张玉清 周 威 彭安妮
(国家计算机网络入侵防范中心(中国科学院大学) 北京 101408)(zhangyq@nipc.org.cn)
国家自然科学基金项目(61572460,61272481);国家重点研发计划项目(2016YFB0800703);信息安全国家重点实验室的开放课题(2017-ZD-01);国家发改委信息安全专项项目[(2012)1424];国家111项目(B16037) This work was supported by the National Natural Science Foundation of China (61572460, 61272481), the National Key Research and Development Program of China (2016YFB0800703), the Open Project Program of the State Key Laboratory of Information Security (2017-ZD-01), the National Information Security Special Projects of National Development and Reform Commission of China[(2012)1424], and the China 111 Project (B16037).
张玉清 周 威 彭安妮
(国家计算机网络入侵防范中心(中国科学院大学) 北京 101408)(zhangyq@nipc.org.cn)
自2005年国际电信联盟正式提出物联网(Internet of things, IoT)概念以来,传感器网络、云计算、微型芯片等技术不断发展成熟,物联网产业也迅速发展扩大.根据Statista门户网站最新统计数据[1],2016年互联设备数量已经达到176亿,预计到2020年突破300亿.国际数据公司预测,到2020年物联网市场规模将会突破7万亿美元[2].
1) 讨论问题不全面
2) 缺乏对物联网安全问题的深入分析
1 物联网架构安全研究现状
1) 云端数据聚合与智能处理
2) 应用平台为用户提供服务
1) 感知层设备的物理安全会比之前的传统计算机受到更为严重的威胁.因为农业和工业环境中的传感器分布较广,若传感器运转正常可能长时间无人进行检查,很可能被敌手直接捕获[13];对于小型家用和医疗的智能设备,攻击者更加可以容易对其进行侧信道分析[14-17].同时,智能医疗设备、穿戴设备和智能家居设备等会比传统的个人计算机收集到更多敏感隐私数据.香港大学安全研究人员通过侧信道分析智能手表中移动加速度传感器收集的数据,实现对用户击键行为的成功预测[14].还有研究人员通过侧信道分析智能插座的用电量来推断与其连接电脑上的运行程序[18].
2) 感知层设备受资源所限,只能执行少量的专用计算任务,没有足够的剩余资源用于实现细粒度的系统安全措施.此外许多工控专用设备其程序与系统依赖于特定的硬件架构,传统的访问控制、沙箱、病毒查杀等系统防御技术无法在这些特定设备上实现.这些因素都导致目前感知层设备的系统十分薄弱.Costin等人[19]通过分析大量的嵌入式设备系统固件,发现了许多可利用的高危系统漏洞.有研究人员提出在嵌入式系统中建立轻量级可信执行环境来保护其系统安全[20],但该方法计算开销较大,适用范围有限.还有研究人员设计了针对小型嵌入式设备系统的测试框架[21].但静态测试与漏洞检测方法无法实时动态保护嵌入式设备的系统安全.
3) 感知层设备在利用传输层的协议进行通信时,必然需要为传输层安全通信提供基础保障.主要包括通信密钥生成、设备身份认证以及数据溯源等.同样由于感知层设备资源有限,经典的加密、认证以及其他密码算法直接部署在传感器等小型嵌入式设备上会严重降低设备处理效率,大幅增加设备功耗.大部分研究人员通过设计轻量级密码学算法[22-24]或优化经典密码学算法实现方法[25]来解决这一难题.还有研究人员提出了一些创新性的思路来解决这一难题.Majzoobi和Hiller研究团队分别提出基于设备自身独特的物理特性(physical unclonable functions, PUF)的认证[26]和密钥生成协议[27],该方法不仅节省了单独存储密钥的设备资源,而且可以有效抵御侧信道分析.也有研究人员利用穿戴设备获取的用户人体生物的特征如步态[28]、滑动屏幕力度[29]等来实现设备认证,该方法在节省资源的同时还可实现了设备和使用者的双重认证.
本文统计了2012—2017年上半年中国计算机学会网络安全领域CCF A类和CCF B类会议与期刊164篇论文的讨论主题(剔除了调研类的文章),列出各个层次中讨论次数较多的研究热点,如表1所示.
Note:Some researches involve multiple layers.
2 物联网常见应用场景安全问题与研究现状
随着物联网技术的发展,物联网应用范围会愈发广泛.此外,诸如电动车与智能电网交互供电(vehicle-to-grid, V2G)等跨场景物联网应用技术,在节约能源与方便用户生活的同时,也带来了更多的安全与隐私泄露问题[92-93].有效解决物联网应用场景中的安全问题将对未来物联网应用设计与发展起着重要作用.
本文从1.5节调研的物联网安全相关论文中选取与特定场景相关的论文,然后统计智能家居(smart home)、智能医疗(digital healthcare)、智能汽车(intelligent vehicles)、智能电网与其他工业与公共基础设施(smart grid and industrial public infrastructure)各场景中的研究热点,如表2所示.因为智能电网也属于工业与公共基础设施,且单独讨论工业和公共基础设备安全的论文较少,所以表2中将这2个场景的研究热点划为一类进行统计.
Table 2 Research Hotpots in Each Application Domain of IoT
3 五大物联网安全技术挑战
Table 3 Security Concerns Correspond to the Hierarchy and the Main Application Domain
1) 近年来随着智能家居、智能医疗设备的增多,导致隐私的问题比2014年前更加严重.同时,随着厂商安全意识提高以及物联网设备安全测试工具[95]增多,不安全的Web服务数量有了明显下降.
2) 学术界更加关注可以通过技术手段解决的安全问题,而OWASP组织更加关注现实中最容易被攻击者利用的安全问题.例如学术界研究的侧信道与系统攻击,但实际应用中实现难度较高.故物理安全问题和系统安全问题在学术界安全问题中的排序比OWASP安全问题中的排序位置靠前.而Web服务漏洞以及不安全的网络认证和授权更容易被敌手利用,故这些问题在OWASP安全问题中的排序比学术界安全问题中的排序位置靠前.
Table 4 Academic Concerns and OWASP IoT TOP10
进一步分析上述安全问题产生原因,并由此总结出五大急需应对的物联网安全技术挑战分别为:数据共享的隐私保护方法(privacy preserving in data sharing)、有限资源下的设备安全保护方法(the equipment security protection with limited resources)、更加有效的入侵检测防御系统与设备测试方法(more effective intrusion detection and defense systems and test method)、针对自动化操作的访问控制策略(access control of equipment automation operations)、移动设备的跨域认证方法(cross-domain authentica-tion of motive device).上述五大安全技术挑战其分别对应解决哪些学术界关心的安全问题如表5所示:
Table 5 The Relationship Between Technology Challenges with Academic Concerns
4 未来研究方向
1) 隐私数据保护
2) 轻量级安全机制
3) 入侵检测与防御系统
4) 针对自动化操作的访问控制策略
5) 移动设备的跨域认证方法
5 总 结
[1] Statista Inc. Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions)[EB/OL]. [2017-05-30]. https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/
[2] Ironpaper Growth Agency. Internet of Things Market Statistics-2016[EB/OL]. (2016-02-04) [2017-04-08]. http://www.ironpaper.com/webintel/articles/internet-of-things-market-statistics/
[3] MARC GOODMAN. Hacking the Human Heart[EB/OL]. [2017-04-24]. http://bigthink.com/future-crimes/hacking-the-human-heart
[4] Langner R. Stuxnet: Dissecting a cyberwarfare weapon[J]. IEEE Security & Privacy, 2011, 9(3): 49-51
[5] Wikipedia. 2016 dyn cyberattack[EB/OL].[2017-05-09]. https://en.wikipedia.org/w/index.php?title=2016_Dyn_cyberattack&oldid=763071700
[6] Patterson R. How safe is your data with the IoT and smart devices[EB/OL]. [2017-04-29]. https://www.comparitech.com/blog/information-security/iot-data-safety-privacy-hackers/
[7] Wright A. Mapping the Internet of Things[M]. New York: ACM, 2016
[8] GeekPwn. IoT devices have a large number of low-level loopholes[EB/OL]. [2017-04-23]. http://www.sohu.com/a/129188339_198147
[9] Roman R, Zhou J, Lopez J. On the features and challenges of security and privacy in distributed Internet of things[J]. Computer Networks, 2013, 57(10): 2266-2279
[10] Fu K, Kohno T, Lopresti D, et al. security and privacy threats posed by accelerating trends in the Internet of things[EB/OL].[2017-05-10]. http://cra.org/ccc/wp-content/uploads/sites/2/2017/02/Safety-Security-and-Privacy-Threats-in-IoT.pdf
[11] Li Ling, Li Shancang, Zhao Shanshan. QoS-aware scheduling of services-oriented Internet of things[J]. IEEE Trans on Industrial Informatics, 2014, 10(2): 1497-1505
[12] Wu Chuankun. Security Fundamentals for Internet of Things[M]. Beijing: Science Press, 2013 (in Chinese)
(武传坤. 物联网安全基础[M]. 北京: 科学出版社, 2013)
[13] Zhao Kai, Ge Lina. A survey on the Internet of things security[C] //Proc of the 9th Int Conf on Computational Intelligence and Security. Los Alamitos, CA: IEEE Computer Society, 2013: 663-667
[14] Liu Xiangyu, Zhou Zhe, Diao Wenrui. When good becomes evil: Keystroke inference with smartwatch[C] //Proc of the 22nd ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2015: 1273-1285
[15] Das A, Borisov N, Caesar M. Do you hear what I hear?: Fingerprinting smart devices through embedded acoustic components[C] //Proc of the 21st ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2014: 441-452
[16] Vasyltsov I, Lee S. Entropy extraction from bio-signals in healthcare IoT[C] //Proc of the 1st ACM Workshop on IoT Privacy, Trust, and Security. New York: ACM, 2015: 11-17
[17] Mccann D, Eder K, Oswald E. Characterising and comparing the energy consumption of side channel attack countermeasures and lightweight cryptography on embedded devices[C] //Proc of Int Workshop on SIOT2015. Piscataway, NJ: IEEE, 2015: 65-71
[18] Conti M, Nati M, Rotundo E, et al. Mind the Plug! Laptop-user recognition through power consumption[C] //Proc of the 2nd ACM Workshop on Iot Privacy, Trust, and Security. New York: ACM, 2016: 37-44
[19] Costin A, Zaddach J, Francillon A, et al. A large-scale analysis of the security of embedded firmwares[C] //Proc of the 23nd USENIX Security Symposium. Berkeley, CA: USENIX Association, 2014: 95-110
[20] Azab A M, Swidowski K, Bhutkar J M, et al. Skee: A lightweight secure kernel-level execution environment for arm[C] //Proc of the 23th Network and Distributed System Security Symp. Reston, VA: ISOC, 2016
[21] Sachidananda V, Toh J, Siboni S, et al. POSTER: Towards exposing Internet of things: A roadmap[C] //Proc of the 23rd ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2016: 1820-1822
[22] Guo Fuchun, Mu Yi, Susilo W, et al. CP-ABE with constant-size keys for lightweight devices[J]. IEEE Trans on Information Forensics & Security, 2014, 9(5): 763-771
[23] Shi Yang, Wei Wujing, He Zongjian, et al. An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices[C] //Proc of the 32nd Annual Conf on Computer Security Applications. New York: ACM, 2016: 16-29
[24] Buchmann J, Pfert F, Neysu T, et al. High-performance and lightweight lattice-based public-key encryption[C] //Proc of the 2nd ACM Int Workshop on Iot Privacy, Trust, and Security. New York: ACM, 2016: 2-9
[25] Rauter T, Kajtazovic N, Kreiner C. Privilege-based remote attestation: Towards integrity assurance for lightweight clients[C] //Proc of the 1st ACM Workshop on IoT Privacy, Trust, and Security. New York: ACM, 2015: 3-9
[26] Majzoobi M, Rostami M, Koushanfar F, et al. Slender PUF protocol: A lightweight, robust, and secure authentication by substring matching[C] //Proc of IEEE Symp on Security and Privacy Workshop on TrustED2012. Los Alamitos, CA: IEEE Computer Society, 2012: 33-44
[27] Hiller M, Önalan A G, Sigl G, et al. Online reliability testing for PUF key derivation[C] //Proc of the 6th Int Workshop on Trustworthy Embedded Devices. New York: ACM, 2016: 15-22
[28] Xu Weitao, Lan Guohao, Lin Qi, et al. KEH-Gait: Towards a mobile healthcare user authentication system by kinetic energy harvesting[C] //Proc of the 24th Network and Distributed System Security Symp. Reston, VA: ISOC, 2017
[29] Scheel R A, Tyagi A. Characterizing composite user-device touchscreen physical unclonable functions (PUFs) for mobile device authentication[C] //Proc of Int Workshop on TrustED2015. New York: ACM, 2015: 3-13
[30] Dudek D. On the Detectability of Weak DoS Attacks in Wireless Sensor Networks[M]. Berlin: Springer, 2013: 243-257
[31] Sultana S, Ghinita G, Bertino E, et al. A lightweight secure provenance scheme for wireless sensor networks[C] //Proc of the 21st Int Conf on Parallel and Distributed Systems. Piscataway, NJ: IEEE, 2013: 101-108
[32] Ortiz-Yepes D A. BALSA: Bluetooth low energy application layer security add-on[C] //Proc of Int Workshop on SIOT2015. Piscataway, NJ: IEEE, 2015: 15-24
[33] Szalachowski P, Perrig A. Lightweight protection of group content distribution[C] //Proc of the 1st ACM Workshop on IoT Privacy, Trust, and Security. New York: ACM, 2015: 35-42
[34] Zhu Yihai, Yan Jun, Tang Yufei, et al. Joint substation-transmission line vulnerability assessment against the smart grid[J]. IEEE Trans on Information Forensics & Security, 2015, 10(5): 1010-1024
[35] Niemietz M, Somorovsky J, Mainka C, et al. Not so smart: On smart TV apps[C] //Proc of Int Workshop on SIOT2015. Piscataway, NJ: IEEE, 2015: 72-81
[36] Zhang Yuexin, Xiang Yang, Huang Xinyi, et al. A cross-layer key establishment scheme in wireless mesh networks[C] //Proc of ESORICS 2014. Berlin: Springer, 2014: 526-541
[37] Nguyen K T, Oualha N, Laurent M. Authenticated Key Agreement Mediated by a Proxy Re-encryptor for the Internet of Things[M]. Berlin: Springer, 2016
[38] Chakravorty A, Wlodarczyk T, Rong C. Privacy preserving data analytics for smart homes[J]. IEEE Computer Society Security & Privacy Workshops, 2013, 42(6): 23-27
[39] Lu Zhuo, Wang Wenye, Wang C. Camouflage traffic: Minimizing message delay for smart grid applications under jamming[J]. IEEE Trans on Dependable & Secure Computing, 2015, 12(1): 31-44
[40] Riliskis L, Shafagh H, Levis P. Computations on encrypted data in the Internet of things applications[C] //Proc of the 22nd ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2015: 1668-1670
[41] Ravikumar G K, Manjunath T N, Hegadi R S, et al. A survey on recent trends, process and development in data masking for testing[J]. International Journal of Computer Science Issues, 2011, 8(2): 1709-1720
[42] Xu Jia, Yang Anjia, Zhou Jianying, et al. Lightweight Delegatable Proofs of Storage[M]. Berlin: Springer, 2016
[43] Yang Lei, Humayed A, Li Fengjun. A multi-cloud based privacy-preserving data publishing scheme for the Internet of things[C] //Proc of the 32nd Conf on Computer Security Applications. New York: ACM, 2016: 30-39
[44] Condra G. A plea for incremental work in IoT security[C] //Proc of Int Workshop on TrustED2015. New York: ACM, 2015: 39-39
[45] Tang Yuzhe, Wang Ting, Liu Ling, et al. Lightweight authentication of freshness in outsourced key-value stores[C] //Proc of the 30th Conf on Computer Security Applications. New York: ACM, 2014: 176-185
[46] Pirker M, Slamanig D, Winter J. Practical privacy preserving cloud resource-payment for constrained clients[G] //LNCS 7384: Privacy Enhancing Technologies. Berlin: Springer, 2012: 201-220
[47] Hardjono T, Smith N. Cloud-based commissioning of constrained devices using permissioned blockchains[C] //Proc of the 2nd ACM Int Workshop on Iot Privacy, Trust, and Security. New York: ACM, 2016: 29-36
[48] Altmeier C, Mainka C, Somorovsky J, et al. AdIDoS—Adaptive and intelligent fully-automatic detection of denial-of-service weaknesses in Web services[M]. Data Privacy Management, and Security Assurance. Berlin: Springer, 2015: 65-80
[49] Ali M Q, Al-Shaer E. Configuration-based IDS for advanced metering infrastructure[C] //Proc of the 20th ACM SIGSAC Conf on Computer & Communications Security. New York: ACM, 2013: 451-462
[50] Fernandes E, Jung J, Prakash A. Security analysis of emerging smart home applications[C] //Proc of Int Workshop on SIOT2014. Los Alamitos, CA: IEEE Computer Society, 2016: 636-654
[51] Fremantle P, Aziz B, Kopecky J, et al. Federated identity and access management for the Internet of things[C] //Proc of Int Workshop on Secure Internet of Things. Piscataway, NJ: IEEE, 2014: 10-17
[52] Mituca A, Moin A H, Prehofer C. Access control for apps running on constrained devices in the Internet of things[C] //Proc of Int Workshop on SIOT2014. Piscataway, NJ: IEEE, 2014: 1-9
[53] Copos B, Levitt K, Bishop M, et al. Is anybody home? Inferring activity from smart home network traffic[C] //Proc of the 2nd Int Workshop on Privacy Engineering. Piscataway, NJ: IEEE, 2016: 245-251
[54] Obermaier J, Hutle M. Analyzing the security and privacy of cloud-based video surveillance systems[C] //Proc of the 2nd ACM Int Workshop on Iot Privacy, Trust, and Security. New York: ACM, 2016: 22-28
[55] Fernandes E, Paupore J, Rahmati A, et al. Flowfence: Practical data protection for emerging IOT application frameworks[C] //Proc of the 25th Usenix Security Symposium. Berkeley, CA: USENIX Association, 2016
[56] Yu T, Sekar V, Seshan S, et al. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-things[C] //Proc of the 14th ACM Workshop on Hot Topics in Networks. New York: ACM, 2015: 5
[57] Henry N L, Paul N R, Mcfarlane N. Using bowel sounds to create a forensically-aware insulin pump system[C] //Proc of USENIX Workshop on HealthTech’13. Berkeley, CA: USENIX Association, 2013
[58] Sicari S, Rizzardi A, Grieco L A, et al. Security, privacy and trust in Internet of things: The road ahead[J].. Computer Networks: The International Journal of Computer and Telecommunications Networking, 2015, 76(C):146-164
[59] Mer M, Aspinall D, Wolters M. Weighing in eHealth Security[C] //Proc of the 23rd ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2016: 1832-1834
[60] Hewlett Packard Enterprise. Healthcare Rx: How technology and IoT can help fix a broken system[EB/OL]. [2017-05-09]. https://insights.hpe.com/reports/healthcare-rx-how-technology-and-iot-can-help-fix-a-broken-system-1701.html
[61] Clark S S, Ransford B, Rahmati A, et al. WattsUpDoc: Power side channels to nonintrusively discover untargeted malware on embedded medical devices[C] //Proc of USENIX Workshop on HealthTech’13. Berkeley, CA: USENIX Association, 2013
[62] Krishnan R. Ransomware hijacks hotel smart keys to lock guests out of their rooms[EB/OL]. (2016-04-03) [2017-05-13]. http://thehackernews.com/2016/04/hospital-ransomware.html
[63] Rubin A D. Taking two-factor to the next level: Protecting online poker, banking, healthcare and other applications[C] //Proc of the 30th Annual Computer Security Applications Conf. New York: ACM, 2014: 1-5
[64] Duffy E, Nyemba S, Gunter C A, et al. Requirements and design for an extensible toolkit for analyzing EMR audit logs[C] //Proc of USENIX Workshop on HealthTech’13. Berkeley, CA: USENIX Association, 2013
[65] Dong Xiaolei. Advances of privacy preservation in Internet of things[J]. Journal of Computer Research and Development, 2015, 52(10): 2341-2352 (in Chinese)
(董晓蕾. 物联网隐私保护研究进展[J].计算机研究与发展, 2015, 52(10): 2341-2352)
[66] Miller C, Valasek C. Remote exploitation of an unaltered passenger vehicle[OL]. (2015-08-10) [2017-05-23]. http://illmatics.com/Remote%20Car%20Hacking.pdf
[67] Forensics E. The most hackable cars on the road[EB/OL]. (2015-08-19) [2017-05-29]. http://www.envistaforensics.com/news/the-most-hackable-cars-on-the-road-1
[68] Theguardian. Team of hackers take remote control of tesla models from 12 miles away[EB/OL]. (2016-09-20)[2017-05-06]. https://www:theguardian:com/technology/2016/sep/20/tesla-model-s-chinese-hack-remote-control-brakes
[69] Hartenstein H, Laberteaux K. A tutorial survey on vehicular ad hoc networks[J]. IEEE Communications Magazine, 2008, 46(6): 164-171
[70] Radu A I, Garcia F D. LeiA: A lightweight authentication protocol for CAN[G] //Computer Security-ESORICS 2016. Berlin: Springer, 2016: 283-300
[71] Weimerskirch A. An overview of automotive cybersecurity: Challenges and solution approaches[C] //Proc of Int Workshop on TrustED2015. New York: ACM, 2015: 53
[72] Wang L, Nojima R, Moriai S. A secure automobile information sharing system[C] //Proc of the 1st ACM Workshop on Iot Privacy, Trust, and Security. New York: ACM, 2015: 19-26
[73] Tan R, Krishna V B, Yau D K Y, et al. Impact of integrity attacks on real-time pricing in smart grids[C] //Proc of the 20th ACM SIGSAC Conf on Computer & Communications Security. New York: ACM, 2013: 439-450
[74] Vieira B, Poll E. A security protocol for information-centric networking in smart grids[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 1-10
[75] Dimitriou T, Karame G. Privacy-friendly planning of energy distribution in smart grids[C] //Proc of ACM Workshop on SEGS’14. New York: ACM, 2014: 1-6
[76] Erkin Z, Veugen T. Privacy enhanced personal services for smart grids[C] //Proc of ACM Workshop on SEGS’14. New York: ACM, 2014: 7-12
[77] Danezis G,Kohlweiss M. Smart meter aggregation via secret-sharing[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 75-80
[78] Biselli A, Franz E. Protection of consumer data in the smart grid compliant with the German smart metering guideline[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 41-52
[79] Wikipedia. SCADA[EB/OL].[2017-05-11]. https://en.wikipedia.org/wiki/SCADA
[80] Wikipedia. Industrial control system[EB/OL].[2017-05-11]. https://en.wikipedia.org/wiki/Industrial_control_system
[81] Cardenas A A, Amin S, Sastry S. Secure control: Towards survivable cyber-physical systems[C] //Proc of the 28th Int Conf on Distributed Computing Systems Workshops.Los Alamitos,CA: IEEE Computer Society, 2008: 495-500
[82] Luiijf E. Threats in Industrial Control Systems[M]. Berlin: Springer, 2016
[83] Edward J M C. Security of cyber-physical systems[J]. Journal of Cyber Security and Information Systems, 2017, 5(1): 41-47
[85] Lin Hui, Slagell A, Kalbarczyk Z, et al. Semantic security analysis of SCADA networks to detect malicious control commands in power grids[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 29-34
[86] Sullivan D T, Colbert E J. Network analysis of reconnaissance and intrusion of an industrial control system,AD1016413[R]. New York: Defense Technical Information Center, 2016
[87] Henry M H, Zaret D R, Carr J R, et al. Cyber Risk in Industrial Control Systems[M]. Berlin: Springer, 2016
[88] Costin A. Security of CCTV and video surveillance systems: Threats, vulnerabilities, attacks, and mitigations[C] //Proc of the 6th Int Workshop on Trustworthy Embedded Devices. New York: ACM, 2016: 45-54
[89] Line M B, Zand A, Stringhini G, et al. Targeted attacks against industrial control systems: Is the power industry prepared?[C] //Proc of ACM Workshop on SEGS’14. New York: ACM, 2014: 13-22
[90] Colbert E J M, Kott A. Cyber-security of SCADA and Other Industrial Control Systems[M]. Berlin: Springer, 2016
[91] Formby D, Sang S J, Copeland J, et al. An empirical study of TCP vulnerabilities in critical power system devices[C] //Proc of ACM Workshop on SEGS’14. New York: ACM, 2014: 39-44
[92] Wang Huaqun, Qin Bo, Wu Qianhong, et al. TPP: Traceable privacy-preserving communication and precise reward for vehicle-to-grid networks in smart grids[J]. IEEE Trans on Information Forensics & Security, 2015, 10(11): 2340-2351
[93] Rahman M A, Mohsen F, Al-Shaer E. A formal model for sustainable vehicle-to-grid management[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 81-92
[94] OWASP. OWASP Internet of Things Top Ten[EB/OL].[2017-05-20]. https://www.owasp.org/images/7/71/Internet_of_Things_Top_Ten_2014-OWASP.pdf
[95] Dantas H, Erkin Z, Doerr C, et al. eFuzz: A fuzzer for DLMS/COSEM electricity meters[C] //Proc of ACM Workshop on SEGS’14. New York: ACM, 2014: 31-38
[96] Ayday E, Raisaro J L, Mclaren P J, et al. Privacy-preserving computation of disease risk by using genomic, clinical, and environmental data[C] //Proc of USENIX Conf on Safety, Security, Privacy and Interoperability of Health Information Technologies. Berkeley, CA: USENIX Association, 2013: 1-10
[97] Saarinen M O. The BlueJay Ultra-Lightweight hybrid cryptosystem[C] //Proc of IEEE Symp on Security and Privacy Workshop on TrustED2012. Los Alamitos, CA: IEEE Computer Society, 2012: 27-32
[98] Zenger C T, Chur M J, Posielek J F, et al. A novel key generating architecture for wireless low-resource devices[C] //Proc of Int Workshop on SIOT2014. Piscataway, NJ: IEEE, 2014: 26-34
[99] Ding Lin, Jin Chenhui, Guan Jie, et al. Cryptanalysis of lightweight WG-8 stream cipher[J]. IEEE Trans on Information Forensics & Security, 2014, 9(4): 645-652
[100] Dougherty D J, Guttman J D. Decidability for lightweight Diffie-Hellman protocols[C] //Proc of the 27th Computer Security Foundations Symp. Piscataway, NJ: IEEE, 2014: 217-231
[101] Yan Jun, He Haibo, Zhong Xiangnan, et al. Q-learning-based vulnerability analysis of smart grid against sequential topology attacks[J].IEEE Trans on Information Forensics & Security, 2016, 12(1): 200-210
[102] Kasinathan P, Costamagna G, Khaleel H, et al. DEMO: An IDS framework for Internet of things empowered by 6LoWPAN[C] //Proc of the 20th ACM SIGSAC Conf on Computer & Communications Security. New York: ACM,2013: 1337-1340
[103] Hoeve M. Detecting intrusions in encrypted control traffic[C] //Proc of ACM Workshop on SEGS’13. New York: ACM, 2013: 23-28
[104] Mahalle P N, Anggorojati B, Prasad N R, et al. Identity establishment and capability based access control (IECAC) scheme for Internet of Things[C]//Proc of Int Symp on IEEE WPMC’12. Piscataway, NJ: IEEE, 2012: 187-191
[105] Windley P J. API access control with OAuth: Coordinating interactions with the Internet of things[J]. IEEE Consumer Electronics Magazine, 2015, 4(3): 52-58
[106] Jia Y J, Chen Q A, Wang Shiqi, et al. ContexIoT: Towards providing contextual integrity to appified IoT platforms[C] //Proc of the 24th Network and Distributed System Security Symp. Reston, VA: ISOC, 2017
[107] Chen I R, Bao F, Guo Jia. Trust-based service management for social Internet of things systems[J]. IEEE Trans on Dependable & Secure Computing, 2016, 13(6): 684-696
[108] Ilie-Zudor E, Kemeny Z, van Blommestein F, et al. A survey of applications and requirements of unique identification systems and RFID techniques[J]. Computers in Industry, 2011, 62(3): 227-252
[109] Wang Jian. The study of key technologies of privacy-preserving data mining[D]. Shanghai: Donghua University, 2011 (in Chinese)
(王健. 基于隐私保护的数据挖掘若干关键技术研究[D]. 上海: 东华大学, 2011)
[110] Shokri R, Shmatikov V. Privacy-preserving deep learning[C] //Proc of the 53rd Annual Allerton Conf on Communication, Control, and Computing. Piscataway, NJ: IEEE, 2015: 909-910
Zhang Yuqing, Zhou Wei, and Peng Anni
With the development of smart home, intelligent care and smart car, the application fields of IoT are becoming more and more widespread, and its security and privacy receive more attention by researchers. Currently, the related research on the security of the IoT is still in its initial stage, and most of the research results cannot solve the major security problem in the development of the IoT well. In this paper, we firstly introduce the three-layer logic architecture of the IoT, and outline the security problems and research priorities of each level. Then we discuss the security issues such as privacy preserving and intrusion detection, which need special attention in the IoT main application scenarios (smart home, intelligent healthcare, car networking, smart grid, and other industrial infrastructure). Though synthesizing and analyzing the deficiency of existing research and the causes of security problem, we point out five major technical challenges in IoT security. They are privacy protection in data sharing, the equipment security protection under limited resources, more effective intrusion detection and defense systems and method, access control of equipment automation operations and cross-domain authentication of motive device. We finally detail every technical challenge and point out the IoT security research hotspots in future.
Internet of things; security; privacy; intelligent; survey; challenge
ZhangYuqing, born in 1966. PhD. Professor in the University of Chinese Academy of Sciences. His main research interests include network and information system security.
ZhouWei, born in 1993. PhD candidate in the University of Chinese Academy of Sciences. His main research interests include network and system security (zhouw@nipc.org.cn).
PengAnni, born in 1995. PhD candidate in the University of Chinese Academy of Sciences. Her main research interests include network and system security (pengan@nipc.org.cn).