During this semester I wrote a report about IoT Security. Find it attached.
The Internet of Things (IoT) describes the expansion of the Internet and embedded technologies to everyday devices. It has been on the rise for the last years and it will certainly continue – Ericsson, for example, forecasts about 29 billion connected devices by 2022. This rapid growth changes the network landscape dramatically and recent studies reveal an increased threat by vulnerable and malware infected IoT devices.
This report discusses the introduced challenges of IoT devices and outlines common security risks. Furthermore reasons for the increased vulnerability and their consequences for the network and the privacy of users will presented.
As an example for a security incident, the example of the botnet Mirai will be presented. Mirai was one of the biggest and most powerful DDoS attacks ever seen. Technically it was a simple incident, nonetheless it ended up rendering big parts of the Internet inaccessible.
To overcome the security issues introduced by the IoT, technical and policy mitigations will be presented. Technical mitigations in general focus on good security practices and well known practices which have been known for years. However, due to technical reasons, and market incentives, those practices were often not applied to IoT products. As a response, policies for manufactures were proposed by multiple security experts, which might help to decrease the threat of IoT devices in the networked world. Inspired by already known policies from other markets, several proposals to increase the security of the network and safeguard the privacy of the users will be presented.