Current Trends in Information Technology

Security is the most important in today’s world as we have personal and confidential data which we do not want to share with anyone, but somehow attackers attack on our data and steal our identity. Same happens in IoT, attackers somehow attack on devices or communication channels and steal the data. This study reviews all the threats and security issues in IoT. Nowadays, devices are made in such a way that they have to store all the data of a user; so it is easy for an attacker to take away all the necessary data in one go. This study has a review of threats which comes in the way of IoT, security issues, and their solutions. Problems like covert channel, breaking of ASLR and KASLR, Keystroke timing attack, and some security frameworks. Network security is the critical part of today’s world, and operability and interoperability are key of IoT, but due to weak controllability and heterogeneity, all data expose to attacker. In IoT, data storing and processing is in underlying layer; due to this, data is exposed. Taking an example of MQTT it is light weight machine to machine communication protocol that acts as low bandwidth communication method. There is need of security to hide our data from attackers. IoT is the combination of different technologies so there is a chance of stealing of identity or data. IoT also produce data in large number which is also known as Big Data and Big data has its own security issues. Mobile devices are also used in IoT so they also increase security issues.

T.I. Murphy, “Line spacing in latex documents,” http://www.sohu.com/a/254853203 804262/, accessed April 4, 2010.

H. Zhang and L. Zhu, “Internet of things: Key technology, architecture and challenging problems,” in 2011 IEEE International Conference on Computer Science and Automation Engineering, vol. 4. IEEE, 2011, pp. 507–512

P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz and Y. Yarom, Spectre Attacks: Exploiting Speculative Execution,

http://www.meltdownattack.com, 2018

M. Lipp, D. Gruss, R. Spreitzer, C. Maurice and S. Mangard, ARMageddon: Cache Attacks on Mobile Devices, Proceedings of the 25th USENIX Security Symposium, Austin, TX, USA, August 10–12, 2016

B. Gras, K. Razavi, E. Bosman, H. Bos and C. Giuffrida, ASLR on the Line: Practical Cache Attacks on the MMU, NDSS Symposium, 2017

M. Schwarz, C. Maurice, D. Gruss and S. Mangard, Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript, International Conference on Financial Cryptography and Data Security, 2017

M. Schwarz, M. Lipp and D. Gruss, JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks, https://mlq.me/, 2018

C. Disselkoen, D. Kohlbrenner, L. Porter and D. Tullsen, Prime+Abort: A Timer-Free HighPrecision L3 Cache Attack using Intel TSX, Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017

V. Lampkin, W.T. Leong, L. Olivera, S. Rawat, N. Subrahamanyam, R. Xiang, “Building Smarter Planet Solutions with MQTT and IBM WebSphere MQ Telemetry”, First Edition, September 2012.

E.G. Davis, A. Calaveras and I. Demirkol, “Improving Packet Delivery Performance of Publish/Subscribe Protocols in Wireless Sensor Networks”, Sensors, 2013