دانلود مقاله تحلیل انتقادی رویکرد سیستماتیک برای درک چالش امنیتی اینترنت اشیا
چکیده
مقدمه
انگیزه و کارهای مرتبط
تهدیدات و حملات امنیتی IoT
بدافزار اینترنت اشیا
بحث
نتیجه گیری
منابع
Abstract
Introduction
Motivation and related work
IoT security threats and attacks
IoT malware
Discussion
Conclusions
References
چکیده
به عنوان یک فناوری در حال ظهور، اینترنت اشیا (IoT) در حال تحول در اقتصاد و جامعه جهانی است. پذیرش گسترده اینترنت اشیا چالش های امنیتی و حریم خصوصی جدیدی را نیز به وجود می آورد. ساختن سیستم های اینترنت اشیا کارآمد و ایمن نیاز به درک کاملی از تهدیدات و آسیب پذیری های احتمالی سیستم دارد. عدم یکنواختی در ارائه معماری اینترنت اشیا چالش مهمی در درک مسائل امنیتی ایجاد می کند. با انگیزه این موضوع، ما یک مطالعه سیستماتیک از تهدیدات و حملات اساسی بر اساس چهار عنصر اصلی اکوسیستم اینترنت اشیا ارائه میکنیم: دستگاهها، خدمات شبکه داخلی، خدمات شبکه خارجی و کاربران. علاوه بر این، ما یک مطالعه دقیق از بدافزار اینترنت اشیا را شامل میشویم. ما الزامات امنیتی و چالشهای اصلی را برای مقابله با دستههای حمله طراحیشده بررسی میکنیم. ما بر این باوریم که یک اکوسیستم اینترنت اشیا را می توان با رعایت الزامات پیشنهادی، از جمله مدیریت هویت، کنترل دسترسی، امنیت ارتباطات سرتاسر و سیستم های مدیریت اعتماد، به طور کارآمد و ایمن طراحی کرد.
توجه! این متن ترجمه ماشینی بوده و توسط مترجمین ای ترجمه، ترجمه نشده است.
Abstract
As an emerging technology, the Internet of Things (IoT) is revolutionizing the global economy and society. The wide adoption of IoT opens up new security and privacy challenges as well. Building efficient, secure IoT systems need a thorough understanding of the potential threats and vulnerabilities of the system. The non-uniformity in the presentation of IoT architecture poses a significant challenge in understanding security issues. Motivated by this, we present a systematic study of substantial threats and attacks based on four primary elements of the IoT ecosystem: devices, internal network services, external network services, and users. Besides, we include a detailed study of IoT malware. We examine the major security requirements and challenges to confront the devised attack categories. We believe that an IoT ecosystem can be designed efficiently and securely by adhering to the proposed requirements, including identity management, access control, end to end communication security and trust management systems.
Introduction
Internet of Things (IoT) is an emerging communication paradigm that envisions the connectivity of the physical world to the digital world. The decrease in the IoT component cost, improved wireless services, battery life, and improved business models have made IoT vision a reality. Furthermore, empowering technologies such as cloud computing, data analytics, Internet Protocol (IP)-based networking, nanotechnology, ubiquitous computing and other enabling technologies have fueled the rapid advancement in various IoT applications. As a result, Smart city, Smart grid, Smart home, Smart health care, and so on are no longer a futuristic reality.
Conclusions
The Internet of Things is an emerging paradigm that can make several opportunities with a range of cost-effective, efficient applications and services to the end-users. However, security is one of the leading concerns towards a broader deployment of IoT systems. An IoT system will be vulnerable to attacks if a proper assessment of potential threats and attacks does not meet appropriate security requirements. In this paper, we have analyzed the concerns regarding the non-standardization of IoT architecture. Systematic approaches considering IoT systems as a whole ecosystem have added flexibility while security and design implementations. Hence we analyzed significant threats and attacks on essential elements in an IoT ecosystem, systematically combining the derived fourlayered IoT architecture. We have also included a detailed study of different IoT malware families by considering the recent increase in malware attacks against IoT devices. Finally, we discuss the critical security requirements that need to be explicitly advanced for IoT systems, which will help researchers in IoT security to innovate new and improved security solutions.