On the Internet, the security industry protects us from harm by promoting and implementing security practices. These "built-in" security practices include mutual authentication, encryption, security protocols, and trust. But what about the real world? The Internet of Things (IoT) is not created with a similar built-in security architecture in most cases. This is because people have many things long before they are connected and/or intelligent. It was only in 2014 that Symantec structured this term in the IoT space by defining the difference between built-in and bolt-safe components.
With built-in components, safety is an important part of the equipment, and bolt components will add these safety features after the incident. Because the Internet of Things affects the physical world through the human-machine interface of the device, attacks on Internet-connected Internet of Things devices are not stable and less secure, not only easy, but also more dangerous.
Shutterstock
In buildings, we trust smart sensors to manage critical daily tasks such as turning on lights, detecting threats to air and water quality, and managing heat and ventilation. From a bolt point of view, adding an Internet-enabled network architecture seems to be a harmless and useful feature to achieve higher connectivity.
Unfortunately, these sensors and controllers are not designed to be exposed to threats that arise when the building's control system is connected to the Internet. If there is no required basic security architecture, these security architectures run safely on the Internet, which will increase the potential source of attack and diversify it.
Traditional Internet security is still important for the Internet of Things, but it is not far enough. Designing the correct authentication, authorization, billing, encryption, intrusion detection, software signature and trust model can facilitate the interaction between online devices. However, in matters related to smart ovens, smart locks, connecting shoes and exercise clothing, mirroring and enhancing these mechanisms requires great care. Security breaches may pose an imminent physical threat to users.
For example, in 2017, researchers used networked low-resolution cameras in shopping malls to collect data on the sliding patterns used to unlock Android phones, and found a set of possible patterns that could unlock phones in more than half of the test cases.
Most importantly, this attack is not developed for special high-end smart cameras. It does this by obtaining enough different data from many common low-resolution, consumer-grade cameras. If an attacker can access the user's mobile phone and only protect it through the sliding mode, the attacker can access all users' personal data. IoT includes home automation, vehicle protection, and health monitoring systems.
In the Internet of Things, an attack is not just a metaphor-it is an actual attack in the physical world. These can also be physically activated without an attacker or even online, and do not know how to install a legitimate and easy-to-use packet sniffing application. For example, imagine a motion detector connected to IoT in a public building, where a person with malicious intent physically enters the building and intentionally triggers the sensor while sniffing the wireless network to capture what happens when motion is detected Encrypted wireless communication.
This person can store this data in a mobile device and collect enough data to build a repository for encrypted communications. Then, they can create encryption keys that are smaller than the original almost infinitely arranged encryption keys. Similarly, Alan Turing used a poor fallacy to use a set of abbreviations or weather comments to terminate secure communications during World War II. .
Being able to infer that a particular data packet comes from a motion event at a certain time is the key to reducing a well-encrypted data structure to easy-to-use and easy-to-read code. And by accessing data packet headers and structures, malicious attacks on other building systems (such as electricity and heat) become possible-all because a person downloaded an application and placed it in front of the motion sensor for a few minutes.
A recent event at the Austrian Hotel highlighted another type of hacker with IoT capabilities. Lock the hotel door asking for a ransom while inside, and with an effective price point design, hackers use a commercial system, trust the key to the network too much, and have no physical button solutions or bypass methods. In this way, hackers get a lot of expenditures for accessing vulnerable systems.
In this case, the security fix will be simple. Preventing such attacks involves programming electronic locks to disable and default mechanical failures. This is a low-cost, low-input preventive measure, but it requires engineers to think that safety is preemptive and often in the old way, such as, "how do we secure things are connected," "how to connect things is the highest level Is the security built into our new network model?"
IBM recently demonstrated the importance of these physical factors by executing an "ethical hacker" of an anonymous smart office building. Using traditional hacking techniques, the company cannot gain full access to the building's control and automation systems. But by driving past the building and connecting to the building’s local network, they were able to do the job. If the flesh is considered, this hypothetical hack is impossible.
Rather than curb inflation, the built-in IoT security model shows that physical security provides the basis for a higher level of network protection. With this foundation, safer and more extensive interaction with things connected to the Internet is possible.
Monocrystalline Solar Panel,Mono Solar Panel,12V Monocrystalline Solar Panel,Monocrystalline 48 Volts Solar Panel
Jiangsu Stark New Energy Co.,Ltd , https://www.stark-newenergy.com