Next Article in Journal
Discovering the Wisdom of the Orang Asli Traditional Dwellings: Typologies Formation Through Physical Characteristics
Previous Article in Journal
Implementing Image Processing for Quality Inspection of Car Air Conditioning Vents
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Engineering Proceedings
Volume 78
Issue 1
10.3390/engproc2024078009
engproc-logo
Submit to this Journal
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Proceeding Paper

Secure Internet of Things Device with Single-Channel Communication for Resource-Constrained Applications †

by
Ankur Gupta
1,
Sahil Sawhney
2,* and
Suhaib Ahmed
3
1
Department of Computer Science and Engineering, Model Institute of Engineering and Technology, Jammu 181122, Jammu and Kashmir, India
2
School of Management, Model Institute of Engineering and Technology, Jammu 181122, Jammu and Kashmir, India
3
Centre for Research, Innovation and Entrepreneurship, Model Institute of Engineering and Technology, Jammu 181122, Jammu and Kashmir, India
*
Author to whom correspondence should be addressed.
Presented at the 1st International Conference on AI Sensors & The 10th International Symposium on Sensor Science, Singapore, 1–4 August 2024.
Eng. Proc. 2024, 78(1), 9; https://doi.org/10.3390/engproc2024078009
Published: 11 February 2025
(This article belongs to the Proceedings of The 1st International Conference on AI Sensors & the 10th International Symposium on Sensor Science)
Browse Figures
Versions Notes

Abstract

:
Internet of Things (IoT) devices are being utilized in large numbers in various applications, ranging from healthcare, manufacturing, and home automation to manufacturing, etc. This rapid increase in the number of devices has also led to a significant increase in cybersecurity concerns for these devices. Malicious nodes exploit vulnerabilities in conventional IoT architectures, leading to high risks to data integrity, privacy, and system reliability. Hence, there is a need for innovative solutions to improve the security of IoT devices and networks. Considering this, in this paper, a novel approach towards securing IoT devices against any malicious attack is proposed. A new IoT node is proposed, that has a single communication channel, which sends information only to a specific endpoint. Unlike a conventional IoT system with multiple communication channels, the proposed design limits communication to a single dedicated device, thereby drastically reducing the attack probability. The proposed device architecture integrates a robust cryptographic protocol to establish a secure and authenticated communication link between the IoT device and its designated endpoint. By employing a state-of-the-art encryption technique and secure access controls, the proposed solution can mitigate common attacks such as eavesdropping, data tampering, and unauthorized access. The proposed system also improves resource efficiency, lowers the device’s power consumption due to single-communication-channel data transmission, and simplifies network management, thus making it suitable for resource-constrained applications, such as military surveillance, home automation, etc.

1. Introduction

The Internet of Things (IoT) has become an integral part of everyday life, with applications ranging from smart homes to healthcare systems, industrial automation, automobiles, transportation and logistics, defense systems, etc. This growth of IoT over the years (Figure 1) depicts the ubiquity of IoT devices, which has led to a high level of connectivity, enabling real-time data collection, monitoring, and control [1,2]. But with this increased connectivity, significant security issues also arise. IoT devices are deployed in environments wherein they interact with sensitive data, such as the personal information of users, financial details and transactions, infrastructure controls, etc. The potential consequences of security breaches in these contexts can be critical, and can include privacy violations, financial loss, and even threats to human safety [3,4,5,6].
Due to the limited computational resources and capability of IoT devices, the traditional security measures such as firewalls, antivirus, intrusion detection systems, etc., are not always suitable. Further, the distributed nature of IoT networks creates a diverse attack pool and diverse attack possibilities, thereby making it lack a uniform security solution for all the attacks. Additionally, cyberattacks on IoT devices exploiting weak authentication and unencrypted communication channels have also increased in numbers.
Hence, there is a need for developing security solutions specifically designed for IoT environments. These solutions must be lightweight and efficient to protect against different threats such as tampering, data breaches, and unauthorized access. Considering these constraints, this study proposes a system and a method for securing sensing devices in resource-constrained IoT applications, with a particular focus on preventing unauthorized access and ensuring the integrity of the sensed data.
The rest of the paper is organized as follows: Section 2 presents a review of various security issues and factors limiting power management in IoT devices. The proposed system architecture and methodology are presented in Section 3, followed by a discussion in Section 4 and the conclusion in Section 5.

2. Literature Review

The IoT architecture basically consists of four layers, which are the perception layer, the network layer, the middleware layer, and the application layer [4,5]. The perception layer is used for identifying objects and transforming them into digital signals. The data are then collected by the network layer for further transmission to the upper layers. The connectivity of the IoT infrastructure is also overseen by the network layer. The processing of data and the connections to the cloud and the database are overseen by the middleware layer. The processed data from the middleware layer are received by the application layer. It is responsible for the implementation of applications under different use cases. The classification of various security attacks in IoT is given below and shown in Figure 2 [4]:
  • Perception Layer: Unauthorized access to the tags [7], Tag cloning [8], Eavesdropping [9], RF jamming [10], Spoofing attack [11], Sleep deprivation attack [11].
  • Network Layer: DoS attack [12], Sybil attack [13], Spoofed routing information attack [14], Selective forwarding attack [14], Sinkhole attack [15], Blackhole attack [15], Man-in-the-middle attack [16].
  • Middleware Layer: Flooding attack [17], Cloud malware injection [18], Signature wrapping attack [19], SQL injection [19], Web browser attack in the cloud [17].
  • Application Layer: Code injection [20], Buffer overflow [21], Sensitive data permission/manipulation [10], Phishing attack [22], Authentication and authorization [20].
To address these security issues, there are some common security requirements for IoT systems, as shown in Figure 3.

3. Proposed System

The proposed system is designed for applications in mission-critical or resource-constrained IoT applications, where security is paramount. The system aims to provide a comprehensive security solution that can be adapted to various IoT use cases by employing a combination of hardware-based protection, secure communication channels, and a custom authentication protocol. The key features of the system include a pressure-sealed casing for physical security, a one-way communication channel to prevent security attacks, and a tampering detection system that triggers an automatic reset and data wipe, if any unauthorized access is detected.

3.1. System Architecture

The proposed system architecture is built around several core components, shown in Figure 4. Each component contributes to the overall security of the IoT sensing device. These components include:
  • Sensing Device: It is the central element of the IoT system, responsible for sensing and collecting data from its environment. It is connected to a processor which performs necessary operations on the data sensed by it.
  • Memory: The memory stores the processor-executable instructions that dictate the system’s behavior. It also temporarily stores the sensor data before they are encrypted and transmitted.
  • Custom Port and Master Device: The sensing device interfaces with a master device through a custom UART port. The custom port integrates an embedded authentication protocol, utilizing cryptographic handshakes to prevent unauthorized connections, ensuring high security in resource-constrained environments. The master device plays a crucial role in configuring the sensing device and sending the control signals. A 115,200 bps data rate is used, as it balances the need for real-time data transfer with minimal processing overhead, ensuring consistent performance in constrained environments
  • Pressure-Sealed Casing: The IP65 casing houses the sensing device and is equipped with a pressure monitoring sensor to detect any unauthorized attempts to open it. A drop in the internal pressure indicates tampering, prompting the system to initiate security protocols.
  • One-Way Communication Channel: To transmit data from the sensing device to a designated source address, the system utilizes a one-way communication channel and LoRa (Long Range) communication module. This allows only data transmission, and prevents any inbound communication attempts that could be exploited by attackers.
  • Processor: It is the main control unit of the system and executes all the instructions stored in the memory for various tasks. It is also responsible for the authentication of the master device, the processing of the control signal, the encryption of data to be transmitted, and the monitoring of the pressure within the sealed casing to detect tampering attempts.

3.2. Methodology

To ensure the security of the sensing device and the integrity of the sensed data collected by it, the proposed systems use the following methodology, also depicted in Figure 5:
  • Verification of the Master Device: The process begins with the docking of a master device to the custom port of the sensing device. The custom port ensures that only compatible devices can connect. Upon docking, the custom port authentication and handshake protocol is initiated, verifying the identity of the master device. The UART protocol is modified to include an additional control byte in each data packet, which serves as a unique signature to disambiguate the communication within the system. This step is crucial in preventing unauthorized devices from accessing the sensing device or from initiating man-in-the middle attacks.
  • Reception of Control Signals: Once the master device is authenticated, the processor receives control signals from it. These signals may include configuration instructions or commands for the sensing device.
  • Data Encryption and Transmission: The sensed data is processed by the processor and encrypted using the AES-128 encryption algorithm before the transmission, to prevent unauthorized access. This is achieved by a one-way communication channel, which restricts only the transmission of data and not its reception thereby reducing the risk of remote attacks.
  • Tampering Detection: The system will continuously monitor the pressure within the sealed casing of the sensor system. If any pressure drop is detected, a tampering detection mechanism is activated, and a pre-defined series of steps, as a security measure, is initiated.
  • Security Response: When tampering is detected, an alarm is triggered by the system to alert the user or system administrator. At the same time, the processor within the sensor system initiates a reset of the sensing device, thereby erasing all stored data and returning the device to its original factory settings. This ensures that sensitive data are always protected, even in the event of a physical security breach of the system.
  • Post-event Handling: Once the device has been reset, it can only be reconfigured by an authorized master device, which again undergoes the previous steps of verification. This re-initialization process makes sure that the device is again secured and that no residual vulnerabilities from the previous tampered state are carried over.
The architecture and methodology proposed for the senor device are designed to address the security concerns of IoT sensing devices, specifically in resource-constrained applications. The system provides a solution for protecting the IoT devices by combining physical security measures with advanced authentication and secure communication protocols. Table 1 showcases the response of the proposed system against different attack vectors.

4. Discussion

An abstract example of an IoT device’s activity in relation to time is shown in Figure 6 [23], which also includes the four steps, their typical order, and some potential power consumption values. It is evident that the information that needs to be transferred may be temporarily kept in memory, before being sent. It is possible, of course, that data is delivered right away, following the processing. The memory capacity and energy usage for storing the data, as well as how these factors relate to the energy usage for activating and deactivating the wireless transmitter, will determine which strategy is best.
There are some factors that limit the power management of these IoT devices. These include voltage accuracy, sleep and shutdown cycles, efficiency of energy source, aging, scalability, etc. [24]. To further improve the energy efficiency of the IoT device, a power gating technique, as a power management solution, can be used to reduce the energy consumption during the sleep and active modes. One such technique is presented in [25]. Table 2 shows the performance improvement achieved using this technique. Two scenarios are compared: (a) the power-saving technique, that is the use of standby/sleep pins already available at the sensing and radio modules, and (b) the power-gating technique, implemented externally. A similar technique can be used in our proposed device in the future and its performance can be evaluated.

5. Conclusions

Owing to the large number of Internet of Things (IoT) devices in various applications, there is a need for an innovative solution to improve the security of the devices against the vulnerabilities in conventional IoT architectures, which can lead to high risks to data integrity, privacy, and system reliability. Considering this, in this paper, a novel approach towards securing IoT devices against any malicious attack is proposed. A new IoT node, housed in an IP65 casing, is proposed. It has a single communication channel, which sends information only to a specific endpoint and limits communication to a single dedicated device, thereby drastically reducing the attack probability. It can mitigate common attacks, such as eavesdropping, data tampering, and unauthorized access. The proposed system also has a triggering system to detect any physical or software tampering attempt. It also improves resource efficiency, lowers power consumption, and simplifies network management, thus making it suitable for resource-constrained applications, such as military surveillance, home automation, etc. In the future, research on the implementation of a power management approach, such as power gating, can be conducted, to further reduce the power consumption in these applications.

6. Patents

A patent for this work has been filed with an application number 202411044509 in the Indian Patent Office on 8 June 2024.

Author Contributions

All authors contributed equally in conceptualization, methodology, writing—original draft preparation, and writing—review and editing. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The original contributions presented in the study are included in the article, further inquiries can be directed to the corresponding author.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Gupta, B.B.; Quamara, M. An overview of Internet of Things (IoT): Architectural aspects, challenges, and protocols. Concurr. Comput. Pract. Exp. 2020, 32, e4946. [Google Scholar] [CrossRef]
  2. Anand, P.; Singh, Y.; Selwal, A.; Singh, P.K.; Felseghi, R.A.; Raboaca, M.S. Iovt: Internet of vulnerable things? Threat architecture, attack surfaces, and vulnerabilities in internet of things and its applications towards smart grids. Energies 2020, 13, 4813. [Google Scholar] [CrossRef]
  3. Siwakoti, Y.R.; Bhurtel, M.; Rawat, D.B.; Oest, A.; Johnson, R. Advances in IoT security: Vulnerabilities, enabled criminal services, attacks, and countermeasures. IEEE Internet Things J. 2023, 10, 11224–11239. [Google Scholar] [CrossRef]
  4. Alqarawi, G.; Alkhalifah, B.; Alharbi, N.; El Khediri, S. Internet-of-things security and vulnerabilities: Case study. J. Appl. Secur. Res. 2023, 18, 559–575. [Google Scholar] [CrossRef]
  5. Chen, K.; Zhang, S.; Li, Z.; Zhang, Y.; Deng, Q.; Ray, S.; Jin, Y. Internet-of-things security and vulnerabilities: Taxonomy, challenges, and practice. J. Hardw. Syst. Secur. 2018, 2, 97–110. [Google Scholar] [CrossRef]
  6. Mahbub, M. Progressive researches on IoT security: An exhaustive analysis from the perspective of protocols, vulnerabilities, and preemptive architectonics. J. Netw. Comput. Appl. 2020, 168, 102761. [Google Scholar] [CrossRef]
  7. Imdad, M.; Jacob, D.W.; Mahdin, H.; Baharum, Z.; Shaharudin, S.M.; Azmi, M.S. Internet of things (IoT); security requirements, attacks and counter measures. Indones. J. Electr. Eng. Comput. Sci. 2020, 18, 1520–1530. [Google Scholar]
  8. Robles, R.; Endencio-Robles, D. State of internet of things (IoT) security attacks, vulnerabilities and solutions. Comput. Rev. J. 2019, 3, 255–263. [Google Scholar]
  9. Hassija, V.; Chamola, V.; Saxena, V.; Jain, D.; Goyal, P.; Sikdar, B. A survey on IoT security: Application areas, security threats, and solution architectures. IEEE Access 2019, 7, 82721–82743. [Google Scholar] [CrossRef]
  10. Rahimi, H.; Zibaeenejad, A.; Rajabzadeh, P.; Safavi, A.A. On the security of the 5G-IoT architecture. In Proceedings of the International Conference on Smart Cities and Internet of Things, Mashhad, Iran, 26–27 September 2018; pp. 1–8. [Google Scholar]
  11. Kamble, A.; Bhutad, S. Survey on Internet of Things (IoT) security issues & solutions. In Proceedings of the 2018 2nd International Conference on Inventive Systems and Control (ICISC), Coimbatore, India, 19–20 January 2018; pp. 307–312. [Google Scholar]
  12. Kumar, S.A.; Vealey, T.; Srivastava, H. Security in internet of things: Challenges, solutions and future directions. In Proceedings of the 2016 49th Hawaii International Conference on System Sciences (HICSS), Koloa, HI, USA, 5–8 January 2016; pp. 5772–5781. [Google Scholar]
  13. Muhammad, F.; Anjum, W.; Mazhar, K.S. A critical analysis on the security concerns of internet of things (IoT). Int. J. Comput. Appl. 2015, 111, 1–6. [Google Scholar]
  14. Khattak, H.A.; Shah, M.A.; Khan, S.; Ali, I.; Imran, M. Perception layer security in Internet of Things. Future Gener. Comput. Syst. 2019, 100, 144–164. [Google Scholar] [CrossRef]
  15. Tuan, T.A.; Long, H.V.; Son, L.H.; Kumar, R.; Priyadarshini, I.; Son, N.T.K. Performance evaluation of Botnet DDoS attack detection using machine learning. Evol. Intell. 2020, 13, 283–294. [Google Scholar] [CrossRef]
  16. Hossain, M.M.; Fotouhi, M.; Hasan, R. Towards an analysis of security issues, challenges, and open problems in the internet of things. In Proceedings of the 2015 IEEE World Congress on Services, New York, NY, USA, 17 August 2015; pp. 21–28. [Google Scholar]
  17. Vishwakarma, R.; Jain, A.K. A survey of DDoS attacking techniques and defence mechanisms in the IoT network. Telecommun. Syst. 2020, 73, 3–25. [Google Scholar] [CrossRef]
  18. Gavra, V.-D.; Dobra, I.-M.; Pop, O.A. A survey on threats and security solutions for IoT. In Proceedings of the 2020 43rd International Spring Seminar on Electronics Technology (ISSE), Demanovska Valley, Slovakia, 14–15 May 2020; pp. 1–5. [Google Scholar]
  19. Zhao, W.; Yang, S.; Luo, X. On threat analysis of IoT-based systems: A survey. In Proceedings of the 2020 IEEE International Conference on Smart Internet of Things (SmartIoT), Beijing, China, 14–16 August 2020; pp. 205–212. [Google Scholar]
  20. Obaidat, M.A.; Obeidat, S.; Holst, J.; Al Hayajneh, A.; Brown, J. A comprehensive and systematic survey on the internet of things: Security and privacy challenges, security frameworks, enabling technologies, threats, vulnerabilities and countermeasures. Computers 2020, 9, 44. [Google Scholar] [CrossRef]
  21. Grammatikis, P.I.R.; Sarigiannidis, P.G.; Moscholios, I.D. Securing the Internet of Things: Challenges, threats and solutions. Internet Things 2019, 5, 41–70. [Google Scholar] [CrossRef]
  22. Ghasemi, M.; Saadaat, M.; Ghollasi, O. Threats of social engineering attacks against security of Internet of Things (IoT). In Fundamental Research in Electrical Engineering: The Selected Papers of the First International Conference on Fundamental Research in Electrical Engineering; Springer: Singapore, 2019; pp. 957–968. [Google Scholar]
  23. Henkel, J.; Pagani, S.; Amrouch, H.; Bauer, L.; Samie, F. Ultra-low power and dependability for IoT devices (Invited paper for IoT technologies). In Proceedings of the 2017 Design, Automation & Test in Europe Conference & Exhibition (DATE), Lausanne, Switzerland, 27–31 May 2017; pp. 954–959. [Google Scholar]
  24. Prasad, A.; Chawda, P. Power management factors and techniques for IoT design devices. In Proceedings of the 2018 19th International Symposium on Quality Electronic Design (ISQED), Santa Clara, CA, USA, 13–14 March 2018; pp. 364–369. [Google Scholar]
  25. Silva, A.; Liu, M.; Moghaddam, M. Power-Management Techniques for Wireless Sensor Networks and Similar Low-Power Communication Devices Based on Nonrechargeable Batteries. J. Comput. Netw. Commun. 2012, 2012, 757291. [Google Scholar] [CrossRef]
Engproc 78 00009 g001
Figure 1. Growth of IoT devices [1,2].
Figure 1. Growth of IoT devices [1,2].
Engproc 78 00009 g001
Engproc 78 00009 g002
Figure 2. Classification of attacks in IoT devices.
Figure 2. Classification of attacks in IoT devices.
Engproc 78 00009 g002
Engproc 78 00009 g003
Figure 3. Security requirements for the IoT.
Figure 3. Security requirements for the IoT.
Engproc 78 00009 g003
Engproc 78 00009 g004
Figure 4. Block diagram representing the components and modules of the secure IoT system.
Figure 4. Block diagram representing the components and modules of the secure IoT system.
Engproc 78 00009 g004
Engproc 78 00009 g005
Figure 5. Flowchart depicting the steps involved in securing the IoT sensing device.
Figure 5. Flowchart depicting the steps involved in securing the IoT sensing device.
Engproc 78 00009 g005
Engproc 78 00009 g006
Figure 6. Abstract example of the operation of an IoT device with respect to time.
Figure 6. Abstract example of the operation of an IoT device with respect to time.
Engproc 78 00009 g006
Table 1. Attack vectors and response of the proposed system.
Table 1. Attack vectors and response of the proposed system.
Attack VectorDescriptionSystem Response
Physical TamperingAttempts to open or manipulate the device physically.Device is disabled, all stored data is erased, and an alert is triggered.
DDoS AttacksDistributed-denial-of-service attacks to overwhelm the device with network traffic.Device remains unaffected, as the one-way communication channel does not allow inbound communication.
Device Signal InterferenceAttempts to jam or interfere with the device’s wireless signals.No impact, as the device does not use a wireless receiver for data reception, only one-way transmission.
Device SpoofingAn attacker attempts to mimic the device to impersonate its communication.
-
Custom port does not allow docking/pairing
-
Even if the device docked, embedded digital signatures in communication packets ensure that only authenticated data is processed.
Table 2. Power profile of a sensor node.
Table 2. Power profile of a sensor node.
Operating ModeMCUSensorsRadio
Active (regular operation)5 mW30 mW350 mW
Inactive (power saving)2 µW5 µW20 µW
Inactive (power gating)2 µW1 µW2 µW
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Gupta, A.; Sawhney, S.; Ahmed, S. Secure Internet of Things Device with Single-Channel Communication for Resource-Constrained Applications. Eng. Proc. 2024, 78, 9. https://doi.org/10.3390/engproc2024078009

AMA Style

Gupta A, Sawhney S, Ahmed S. Secure Internet of Things Device with Single-Channel Communication for Resource-Constrained Applications. Engineering Proceedings. 2024; 78(1):9. https://doi.org/10.3390/engproc2024078009

Chicago/Turabian Style

Gupta, Ankur, Sahil Sawhney, and Suhaib Ahmed. 2024. "Secure Internet of Things Device with Single-Channel Communication for Resource-Constrained Applications" Engineering Proceedings 78, no. 1: 9. https://doi.org/10.3390/engproc2024078009

APA Style

Gupta, A., Sawhney, S., & Ahmed, S. (2024). Secure Internet of Things Device with Single-Channel Communication for Resource-Constrained Applications. Engineering Proceedings, 78(1), 9. https://doi.org/10.3390/engproc2024078009

Article Metrics

Back to TopTop