product iamge

Internet of Things and Cyber Physical Systems: Security and Forensics

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Download
Search on Amazon

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

The quantity, diversity, and sophistication of Internet of Things (IoT) items are rapidly increasing, posing significant issues but also innovative solutions for forensic science. Such systems are becoming increasingly common in public locations, businesses, universities, residences, and other shared offices, producing enormous amounts of data at rapid speeds in a variety of forms. IoT devices can be used as suspects, digital witnesses, or instruments of crime and cyberattacks, posing new investigation problems, forensic issues, security threats, legal concerns, privacy concerns, and ethical dilemmas. A cyberattack on IoT devices might target the device itself or associated systems, particularly vital infrastructure.

This book discusses the advancements in IoT and Cyber Physical Systems (CPS) forensics. The first objective is to learn and understand the fundamentals of IoT forensics. This objective will answer the question of why and how IoT has evolved as one of the most promising and widely accepted technologies across the globe and has many widely accepted applications.

The second objective is to learn how to use CPS to address many computational problems. CPS forensics is a promising domain, and there are various advancements in this field. This book is structured so that the topics of discussion are relevant to each reader’s particular areas of interest. The book’s goal is to help each reader to see the relevance of IoT and CPS forensics to his or her career or interests.

This book not only presents numerous case studies from a global perspective, but it also compiles a large amount of literature and research from a database. As a result, this book effectively demonstrates the concerns, difficulties, and trends surrounding the topic while also encouraging readers to think globally. The main goal of this project is to encourage both researchers and practitioners to share and exchange their experiences and recent studies between academia and industry.

Author(s): Keshav Kaushik, Susheela Dahiya, Akashdeep Bhardwaj, Yassine Maleh
Series: Advances in Cybersecurity Management
Publisher: CRC Press
Year: 2022

Language: English
Pages: 298
City: Boca Raton

Cover
Half Title
Series Page
Title Page
Copyright Page
Contents
About the Editors
Contributors
1. Emerging Trends in Security, Cybercrime, and Digital Forensics in the Context of the Internet of Things
1.1 Introduction
1.2 Necessary Terminology
1.3 Digital and IoT Forensics
1.4 Challenges and Issues in IoT Forensics
1.5 IoT Forensics Approaches and Techniques
1.6 Conclusion
References
2. Internet of Things (IoT): Security, Cybercrimes, and Digital Forensics
2.1 Introduction
2.2 IoT Technology
2.3 Layered Architecture of IoT
2.4 IoT Mechanisms and Their Building Blocks
2.5 Crucial Features of IoT
2.6 Different Communication Technologies of IoT
2.6.1 Wireless Fidelity (Wi-Fi)
2.7 Various Issues of IoT Networks
2.7.1 Threats to Security
2.7.2 Connectivity Issues
2.7.3 IoT Durability and Compatibility
2.7.4 Constraints in Computing
2.7.5 Big Data
2.8 Security Threats in IoT
2.8.1 Security Threats to the Perception Layer
2.8.2 Security Threats to the Network Layer
2.8.3 Security Threats to the Support Layer
2.8.4 Security Threats to the Application Layer
2.9 IoT Security Solutions
2.9.1 Security Solutions to the Perception Layer
2.9.2 Security Solutions to the Network Layer
2.9.3 Security Solutions to the Support Layer
2.9.4 Security Solutions to the Application Layer
2.10 Introduction to Digital Forensics
2.10.1 Process Involved in Digital Forensic Investigation
2.11 IoT Forensics
2.11.1 Related IoT Forensics Frameworks
2.11.2 Challenges of IoT Forensics
2.11.3 Adapting a Real-Time Approach for IoT Forensics
2.12 Conclusion and Future Directions
References
3. Emerging Security Threats and Challenges in IoT
3.1 Introduction
3.2 The IoT Vision
3.2.1 IoT Architecture
3.2.2 IoT Application Domains
3.2.2.1 Smart Homes
3.2.2.2 Healthcare
3.2.2.3 Smart Cities
3.2.2.4 Agriculture
3.2.2.5 Industrial Automation
3.2.2.6 Public Safety and Environmental Monitoring
3.2.3 Supporting Wireless Communication Technologies
3.2.3.1 Perception Layer Technologies
3.2.3.2 Network Layer Technologies
3.2.3.3 Middleware Technologies
3.2.3.4 Application Layer Technologies
3.2.3.5 Business Layer Technologies
3.3 Security Threats and Challenges in the IoT
3.3.1 Intruder Models and Threats
3.3.1.1 Intruder Model
3.3.1.2 Denial of Service Attacks (DoS)
3.3.1.3 Physical Attack
3.3.1.3.1 Node Tampering
3.3.1.3.2 Node Jamming in WSNs
3.3.1.3.3 Physical Damage
3.3.1.4 Attacks on Privacy
3.3.1.4.1 Eavesdropping and Passive Monitoring
3.3.1.4.2 Traffic Analysis
3.3.1.4.3 Data Mining
3.3.2 Security and Privacy Challenges in IoTs
3.3.2.1 User Privacy and Data Protection
3.3.2.2 Identity and Access Management
3.3.2.3 Trust Management and Policy Integration
3.3.2.4 Authorization and Access Control
3.3.2.5 End-to-End Security
3.3.2.6 Resilience to Node Capture
3.4 IoT Security Attacks and Their Mitigation Techniques Based on Their Layers
3.4.1 Physical Layer
3.4.1.1 Node Capture Attacks
3.4.1.2 Malicious Code Injection Attacks
3.4.1.3 False Data Injection Attacks
3.4.1.4 Replay Attacks (or Freshness Attacks)
3.4.1.5 Cryptanalysis Attacks and Side-Channel Attacks
3.4.1.6 Eavesdropping and Interference
3.4.1.7 Sleep Deprivation Attacks
3.4.2 Network Layer
3.4.2.1 Denial-of-Service (Dos) Attacks
3.4.2.2 Spoofing Attacks
3.4.2.3 Sinkhole Attacks
3.4.2.4 Wormhole Attacks
3.4.2.5 Man in the Middle Attacks
3.4.2.6 Routing Information Attacks
3.4.2.7 Sybil Attacks
3.4.2.8 Unauthorized Access
3.4.3 Application Layer
3.4.3.1 Phishing Attack
3.4.3.2 Malicious Virus/Worms
3.4.3.3 Malicious Scripts
3.5 Future Research Directions
3.6 Conclusion
References
4. A Review on Security Frameworks and Protocols in the Internet of Things
4.1 IoT Introduction
4.2 IoT System Components
4.3 IoT Layered Architectures
4.4 Security Frameworks for the IoT System
4.4.1 IoT Security Domains
4.4.2 IoT Security and Privacy Threats
4.5 IoT Protocols at Different Layers
4.6 Conclusion and Future Work
References
5. Application of Artificial Intelligence for DDoS Attack Detection and Prevention on Cyber Physical Systems Using Deep Learning
5.1 Introduction
5.1.1 Cyber Physical Systems
5.1.1.1 Applications of Cyber Physical Systems
5.1.1.1.1 Industrial Control Systems
5.1.1.1.2 Smart Grid Systems
5.1.1.1.3 Medical Devices
5.1.1.1.4 Smart Cars
5.1.2 Cyber Physical Systems and Cyber Security
5.1.2.1 Defense Techniques in Cyber Physical Systems
5.1.2.1.1 Message Verification Codes
5.1.2.1.2 Digital Signatures
5.1.2.1.3 Authentication Encryption
5.1.3 Emerging Technologies in Mitigating Cyber Physical System Attacks
5.1.3.1 Digital Forensics
5.1.3.2 Internet of Things (IoT) Security
5.1.3.3 Artificial Intelligence (AI)
5.1.3.4 Unified Approach at Design and Run-Time
5.1.3.5 Moving Target Defense (MTD)
5.2 Literature Review
5.2.1 Artificial Intelligence
5.2.1.1 Characteristics of Artificial Intelligence
5.2.1.1.1 Learning
5.2.1.1.2 Reasoning
5.2.1.1.3 Problem Solving
5.2.1.1.4 Perception
5.2.1.1.5 Language Understanding
5.2.1.2 Applications of Artificial Intelligence in Cyber Physical Systems (CPSs)
5.2.1.2.1 Application in Building
5.2.1.2.2 Application in Cyber Defense
5.2.1.2.3 Application in Resource Optimization
5.2.1.2.4 Application in Manufacturing Systems
5.2.1.2.5 Application in Medical Systems
5.2.1.3 Levels in Cyber Physical Systems
5.2.1.3.1 Configure
5.2.1.3.2 Cognition
5.2.1.3.3 Cyber
5.2.1.3.4 Conversion
5.2.1.3.5 Connection
5.2.1.4 Domains in Artificial Intelligence
5.2.1.4.1 Machine Learning
5.2.1.4.2 Neural Network
5.2.1.4.3 Robotics
5.2.1.4.4 Expert Systems
5.2.1.4.5 Fuzzy Logic
5.2.1.4.6 Natural Language Processing
5.2.2 Applications of Deep Learning in Cyber Physical Systems
5.2.2.1 Convolutional Neural Network (CNN)
5.2.2.2 Multilayer Perceptron (MLP)
5.2.2.3 Long-Short-Term Memory (LSTM)
5.2.2.4 Restricted Boltzmann Machines (RBMs)
5.2.2.5 Deep Belief Networks (DBNs)
5.3 Materials and Methods
5.3.1 Tools and Libraries for Deep Learning
5.3.1.1 Tools for Deep Learning
5.3.1.1.1 Anaconda
5.3.1.1.2 Jupyter
5.3.1.2 Libraries for Deep Learning
5.3.1.2.1 Keras
5.3.1.2.2 TensorFlow
5.3.1.2.3 Scikit Learn
5.3.1.2.4 PyLearn2
5.3.1.2.5 Deeplearning4j
5.4 Discussion of Results
5.4.1 Data Analytic and Visualization
5.4.2 Evaluation of Deep Learning Algorithms
5.4.2.1 Convolutional Neural Networks (CNN)
5.4.2.2 Long Short-Term Memory (LSTM)
5.4.2.3 Dense
5.4.2.4 Gated Recurrent Unit (GRU)
5.4.2.5 Confusion Matrix
5.4.3 Comparative Analysis of Deep Learning Algorithms
5.5 Conclusion
References
6. Managing Trust in IoT Using Permissioned Blockchain
6.1 Introduction
6.2 Trust Management in the IoT: Introduction and Security Attacks
6.2.1 Trust-Related Security Attacks
6.2.1.1 "Self-Promotion Attacks"
6.2.1.2 "Bad-Mouthing Attacks"
6.2.1.3 "Ballot-Stuffing Attacks"
6.2.1.4 "Opportunistic Service Attacks"
6.2.1.5 "On-Off Attacks"
6.2.1.6 "Selective Behavior Attack"
6.2.1.7 "Sybil Attack and Newcomer Attack"
6.2.1.8 "Collusion Attack"
6.3 Blockchain Technology and its Applications
6.3.1 Types of Blockchain
6.3.1.1 "Public Blockchain"
6.3.1.2 "Private Blockchain"
6.3.1.3 "Consortium Blockchain"
6.3.1.4 "Hybrid Blockchain"
6.3.2 "Blockchain Basic Structure and Protocols"
6.3.2.1 Block Identity
6.3.2.2 Block Header
6.3.2.3 Merkle Tree
6.3.2.4 Nonce
6.3.2.5 Mining
6.3.2.6 Consensus
6.3.2.7 Smart Contracts
6.3.3 Blockchain Applications of IoT
6.3.3.1 IoT-based Healthcare Systems
6.3.3.2 Internet of Vehicles (IoV)
6.3.3.3 IoT-based Supply Chain Management Systems
6.3.3.4 Industrial Internet of Things (IIoT)
6.3.3.5 Authentication and Access Control in IoT
6.3.3.6 Trusted Firmware Updates
6.4 Hyperledger Fabric Architecture and Working Mechanisms
6.4.1 Hyperledger Fabric Architecture
6.4.1.1 Peer Nodes
6.4.1.2 Ordering Nodes
6.4.1.3 Membership Service Providers (MSP)
6.4.1.4 Chaincode
6.4.1.5 Channels
6.4.1.6 Policies
6.4.2 Working Mechanism of Hyperledger Fabric
6.5 Integration of Blockchain and the IoT: Issues and Trusted Strategies
6.5.1 Integration Issues
6.5.1.1 Issue of Processing Data Size
6.5.1.2 Issue of Computation Power
6.5.1.3 Issues of Privacy of Users
6.5.1.4 Issues of Processing Speed
6.5.1.5 Issues of Scalability
6.5.2 Trusted Integration Strategies
6.5.2.1 IoT to IoT Model
6.5.2.2 IoT-Blockchain-IoT Model
6.5.2.3 Cloud-based IoT-Blockchain-IoT Model
6.6 IoT Trust Management Issues and their Solutions Using Hyperledger Fabric
6.6.1 Trusted Authentication Issue
6.6.1.1 Possible Solution
6.6.2 Trusted Access Control Issue
6.6.2.1 Possible Solutions
6.6.3 Trusted Privacy Issue
6.6.3.1 Possible Solution
6.6.4 Trusted Interoperability Issue
6.6.4.1 Possible Solutions
6.6.5 Trusted Integrity Issue
6.6.5.1 Possible Solutions
References
7. Cyber Physical System Security
7.1 Introduction
7.1.1 3C Concept of Cyber Physical Systems
7.2 Features of Cyber Physical Systems
7.3 Characteristics of Cyber Physical Systems
7.3.1 Agriculture
7.3.2 Transportation
7.3.3 Automation
7.3.4 Healthcare
7.3.5 Ocean Monitoring
7.3.6 Smart Grid
7.4 Challenges Faced by Cyber Physical Systems
7.4.1 Data Privacy
7.4.2 Data Management
7.4.3 Reliability
7.4.4 Real-Time Challenges
7.4.5 Eavesdropping
7.4.6 Man in the Middle Attack
7.4.7 Denial of Service Attack
7.4.8 Integrity
7.4.9 Robustness
7.4.10 Untrained Employees
7.5 Real-Life Instances
7.6 Risk Mitigation Techniques
7.7 Previous Solutions
7.8 Methodology
7.9 Results
7.10 Conclusion
References
8. Intrusion Detection Systems Apropos of the Internet of Things (IoT)
8.1 Introduction
8.2 IoT Paradigm
8.2.1 Definitions
8.2.2 Architecture
8.2.3 Cloud Computing for the IoT
8.3 Smart Environments using the IoT
8.3.1 Definitions
8.3.2 Smart Surroundings Enabled IoT
8.4 Security and Privacy Issues
8.4.1 Security Issues in IoT layers
8.4.2 Challenges
8.5 Intrusion Detection Systems
8.5.1 Overview
8.5.2 Methods and Techniques
8.6 IDS for the IoT
8.6.1 Methods and Techniques
8.6.2 Intrusion Detection Based on Anomalies
8.6.3 Intrusion Detection Based on Specifications
8.6.4 IDSs With IoT Systems
8.7 Conclusion and Future Discussions
References
9. Intrusion Detection for the Internet of Things
9.1 Introduction
9.1.1 IoT Architecture
9.2 Literature
9.3 IDS Classification (Figure 9.2)
9.3.1 Signature-based IDS
9.3.2 Anomaly-based IDS
9.3.2.1 Statistical Anomaly IDS
9.3.2.2 Knowledge-based IDS
9.3.2.3 Machine Learning
9.3.3 Network-based IDS
9.3.4 Distributed IDS (DIDS)
9.3.5 Host-based IDS (HIDS)
9.4 Techniques of Intrusion Detection Systems (Figure 9.3)
9.4.1 Supervised Learning in an Intrusion Detection System
9.4.1.1 Decision Trees
9.4.2 Unsupervised Learning in an IDS
9.4.3 Reinforcement Learning
9.4.4 Deep Learning
9.5 Security Threats to the Internet of Things (IoT)
9.5.1 Physical Layer
9.5.2 Software/Application Layer
9.5.3 Network Layer
9.6 IoT Security Issues and Challenges
9.6.1 Challenges
9.7 Importance of Intrusion Detection Systems in Cybersecurity
9.8 Future Work and Conclusion
References
10. Cybercrimes and Digital Forensics in Internet of Things
10.1 Introduction
10.2 Internet of Things
10.2.1 Basic Characteristics of the IoT
10.2.2 Building Blocks of the IoT
10.2.3 Technologies Used for IoT Communication
10.2.4 IoT Protocols
10.2.5 IoT Layers
10.3 Cybercrimes
10.3.1 Role of the IoT in Assisting Cybercrimes
10.4 Digital Forensics
10.4.1 Digital Forensics Process Model
10.4.1.1 Preparation
10.4.1.2 Incident
10.4.1.3 Incident Response
10.4.1.4 Investigations
10.4.1.5 Presentation
10.4.1.6 Documentation
10.5 IoT Forensics Process
10.6 The Internet of Things' Role in Digital Forensics
10.6.1 Role of the IoT in Assisting Digital Forensics
10.6.2 Role of the IoT in Assisting Cybercrimes
10.7 Challenges of IoT Forensics
10.7.1 Diversity
10.7.2 IoT Devices and Data Location and Identification
10.7.3 Inadequate Standardization
10.7.4 IoT Evidence Lifespan
10.7.5 Currently Available Forensic Tools
10.8 Conclusion
References
11. Security and Privacy for IoT-based Smart Cities
11.1 Introduction
11.2 Overview of a Smart City
11.3 Architecture on the Outside
11.3.1 Sensor Placement
11.3.2 Infrastructure
11.3.3 Internal Structure
11.4 Objective of Smart Cities
11.4.1 Smart Governance
11.4.2 Transportation
11.4.3 Environment
11.4.4 Utilities
11.4.5 Services
11.5 Characteristics
11.5.1 Heterogeneity
11.5.2 Resources
11.5.3 Mobility
11.5.4 Scalability
11.5.5 Participation of Users
11.6 Privacy and Security
11.6.1 Botnet Activities in the Internet of Things (IoT)
11.6.2 Dangers of Self-Driving Cars
11.6.3 Virtual Reality's Privacy Issues
11.6.4 Artificial Intelligence Threats in Smart Cities
11.7 Requirements for Security
11.7.1 Confidentiality and Authentication
11.7.2 Integrity and Availability
11.7.3 Detection and Prediction of Lightweight Intrusion
11.7.4 Protection of Privacy
11.7.5 Security and Privacy
11.7.6 Cryptography
11.7.7 Blockchain
11.7.8 Biometrics
11.7.9 Data Mining
11.7.10 Ontology
11.7.10.1 Supplements Without a Technical Connection
11.8 Future Prospects
11.8.1 IoT-based Network Security
11.8.2 Fog-based Systems
11.8.3 Protection Methods that are User-Centric and Personalized
11.8.4 Complementary Theory
11.9 Conclusion
References
12. Network Vulnerability Analysis for Internet of Things (IoT)-based Cyber Physical Systems (CPS) Using Digital Forensics
12.1 Cyber Physical System
12.1.1 Areas of Application of Cyber Physical Systems in Different Domains
12.1.2 Digital Forensics
12.1.2.1 Benefits of Digital Forensic
12.1.2.2 Drawbacks of Digital Forensics
12.1.3 Areas of Application of Cyber Forensics
12.1.4 Network Forensics
12.1.4.1 Network Forensic Tools
12.1.4.1.1 Fidelis XPS
12.1.4.1.2 Wireshark
12.1.4.1.3 NetDetector
12.1.4.1.4 Ethereal
12.1.4.1.5 Dumpcap
12.1.4.1.6 TCPDump
12.1.4.2 Network Forensics Challenges
12.1.4.2.1 Sources of the Data
12.1.5 IoT and CPS Vulnerabilities
12.1.5.1 Vulnerabilities of Booting Process
12.1.5.2 Exploitation of Hardware
12.1.5.3 Exploitation of Chip-Level
12.1.5.4 Hash Function, Encryption, and Authentication Implementations
12.1.5.5 Backdoors in Remote Access Channels
12.1.5.6 Exploitation of Software
12.1.6 Attacks on the IoT and CPS
12.1.6.1 Steps in Preventing Against Attack
12.1.6.2 Classes of Attack and Vulnerabilities on CPS
12.1.7 Network Vulnerability on IoT-Based CPSs
12.1.7.1 Denial of Service (DoS)
12.1.7.2 Eavesdropping
12.1.7.3 Replay Attack
12.1.7.4 Sybil Attack
12.1.7.5 Sinkhole Attack
12.1.7.6 Man-in-the-Middle Attack
12.1.7.7 Traffic Analysis
12.2 Literature Review
12.2.1 Forensic Analysis
12.2.1.1 Types of Computer Forensics
12.2.1.1.1 Network Forensics
12.2.1.1.2 Data Forensics
12.2.1.1.3 System Forensics
12.2.1.1.4 Web Forensics
12.2.1.1.5 Email Forensics
12.2.1.1.6 Proactive Forensics
12.2.1.1.7 Enterprise Forensics
12.2.1.2 Forensics Analysis Methodology
12.2.1.2.1 Identification
12.2.1.2.2 Extraction
12.2.1.2.3 Analysis
12.2.2 Related Work
12.3 Materials and Methods
12.3.1 Forensic Analysis Framework
12.3.2 Wireshark
12.3.3 TCPDump
12.4 Results and Discussion of Findings
12.4.1 Digital Forensic Analysis Using Wireshark
12.4.2 Digital Forensic Analysis Using TCPDump
12.5 Comparison of Wireshark and TCPDump Forensic Analysis
12.6 Conclusions and Recommendations
References
Index