Publisher of Humanities, Social Science & STEM Books
iot device

What is an IoT device and its security vulnerabilities

Posted on: September 4, 2019

By: Shampa Sen, Leonid Datta, Sayak Mitra

About 7.6 billion people will be connected via 50 billion IoT devices worldwide. Business analysts predict it will lead to an economic growth of 4.6 trillion dollars globally in the public sector by 2020. No wonder the Internet of Things has become the buzzword of the decade. One of the first IoT devices was a Coke dispensing machine at the Carnegie Mellon University, which kept records of its inventory and also determined if the drinks recently loaded were chilled. Besides being a pretty simple idea, it demonstrates how the Internet helps us find intelligent solutions to problems.

In simple terms, an IoT device provides an end-to-end solution where the device acquires information continually (through sensors), processes them to produce meaningful data, and which can be then fed to other devices (as input to process further), or can be used directly by users. Due to the wide applicability of such an end-to-end solution, and will become an integral part of technology in the coming decades. However, some have argued that if all objects and people were equipped with identifiable security tags such as radio-frequency identification devices (RFID), computers would be able to manage and inventory them, which would imrpove improve security measures and speed of crossing border control.  

Disadvantages of IoT

Like any other technology, there is no magic wand. Although IoT ventures into areas deemed unfathomable earlier, the solutions it provides comes with limitations. If these are not understood completely, it can render the technological revolution useless. For example, consumers need to have the right to control how their data is collected, including the option to delete it if they choose. As stated by Accenture Digital Consumer Survey in 2016, privacy concerns have moved from being a nagging issue to a top constraint as consumers now choose to abandon the devices and services over security concerns. Therefore, we must open ourselves to these possible challenges and fully understand them. Among the many limitations in an Internet-based system, the most important are those involving security and privacy.

iot security

IoT security

Our basic understanding of these types of devices tells us it creates an ecosystem of continually connected devices communicating over numerous networks, which leaves the network exposed to various kinds of attacks: more devices lead to more opportunities for compromise. Internet of Things systems’ nature of amorphous computing is a major security concern for many, as it does not always allow the patch fixes to reach every subsystem in the entire net of devices. When security patches do not reach older, outdated systems, some estimate it renders 87% of active devices vulnerable. Additionally, it allows for post-sale manipulations by corporations. The lack of strong security protocols fuel increased risks of other types of compromise, namely, sensor-related risks and ecosystem risks. Sensor-related risk is susceptibility in various types of connected devices: 

  • Counterfeit products: Duplicate products ingrained with malicious programs. At times only, certain components are modified to allow unauthorised access to the system or subsystems. Identity spoofing is a commonly used technique for gaining such access.  

  • Information extraction: Malicious code designed to extract sensitive information from any sensor or connected device(s).

iot privacyIoT privacy

Although the IoT claims to revolutionise active user engagement, it has already proved to be a great tool for passive engagement with users; especially in situations where a single device is used by multiple users, as for instance in public places. Privacy concerns have nudged many experts into believing that infrastructures based on big data are inherently incompatible with the concept of privacy. The recent example of hoardings and billboards containing hidden cameras to track the demographics of the commuters who showed considerable interest in a specific advertisement was cited to support the claims of “invasion of public space.” Considering the smart home systems, we can easily realise how the security and privacy of most households are susceptible to compromise by a simple analysis of the smart home system traffic patterns.

The sheer variety of applications creates a need to classify them. Although many different aspects can be considered for the classification of applications, the most popular scheme is based on the end-user, which is:

  • Consumer application: For the general consumer. For example, home automation solutions, wearable technology, etc.

  • Enterprise (business) application: For providing business solutions to a myriad of enterprises.

  • Infrastructure applications application: For maintenance and improving infrastructure. For example, smart traffic control, automatic toll collection, etc.

  • Health care application: For improving efficiency, accuracy, and precision of current medical instruments through responsive and integrated systems.


iot revolution

The IoT Security Revolution 

Learn about the revolution of IoT devices security and how smart technology comes with a myriad of benefits – as well as inevitable issues of security and data privacy.

Get Started

Advantages of IoT

So what are the benefits of IoT, over existing technology? The characteristics of IoT – for example how it interacts with existing technology – produces some unique advantages, which are explained in more detail below:

Smart technologySmart Technology 

The idea of smart technology has been around for over several decades. Computers are smart; our phones have become smarter, even our watches and TV’s have become smart. Therefore, the claim of a newer, smarter technology can’t account for the evolution technology market on the claim of being smart. Machine learning (ML) and artificial intelligence (AI) form a key component of the technology, as it provides the backbone of interaction and development of smart device purpose. The main difference between traditional smart devices and AI-powered devices is the latter evolves with the user. AI has the potential of eliminating humans from the scene altogether, or to minimize human error. 

AI forms a fundamental part of IoT, and when we consider a technology developed for evolving to future trends, we can truly say that we have something called smart can be called truly smart.

user engagement

User Engagement 

Passive user engagement remains one of the key problems of analytics today. Not only does it lean on indirect methods of obtaining required data but also suffers from incorrect conclusions due to the lack of exact data. These drawbacks are characteristic of any passive data collection system. The only method of overcoming these concerns is replacing passive data collection by “active data collection.” It removes blind spots in data collection by increasing the scope of the collection. IoT adds new areas of machine-to-machine interaction and human-to-machine interaction, thereby adding new opportunities for data assimilation. In today’s world, humans are not the only users of technology; machines have become the primary user with 50 billion machines expected to be connected to the Internet by 2020. With the ever-increasing number of devices in our lives and the advent of cheap and reliable sensors, operating machines has become more engaging and has added a plethora of opportunities to improve efficiency upon them.

user engagement

Enhanced Data

We generate massive amounts of data every second, and ignoring this data could prove problematic as it has the potential to change the very fabric of human-machine interaction. Also, this data is collected through active engagement with the users and can significantly improve the scope of data analytics. The kind of data being collected every second is only possible due to the efficient deployment of IoT solutions at specific locations.

With the rapid pace of development and the ever-increasing interest in this field, Internet of Things has undoubtedly become the star child of the century. However, despite standardisation, improved security it remains constant threat to personal information breaches. Apart from these, perhaps the biggest challenge today is the overhype. We must understand the limitations and abilities of any technology, focussing on viable solutions for consumers. Instead of creating confusion for the end user with complex systems, we should create simple, elegant solutions to problems people struggle with every day.

We must first dedicate ourselves to understanding this technology before wielding it in order to create an efficient and sustainable ecosystem reaping benefits for all of humankind.

This articles was cited from Machine Learning and IoT: A Biological Perspective, by Shampa Sen, Leonid Datta, Sayak Mitra. (2019).