In the forthcoming Internet of Things everything (smart phones, dishwashers, refrigerators, game machines, TVs, cameras, home security systems, vehicles, lighting systems, traffic control systems, engines, bridges, SCADA systems, blood pressure and heart rate monitors, environment monitors etc.) will carry sensors and/or actuators that will be interconnected via sensor networks and the Internet. The sensors sense the environment, transmit the information to controllers who decide about actions to be taken and send their decisions to the actuators.
As the number and variety of connected devices and transmitted data increase, so the number and variety of potential threats increase. So, new security challenges appear.
This seminar presents an introduction to the Internet of Things, smart applications, and research challenges. It also presents an introduction to wireless sensor networks and their security risks.
Seminar given at the Internet Interdisciplinary Institute (IN3) of the Open University of Catalonia (UOC) on 16 December 2014.
1. Prof. Anastasios A. Economides
University of Macedonia, Thessaloniki, Greece
economid@uom.gr
http://conta.uom.gr
Internet of Things (IoT)
&
Security Challenges
4. IoT Definitions
4IN3-UOC 2014 seminar by Prof. A.A. Economides
• IoT will connect objects around us to provide seamless communication and contextual
services provided by them. IETF
• IoT enables the objects in our environment to become active participants, i.e.,
– they share information with other members of the network or with any other
stakeholder,
– they are capable of recognizing events and changes in their surroundings and of acting
and reacting autonomously in an appropriate manner. IERC (Internet of Things
Research in Europe Cluster)
“Worldwide ICT infrastructure that enables ubiquitous services among
interacting humans, machines, data and applications”
A.A. Economides
7. IoT Forecast
7IN3-UOC 2014 seminar by Prof. A.A. Economides
Cisco: 25 billion devices connected to the Internet by 2015 and 50 billion by
2020.
IDC: 30 billion devices will be communicating over the network by 2020.
ABI Research: There are more than 10 billion wirelessly connected devices in
the market today; with over 30 billion devices by 2020.
Gartner: 26 billion units installed by 2020.
Ericsson: 50 billion connected devices by 2020.
9. IoT Economic Impact, 1
9IN3-UOC 2014 seminar by Prof. A.A. Economides
Harbor Research: Service Revenues for the IoT will reach $500 Billion
by 2018, dwarfing the $33 Billion in revenue expected from devices
in 2018.
McKinsey Global Institute: the potential economic impact of IoT will
be $2.7 trillion to $6.2 trillion per year by 2025. Across the health-
care applications, IoT technology could have an economic impact
of $1.1 trillion to $2.5 trillion per year by 2025.
GSMA & Machina Research: A $ 4.5 trillion global impact in 2020.
The global business impact of the IoT can be split into two broad
categories: ‘revenues’ ($2.5 trillion) and ‘cost reduction’ ($1 trillion)
and ‘service improvements’ ($1 trillion).
10. IoT Economic Impact, 2
10IN3-UOC 2014 seminar by Prof. A.A. Economides
Cisco: The IoE Value at Stake will be $19 trillion for companies
and industries worldwide in the next decade (2013 – 2022).
IDC: The market will increase 133% to $3.04 trillion by 2020.
Gartner: IoT product and service suppliers will generate
incremental revenue exceeding $300 billion, mostly in
services, in 2020. It will result in $1.9 trillion in global
economic value-add through sales into diverse end markets.
The verticals that are leading its adoption are manufacturing
(15 percent), healthcare (15 percent) and insurance (11
percent).
11. 75% of companies from across industries are already
exploring the IoT.
15 % of organizations across the globe already have an IoT
solution in place.
53 % plan to implement one within the next 24 months,
and another 14 % in the next two to five years.
21 % of transportation and logistics companies already
have IoT solutions in place.
(Zebra Technologies / Forrester Consulting).
IoT deployment
IN3-UOC 2014 seminar by Prof. A.A. Economides 11
13. Cisco predicts that IoT will cause IP traffic to reach
1.6 zettabytes by 2018 (300% increase compared to 2013).
By 2018,
57% of IP traffic will come from devices other than PCs.
Wi-Fi will generate 49% of IP traffic,
other mobile-connected devices will generate 12% of it.
Cisco will invest $1 billion to build the world's largest
Intercloud network to tackle the IoT.
Cisco to build a network
13IN3-UOC 2014 seminar by Prof. A.A. Economides
15. • Personal Health,
• Personal Devices (e.g. glass, watch, mobile),
• Clothes,
• Personal Exercise,
• Infant/ Elderly/Patient Monitoring,
• Special needs persons Assistance,
• Hospitals, Health Retreat,
• Pharmaceuticals,
• Emergency,
• Recreational activities,
• etc.
Smart Healthcare & Wellbeing
IN3-UOC 2014 seminar by Prof. A.A. Economides 15
16. Fall Detection
Assistance for elderly or disabled people living independent.
Medical Fridges
Control of conditions inside freezers storing vaccines, medicines and
organic elements.
Sportsmen Care
Vital signs monitoring in high performance centers and fields.
Patients Surveillance
Monitoring of conditions of patients inside hospitals and in old people's
home.
Ultraviolet Radiation
Measurement of UV sun rays to warn people not to be exposed in certain
hours.
eHealth
16IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
17. • Home equipment/appliances Control,
• Safety Detectors (e.g. smoke, gas, motion),
• Security, Surveillance,
• Environment (e.g. heat, air, light),
• Entertainment,
• etc.
Smart Home
IN3-UOC 2014 seminar by Prof. A.A. Economides 17
18. Energy and Water Use
Energy and water supply consumption monitoring to obtain
advice on how to save cost and resources.
Remote Control Appliances
Switching on and off remotely appliances to avoid accidents
and save energy.
Intrusion Detection Systems
Detection of windows and doors openings and violations to
prevent intruders.
Art and Goods Preservation
Monitoring of conditions inside museums and art
warehouses.
Domotic & Home Automation
18IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
19. • Energy & Lighting,
• Security, Surveillance,
• Emergency (e.g. fire, gas),
• Metering,
• Offices,
• Hotels,
• etc.
Smart Building
IN3-UOC 2014 seminar by Prof. A.A. Economides 19
22. Smart Grid
Energy consumption monitoring and management.
Tank level
Monitoring of water, oil and gas levels in storage tanks and
cisterns.
Photovoltaic Installations
Monitoring and optimization of performance in solar energy
plants.
Water Flow
Measurement of water pressure in water transportation systems.
Silos Stock Calculation
Measurement of emptiness level and weight of the goods.
Smart Metering
22IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
23. Potable water monitoring
Monitor the quality of tap water in cities.
Chemical leakage detection in rivers
Detect leakages and wastes of factories in rivers.
Swimming pool remote measurement
Control remotely the swimming pool conditions.
Pollution levels in the sea
Control real time leakages and wastes in the sea.
Water Leakages
Detection of liquid presence outside tanks and pressure variations along
pipes.
River Floods
Monitoring of water level variations in rivers, dams and reservoirs.
Smart Water
23IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
24. • E-Government,
• Security, Surveillance,
• Emergency (e.g. fire, flood, tsunami),
• Energy Management (e.g. lighting),
• Air & Water Quality Monitoring,
• Traffic Control, Parking,
• Transportation (e.g. cars, buses, metro, trams,…),
• Tourism,
• Culture, Arts,
• Education,
etc.
Smart City/ Community
IN3-UOC 2014 seminar by Prof. A.A. Economides 24
http://www.alcatel-lucent.com/
25. Smart Parking
Monitoring of parking spaces availability in the city.
Structural health
Monitoring of vibrations and material conditions in buildings, bridges and historical monuments.
Noise Urban Maps
Sound monitoring in bar areas and centric zones in real time.
Smartphone Detection
Detect iPhone and Android devices and in general any device which works with WiFi or Bluetooth
interfaces.
Eletromagnetic Field Levels
Measurement of the energy radiated by cell stations and and WiFi routers.
Traffic Congestion
Monitoring of vehicles and pedestrian levels to optimize driving and walking routes.
Smart Lighting
Intelligent and weather adaptive lighting in street lights.
Waste Management
Detection of rubbish levels in containers to optimize the trash collection routes.
Smart Cities
25IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
26. There are sensors everywhere: monitoring traffic, parking spaces,
street lights, air pollution, meteorological conditions, the humidity
of green spaces in parks, the trash bins etc.
Street lights in Born are shut down automatically if they don’t detect
any activity nearby. They also gathers environmental information,
humidity, temperature, pollution, and noise. It is expected to have
3,360 lights on 160 streets by 2015.
The trash cans alert sanitation workers monitoring on a tablet that
they need to be emptied.
The irrigation systems in Pobleneau Central Park monitor the
moisture in the soil and turning on pop-up sprinklers. Parks
department employees can also access meteorological data and
rain gauges and adjust the quantity of water used.
Barcelona Smart City
26IN3-UOC 2014 seminar by Prof. A.A. Economides
27. • 83 projects across 12 areas
• 47,000 jobs created
• Smart Water: $58 million savings
• Smart Parking: $53 million revenue
• Smart Lighting: $47 million savings
• Smart Buildings: $124 million savings
www.cisco.com
Barcelona Smart City economics
27IN3-UOC 2014 seminar by Prof. A.A. Economides
28. Perimeter Access Control
Access control to restricted areas and detection of people in non-
authorized areas.
Liquid Presence
Liquid detection in data centers, warehouses and sensitive building
grounds to prevent break downs and corrosion.
Radiation Levels
Distributed measurement of radiation levels in nuclear power
stations surroundings to generate leakage alerts.
Explosive and Hazardous Gases
Detection of gas levels and leakages in industrial environments,
surroundings of chemical factories and inside mines.
Security & Emergencies
28IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
29. • Farming, Agriculture, Livestock,
• Water,
• Pollution,
• Weather,
• Nature,
etc.
Smart Environment
IN3-UOC 2014 seminar by Prof. A.A. Economides 29
30. Forest Fire Detection
Monitoring of combustion gases and preemptive fire conditions to define
alert zones.
Air Pollution
Control of CO2 emissions of factories, pollution emitted by cars and toxic
gases generated in farms.
Snow Level Monitoring
Snow level measurement to know in real time the quality of ski tracks and
allow security corps avalanche prevention.
Landslide and Avalanche Prevention
Monitoring of soil moisture, vibrations and earth density to detect
dangerous patterns in land conditions.
Earthquake Early Detection
Distributed control in specific places of tremors.
Smart Environment
30IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
31. Wine Quality Enhancing
Monitoring soil moisture and trunk diameter in vineyards to
control the amount of sugar in grapes and grapevine health.
Green Houses
Control micro-climate conditions to maximize the production of
fruits and vegetables and its quality.
Golf Courses
Selective irrigation in dry zones to reduce the water resources
required in the green.
Meteorological Station Network
Study of weather conditions in fields to forecast ice formation,
rain, drought, snow or wind changes.
Compost
Control of humidity and temperature levels in alfalfa, hay,
straw, etc. to prevent fungus and other microbial contaminants.
Smart Agriculture & Animal Farming (1)
31IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
32. Hydroponics
Control the exact conditions of plants grown in water to get the
highest efficiency crops.
Offspring Care
Control of growing conditions of the offspring in animal farms
to ensure its survival and health.
Animal Tracking
Location and identification of animals grazing in open pastures
or location in big stables.
Toxic Gas Levels
Study of ventilation and air quality in farms and detection of
harmful gases from excrements.
Smart Agriculture & Animal Farming (2)
32IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
33. • Smart Factory,
• Manufacturing, Robotics,
• Financial Services,
• Banking,
• Insurance,
etc.
Smart Industry & Services
IN3-UOC 2014 seminar by Prof. A.A. Economides 33
34. M2M Applications
Machine auto-diagnosis and assets control.
Indoor Air Quality
Monitoring of toxic gas and oxygen levels inside chemical plants to ensure
workers and goods safety.
Temperature Monitoring
Control of temperature inside industrial and medical fridges with sensitive
merchandise.
Ozone Presence
Monitoring of ozone levels during the drying meat process in food factories.
Indoor Location
Asset indoor location by using active (ZigBee) and passive tags (RFID/NFC).
Vehicle Auto-diagnosis
Information collection from CanBus to send real time alarms to emergencies or
provide advice to drivers.
Industrial Control
34IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
35. Quality of Shipment Conditions
Monitoring of vibrations, strokes, container openings or cold
chain maintenance for insurance purposes.
Item Location
Search of individual items in big surfaces like warehouses or
harbours.
Storage Incompatibility Detection
Warning emission on containers storing inflammable goods
closed to others containing explosive material.
Fleet Tracking
Control of routes followed for delicate goods like medical
drugs, jewels or dangerous merchandises.
Smart Logistics & Supply Chain Management
35IN3-UOC 2014 seminar by Prof. A.A. Economides
http://www.libelium.com/
40. Devices (Sensors, Actuators, etc.),
Networking & Communications,
Data Management,
Decision Making,
Security & Privacy,
Social & Legal issues,
Economics,
Human Behavior & Usability,
Marketing, etc.
Research Challenges
IN3-UOC 2014 seminar by Prof. A.A. Economides 40
41. Google wants to advance the Internet of things,
offers grants for ‘open innovation’ research proposals
Deadline: January 21, 2015
Individual Project Grants: US $50,000 to $150,000.
Expedition Lead Grants: US$500,000 to $800,000.
Google - Open Web of Things
41IN3-UOC 2014 seminar by Prof. A.A. Economides
42. Research at the intersection of disciplines including:
Human Computer Interaction (HCI)
Privacy & Security
Systems & Protocols
42IN3-UOC 2014 seminar by Prof. A.A. Economides
43. Deadlines: March 25th , 2015 & May 11th , 2015
open to young women between the ages of 13-18
New ideas on how technologies from the Internet of Things can improve:
education,
healthcare,
manufacturing,
energy,
retail,
transportation,
smart cities
http://iotchallenge-cisco.younoodle.com/
Cisco IoT Challenge for Young Women
IN3-UOC 2014 seminar by Prof. A.A. Economides 43
44. Any cyber-attack, large or small, is born from
a weak link in the security chain. Weak links can be:
• poorly written code,
• outdated software,
• an abandoned website,
• Developer,
• errors,
• a user who blindly trusts, etc.
Cisco on Cyber-attack effects
44IN3-UOC 2014 seminar by Prof. A.A. Economides
45. The Center for Strategic and International Studies
estimated that US$100 billion is lost annually to the
US economy, and 508,000 US jobs are lost, because
of malicious online activity.
Ponemon Institute estimated that the average cost
of an organizational data breach was US$5.4 million
in 2014, up from US$4.5 million in 2013.
Losses due to attacks
45IN3-UOC 2014 seminar by Prof. A.A. Economides
47. Nearly half (46%) of the IT leaders who responded to
Computer World poll said that they will invest more
next year in:
access control,
intrusion prevention,
identity management,
virus and malware protection.
47IN3-UOC 2014 seminar by Prof. A.A. Economides
48. @Device:
• stolen
• modified
• replaced
• cloned
@Software:
• modified (firmware / OS / middleware)
• decompiled to extract credentials
• exhausted (denial of service)
@Network
Attack Examples
48IN3-UOC 2014 seminar by Prof. A.A. Economides
49. Routers will be a prime target for hackers looking to
compromise network-connected devices as IoT grows.
(Avast)
Hackers are more likely to want to take over the local
networks that connect devices rather than hack into
the individual devices themselves. (Ondrej Vlcek, chief
operation officer at Avast)
49IN3-UOC 2014 seminar by Prof. A.A. Economides
50. A wireless network consisting of a large number of
autonomous sensors that are spatially distributed in area of
interest in order to cooperatively monitor physical or
environmental conditions, such as temperature, sound,
vibration, pressure, motion, pollutants, etc.
Sensor:
Wireless Sensor Network (WSN)
50IN3-UOC 2014 seminar by Prof. A.A. Economides
Sensors
ADC
Processor
Memory
Transceiver
Location finding system
(optional)
Mobilizer
(optional)
Sensing Unit Processing Unit
Power unit
Communication Unit
51. WSN Architecture
51IN3-UOC 2014 seminar by Prof. A.A. Economides
Internet,
Satellite
Sink
Sink
Task
Manager
User
Sensor
Field
Sensor
Node
Figure –The big picture
52. WSNs are vulnerable to various types of attacks
52IN3-UOC 2014 seminar by Prof. A.A. Economides
Internet,
Satellite
Sink
Sink
Task
Manager
User
Sensor
Field
Sensor
Node
Spoofed
Routing
information
Wormhole
Attack
53. Eavesdropping: an attacker intercepts packets transmitted over the air for further
cryptanalysis or traffic analysis.
Traffic analysis: allows an attacker to determine that there is activity in the
network, the location of the BSs, and the type of protocols being used.
Message injection: an adversary injects bogus control information into the data
stream.
Message modification: a previously captured message is modified before being
retransmitted
Node capture: An embedded device is considered being compromised when an
attacker, through various means, gains control to the node itself.
Denial-of-Service (DoS) attacks: can be grouped into two categories
– Service degradation (e.g., collision attack), and
– Service disablement through power exhaustion (e.g. jamming)
Attack Models
53IN3-UOC 2014 seminar by Prof. A.A. Economides
PassiveattacksActiveattacks
54. Various security mechanisms have been proposed to address the
security concerns of WSNs.
Despite the fast development of computer security mechanisms,
the scale and complexity of the generated wireless data put
major challenges to the representation and understanding of
security-relevant network information.
To address this issue, efficient visualization techniques have been
adopted by the researchers to bridge the gap.
A new security discipline emerges!
Network Security Visualization
54IN3-UOC 2014 seminar by Prof. A.A. Economides
55. The power of visualization should go beyond the simple ”illustration” of network
behavior in order to help the analysts discriminate between normal and
abnormal network activities.
Network security visualization provides insight into areas that other system fail to
enlighten by integrating visualization and machine learning techniques.
In the near future…
Visualization for network security
55IN3-UOC 2014 seminar by Prof. A.A. Economides
57. IoT enables dramatic society transformation!
WSN is a main ingredient of IoT.
WSN Security is important!
Conclusions
IN3-UOC 2014 seminar by Prof. A.A. Economides 57
58. Thank you for your attention
Prof. Anastasios A. Economides
economid@uom.gr
http://conta.uom.gr
IN3-UOC 2014 seminar by Prof. A.A. Economides 58