Network traffic analysis for IR: Analyzing IoT attacks
Introduction
The Internet of Things (IoT) incorporates everything from tiny sensors and devices to huge structures like cloud computing. IoT includes the major networks types, such as vehicular, ubiquitous, grid and distributed. From childcare to elder care, from entering patient details to post-surgery care and from parking vehicles to tracking vehicles, sensors play a pivotal role.
Although IoT does play a crucial role in human life, detecting IoT attacks and ensuring security has become a bottleneck for incident responders (IR) and security engineers. Unfortunately, no network is 100% secure in the face of cybersecurity threats and vulnerabilities. The conventional internet is insecure and IoT networks are even more insecure due to resource-constrained characteristics.
Note that we say resource-constrained IoT due to their small size and tiny components. They have limited or bare-minimum resources available.
According to the 2020 Global IoT/ICS Risk Report released by CyberX, IoT/ICS networks and unmanaged devices are soft targets for threat actors, resulting in an increase of expensive downtime, catastrophic safety and incidents related to environments and theft of critical intellectual property. Unlike survey-based studies, this report is based on analyzing the real-world traffic from more than 1800 IoT/ICS networks across many companies in the world in order to make it represent the accurate current state of IoT/ICS security.
The incident responders (IR), either working individually or in a Security Operation Center (SOC), can perform network traffic analysis to detect IoT attacks. They can do this through some security techniques such as Telnet IoT honeypot, Snort IDS and Donaea honeypot.
In this article, we will shed light on the introduction of IoT, vulnerabilities and attacks associated with IoT, analyzing IoT attacks and potential security measures to safeguard IoT-enabled devices.
What is IoT?
IoT, an abbreviation of the Internet of Things, is a novel paradigm that (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/JuqR7oAiDdE/
