**3.4 Model of attacks and threats based on IoT devices**

There are a various of vulnerable attacks in sensor nodes, RFID and its application because of its restricted resources. Security threats and vulnerability to sensor protocols and nodes can be classified by strong and weak attacks. Weak attacks are practical and threats by observing and manipulating the communication channel to acquire the data between a server and device tags. Replay attacks and interleaving attacks are representative examples of weak attacks model. Strong attacks are feasible threats and means for an attacker to be compromised and acquired a data on target tag. A memory of sensor is very vulnerable to be compromised and have a small resource. It can be easily attacked by side channel effect because the low cost and capability tag is unlikely to be tamper-proof. The major strong attacks are included forward traceability, backward traceability, and server impersonation and described in Ref. [34].

It is possible to identify and realized with five distinct technology and trends in the future of IT, As many devices are widespread and ubiquitous with explosion. The future of IoT will be faced with representative characteristics as follows [35–37].


IoT application can be realized when we have a connectivity for anything from any time, any place connectivity for anyone. The enabling of technologies and realization of IoT application should be combined with RFID, NFC, sensor, smart technology and nano-technology. The characteristics of enabling technologies are summarized [9]. Internet of things' enablers should have characteristics as follows.


*Analyses of Open Security Issues for Smart Home and Sensor Network Based on Internet… DOI: http://dx.doi.org/10.5772/intechopen.97851*


In general, energy-efficient communication standards, strategy of security and privacy should be considered into interest and needs. Compatible or identical protocols at the different frequencies are needed [30]. The function of sensor IoT is described in **Table 2**.

The hardware based issues related to sensors and objects should be dealt with in politics and laws. Enablers and objects of Internet of Things have a features as following description [38].


Example of IoT based on network topology is shown in **Figure 5**. To connect sensor networks with traditional communication networks to other networks, IoT


**Table 2.** *Function of sensor IoT.*

**Figure 5.** *Application of IoT service [29].*

gateway can provide the function of protocol conversion and device management. As a general gateway, IoT gateway has characteristics and features such as access capability with a wide range, manageability for easy, interworking protocol for efficient topology [39]. Based on the home network application, secure gateway should provide and gather internal data to collaborate and aggregate in wireless sensor networks, and data transmission among Internet, high-speed, 5G networks, DSL networks, and other network interfaces. The system requirements of IoT gateway system should be considered by employing, protocol conversion, data forwarding and management and control [36]. Example of IoT system based on network topology is shown in **Figure 6**.

To analyze the performance and security analysis of IoT architecture, we can estimate the performance analysis such as computational cost, storage requirement and communication cost and security analysis. The security elements are included factors such as data confidentiality, tag anonymity, mutual authentication, data integrity, relay attacks and forward security. The representative attack and solutions are reviewed in **Figure 7**. We analyzed reusable security requirement and used them as examples of reusable security requirements. The attacks on IoT system are included denial of service attack, physical attack, tags cloning attacks,

**Figure 6.** *Example of IoT system based on network topology.*

*Analyses of Open Security Issues for Smart Home and Sensor Network Based on Internet… DOI: http://dx.doi.org/10.5772/intechopen.97851*


#### **Figure 7.**

*Characteristics of authentication method and security mechanism.*

impersonation attack, replay attack and tags tracking. Pranay P. Gaikwad et al. presented open problems and challenges [40]. Denning et al. surveyed the security and privacy matters in IoT based smart homes, and provided a strategy for reasoning about security needs. They mentioned how to conduct an attack to avoid and have a feasibility in attack model. The attractive point they propose is that the system compromise a platform and attack model caused by damage [41]. In generally speaking, smart home system can be organized and configured as shown in **Figure 7**. Smart home system consists of home gateway, home server, and smart home sensor and devices. To enhance security complexity, we should take into consideration basic security functions for the smart home system. Security functions are against security vulnerabilities and security flaws caused by device resources issues, attacks, etc. The necessity and requirement of security in authentication level can be classified by authentication and authorization level. The representative characteristics and features are shown in **Figure 7**.

Computing service with confidentiality and threat factors under ubiquitous surrounding should be regarded as vulnerable attacks and insecure services viewpoints. The major factors to be considered are as follows [42].


Also, threat factors and features can be considered as follows.

• Sensor node attack


A brief of characteristics and features of smart home network is depicted as follows.


To enhance advanced and high complexity security, we have to take into account for intrusion protection and detection mechanism in sensor network. Especially, home gateway should be required enhanced security framework, authorized control, privacy and resilience of survival, etc. The security issues with heterogeneous connection between devices under IoT application cannot be solved with conventional cryptography techniques. Many works have done and cannot utilize existing PKI (Public key infrastructure) and lightweight schemes. Some researchers have evolved new scheme with ultra-lightweight algorithm. It has still unsolved problems. Many researcher and works tend to focus on following techniques relating to smart home network security.


## **4. Open security issues for smart home network**

We analyzed and discussed the critical and essential issues for open solution of IoT related to smart home network. It mainly focuses on challenges and mechanism in application field. Example of IoT based network topology and attack model on home network is shown in **Figure 8**. We can estimate the security requirements for smart home network. It consists of device authentication, network monitoring,

*Analyses of Open Security Issues for Smart Home and Sensor Network Based on Internet… DOI: http://dx.doi.org/10.5772/intechopen.97851*

secure session key management, physical protection, information security, and user authentication [43]. Andreas Jacobsson et al. reviewed a risk analysis related to smart home automation and control system [23].

The reviewed and related works presented have included risk analysis based approaches, security based approaches, privacy based approaches and industry based approaches. Chakib Bekara analyzed security matters and challenges for the IoT based on smart grid [44]. He considered security issues as a cyber and physical system, the IoT based smart grid will be faced with several security issues such as impersonation, eavesdropping, data tampering, authorization, control access, privacy issue, malicious code, availability and DoS issues. When dealing with security algorithms, several challenges should be considered with scalability, mobility, deployment, legacy systems, constraints resources, heterogeneity, interoperability, bootstrapping, trust management and latency and time constraints. Noy Hadar et al. proposed an innovative and creative cloud-based framework to protect attacks and threats on IoT devices. It can be applicable to cost effective solution [45].


#### **Table 3.** *Critical security weakness of IoT system.*

To understand IoT security issues, we should investigate the characteristics of component for the IoT sensor and network among them. It consists of sensors in home network, sensor bridge network such as home gateway and cloud. Md. Mahmud Hossain et al. analyzed critical security weakness [17]. The security characteristics of sensors are shown in **Table 3** [46].

The security challenge of devices and sensors should be solved and included as follows. We analyzed the following issues.

a. Devices are not connected and reachable

Most of the time, device is not connected

b. Devices can be stolen and lost

It makes security difficult and uncountable when the device is not attached and connected

c. Devices are not included crypto-engines

Strong security is difficult to solve the problem without high-speed processing power

d. Devices have finite life

Devices have small power and needs for self-organization and recharge mechanism

**Figure 9.** *Attacks model and its characteristics.*

*Analyses of Open Security Issues for Smart Home and Sensor Network Based on Internet… DOI: http://dx.doi.org/10.5772/intechopen.97851*

#### **Figure 10.** *A variety of attacks on smart home network.*

e. Devices are transportable

Will cross borders

f. Devices can be recognized and detected by many readers

What data is exposed and disclosed to reader?

Characteristics of attacks and model are shown in **Figure 8**. The gateway can provide secure communication for authentication, secure session key exchange and monitoring between devices and gateway [47]. The attacks model and its characteristics are shown in **Figure 9**.

We also described the challenges of open issues for IoT's development. Trade-off between hardware, software and co-design method is needed for security framework and architecture for IoT system. We have to focus on delivering the creative and unique solutions for the state-of-the-art and innovative mechanism. It includes IoT security controls, optimized mechanisms for the new skills and extremely complex embedded applications. Example of IoT based on smart home network topology is shown in **Figure 8**. Example of attack model on home network is analyzed in literature [48]. Recent DDos (Distributed denial of service) attack and technology are developing with recent techniques and cause a high vulnerability on IoT system. It focuses on the requirement of scalable and optimized security solution. Ellia and Nayeem described common internet things and vulnerabilities [49]. A variety of attacks on smart home network is shown in **Figure 10**.

### **5. Conclusion**

Internet of Things is used in many applications in different areas. loT has been already designed for industrial wireless sensor network in many applications. It can be developed for smart homes system in the near future. Architecture of loT and smart homes based on loT are analyzed in this review paper. In spites of many opportunities and recent technologies, many challenges and issues are produced by a lot of attacks which is addressed in IoT. It will inherit the drawbacks of the internet used in nowadays. We discussed about security mechanisms, we also point out that

the challenges of open issues for IoT's development. Hardware and software codesign methodology is needed to fit into security framework and architecture for IoT system. We have to focus on delivering the current state-of-the-art IT security controls, optimized mechanisms for Internet of things and objects in the future works.
