The Internet of Things or IoT has been one of the key advancements in technology in the modern age. They are able to transfer data over a network without requiring human to human contact or human to computer. This is why they are now being integrated into everyday life, whether this be in homes to business. These cover the likes of smart home devices and security systems. However, from the outset, there has been many concerns with the products, especially when it comes to the privacy and security in place. This is why there has now been a vast growth in the security being put in place for these IoT devices. It is all about enabling safe use online for consumers of the products, with no risk associated with these.
There are now a combination of techniques that could improve security for these devices. A team of students from the Penn State World Campus has been behind this, using a multi-pronged data analysis approach that can help to strengthen the security for these devices, such as smart TVs and even baby monitors. The risk behind these products is endless, which leaves people really vulnerable to security breaches and their personal data getting into the wrong hands. This is certainly a reason that would put off many people from acquiring these products.
The threat will only continue and it has been estimated that by 2020, there will be more than 20 million IoT devices in operation around the world. A staggering statistic. The team from Penn State World Campus applied a combination of approaches, which have been used previously in a traditional network security management system. This approach showed how statistical data, machine learning and other data analysis methods can be applied with success to ensure security of IoT devices.
The data analysis technique was one that they applied, and was the open-source R statistical suite, which was used to characterize the IoT systems in use on the Canberra network. Machine learning was also used in this technique to search for patterns in the data that were not apparent in using R. The key to this approach is enabling the network to identify all running devices that are operating at that time. Through this, it can then track changes and scams that are taking place. This was just one of the approaches that led them to receiving the ‘Best Paper’ award for their work at the 2019 IEEE Ubiquitous Computing, Electronics, and Mobile Communication Conference.
Splunk is another very important tool when it comes to internet security, which has now been used for IoT traffic. However, this was another tool they used with great effect and could initially find multiple IP addresses that were trying to break into the IoT network. Splunk will now be expected to be implemented further to help with the ever-rising risk of security that comes with these IoT devices.
With internet security comes theft, which is now a very fruitful game for many around the world, which is why so much work goes in to online security. A very famous example has to be that of when criminals hacked into a fish tank in order to steal data from a casino. This was a very advanced high-tech fish tank that featured internet connectivity, which meant it became a prime target for internet hackers.
This connection allowed for the tank to be remotely monitored, with automatic feedings and the ability to adjust the temperature. This also led to hackers being able to swipe 10 gigabytes of data from the casino system. Intelligence security company Darktrace was called in and instantly found the unusual activity and that the hacking had been taking place, and that this was down to a lack of a properly implemented casino security system. They found that the tank was sending data out to a remote server in Finland, which meant it was the only casino in the world to be doing something similar, which instantly showed that this was highly suspect activity.
This data exfiltration was just another example of the extent criminals are now going in order to steal data, down to the fact it can be such a lucrative business for them. It also sends a further stark message of the ever-rising risks associated with technological advancements and why security must advance at the same rate.