Biblio
Filters: Author is Narayanan, V Anantha [Clear All Filters]
.
2019. An Overview of Security in CoAP: Attack and Analysis. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :655—660.
Over the last decade, a technology called Internet of Things (IoT) has been evolving at a rapid pace. It enables the development of endless applications in view of availability of affordable components which provide smart ecosystems. The IoT devices are constrained devices which are connected to the internet and perform sensing tasks. Each device is identified by their unique address and also makes use of the Constrained Application Protocol (CoAP) as one of the main web transfer protocols. It is an application layer protocol which does not maintain secure channels to transfer information. For authentication and end-to-end security, Datagram Transport Layer Security (DTLS) is one of the possible approaches to boost the security aspect of CoAP, in addition to which there are many suggested ways to protect the transmission of sensitive information. CoAP uses DTLS as a secure protocol and UDP as a transfer protocol. Therefore, the attacks on UDP or DTLS could be assigned as a CoAP attack. An attack on DTLS could possibly be launched in a single session and a strong authentication mechanism is needed. Man-In-The-Middle attack is one the peak security issues in CoAP as cited by Request For Comments(RFC) 7252, which encompasses attacks like Sniffing, Spoofing, Denial of Service (DoS), Hijacking, Cross-Protocol attacks and other attacks including Replay attacks and Relay attacks. In this work, a client-server architecture is setup, whose end devices communicate using CoAP. Also, a proxy system was installed across the client side to launch an active interception between the client and the server. The work will further be enhanced to provide solutions to mitigate these attacks.
.
2019. An Overview of Practical Attacks on BLE Based IOT Devices and Their Security. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :694—698.
BLE is used to transmit and receive data between sensors and devices. Most of the IOT devices employ BLE for wireless communication because it suits their requirements such as less energy constraints. The major security vulnerabilities in BLE protocol can be used by attacker to perform MITM attacks and hence violating confidentiality and integrity of data. Although BLE 4.2 prevents most of the attacks by employing elliptic-curve diffie-Hellman to generate LTK and encrypt the data, still there are many devices in the market that are using BLE 4.0, 4.1 which are vulnerable to attacks. This paper shows the simple demonstration of possible attacks on BLE devices that use various existing tools to perform spoofing, MITM and firmware attacks. We also discussed the security, privacy and its importance in BLE devices.