Internet of Things and Cybersecurity in a Smart Home

Kiran Vokkarne (17367391)

10 November 2023

<p dir="ltr">With the ability to connect to networks and send and receive data, Internet of Things (IoT) devices involve associated security risks and threats, for a given environment. These threats are even more of a concern in a Smart Home network, where there is a lack of a dedicated security IT team, unlike a corporate environment. While efficient user interface(UI) and ease of use is at the front and center of IoT devices within Smart Home which enables its wider adoption, often security and privacy have been an afterthought and haven’t kept pace when needed. Therefore, a unsafe possibility exists where malicious actors could exploit vulnerable devices in a domestic home environment.</p><p dir="ltr">This thesis involves a detailed study of the cybersecurity for a Smart Home and also examines the various types of cyberthreats encountered, such as DDoS, Man-In-Middle, Ransomware, etc. that IoT devices face. Given, IoT devices are commonplace in most home automation scenarios, its crucially important to detect intrusions and unauthorized access. Privacy issues are also involved making this an even more pertinent topic. Towards this, various state of the art industry standard tools, such as Nmap, Nessus, Metasploit, etc. were used to gather data on a Smart Home environment to analyze their impacts to detect security vulnerabilities and risks to a Smart Home. Results from the research indicated various vulnerabilities, such as open ports, password vulnerabilities, SSL certificate anomalies and others that exist in many cases, and how precautions when taken in timely manner can help alleviate and bring down those risks.</p><p dir="ltr">Also, an IoT monitoring dashboard was developed based on open-source tools, which helps visualize threats and emphasize the importance of monitoring. The IoT dashboard showed how to raise alerts and alarms based on specific threat conditions or events. In addition, currently available cybersecurity regulations, standards, and guidelines were also examined that can help safeguard against threats to commonly used IoT devices in a Smart Home. It is hoped that the research carried out in this dissertation can help maintain safe and secure Smart Homes and provide direction for future work in the area of Smart Home Cybersecurity.</p>

Data and information privacy

Data security and protection

Hardware security

Software and application security

Information security management

Software architecture

Internet of things (IoT) Data

Internet of Things (IoT) devices

cybersecurity standards

Smart Home User Interfaces

SMART HOME SECURITY SYSTEM

monitoring adaptation

Secure Digital Provenance: Challenges and a New Design

Rangwala, Mohammed M.

January 2014

Indiana University-Purdue University Indianapolis (IUPUI) / Derived from the field of art curation, digital provenance is an unforgeable record of a digital object's chain of successive custody and sequence of operations performed on the object. It plays an important role in accessing the trustworthiness of the object, verifying its reliability and conducting audit trails of its lineage. Digital provenance forms an immutable directed acyclic graph (DAG) structure. Since history of an object cannot be changed, once a provenance chain has been created it must be protected in order to guarantee its reliability. Provenance can face attacks against the integrity of records and the confidentiality of user information, making security an important trait required for digital provenance. The digital object and its associated provenance can have different security requirements, and this makes the security of provenance different from that of traditional data. Research on digital provenance has primarily focused on provenance generation, storage and management frameworks in different fields. Security of digital provenance has also gained attention in recent years, particularly as more and more data is migrated in cloud environments which are distributed and are not under the complete control of data owners. However, there still lacks a viable secure digital provenance scheme which can provide comprehensive security for digital provenance, particularly for generic and dynamic ones. In this work, we address two important aspects of secure digital provenance that have not been investigated thoroughly in existing works: 1) capturing the DAG structure of provenance and 2) supporting dynamic information sharing. We propose a scheme that uses signature-based mutual agreements between successive users to clearly delineate the transition of responsibility of the digital object as it is passed along the chain of users. In addition to preserving the properties of confidentiality, immutability and availability for a digital provenance chain, it supports the representation of DAG structures of provenance. Our scheme supports dynamic information sharing scenarios where the sequence of users who have custody of the document is not predetermined. Security analysis and empirical results indicate that our scheme improves the security of the typical secure provenance schemes with comparable performance.

availability

confidentiality

cryptography

integrity

provenance

signatures

Cryptography -- Research

Data protection -- Research

Digital signatures

Cultural property -- Protection

Computer networks -- Security measures

Database management

Databases -- Quality control

Computer networks -- Monitoring

Information services -- Quality control

Application software -- Development

Computer programs -- Validation

Haïti : une intervention exemplaire ? La Réforme du Secteur de Sécurité en Haïti / Haiti : an exemplary intervention? Security Sector Reform in Haiti

Hirschhorn, Damien

15 September 2014

Cette thèse cherche d'abord à comprendre, en usant de l'exemple Haïtien, si les Réformes du Secteur de Sécurité menées à bien dans le cadre des interventions internationales dans des pays en crise ou en situation de post-conflit, sont efficaces dans l'accomplissement de leurs objectifs et apportent le meilleur soutien d'une manière durable aux Etats hôtes. Finalement, ce document est aussi une base de réflexion pour trouver de nouvelles solutions et pratiques à la mise en oeuvre de Réformes du Secteur de Sécurité. / First of all, this thesis aims at understanding, while using the example of Haiti, if Security Sector Reforms carried out within international interventions in crisis or post-conflict countries are effective at accomplishing their objectives and providing the best support for sustainable changes to host States. Finally this document's objective is also to serve as a support in finding new solutions and new practices to successfully achieve Security Sector Reforms.

Réforme du Secteur de Sécurité

Haïti

Intervention Internationale

Etat de Droit

Stabilisation

Justice

Police

Sécurité humaine

Frontière

Gestion sécuritaire intégrée

Gestion frontalière intégrée

Réforme stratégique

Dictature

ONU

MINUSTAH

Unité de Stabilisation du Royaume-Uni

Administration pénitentiaire

Réforme carcérale

Immigration

Douanes

Organisation des Etats Américains

Groupe ABC

Security Sector Reform

Haiti

International Intervention

Rule of Law

Stabilization

Justice

Police

Human security

Border

Integrated security management

Integrated border management

Strategic reform

Dictatorship

UN

MINUSTAH

United Kingdom Stabilisation Unit

Penitentiary administration

Prison reform

Immigration

Customs

Organisation of the American States

ABC Group

320