IoT technologies are booming and promising to reshape the way of human interaction.
According to IHS Statista 2018 [9], the number of IoT devices can soar over 70 billion in 2025, and 70% of them will be low-power and low-cost devices. Since IoT networks may connect the devices of various applications in different networks, e.g., LoRa or wired, the heterogeneous issues are inevitable. The challenge of such heterogeneous networks is to keep such devices in secure communication while satisfying the stringent requirement of limited resources or energy.
From the energy usage and computing capacity, the IoT devices can be categorized into two types: the constrained or unconstrained ones. The constraints may refer to energy, computation, and cost. For example, the constrained devices include the sensors that may cost no more than 10 USD and have few capacities of self-computation, e.g., LoRa
devices. In contrast, the unconstrained devices consist of a wide range of devices from smartphones to autonomous vehicles. Their characteristics are abundant energy source or easy to recharge, self-computation ability, and high cost if the deployment requires many device units. An overview of a conceptual IoT architecture and layer classification by the coverage and relevant business sectors is presented in Fig. 2.1.1. A glance of IoT devices is shown in Fig. 2.1.2.
Home surveilance Water Metering
Vehicle-to-everything Smart health
IoT Gateway
4G
Application Platform /IoT API services
Communication range 10m - 50 Km, latency > 1s Communication range, 20m – 5km, latency < 1s Edge router
Wireless signal
Low-power wireless networks, Massive IoT
IoT uRLLC
Fog Layer
Things/Devices Cloud Layer
IoT Applications Multi-access Edge Computing Server
RSU
Augmented Reality
Remote surgery
Figure 2.1.1: IoT conceptual architecture and layer classification by the coverage and relevant business sectors. Low-power wireless networks support connectivity for massive IoT constrained devices with the communication range at 10-50km and latency >1s at best. IoT uRLLC offers the connectivity to high-end applications such as V2X or remote surgery that often require a very low latency ( <1s).
Unfortunately, whether these IoT devices are constrained or not, many of them may not often come with the state-of-the-art and reliable security mechanisms [20] due to the following reasons:
1. In the profit-driven business, security is often an afterthought of most manufacturers, i.e., not given priority over functionality[20]. Notably, data of some devices conveyed over the air interface are unencrypted [30]–[33] or secured with weak cryptography schemes. For example, Table 2.1.1 illustrates the security schemes defined in the IEEE 802.15.4 Standard for the IoT mTC networks, where the bottom cryptographic schemes mean more secure. Unfortunately, implementations of any security practice are heavy in terms of resource usage, and an Low-power Wireless (LPW) device
Figure 2.1.2: A glance of IoT devices. The IoT devices can be categorized into two types:
the constrained or unconstrained ones. The constraints may refer to energy, computation and cost.
Table 2.1.1: Security modes in IEEE 802.15.4 Cryptography schemes Description Confid-
entiality
Inte- grity
None No security - -
AES-CBC-MAC-32 32-bit MAC - X
AES-CBC-MAC-64 64-bit MAC - X
AES-CBC-MAC-128 128-bit MAC - X
AES-CTR Encryption only X -
AES-CCM-32 Encryption & 32-bit MAC X X
AES-CCM-64 Encryption & 64-bit MAC X X
AES-CCM-128 Encryption & 128-bit MAC X X
may be so constrained to gain all security recommendations. To keep the cost of the device to a minimum [21], the manufacturers may not prefer the most reliable security scheme. That means the sensors, equipment, and their connected networks are potentially vulnerable to security attacks.
2. Due to the priority in producing low-cost devices, most manufacturers may cut off the security maintenance (such as never issue a security patch for the devices in their lifetime). Unfortunately, this bad behavior is not uncommon [20], [34]. Lacking regular protection measures weakens the sensors to resist security attacks, even those exploiting well-known vulnerabilities.
3. The attached energy source of an LPW device is limited and sometimes hard to
replace (e.g., mounted in the body of objects or scattered across a wide range of inaccessible terrain). Any damage to the battery may require a long time and high cost to maintain.
4. The nature of open wireless medium access makes major IoT networks susceptible to security attacks, e.g., jamming or gathering information via sniffing by unauthorized devices in range.
Lacking reliable security mechanisms in communication protocols, maintenance ability, and the inconsistency of such protection models are thus the top concerns of why IoT networks are more vulnerable to security attacks than the conventional networks.
According to our survey [8], the networking technologies connecting those devices are adapted to the constraints, including the protocol stacks (as illustrated in Fig. 2.1.3). As a result, the security attacks in each network type have specific characteristics. For instance, distributed denial-of-service attacks primarily appear to target the unconstrained devices but few such attacks are found in the rest. In contrast, the Energy depletion attacks (EDA) may intentionally target the battery-equipped devices, e.g., Zigbee-based motes, to degrade their limited energy. An overview of the security attacks in IoT has been listed in Fig. 1.2.1, Chapter 1. Also, through our thorough survey [8], we see that the security attacks on the LPW networks have not yet been disseminated in practice, at least at the moment of this writing (possibly because most LPW networks are intranet or deployed for the testing purpose), let alone the impact directly on human life. Therefore, at our most motivation on the critical applications, in this work, we focus on two notorious attacks on the IoT unconstrained networks: DDoS against the network availability of the current cellular networks and data forgery dissemination attacks in next-generation vehicular communication (5G V2X). The detail of these attacks is covered in Chapter 4 and Chapter 5.