29-May-2018Submission method optionsAlternative submission method Task In this assessment, you are required to provide a complete...

1 answer below »

Research project (Report)Value:20%Due date:05-May-2018Return date:29-May-2018Submission method optionsAlternative submission method
Task

In this assessment, you are required to provide a complete report of your research project, that you chose in Assessment 3 (Research Project Abstract (• Security and privacy issues in Internet of Things (IoT) /Smart Architectures)) by discussing the following aspects:

  • Overview of the technology involved
  • Relevant technologies and applications of those technologies
  • Highlighting the challenges/problems in your chosen research area
  • Identification of any gaps in the literature by:
    • discussing areas/issues that you believe have been addressed in the current literature;
    • highlighting areas/issues that have not been addressed or adequately addressed; and
    • discussing your view(s) on the issue(s) that you see as being critical.
  • Summarize the future research directions based on the identified gaps

To accomplish the above, you are expected to read and critically evaluate recent research in your selected research area by citing aminimumof 5 research articles. Students are encouraged to access such research articles from well known and reputed research portals such as IEEE, ACM, Springer, Wiley etc. Please note Wikipedia and general blogs will not be considered as reputable citations.

Rationale

This assessment continues links back to assessment 3 where students initiated their research project by selecting a research topic in an emerging area of information security.The aim of this task is to help students :

  • to demonstrate ability to integrate and apply information from various topics;
  • to build an understanding and perspective of current and emerging topics in Information Security;
  • to help the students to formulate their research project in a step by step manner; and
  • to build generic skills including, critical thinking, analysis, problem solving in the context of Information Security

Additionally, this assessment aligns with the following learning outcomes:

  • be able to justify security goals and the importance of maintaining the secure computing environment against digital threats;
  • be able to explain the fundamental concepts of cryptographic algorithms;
  • be able to examine malicious activities that may affect the security of a computer program and justify the choice of various controls to mitigate threats;
  • be able to compare and contrast the security mechanisms of a trusted operating system with those used in a general purpose operating system;
  • be able to investigate and justify the use of the access control mechanisms and user authentication processes;
  • be able to compare and contrast foundational security policies and models that deal with integrity and confidentiality.

Marking criteria

Assessment criteria
Assessable ComponentsHD100% - 85%DI84% - 75%CR74% - 65%PS64% - 50%FL49% - 0

Abstract section

(5 Marks)

A very concise abstract where the aim of study is perfectly articulated, the central question is precisely formulated,A concise abstract where the aim of study is appropriately articulated, the research question is formulated.A concise abstract where the aim of study is relatively articulated, the research question is adequately formulated.A concise abstract where the aim of study is articulated, the research question is vaguely formulated.Incomplete abstract with no research question identified.

Introduction section

(5 Marks)

A comprehensive discussion in relation to the research background as well as the aim/objectives of research is included.A highly detailed discussion in relation to the significance as well as the aim/objectives of research is included.A thorough discussion in relation to the significance as well as the aim/objectives of research is included.An adequate discussion in relation to the significance as well as the aim/objectives of research is includedAn incomplete or irrelevant discussion is included.

Select literature that reflects recent developments in the area and emphasizes primary literature (i.e. journal articles containing original research)

(2 Marks)

Literature selected magnificently reflects recent developments in the area and completely emphasizes primary literature (i.e. journal articles containing original research).Literature selected clearly reflects recent developments in the area and largely emphasizes primary literature (i.e. journal articles containing original research).Literature selected relatively reflects recent developments in the area and generally emphasizes primary literature (i.e. journal articles containing original research)..Literature selected relatively reflects recent developments in the area but hardly emphasizes primary literature (i.e. journal articles containing original research).Literature selected does not reflect recent developments in the area and does not emphasize primary literature (i.e. journal articles containing original research).
Identify gaps in the literature.(4 Marks)Comprehensive knowledge of the topic and in depth explanation of the issues that are not addressed;Reasonable knowledge of the topic and a comprehensive explanation of the issues that are not addressed.Provided factual/conceptual knowledge of the topic and an overall explanation of the issues that are not addressed.Limited knowledge of the of the topic and a basic explanation of the issues that are not addressed.Fails to satisfy minimum requirements of explaining the issues.
Comment on future research directions based on the identified gaps i.e what other research questions arise from the literature.(4 Marks)The proposed future research direction is well formulated and ably answers all the identified gaps.The proposed future direction is adequately formulated and sufficiently answers most of the identified gaps.The proposed future research direction is adequately formulated and answers some of the identified gaps.The proposed future research direction is either not adequately formulated or does not sufficiently answer the identified gaps.The proposed future research direction is not adequately formulated and does not sufficiently answer the identified gaps

Be written clearly (with content well organized)

(3 Marks)

Highly developed skills in expression & presentation of ideas.
Fluent writing style appropriate to assessment task/document type.
Grammar & spelling accurate. Formal English is used throughout.
Well developed skills in expression & presentation of ideas.
Fluent writing style appropriate to assessment task/document type.
Grammar & spelling accurate. Mostly uses formal English.
Good skills in expression & clear presentation of ideas.
Mostly fluent writing style appropriate to assessment task/document type.
Grammar & spelling contains a few minor errors. More or less uses formal English.
Some skills in expression & presentation of ideas.
Meaning apparent, but writing style not always fluent or well organised.
Grammar & spelling contains several careless errors. Hardly uses formal English
Rudimentary skills in expression & presentation of ideas.
Not all material is relevant &/or is presented in a disorganised manner.
Meaning apparent, but writing style not fluent or well organised.
Grammar & spelling contains many errors. Does not use formal English.
Provide references (at least three) using APA referencing system including in text citations.(2 Marks)Faultlessreferencing,includingreference list and in text citations.High qualityreferences.Very goodreferencing,includingreference list andin text citations.High qualityreferences.Good referencing,includingreference list andin text citations.Good qualityreferences.Evidence ofrudimentaryreferencing skills.Mix of good andpoor qualityreferences.Sub-standardreferencing.Poor qualityreferences.

Presentation

The final submission must be in MS Word format using the given template that is available from the subject site under Assessment 5 folder in the Resources section.
Care must be taken to avoid direct quotes from sources. No marks will be awarded for any answer containing more than 10% direct quotes (referenced or un referenced).


APA reference style must be used throughout the document with the bibliography at the end of the document. In-text citations should also follow APA style. APA referencing guide can be accessed via the following link. This also forms a part of the marking rubric.http://student.csu.edu.au/study/referencing-at-csu


Requirements

Please note:AssessmentMUSTbe submitted asONEMS Wword file via Turnitin. Please do not submit *.zip or *.rar or multiple files. Assessments are marked and feedback is attached using a MS Word based tool. Reports that are submitted in PDF format will be re-formatted to Word format in order to be marked. Allowances willnotbe made for any loss of information, diagrams or images as a result of the re-formatting.

All assessment submission are subject to University regulations for academic misconduct (including plagiarism). As such, any text adapted from any source must be clearly labelled and referenced.

Answered Same Day Apr 16, 2020 ITC595 Charles Sturt University

Solution

Shikha answered on Apr 28 2020
137 Votes

Security & Privacy Issues in IoT
Submitted By
Course
Professo
Date
Security Concern        2
Abstract
Internet of things (IOT) is considered as distributed network system of things where every information is sent to the web with the assistance of its sensing devices as well as Radio Frequency Identification (RFID) labeling framework. As we know that IOT does not require any human or machine communication, it is by all accounts one of the biggest influxes of revolution according to the present research, thus security is required. With the fast improvement of IOT that has been developed with some challenges by considering security of things. The deployment of productive security as well as privacy protocols in IoT systems is greatly expected to guarantee classification, confirmation, access control, as well as its integrity, among others. This paper will be like an outline of IoT, its architecture, key advances and application scenarios of IoT. Different security issues as well as challenges in the IoT environment are additionally talked about and exhibited in this paper. (Bhabad, M., A. & Bagade, S., T., 2015).
Introduction
Modern society is continuously moving towards the always connected framework. The quick development of these advancements has changed the way of life of people, fundamentally the cu
ent and most well-known Internet of Things (IoT). It is a quickly developing worldview where assortment of items gets associated such that they can communicate over the Internet. The Internet of Things research and developments group characterizes IoT as very dynamic global system that possess self-designing capacities in light of standard as well as interoperable communication protocols where physical and the virtual items can have physical properties, and some virtual identities and these items use smart interfaces and are consistently coordinated into the data network system. (Vijayalakshmi, A., V. & Dr. Arockiam, L., 2016).
Security as well as privacy are the main challenges or we can say issues for IoT systems. Also, these products can present a radical a better level of online security for customers. With the collection of customer’s data such as customer name, their contact numbers, these items are also used to monitor user activities. By having the ceaseless series of divulgences about significant information
each, consumers are now careful for storing excessively individual information in public or private clouds. The principle goal of this paper is to give the comprehension of some security problems or issues of IOT that should be contemplated alongside their countermeasures. This paper presents a concise concept of IOT which incorporates the security issues for each layer as well as its countermeasures. (Wu, L., 2017).
IoT Architecture
The architecture design is extensively grouped into 4 layers. These are given as following:
Sensor Layer - Sensor layer is considered as the last layer of Architecture of IOT. This layer mainly comprises of sensor systems, embedded frameworks, RFID labels as well as readers or we can say some soft sensors that are distinctive types of sensors that is used in the field. These sensors use some identification and data storage like RFID tags data collection - sensor systems etc.
Access Gateway and Network Layer - This layer has the responsibility for exchanging the data which is used by sensors for the next layer. The layer mainly supports versatile, adaptable, measures global protocol in order to transfer information from heterogeneous systems like sensor nodes. This Layer ought to have high execution and vigorous system. It ought to likewise support many organizations to impart freely.
Management Service Layer – Management Service layer is used like an interface a, among network layer as well as the application layer in bidirectional mode. It is mainly responsible for managing devices and data administration and also responsible of catching substantial measure of the raw information as well as extracting pertinent data from the stored information from real time information. Security of the information ought to be guaranteed.
Application Layer – Application layer is the top most layer in IoT that gives better user interface for accessing different applications to various users. The applications may be utilized as a part of different divisions like transportation, healthcare, horticulture, supply chain network, government, retail and so on. (Soumyalatha & Hegde, S., G., n.d).
Challenges/ Problems
IoT presents new difficulties for the security of frameworks as well as the processes and to keep the data confidential. It is very difficult task to secure the data in IoT. The main requirement of IoT is to be globally connected as well as to be accessible at any place that shows that any authorized user can access at any place and at any rate, and the quantity of assault vectors can be accessible to malignant assailants may be staggering. Besides, the inherent unpredictability of these products, in which various heterogeneous components and are situated at many places that can be able to exchange data with each other, which confuses the plan as well as deployment of productive, interoperable, and versatile security systems.
With the development of cloud computing, the probability of increase in privacy leakage system has been increased. Thus, interest of developing new security strategies has been raised in order to manage its security, confidentiality, integrity as well as accessibility of assets in IoTs. The traditional security countermeasures can't be specifically utilized as a part of IoTs due to the distinctive principles and communication stacks that are involved. In addition, the large number of interconnected devices in IoTs presents adaptability issues. Subsequently, new as well as novel security and security techniques, designs, and new solutions will be required to manage security risks in IoTs. (Han, G. & Shu, L., 2016).
Front-end Sensors and Equipment - Sensors as well as hardware gets related information by means of its internal sensors. These sensors transmit the required information by utilizing some modules or we can say M2M devices and accomplishing the administrations of various sensors. This approach includes the machines’ security with business usage as well as with the availability of nodes. Machine or discernment hubs are for the most part dispersed in the absence of monitoring.
Networking - Network assumes a vital part giving a more complete interconnection ability, adequacy of association, and additionally legitimate quality of service QoS in IoTs. Since an expansive number of machines sending information to the network congestion, with various hubs that exist in IoT can be denial of service attacks. (Kumar, J., S. & Patel, D., R., 2014).
Security Gap
The security as well as privacy prerequisites confront main difficulties since cu
ent advancements don't offer practical and far reaching solution material to the idea of the IoT. The exceptional versatility and dispersion properties of the Internet of Things call for adaptable as well as imaginative security systems that can close the cu
ent gap and can lessen the threats related with the utilization of embedded devices. IoT devices are likewise presented to physical updating, war driving, malicious software as well as any type of side-channel assaults. Security issues of the Internet of Things should be comprehended keeping in mind the end goal to locate a proper solution. This vulnerable scene can be analyzed in terms of architecture; the recognition, the system and the application layer display security issues that should be tended to as entire system. (Mendez, D. & Papapanagiotou, I., 2017).
Data Oriented Privacy
Information security of IoT can be disregarded by internal as well as external enemies. In case of external assault, the foe who isn't the authorized system member spies or gets access for exchanging data between various sensor hubs of IoT. But in order to prevent this attack, cryptographic encryption as well as authentication can be used. An inward enemy is the node in network system which can be accessed or reconstructed by vindictive elements to bargain private data. This assault is more grounded than the external assault since customary encryption and verification can't recognize it since it is legally permitted to encode and decode messages. Its main challenge for data-oriented privacy is data needs to be protected from any internal adversary.
The main approach for protecting data against inward enemies for applying end-to-end encryption among the information source as well as the base station. By considering this approach, no middle node which includes the inward enemies, can bargain the security of information is transmitted without having the knowledge about the key which is shared by just the two end hubs. In spite of the fact that it is by all accounts a powerful safeguard, it may not be achievable for IOTs on the grounds that a considerable measure of additional communication overhead, acquired during the communication process as transitional hubs isn't permitted to make the information. One approach to beat this obstruction is to utilize hop-by-hop encryption process where each match of companion shares a private key to uphold encryption and decode it. (Desai, D. & Upadhyay, H., 2014).
Security Issues in Wireless Sensor Network
The abusive operation that could be performed in the wireless sensor network system can be recognized in these categories:
1. Assaults on the confidentiality as well as authentication.
2. Service integrity attack
3. Network accessibility Attack: The denial of service (DoS) assault be in under this class.
This aversion of accessibility of data to real users by obscure external interlopers can happen on distinctive layers of a system.
DoS assault on the Physical Layer -
The physical layer of the wireless sensor completes the ability of determination as well as ca
ier recu
ence age, modulation as well as demodulation, encryption and decryption, transmission and the reception of information. This layer is known as wireless sensor network and is assaulted through:
I. Jamming: This DoS assault involves the communication channel in between the hubs accordingly and it also keeps them away to communicate with each other.
2. Node Tampering: Node tampering is to physically tamper for extracting sensitive information. DoS assault on the Link layer. This layer is responsible to multiplex multiple data streams in order to provide detection of data frame, MAC as well as e
or control information. In addition, this layer is responsible of guarantees point-point reliability. Main DoS layer attacks are:
1. Collision: This attack can be started when two hubs transmit data packets on the same frequency channel. The impact of information packets
ings about small changes that can
ing about some packet identification as the mismatch at the accepting end. This prompt dispose of the data packet for re-transmission.
2. Unfairness: Unfairness is a repeated impact-based assault or we can say its exhaustion-based assaults.
3. Battery Exhaustion: This DoS assault mainly causes unexpected high traffic in the channel that makes its availability as a constrained for the hubs. This type of inte
uption in the channel is mainly caused by large number of solicitations as well as transmissions over the channel.
DoS assault on the Network Layer:
Main function of WSN is routing. The following are some attacks that can occur in this layer:
1. Spoofing replaying and confusion of network traffic.
2 Hello flood assault: This assault causes high network traffic in channels by clogging this channel with an extensive number of pointless messages. Here a solitary vindictive hub that transmits a pointless message which is then replayed by the assailant for having a high activity.
3. Homing: In this type of assault, traffic search is done for cluster heads as well as key managers that possess the ability for closing the entire network system.
4. Particular forwarding: In this message forwarding, compromised node sends few hubs rather than every one of the hubs. This finding related to the hubs is done based on the prerequisite of the assailant for accomplishing his vindictive goal and in this manner these nodes doesn’t forward data packets. (Borgohain, T. & Kumar, U., 2015).
Perceptions and Avoidances of DoS Attack:
A probabilistic countermeasure for these type of crashes is to depend on i
egular back-offs which diminish the rate of crashes. As revealed in, a standout amongst the most encouraging solution for decreasing crashes is rate constraining in MAC as well as utilizing minimum frame sizes. A few scientists proposed a few instruments that recognize such failed and misbehaving hubs in light of the rating that how well they are performing administrations in better way as these are requested and help routing protocols for avoiding them. Virtual cash frameworks utilize some pay hubs i.e sender makes the payment who transmit the messages of sender hubs. The upside of this strategy is that it debilitates hubs from flooding packets in the network frameworks. (Desai, D. & Upadhyay, H., 2014).
Security Measures
Flexibility to assaults: The framework ought to be competent enough to recuperate itself when it crashes during the transmission of information. Eg: when a server is operating in multi-user environment, it needs to be keen and sufficiently solid for protecting itself from interlopers or a spy. But when the server is down it would recuperate itself without insinuation the clients of its down status.
• Data Authentication: The information and the related data must be validated. A confirmation mechanism needs to be utilized to permit information transmission from only devices that are authentic.
• Access control: There must be a strategy that only authorized must be given access control for accessing IoT devices. The IT administrator should authenticate its access to the clients by dealing with their usernames as well as passwords and by characterizing their access rights so that distinctive clients can access just pertinent part of the database or projects.
• Client Confidential Data: The information and data ought to be in secure hands. Individual information should just be accessed by authorized individual to keep up the customer protection. It implies that no insignificant validated client from the framework or some other kind of customer can't approach to the private data of the customer. (Razzaq, M., A. & Qureshi, M., A., 2017).
Recommendations
By considering identity administration, better mechanism will be required in IoT for providing better accountability. This mechanism can join digital signatures by considering logs. Such tool can give no security protection because of the digital signatures. For a superior security solution, we prescribe to consider mechanism like some blind signature by integrating with edge cryptography. By considering this mechanism, digital signature can guarantee responsibility, as well as revocable pseudonymity which is given without any identity. In this way, security as well as identity administration necessities can in reality be adjusted. Regarding security, we intend to propose a system for considering the security within the device, communication as well as cloud level as opposed to just at one of these levels. Obscurity and pseudonymity ought to be tended to at the device level to keep the data leakage that can be possible under the circumstances. At long last, with respect to believe, the analyzed frameworks just give crude mechanism. Thus, to completely understand the commercial center idea imagined for the IoT, a genuine group of trust is required. (Vasilomanolakis, E. & Daubert, J., n.d).
References
Bhabad, M., A. & Bagade, S., T. (2015). Internet of Things: Architecture, Security Issues and Countermeasures. International Journal of Computer Applications (0975 – 8887) Volume 125 – No.14, September 2015. Retrieved from - https:
pdfs.semanticscholar.org/94
0b62588808fd2614c572162fa170cce06856.pdf
Borgohain, T. & Kumar, U. (2015). Survey of Security and Privacy Issues of Internet of Things. Retrieved from - https:
arxiv.org/ftp/arxiv/papers/1501/1501.02211.pdf
Desai, D. & Upadhyay, H. (2014). Security and Privacy Consideration for Internet of Things in Smart Home Environments. International Journal of Engineering Research and Development e-ISSN: 2278-067X, p-ISSN: 2278-800X, www.ijerd.com Volume 10, Issue 11 (November 2014), PP.73-83. Retrieved from - https:
pdfs.semanticscholar.org/dd05/e2c2060dd1181
4de45c09b43c6680173da.pdf
Han, G. & Shu, L. (2016). Security and privacy in Internet of things: methods, architectures, and solutions. Security Comm. Networks 2016; 9:2641–2642 Published online 27 June 2016 in Wiley Online Li
ary. DOI: 10.1002/sec.1497. Retrieved from - https:
onlineli
ary.wiley.com/doi/pdf/10.1002/sec.1497
Kumar, J., S. & Patel, D., R. (2014). A Survey on Internet of Things: Security and Privacy Issues. International Journal of Computer Applications (0975 – 8887) Volume 90 – No 11, March 2014. Retrieved from - https:
esearch.ijcaonline.org/volume90/number11/pxc3894454.pdf
Mendez, D. & Papapanagiotou, I. (2017). Internet of Things: Survey on Security and Privacy. arXiv:1707.01879v2 [cs.CR] 10 Jul 2017. Retrieved from - https:
arxiv.org/pdf/1707.01879.pdf
Razzaq, M., A. & Qureshi, M., A. (2017). Security Issues in the Internet of Things (IoT): A Comprehensive Study. (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 8, No. 6, 2017. Retrieved from - https:
pdfs.semanticscholar.org/c192/7578a61df3c5a33f6bca9f9bd5c181e1d5ac.pdf
Soumyalatha & Hegde, S., G. (n.d). Study of IoT: Understanding IoT Architecture, Applications, Issues and Challenges. International Journal of Advanced Networking & Applications (IJANA). Retrieved from - https:
pdfs.semanticscholar.org/2f82
7d7574a1bc447ff33296b85a40e12178ab.pdf
Vasilomanolakis, E. & Daubert, J. (n.d). On the Security and Privacy of Internet of Things Architectures and Systems. Retrieved from - https:
pdfs.semanticscholar.org/0169/19e908c1da6ba0d5d7075ceaaf5f3907e97e.pdf
Vijayalakshmi, A., V. & Dr. Arockiam, L. (2016). A study on security issues and challenges in IoT. International Journal OF Engineering Sciences & Management Research. Retrieved from - http:
www.ijesmr.com/doc/Archive-2016/November-2016/5.pdf
Wu, L. (2017). A Survey on Security and Privacy Issues in Internet-of-Things. IEEE Internet of things journal. Retrieved from - https:
www.researchgate.net/publication/316173391_A_Survey_on_Security_and_Privacy_Issues_in_Internet-of-Things
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here