Internet of Things Internet of Things Integration and Security Challenges Edited by S. Velliangiri, Sathish A. P. Kumar, and P. Karthikeyan First edition published 2021 by CRC Press 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742 and by CRC Press 2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN © 2021 Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, LLC Reasonable efforts have been made to publish reliable data and information, but the author and pub- lisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyrighted material has not been acknowledged, please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or here- after invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copyright.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978- 750-8400. For works that are not available on CCC, please contact [email protected] Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Library of Congress Cataloging‑in‑Publication Data Names: Velliangiri, S., editor. | Kumar, Sathish A. P., editor. | Karthikeyan, P., 1981- editor. Title: Internet of things : integration and security challenges / edited by S. Velliangiri, Sathish A. P. Kumar, and P. Karthikeyan. Other titles: Internet of things (CRC Press) Description: First edition. | Boca Raton, FL : CRC Press/Taylor & Francis Group, LLC, 2021. | Includes bibliographical references and index. Identifiers: LCCN 2020032513 (print) | LCCN 2020032514 (ebook) | ISBN 9780367893873 (hardback) | ISBN 9781003032441 (ebook) Subjects: LCSH: Internet of things--Security measures. Classification: LCC TK5105.8857 .I65 2021 (print) | LCC TK5105.8857 (ebook) | DDC 005.8--dc23 LC record available at https://lccn.loc.gov/2020032513 LC ebook record available at https://lccn.loc.gov/2020032514 ISBN: 978-0-367-89387-3 (hbk) ISBN: 978-1-003-03244-1 (ebk) Typeset in Times LT Std by KnowledgeWorks Global Ltd. Contents Preface......................................................................................................................vii Editors .......................................................................................................................ix Contributors ..............................................................................................................xi Chapter 1 A Brief Overview of IoT Architecture and Relevant Security .............1 R. Biswas Chapter 2 Introduction, Security Challenges, and Threats in IoT ......................13 Sudhakar Hallur, Roopa Kulkarni, and Prashant Patavardhan Chapter 3 Role of Cryptography and Its Challenges in Integrating Secured IoT Products .......................................................................................39 D. Citharthan, M. Varatharaj, and D. Palanivel Rajan Chapter 4 Blockchain-Based Security for IoT in Cloud—A Review .................53 L. Sherly Puspha Annabel and Kripa Sekaran Chapter 5 AI and IoT Integration ........................................................................71 Gnanaprakasam Pandian, Vivek Vinayagam, Brian Xu, and Mark Sue Chapter 6 Security Challenges of IoT and Medical Devices in Healthcare .......87 Gnanaprakasam Pandian, Vivek Vinayagam, Brian Xu, and Mark Sue Chapter 7 IoT-Based WBAN Health Monitoring System with Security ..........107 Saswati Paramita Chapter 8 Integration of Blockchain into IoT ...................................................121 J. Premalatha and K. Sathya Chapter 9 Industrial Internet of Things Safety and Security ............................135 J. Premalatha and Vani Rajasekar v vi Contents Chapter 10 Unifying Cloud Computing with Internet of Things Using Secured Protocol ..............................................................................153 S. Rakoth Kandan, N. Dhanasekar, and P. Avirajamanjula Chapter 11 Improved Privacy Preservation Framework for Cloud-Based Internet of Things .............................................................................165 N. Yuvaraj, R. Arshath Raja, T. Karthikeyan, and N. V. Kousik Chapter 12 IoT-Based Energy Management System: Design and Implementation and Its Security Challenges ...................................175 M. Poongothai and N. Mahadevan Chapter 13 MQTT: As Default, Secured Protocol for IoT Communication and Its Practical Implementation ......................................................189 S. Suresh Kumar, D. Palanivel Rajan, and Yogesh M. Iggalore Index ......................................................................................................................209 Preface Internet of Things (IoT) is empowered by various technologies used to detect, gather, store, act, process, transmit, oversee, and examine information. The combination of emergent technologies for information processing and distributed security, such as cloud computing, artificial intelligence (AI), and blockchain, brings new challenges in addressing distributed security methods that form the foundation of improved and eventually entirely new products and services. As systems interact with each other, it is essential to have an agreed interoperability standard that is safe and valid. This book aims at providing an introduction by illustrating state-of-the-art security challenges and threats in IoT and the latest developments in IoT with cloud, AI, and blockchain security challenges. This book provides a comprehensive guide to researchers and students to design IoT-integrated AI, cloud, and blockchain proj- ects. Various application case studies from domains such as science, engineering, and healthcare are introduced along with their architecture and how they leverage various technologies in cloud, AI, and blockchain. Moreover, more advanced topics are presented, and it is interesting for researchers in the field of IoT who want an overview of the next generation’s challenges in IoT-integrated technologies that may occur in the coming years. Chapter 1 provides an introduction to IoT architecture and relevant security pro- tocols. The chapter also discusses integration management and security protocols. Apart from this, the impending challenges in IoT security are also outlined with the latest developments leading to plausible insights for solutions. Chapter 2 covers the essential aspects of security challenges and threats in IoT. Furthermore, the chapter discusses the three-layer architecture involving hardware communication protocols and a layer of services and applications, security, integrity, and hardware issues, challenges, threats, risks, and solutions involving the deploy- ment of efficient privacy, control, authentication, and integration methods to con- front various series of malicious cyberattacks. Chapter 3 discusses the role of cryptography and its challenges in integrating secured IoT products. This chapter also discusses the main challenges of cryptogra- phy and future directions of cryptography in integrating secured IoT products. Chapter 4 explains the convergence of significant paradigms like blockchain and IoT that includes security and interconnectivity to modernize things. Moreover, it discusses the challenges of implementing blockchain and its related security issues in IoT. Chapter 5 describes how artificial intelligence and machine learning (AI/ML) technology is being used to discover, manage, monitor, and protect all devices on a network. Various ML methodologies are discussed, including centroid-based clustering, hierarchical clustering, and classification techniques such as random forest. Chapter 6 identifies some of these specific issues and discusses various approaches for mitigating security concerns. A classification system based on the Common Vulnerability Scoring System (CVSS) is presented. The technology applied is vii viii Preface wide-ranging, including the integration of multi-vendor systems, AI/ML and the use of multiple database resources such as NVD/CVE and FDA. Chapter 7 focuses on different security issues, requirements, and solutions for IoT-based WBAN healthcare systems with a discussion of various security metrics. Chapter 8 introduces the blockchain concepts and their working principles. It cov- ers in detail the notions of public ledgers, immutability, and consensus algorithms existing in a blockchain. It also analyzes the security flaws in IoT, which need to be addressed to secure them for crucial applications. This chapter also focuses on vari- ous security limitations of IoT and the usage of blockchain to overcome those issues and make them favorable for real-time applications. Chapter 9 presents the concept of the industrial IoT along with its security chal- lenges and applications. It covers the existing security issues in the area of cyber- physical systems and the evolution of industrial IoT with a secure design pattern. Chapter 10 discusses the challenging factors in the cloud IoT integration model. In Chapter 11, a homomorphic encryption scheme is described to authenticate the data from IoT devices to the cloud securely. This algorithm acts as privacy- preserving outsourced storage and computation in the cloud IoT model. Chapter 12 describes the system to monitor the in-out activities of visitors to maintain the security of the laboratory and solve the occupancy detection problem. The practical implementation of MQTT in IoT applications is discussed in Chapter 13. It is used to reduce transport overhead, protocol exchanges with mini- mized information, and network traffic, and it includes a mechanism to notify inter- ested parties when an abnormal disconnection occurs. Editors S. Velliangiri earned his bachelor’s in computer science and engineering from Anna University, Chennai; master’s in computer science and engineering from Karpagam University, Coimbatore; and Doctor of Philosophy in information and communica- tion engineering from Anna University, Chennai. Currently, he works as an associate professor at CMR Institute of Technology, Hyderabad, Telangana. He was a member of the Institute of Electrical and Electronics Engineers (IEEE) and the International Association of Engineers (IAENG). He specializes in network security and optimi- zation techniques. He has published articles in more than 30 international journals and presented papers in more than 10 international conferences. He serves as a tech- nical program committee and conference chair in many international conferences. He also serves as an area editor in EAI Endorsed Journal of Energy Web. He was the reviewer of IEEE Transactions, and Elsevier, Springer, Inderscience, and reputed Scopus indexed journals. Sathish A. P. Kumar is currently an associate professor in the Department of Electrical Engineering and Computer Science at Cleveland State University (CSU). His research interests are in cybersecurity, machine learning, distributed systems, and related applications. Prof. Kumar has served on the program committees of numerous international conferences and as a reviewer for IEEE Transactions, including IEEE Transactions on Mobile Computing, IEEE Transactions on Cloud Computing, and IEEE Transactions on Services Computing. Prof. Kumar has pub- lished more than 50 technical research papers in journals and international confer- ence proceedings. P. Karthikeyan obtained his bachelor of engineering (BE) in computer science and engineering from Anna University, Chennai, Tamil Nadu, India in 2005 and received his master of engineering (ME) in computer science and engineering from Anna University, Coimbatore, Tamil Nadu, India in 2009. He earned his PhD from the Anna University, Chennai, in 2018. He is skilled in developing projects and car- rying out research in the area of cloud computing and data science with program- ming skills in Java, Python, R, and C. He has published articles in more than 20 international journals with good impact factor and presented papers in more than 10 international conferences. He was the reviewer of Elsevier, Springer, Inderscience, and reputed Scopus indexed journals. ix