The use of IoT in society is perhaps already ubiquitous, with a vast attack surface offering multiple opportunities for malicious actors. This short paper first presents an introduction to IoT and its security issues, including an overview of IoT layer models and topologies, IoT standardisation efforts and protocols. The focus then moves to IoT vulnerabilities and specific suggestions for mitigations. This work's intended audience are those relatively new to IoT though with existing network-related knowledge. It is concluded that device resource constraints and a lack of IoT standards are significant issues. Research opportunities exist to develop efficient IoT IDS and energy-saving cryptography techniques lightweight enough to reasonably deploy. The need for standardised protocols and channel-based security solutions is clear, underpinned by legislative directives to ensure high standards that prevent cost-cutting on the device manufacturing side.
翻译:社会对IoT的使用也许已经无处不在,巨大的攻击表面为恶意行为者提供了多种机会。这份简短的论文首先介绍了IoT及其安全问题,包括IoT层模型和地形学概览、IoT标准化努力和协议。然后重点转向IoT脆弱性和具体的缓解建议。这项工作的预定受众是IoT相对比较新的受众,尽管现有与网络有关的知识。得出的结论是,设备资源限制和缺乏IoT标准是重大问题。研究机会是开发高效的IoT IDS和节能加密技术,其轻度足以合理部署。标准化协议和基于通道的安全解决方案的必要性是明确的,以立法指令为基础,以确保高标准防止设备制造方面的成本削减。