We will write a custom Research Paper on Internet of Things Security in Smart Cities specifically for you
301 certified writers online
A smart city is a strategic concept for the development of urban space, implying the joint use of information and communication technologies (ICTs) and the Internet of Things (IoT) for urban infrastructure management. IoT security refers to safe connections between devices and networks (Jin, Gubbi, Marusic, & Palaniswami, 2014). The main problem associated with IoT security is that product design does not contain security issues. In spite of the great role of IoT in smart cities, it is vulnerable to many security threats, including unauthorized access and data leakage.
Literature Review on IoT Mechanism
Speaking of the mechanism of IoT in smart cities, it should be specified that using sensors integrated with real-time monitoring systems, data is collected directly from residents and devices, and then processed and analyzed. The secure connection between IoT devices and IoT applications is prone to violations by unauthorized persons (Jin et al., 2014). Considering that all the devices are linked via a cellular network (GSM) and contain information about location-based on Global Positioning System (GPS), hackers may use it to break some systems and initiate data leakage.
At the same time, the interconnected nature of IoT allows specialists to continuously adjust it and achieve better security. In other words, the flexibility of the given concept makes it possible to experiment with technology, including cloud computing, sensors, applications, and so on.
According to the recent research conducted by Trend Micro, the global company focusing on the protection of information on the Internet and cloud technologies with an emphasis on data security, by 2050, 66 percent of all people will live in cities (Lin, Swimmer, Urano, Hilt, & Vosseler, 2017). At this point,
the security risks of IoT in smart cities are likely to grow rapidly due to the release of new technology and obsolesce of the old one (Lin et al., 2017). It seems rather important to point out that, among the motivations of hackers which encourage them to attack IoT in smart cities, the authors mention the desire to test their hacking abilities, steal money, and personal data of users and corporate information.
Among the goals of hackers in attacks on the critical IoT of smart cities, there is the intentional organization of accidents or power outages, theft of personal information of users, interception of control of devices and systems along with the violation of the transport system, power stations, etc. Another vulnerable point of smart cities in terms of IoT includes the incorrect use of smart technologies in their territories.
Public online platforms such as application stores, for example, can be violated if they are not adequately protected, and devices with open ports or backdoors can be easily detected and compromised. Zhang et al. (2017) state that plenty of products and services represent not only the future of smart cities but also a long-established present. ATMs, payment terminals and those for buying tickets, printers of tickets for an electronic queue, closed-circuit television (CCTV) cameras, controllers of urban lighting and traffic lights are at high risk. At first glance, there is little in common between a surveillance access camera and an intelligent teapot in terms of functionality. However, from the point of view of security, there is no difference, since two conditions are fulfilled: autonomy and accessibility from the Internet.
The thorough literature review shows that the low security of IoT devices is caused, firstly, by their permanent inclusion in the network, and, secondly, by the complexities of vendors with the updating of software and the support of infrastructure for a growing fleet of devices. Default passwords accessible from outside management interfaces with typical Web vulnerabilities, not to mention some examples of errors that allow executing arbitrary code.
The result is understandable: tens or even hundreds of thousands of devices permanently connected to the global network and not controlled by their owners are united into a botnet used for DDoS attacks and other criminal activities. At the same time, the theft of private information is another adverse point. For instance, one may note one of the largest DDoS attacks, the goal of which was the blog of expert Brian Krebs – 665 gigabits per second (Kovacs, 2016). This example shows that DDoS attacks are capable of posing serious threats to IoT security in smart cities.
Future Research and Recommendations
What are the approaches that can be used for protection? An example of a Revolv smart home hub hints at the fact that sooner or later the market will come to two or three major platforms on which all IoT-systems will be built (Warren, 2016). In particular, Revolv proved to be vulnerable to security threats. Most likely it will be, as it has already happened with the number of platforms for smartphones or PC operating systems. It is possible to assume that the current concept of “on the Internet, no one knows who is who” should be transformed. Specifically, there should be a different attitude to IoT in smart cities than to the desktop and smartphone gadgets, which is not always the case now. Separate secure communication channels and other reliable methods should be developed and properly implemented to protect IoT.
To ensure the security of IoT in a smart city, one needs to take several steps. By conducting regular quality control and testing the system for entrance, it is possible to significantly reduce the vulnerability of IoT. Besides, Lin et al. (2017) recommend creating Incident Response Center or Incident Response Capability (IRC) and Computer Security Incident Response Team (CSIRT). More to the point, it is important to ensure a stable and secure software update and organize data processing in accordance with the requirements of cybersecurity (Jin et al., 2014). Encryption, configure authentication, and regulated public channels of communication are also likely to contribute to safe IoT in smart cities.
Personally, if I were to do a project, I would focus on certain IoT devices or applications in a smart city and reveal its security risks. Based on the theory presented by the growing body of research and the identified issues, I would provide some specific recommendations on how to eliminate them to ensure security. At the same time, I would align my ideas with the modern requirements in the field of IoT in smart cities and the existing opportunities suggested by large companies operating in the field of data protection.
In general, it seems essential to increase automation of data monitoring and reporting as well as threat detection. In my point of view, it is critical to look beyond IoT security and focus on communication between devices in the network rather than separate security risks. Applying a comprehensive approach to security solutions in smart cities and considering IoT as an ecosystem, it seems feasible to address the existing threats and anticipate potential ones.
Jin, J., Gubbi, J., Marusic, S., & Palaniswami, M. (2014). An information framework for creating a smart city through internet of things. IEEE Internet of Things Journal, 1(2), 112-121.
Get your first paper with 15% OFF
Kovacs, E. (2016). Brian Krebs’ blog hit by 665 Gbps DDoS attack. Web.
Lin, P., Swimmer, M., Urano, A., Hilt, S., & Vosseler, R. (2017). Securing smart cities: Moving toward utopia with security in mind. Web.
Warren, K. (2016). What Nest’s product shutdown says about the Internet of Things. Web.
Zhang, K., Ni, J., Yang, K., Liang, X., Ren, J., & Shen, X. S. (2017). Security and privacy in smart city applications: Challenges and solutions. IEEE Communications Magazine, 55(1), 122-129.