-
Notifications
You must be signed in to change notification settings - Fork 0
/
intro.tex
58 lines (45 loc) · 5.52 KB
/
intro.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
%Introducción
This work seeks to search relevant information about differents techniques or companies that test the vulnerabilities of the \textbf{Internet of Things (IoT)} devices.
In the making of this work I have been use the following steps:
\begin{itemize}
\item Searching in SpringerLink and IEEExplore magazine, with a little resume of the differents interesting paper found it.
\item Looking for companies in this topic, and classified them.
\item Searching for tutorials and videos for pen-testing with python.
\item Making a classification of IoT devices availables.
\end{itemize}
For a better understanding of this work, it is precise to define some terms:
\href{http://dictionary.cambridge.org/es/diccionario/ingles/security}{According to the Cambridge Dictionary,} \textbf{security} is the protection of a person, building, organization, or country against threats such as crime or attacks by foreign countries.
In particular, the concept of \textbf{cibersecurity} has been broadly explain during the last years. Here are some relevant definitions:\cite{Paper0}
\begin{itemize}
\item ``Cybersecurity consists largely of defensive methods used to detect and thwart would-be intruders.'' (Kemmerer, 2003)
\item ``Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets.'' (ITU, 2009)
\item “The body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability.” (Public Safety Canada, 2014)
\item “The art of ensuring the existence and continuity of the information society of a nation, guaranteeing and protecting, in Cyberspace, its information, assets and critical infrastructure.” (Canongia \& Mandarino, 2014)
\item “The state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.” (Oxford University Press, 2014)
\item “The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation.” (DHS, 2014)
\end{itemize}
In regards to \textbf{Internet of Things:} is important to note the following definition: \textit{``A world where physical objects are seamlessly integrated into the information network, and where the physical objects can become active participants in business process.''}\cite{IoT1}
To extend the coverage of IoT definition, \cite{IoT2}it defines the "Things" from physical objects to virtual objects which represents as the identities with Internet connectivity. Another definition from IEEE IoT initiative \cite{IoT3}defines a ``Thing'' on IoT that indicates a physical or virtual object which connects to the Internet and has the ability to communicate with human users or other objects.
Summarizing, we can understand IoT as follows:\cite{Paper1}
\begin{itemize}
\item Internet of Things is essentially an architectural framework which allows integration and data exchange between the physical world and computer systems over existing network infrastructure.
\item A simple definition of the Internet of Things would be a system of all kinds of network-connected devices that are able to communicate with each other. They can send and receive data from the internet.
\end{itemize}
However, the actual problem is that much of the software installed on IoT devices are speciallized primarily on functionality and has not focus on security, so that brings some serious trouble for people who buy it. If the company who does smart door doesn't focus on security, it would be easy to break it and get inside.
The main problems about security nowadays are:
\begin{itemize}
\item It is extremely easy to hack the internet conexion.
\item Internet service provider (ISP’s) do not offer security for homes. If a family want to increase the security levels, must search an external provider.
\item Young people are not protected when day navigate the web
\item (IoT) is a raising market that do not focus on the security issue.
\end{itemize}
About the size of the (IoT) market, we have to note that \textit{``Only in 2011 did the number of interconnected devices on the planet overtake the actual number of people. Currently there are 9 billion interconnected devices and it is expected to reach 24 billion devices by 2020. According to the GSMA, this amounts to \$1.3 trillion revenue opportunities for mobile network operators alone spanning vertical segments such as health, automotive, utilities and consumer electronic''}\cite{Data1}
\includegraphics[width=\linewidth]{iotCountries.png}
Given these information, we can conclude that the (IoT) market is growing at fast pace and has great opportunities to improve. This work will focus on this scope of activity and has the following structure:
\begin{enumerate}
\item The articles are summarized in paragraphs in order of publishing in section 2.
\item In Section 3 there are the differents companies that handles the IoT security.
\item In section 4 there are some links for pentesting and of IoT devices lists.
\item In section 5 there is a classification of IoT devices.
\item In section 6 there is a little conclusion of this research.
\end{enumerate}