Internet of Things (IoT) Lecture Notes

Overview of IoT

Definition: Network of physical objects embedded with electronics, software, sensors, and internet connectivity.
Technological Revolution: According to the World Economic Forum, we are on the brink of a technological revolution unlike anything experienced before.
Historical Context: Previous revolutions have included:
- Mechanical Revolution (1760): Steam engine invention.
- Second Revolution (1870): Introduction of electricity.
- Third Revolution: Computers and the internet.
Current Revolution: Focus on interconnectivity, AI, quantum computing, robotics, VR, biotechnology, and IoT.

Pre-Internet Era: Early mobile communication (SMS).
Advancement: Transition to internet content (emails, websites).
Smart Platforms: E-commerce and productivity services emerge.
Social Networking: Creation of a web of the internet of people.
Current Stage: Machine-to-machine communication, smart devices in smart homes, hospitals, highways, and factories.

Smart Cities: Traffic management, public transport, utility supply chain management, street lighting.
Elderly Care: Devices for fall detection, medication reminders, and GPS tracking.
Smart Agriculture: Cattle health monitoring using sensors.
Military Applications: Internet of Battlefield Things project enhancing soldiers' capabilities.

Basic Components:
- Things: Various devices like heart monitors, biochips, automobiles.
- Sensors and Actuators: Sensors collect data; actuators perform actions.
- Communicator: Facilitates connectivity between devices, often using Wi-Fi, RFID, or Bluetooth.
Lifecycle Stages:
1. Data Collection
2. Data Communication
3. Data Analysis
4. Action Based on Analysis
IoT Architecture Layers:
1. Physical Perception Layer: Smart things, sensors, actuators.
2. Network Layer: Supports protocols for data communication.
3. Application Layer: Provides smart services and data processing.
4. Semantics Layer: Manages IoT system activities with cognitive technologies.

Vulnerabilities: 90% of IoT devices are unencrypted; many are susceptible to medium and high-level attacks.
Generalized Threats: Data security, device integrity, hardware weaknesses, denial-of-service attacks, etc.
Specific Threats:
- Security & Privacy: Concerns over data collection and authentication.
- Device Integrity: Risks of attacks on critical infrastructures.
- Communication Protocols: Vulnerabilities in protocols like MQTT and Modbus.
Physical Layer Threats: Eavesdropping, timing attacks, device compromise, etc.
Network Layer Threats: Impersonation, denial of service, and message tampering.
Application Layer Threats: Cross-site scripting, SQL injection, and code execution vulnerabilities.

Information Gathering: Collecting data without direct communication.
Using Search Engines: Google Dorking to find device manuals and sensitive information.
FCC ID Information: Understanding device specifications and internal details.
Search Engines for IoT: Tools like Shodan and Scansys to discover vulnerabilities in connected devices.

Setting Up Environment: Installation of IoT GOAT and Kali Linux.
Scanning for Vulnerabilities: Using tools like Nmap to find open ports and services.
Exploiting Backdoors: Gaining access through discovered vulnerabilities.
Firmware Analysis: Techniques to extract and analyze firmware for vulnerabilities.

Understanding IoT Security: Essential for building secure IoT systems.
Addressing Threats: Continuous monitoring, assessment, and improvement are key for IoT security.