Next Article in Journal
Mapping Forest Cover in Northeast China from Chinese HJ-1 Satellite Data Using an Object-Based Algorithm
Next Article in Special Issue
PPSDT: A Novel Privacy-Preserving Single Decision Tree Algorithm for Clinical Decision-Support Systems Using IoT Devices
Previous Article in Journal
Designing Transmission Strategies for Enhancing Communications in Medical IoT Using Markov Decision Process
Previous Article in Special Issue
Security Cost Aware Data Communication in Low-Power IoT Sensors with Energy Harvesting
Open AccessArticle

On the Security and Data Integrity of Low-Cost Sensor Networks for Air Quality Monitoring

1
Department of Computer Science, University of Central Florida, Orlando, FL 32816, USA
2
College of Information Science and Technology, Jinan University, Guangzhou 510632, China
3
School of Computer Science and Engineering, Southeast University, Nanjing 211189, China
4
Department of Civil, Environmental and Construction Engineering, University of Central Florida, Orlando, FL 32816, USA
*
Author to whom correspondence should be addressed.
Sensors 2018, 18(12), 4451; https://doi.org/10.3390/s18124451
Received: 1 October 2018 / Revised: 5 November 2018 / Accepted: 7 November 2018 / Published: 16 December 2018
The emerging connected, low-cost, and easy-to-use air quality monitoring systems have enabled a paradigm shift in the field of air pollution monitoring. These systems are increasingly being used by local government and non-profit organizations to inform the public, and to support decision making related to air quality. However, data integrity and system security are rarely considered during the design and deployment of such monitoring systems, and such ignorance leaves tremendous room for undesired and damaging cyber intrusions. The collected measurement data, if polluted, could misinform the public and mislead policy makers. In this paper, we demonstrate such issues by using a.com, a popular low-cost air quality monitoring system that provides an affordable and continuous air quality monitoring capability to broad communities. To protect the air quality monitoring network under this investigation, we denote the company of interest as a.com. Through a series of probing, we are able to identify multiple security vulnerabilities in the system, including unencrypted message communication, incompetent authentication mechanisms, and lack of data integrity verification. By exploiting these vulnerabilities, we have the ability of “impersonating” any victim sensor in the a.com system and polluting its data using fabricated data. To the best of our knowledge, this is the first security analysis of low-cost and connected air quality monitoring systems. Our results highlight the urgent need in improving the security and data integrity design in these systems. View Full-Text
Keywords: IoT; data integrity; low-cost sensor; air quality monitoring; MITM IoT; data integrity; low-cost sensor; air quality monitoring; MITM
Show Figures

Graphical abstract

MDPI and ACS Style

Luo, L.; Zhang, Y.; Pearson, B.; Ling, Z.; Yu, H.; Fu, X. On the Security and Data Integrity of Low-Cost Sensor Networks for Air Quality Monitoring. Sensors 2018, 18, 4451.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop