IoT security best practices

Computational Security for the IoT and iot security ongoing challenges and research opportunities
Dr.MohitBansal Profile Pic
Published Date:26-10-2017
Your Website URL(Optional)
Computational Security for the IoT and Beyond Although the fundamental processes in society (e.g., the need for travel, busi- ness, and entertainment) have not changed for as much as the past 1000 years, the complexities of life and the world have been increasing constantly as these pro- cesses are being made ever more efficient 25. The underlying complex systems are often envisioned as networks of mutually interconnected subunits (so-called 355356  Security and Privacy in Internet of Things (IoTs) structural models, being derived from a physical structure), or as networks cap- turing interdependencies and relationships (so-called functional models, being derived from a logical structure) 19, 47. Thus, network models are collections of scalar (often binary) interactions between the pairs of entities. For example, living matter is formed by complex interactions of biomolecules, cells, organs, tissue, individuals, and populations 51. On the other hand, socioeconomic infrastructures such as telecommunication systems, roads, and distribution of utilities are examples of the largest man-made networks. Notably, the social and biological systems are far more complex than any man-made technology, with the human brain being the most complex structure known in our universe. From a historical perspective, as the tertiary economic sector of services (established shortly after the second world war) has become saturated, there is a natural pressure to build a new quaternary economic sector to offer new employ- ment opportunities. This new economic sector will benefit from the information revolution of the twenty-first century and from the expanding, knowledge-based digital economy. More importantly, it is expected that the quaternary economy will focus mainly on understanding, controlling, and synthesizing biological sys- tems to improve cognitive and other capabilities of human beings. In other words, as the late twentieth century was about development and deployment of ICT, the beginning of the twenty-first century is about the exploration of active matter and life sciences. For instance, synthetic biology can modify existing organisms, which has many security implications. The IoT will build bridges between the existing complex systems by extend- ing the reach of the Internet into the physical world. This will allow deeper inte- gration of the human world with nature (down to nanoscale levels) as well as more efficient utilization of resources by intelligent management of flows of peo- ple, goods, and assets. The goal is to build pervasive systems and environments that are reliable, unobtrusive, autonomous, and secure. The intelligent systems and smart environments involving the IoT can be considered to be generalizations of the Internet (cf. combinatorial evolution of technology 43). The controlla- bility of the systems and environments will be enhanced significantly through a network of nested heterogeneous networks with numerous hybrid interfaces, leading to a formation of an extremely complex system of systems. The intelli- gence will especially concern the interfaces, while the objects and processes will be assigned their unique identifications (IDs). The information flows pertinent to such intelligence must be governed by information security policies including information labeling (classification), modification, ownership, and accountabil- ity. The proliferation of the IoT will enable access to information about any envi- ronment and about the status of any object, anytime, and anywhere. Establishing these information highways is driven by the deployment of various IoT sensors (physical devices) and markers (logical devices). In addition to ubiquitous sen- sors, the radiofrequency ID (RFID) tags are another key enabler of the IoT, even though these tags often have very limited computational and memory capabili- ties (e.g., write-once memory, allowing only for static cryptographic keys). SoComputational Security for the IoT and Beyond  357 far, the security of the RFID networks concern the use of so-called blocker tags (to overwhelm the tag reader) and the establishment of privacy zones 26. Information extracted from the data reported by the IoT is vital to make mean- ingful decisions to move the system toward a desirable state. Thus, the emergence of the IoT will have profound effects on functionality, dynamics, processes, and activities, including security of many if not all systems on the earth:  The existing (already complex) systems will become more closely inter- connected and immersed.  The interactions of components within and in between systems will increase.  The existing services will be modified while the opportunities for new services will emerge.  Our perception of the environment and the reality we live in will change.  The scale and scope of security problems (among others) will greatly expand. For example, the Internet redefined social interactions 3 and is affecting the structure and functions of the human brain 55. Nanoparticles are now used for sensing the biochemical processes inside biological cells and for drug delivery 16, 17. The utility grids are enhanced using secure data aggregation to optimize energy consumption 33. The IoT will also drive machine-to-machine (M2M) communications. More- over, machine-to-human (M2H) communications are expected to be increasingly more important; for instance, to enhance human brain capabilities, and at the same time, to also enhance machines by exploiting the computational power of the human brain (e.g., to detect, classify, and track multiple objects in arbitrary visual scenes is an overwhelmingly complex task). The IoT networks can be even used to implement brain-to-brain communications 48. In general, the human brain is the subject of intensive ongoing research 52. For instance, the brain’s complexity has been created in only 4.5 million years as a direct consequence of social interactions and our ability to bypass natural selection (evolution). Unlike very similar biological structures of the body in all human beings, brain struc- tures show enormous variations among individuals. As the human brain is pri- marily responsible for creating our culture as well as for making decisions, the brain and our mind are now also the subject of serious security concerns. In par- ticular, a new concept of so-called nonlinear or hybrid, network-centered wars involving political, economical, social, psychological, and information contact- less encounters as well as conventional military operations, is outlined in a report 10. This report, frequently debated on the Internet, argues that mankind has entered a new era of permanent war, with the current phase being psychological warfare, primarily targeting human thinking and decision-making. As well as the358  Security and Privacy in Internet of Things (IoTs) (a) (b) (c) Figure 14.1: An example of three interacting networks (the gateway nodes are filled) where, e.g., (a) is the human brain, (c) represents the surrounding environment, and (b) is the IoT network creating the bridge between the other two networks. for Internet media, such warfare can exploit new data from mobile phone sensors, and from enhanced personal communications and other ambient technologies 41 to affect our perceptions of reality, and also, in turn, our decisions (cf. ubiq- uitous advertising). In summary, we may expect emergence of ecosystems of interconnected things deployed in diverse environments with many industries and players involved to make the world we live in more intelligent, predictable, and controllable. Complex systems are the main focus of many current scientific and techni- cal investigations. These systems can be conveniently modeled as graphs repre- senting interactions of a large number of nodes 14, 47. They usually require multiple models of different types (structural or physical vs. functional or log- ical) at different spatiotemporal scales 32. As an example, Figure 14.1 shows three interacting systems, with Network B acting as a bridge or interface between Networks A and C. For example, Network A is the human brain, Network C is the surrounding environment, and Network B are the IoT sensors and actuators. Even though the security of computer networks and of cybersystems have been studied and understood extensively 50, the security of more general systems having a network-like structure seems to be a new subject 38. For instance, as the biological and social networks are very complex, defining their security is likely to be rather nontrivial. In general, security provisioning requires extra resources (“there is no free lunch”), and often, to trade off reliability, availability, and security 4. The cur- rent approaches to security emphasize prevention with pervasive monitoring and control through passive protection, perhaps mimicking security as it evolved in nature. The security of all systems can be described using security policies and procedures. For networks involving technology, security must also account for hardware and software implementations and their updates (due to possibly fre- quent turnarounds and modernization). When considering the security of com- plex sociotechnical networks, the main challenges accelerating the demand for their security are:Computational Security for the IoT and Beyond  359  Highly fragmented systems with diverse components and hybrid inter- faces  Components with varying levels of security certification, standards com- pliance and interoperability  A mixture of components designed with embedded security features and those with security added as an extra feature  A highly competitive environment with many manufacturers, operators, contractors, suppliers, etc.  The convergence of information and operation technologies (IT and OT)  A growing need for remote access and management of subsystems  A paradigm shift in the motives and targets of the adversaries, fueled by IoT characteristics (e.g., the shift from small to large scale, from ad hoc to well planned, from single domain to concurrent attacks across multiple domains, from material or financial to psychological, etc.) Ultimately, security provisioning must aim at  Developing and supporting widely accepted good security practices across IoT industries  Identifying security monetization opportunities and accounting for under- lying costs (e.g., environmental, social, and system downtime costs)  Developing universal, systematic approaches to holistic security that encompass all complex systems affecting our lives (e.g., embedding secu- rity and creating security platforms and concepts, security intelligence, plug-and-play security, etc.)  Developing automated security threat (risk) assessments and security analytics for arbitrary complex systems or their subsystems Some of these challenges and aims can be addressed by implementing security at multiple scales, at different segments (creating secure, less secure, and nonsecure zones with the corresponding varying levels of security risks), and at multiple layers (so-called layered security, robust against penetration attacks). Similarly to other networked services and functions, security can be either implemented within the network core or at the network’s edges; a viable network security will likely require combination of both these approaches. One of the main reasons to be concerned about security is that it impacts the sustainability of systems 31. For instance, malicious behavior, harmful actions, malfunctions, and errors are likely to propagate through the network, and may permanently change the system’s internal state 47. Many real-world360  Security and Privacy in Internet of Things (IoTs) network systems and network models are scale-free which makes them very robust against random, ad hoc attacks (i.e., random removal of edges and nodes) 1. However, these networks are very vulnerable to targeted attacks; for instance, removing the hubs (highly connected nodes) can disrupt the network and its functions very quickly. For example, a phishing attack targeting a specific indi- vidual (so-called spear phishing) significantly improves the probability of suc- cess 4. Hence, when considering how to build the secure IoT, the focus should be on targeted, planned attacks. The ad hoc random attacks that prevail in today’s computer networks usually cause a temporary service disruption, even though the aggregated cost of damages may be huge. However, a targeted and well-planned attack may cause high-impact and lasting (even permanent) damage in many gen- eral network-like systems. For example, a small-scale targeted attack to selected power plants or the electricity distribution grid may cause a long-lasting coun- trywide blackout. The bottom line of most security attacks seems to be to identify a vulnerabil- ity in the system to bypass its defense mechanisms. Obviously, defense becomes more difficult for more complex systems; as popular wisdom goes: “the system designers have to secure everything, but the attacker has to find only one vulner- ability.” The most common vulnerability is to make assumptions about system processes, system status, typical behavior of users, expected format of inputs, and so on. The attackers are likely to search for situations when and where these commonly accepted assumptions are violated, and use them to launch an attack. However, making these assumptions can never be entirely avoided due to the complexity of the systems we are dealing with, so no system can ever be made absolutely secure. For example, any process within the system that is predictable can be considered as an assumption that can be exploited by the attacker. Thus, security should be considered to be a dynamic, continuously evolving process rather than a static, one-off solution. 14.1 Characterizing Complex Systems Many systems in our world can be modeled well as networks of interconnected components. A large number of heterogeneous components and their various spatiotemporal nonlinear interactions make these systems to appear very com- plex (far beyond complicated). Understanding of these systems is a prerequisite for devising how to make these systems secure. In complex systems, it is, gen- erally, difficult to distinguish causes and effects, how they relate to each other, and how to describe system behavior at all 32. Locally, the components behave stochastically and predicting their behavior is only possible over short timescales (so-called organized simplicity). However, the compounded behavior of many components becomes a meaningful macroscopic characteristic of the system that is predictable over longer time intervals (so-called organized or unorganized complexity). Predicting the behavior of complex systems is mainly complicated by the nonlinear responses to perturbations (i.e., the whole is not equal to theComputational Security for the IoT and Beyond  361 sum of its parts). In data-driven modeling, it may be straightforward to mea- sure the individual components; however, measuring the interactions (sometimes referred to as protocols) between the components or groups of components is often difficult. Complex systems have a number of typical intrinsic characteristics: self- organization and adaptation to the environment, emergent macroscopic behav- ior, and maintaining a dynamic internal state at the boundary between order and chaos 27. Their self-organization is achieved in a fully distributed manner; centralized control or predictable hierarchy is not possible in complex systems. The adaptation can be described as solving different constrained optimization problems at different spatiotemporal scales (e.g., from continuous homeostasis in cells to habitual behavior of whole populations during evolution). Long-term adaptations are critical for system sustainability and survival. Complex systems usually recover from small perturbations, maintaining stability in an internal (steady) state, but may transition to a new state once the perturbations become large enough. Adaptations may reflect changes in the values of static variables, and even more radical changes of the internal structure. Moreover, complex sys- tems do not have to evolve from scratch. They are often built by reusing the components and subsystems of other complex systems, which can speed up evo- lutionary developments significantly (cf. the human brain, software, and combi- natorial evolution). Fundamentally, all complex systems can be characterized from different perspectives, domains, contexts, and spatiotemporal scales, as indicated in Figure 14.2. Thus, the services and functions provided by complex systems are observer dependent. The optimization problems defined in different domains 1 N 2 Figure 14.2: The projections (N hyperplanes) of a complex system (the hypersphere).362  Security and Privacy in Internet of Things (IoTs) may have different priorities, so the overall global solution to these problems is also dependent on priorities. For example, society offers education, healthcare, postal deliveries, emergency response services, transportation, supply chains, and other services. The domains may have subdomains, such as those of cul- tural values and emotions within the domain of society. This has important con- sequences for the security of complex systems such that a sophisticated attack can evolve from one subsystem (context, service plane, or domain) to another as vulnerabilities are discovered and exploited until the attack reaches its intended objective. Such attacks and, especially, the corresponding defenses are a far more challenging problem than the analogous attacks on computer networks (possi- bly combined with social engineering as another domain) known as pivoting 4, since the multitude of available domains may help to completely conceal the attack. Thus, detecting and stopping an unfolding attack across multiple dif- ferent domains may be provably impossible. A good understanding of possible targets and motives of the adversaries (i.e., a good model of them) may signif- icantly increase the chances of their discovery (i.e., to know where, when, and what to look for). Similarly, to make the software environment more secure, it is suggested to minimize the number of concurrently running applications and pro- cesses 4; however, this strategy is not viable, or at least not easy to achieve, for complex systems serving a large number of users with many different services. Unlike the designers of complex systems who are concerned with the reli- ability, emerging patterns of behavior, and evolution and adaptation of these systems, the attackers are mainly concerned about not being caught. Thus, the attackers may use a combination of the ad hoc trial-and-error strategy together with computational modeling and planning to plot an attack which gives them an enormous advantage over the defenders. Moreover, as the adaptation of complex systems is usually just good enough (i.e., possibly far from the optimum) to strive and survive, an interesting problem is how to capitalize on this to make complex systems more secure. For instance, complex systems that are more tolerant to perturbations are also likely to be more secure (or easier to be secured). Introducing the IoT into the existing complex systems will create the intrin- sic intelligence needed to enhance the ability of these systems to adapt and self- organize. As the IoT can create interfaces and build bridges among different complex systems, we can expect the controllability of many existing systems to be either significantly improved, or newly created. The resulting sociotechnical (or cybersocial) systems can be then perceived as being built above the informa- tion and communication technologies (ICT) and the underlying social networks, and with different scopes of security, as shown in Figure 14.3. An important class of optimization problems defined in complex systems are so-called wicked problems 27. These problems are extremely difficult to solve, since they are even difficult to formulate precisely, and in addition, even solving any one of their aspects does not reduce their complexity. The solutions of wicked problems are always only approximations which are even difficult toComputational Security for the IoT and Beyond  363 Social activities Social interactions Applications and services Information and communication technologies I Cyber−physical systems II III Cyber−social systems Figure 14.3: The security scopes of cyberphysical and cybersocial systems. verify. These solutions cannot be obtained iteratively nor by exhaustive search to conquer their complexity. All wicked problems are unique, so solving any one such problem does not help to solve other similar problems. Wicked problems can be described from different perspectives or domains (cf. Figure 14.2) which determines the nature of their solution. The security of complex networks includ- ing, for example, cyberwars and global terrorism are good examples of wicked problems. We can identify some recent trends that play a significant role in the evolu- tion of complex systems. Many of these trends are well known and established in computer science to develop computing systems. For instance, virtualization is a technology to create virtual hardware and software computing platforms 13. Virtualized computing environments are often used in the education of computer security 9. More interestingly, we can observe network virtualization tenden- cies in other types of complex systems: for example, fiat money and derivatives in financial markets (vs. the real economy), virtual friendships on social websites (vs. real human relationships), incremental research results reported in scientific publications (vs. bold and risky research problems that are difficult to publish), manufacturing perceptions and impressions in social networks (vs. going beyond more easily manipulated or even artificially manufactured information labeling using metadata), and so on. Particularly in social networks, ongoing virtualiza- tion causes decorrelation of intrinsic processes, changes of (once long-standing) values and shifts in perception; for example, devaluation of the experiences of older generations, and of university education as it no longer guarantees a well- paid job and prospective career, and higher-income activities are no longer more risky nor demanding more resources (e.g., investing in the stock market). Furthermore, distributing and pooling resources is another example of tech- nology originally devised to build cloud computing platforms 13. This strategy can be used more generally to build fundamentally new products and services by exploiting multiple types of collaboration and interaction. For instance, func- tionality can be shared between the smart watch and the smartphone, and a cell phone antenna can be utilized as a wearable element of clothing. A point-of-care medical diagnosis can be performed in a distributed manner in close proximity Social Cybersecurity security364  Security and Privacy in Internet of Things (IoTs) to the patient rather than in a centralized manner in the laboratory. Laboratory equipment can be centralized and accessed remotely via defined interfaces 40, and so on. The change of the internal state of a complex system is indicative of prior or ongoing perturbations, and possibly divergence from the normal operating con- ditions; for example, as the result of a security attack. Such changes can be often inferred using so-called markers which are either observable substances or mea- surable quantities. For example, a biomarker or biostamp indicates the presence of a living form in the environment, or enables one to distinguish between normal and pathogenic processes occurring in living matter. A genetic marker is a piece of DNA identifying the specific biological species. The decorrelation of selected system processes can serve as a general-purpose marker to quantify system sta- bility and sustainability. Other markers, such as the rate of failure or the amount of flow, are often used to monitor the quality of the services provided. In the following sections, we will review some representative examples of complex systems and discuss their security aspects. 14.1.1 Wireless networks Wireless access is fundamental for building modern telecommunication net- works, including the sensor networks for the IoT. The nature of wireless trans- missions, at the lowest (physical) layer of the protocol stack, creates unique chal- lenges as well as opportunities. The main security challenges of wireless trans- missions are jamming and eavesdropping 56. The jamming station transmits intentionally or accidentally concurrently in the same frequency band as the legit- imate station, and the resulting electromagnetic interference normally exhausts the capabilities of the receiving station to recover the transmitted information. The optimum jamming strategy requires knowledge of the legitimate transmis- sion schedule; this can be achieved, for example, by hijacking a legitimate station and altering its transmission schedules and protocols. Jamming efficiency, as well as resistance, can be improved by a group of collaborating stations. Jamming is part of the broader electronic warfare to gain control of the electromagnetic spectrum. In general, the stations in a wireless network can monitor each other’s actions to learn (in a distributed, cooperative fashion) and also to suppress (e.g., to penalize) any suspicious or unusual behaviors by rogue stations. A traditional protection against eavesdropping is based on cryptography 56. However, particularly for the lightweight wireless sensor nodes to be deployed in the IoT networks, the use of cryptography is severely limited, although not impossible 29. In general, cryptography is used to implement users’ authenti- cation and authorization as well as to create confidentiality of data and of infor- mation flows; for example, to restrict multimedia content distribution to only the paying customers.Computational Security for the IoT and Beyond  365 Recently, information-theoretic approaches to security gained consider- able attention 42. These methods guarantee a secure transmission that is unbreakable (no matter how computationally powerful the eavesdropper may be) and even quantifiable as the maximum secure transmission rate. However, whereas the assumptions about computational power and knowledge of the trans- mission schedules by the eavesdropper are relieved, all the wireless physical layer security schemes considered seem to rely (in one way or another) on more favorable transmission conditions for the legitimate station than those for the eavesdropper; this can never be permanently guaranteed in practice. For example, time-varying and unpredictable propagation conditions are known approximately only to the end stations of the particular wireless link. More importantly, an unknown number of eavesdroppers can collaboratively bypass the information- theoretic guarantees. On the other hand, it is possible to show that using multiple transmitting and receiving antennas does improve information-theoretic secu- rity 42. 14.1.2 Biological networks Many functional as well as structural network models have been devised to study biological systems 19. Examples of such models are gene regulatory networks, gene coexpression networks, protein residue networks, protein–protein interac- tion networks, biochemical reaction networks, metabolic networks, intercellu- lar networks, vascular networks, brain networks, and many others. To capture the complexity of biological systems, it is often important to consider multiple, possibly hierarchical models representing different spatiotemporal scales. The network models of biological systems can be used to devise various “hacks” to modify certain functions of these systems; for example, to define personal- ized medicine 23, to synthesize artificial biological components 5, or to dis- rupt biological functions using a new generation of the DNA-based biological weapons possibly disguised as genetically modified food or medical vaccina- tions 45, 53. Nanotechnology and nanoscale networks exploiting biomarkers will play a key role in bridging the gap to control biological functions at the cellular and subcellular level. Nanotoxicology is concerned with the safety of nanoscale substances and devices which can be extended to cover the issues of (nano)security also. Moreover, the market for innovative healthcare products supported by IoT devices is growing rapidly, with applications mainly in fitness, long-term medical conditions, and preventative medicine. Biological immunity is a well-known example of the natural security system defending organisms against infection and invasion by foreign substances and attacks by viruses, bacteria, and parasites. The key feature of the immune system is the capability to differentiate between the self and the nonself 57. The sim- pler organisms have immune systems composed of the discrete, general-purpose effector cells and molecules. More complex organisms also developed so-called366  Security and Privacy in Internet of Things (IoTs) specific immune responses which recognize billions of foreign pathogens. The former subsystem is known as innate immunity, and it is found in most living organisms. It also includes the cellular boundaries such as tissues and a skin as a natural security barrier against invasion (cf. a firewall in computer networks). The latter subsystem greatly benefits from the adaptivity and learning to launch more sophisticated counterattacks against invasion. Moreover, the immune system is fully distributed (no centralized control), tolerant to small errors (malfunctions), and, in normal conditions, it protects itself. The adaptive part of the immune system also exploits diversity combining to build a large number of antibody receptors. Among well-known and understood examples of bacteriophages attacking susceptible bacterial cells is a T7-phage infection of the Escherichia coli cell 18. In this process, several layers of the defense mechanisms of the bacterium are overcome by the phage. Briefly, the phage attaches to the bacterium and injects into it its viral DNA, including the proteins needed to halt the DNA repli- cation of the host. The host cellular machinery is then used to begin replication of the viral DNA and the supporting proteins. 14.1.3 Social networks Social networks are the main product of brain activity. They are as vulnerable to attacks and hacking attempts as any other networks 38. A simple example of the hacking of social systems is making and breaking promises. The resources pertinent to social networks are usually of an abstract nature: social status, ideas, happiness, motivation, freedom, free time, and many others. As these abstract resources can be taken away (stolen), so they are the subject of competition as well as security concerns. The most common attacks to and within social networks are various types of psychological manipulation, with the strategies referred to as pretexting, diversion theft, phishing, and others 4. While these attacks are well-defined criminal activities, the activities of, for instance, psy- chopaths can be much more damaging to society, and yet they rarely result in any criminal convictions. The actions of psychopaths can bring down whole compa- nies and even state economies (depending on the social status of the psychopath), and thus, they may affect lives of many more people, unlike computer hackers who usually cause only limited financial damage. In fact, social networks are likely to be much more susceptible to attacks than computer networks. Psychopathic activities are now much better understood 6. They are also very illustrative in defining the security of social networks. In particular, psychopaths exploit the vulnerabilities of social networks, similarly to hackers in computer networks. Psychopathy has been recently recognized as a personal survival strategy rather than a personality disorder. This has not only many legal implications, but also implies that psychopathy may propagate through soci- ety as an epidemic, as suggested by empirical data as well as our everydayComputational Security for the IoT and Beyond  367 experiences 59. Sociologists warn about the recent outburst of pathological behaviors in society which may threaten the sustainability of society and social structures. Psychopathy is more likely to be detected in open societies (cultures and institutions) rewarding individualistic (selfish) behaviors than in more tradi- tional, closely interconnected communities. The mind of a psychopath appears to be “shapeless”; an important trait that allows them to take advantage by quickly adapting to diverse everyday situations to maximize personal profit (whereas nonpsychopaths appear to be unable to make such adaptation). At the same time, such flexibility of mind appears to an outside observer as a pattern of random decisions and unpredictable behaviors lacking any long-term goals. The primary objective of all psychopathic efforts is to acquire power so as to gain full control of other people’s lives. Psychopaths are prone to take high risks in order to reach their objectives, and are programmed to win at “any cost.” Psychopaths are masters of mind games. Specifically, they seem to have the innate superior psychological skills to decipher other peoples’ minds. They use these to uncover the strengths and weaknesses of other people, even during short encounters. They use such knowledge to devise methods of social manipulation to gain power while disguising their intentions and remaining undetected by the system’s defense mechanisms (e.g., by important decision-makers in an organi- zation). In a social network, psychopaths quickly map the social structure and categorize the players whom they encounter as: can be manipulated and taken advantage of; have no value for gaining more power, so can be ignored; can be a threat, so have to be eliminated; represent a good opportunity for advancing career and power, so have to be groomed; and so on. This way, they are able to gain genuine support and admiration from the psychologically manipulated individuals while eliminating those who may stop or slow down their advance- ment to higher social status with more power. Consequently, the discrepancies between their self-presentation, actions, and thinking are significantly larger in psychopaths than in nonpsychopaths. Interestingly, the only people in the sys- tem who are able to clearly recognize the ongoing psychopathic attacks are those who were considered to have no value to the psychopaths, so were ignored (and thus, not psychologically manipulated). Furthermore, psychopaths are capable of identifying each other to form short-term (rarely long-term) coalitions to increase the efficiency of their attacks against social networks. A simple model of a large-scale social network (civilization) is to clas- sify people as: free riders (excessive consumption of the resources compared to little contribution to society), the majority of users (their consumption and contributions balance), and contributors (their contributions exceed their con- sumption). A balance among these three groups affects the stability and sus- tainability of social networks. An unprecedented growth of the proportion of free riders in the post–second world war era should be a serious (security) con- cern. It has been proposed that the contribution level of subjects (e.g., people, things, and even processes) to the sustainability of systems or networks should368  Security and Privacy in Internet of Things (IoTs) be assessed by simply considering whether to add or remove particular sub- jects from the system. Another sociological theory claims that the stability of large-scale social networks require that these two conditions are satisfied: all members are rewarded (i.e., it pays off) for obeying the commonly accepted rules (the law), and most members are convinced that large rewards accumulated by some members are well deserved. The Internet, as well as the IoT sensors, leaves traces and digital fingerprints as we live, travel, and get involved in many daily activities. For example, the biometric sensors in wearables and other healthcare technologies can and will be used to collect personal data beyond those that are currently being aggregated from social websites. Such data can be used to build accurate predictive models of individuals and groups (a collective mind). The concern is that these models can be exploited not only to identify and suppress psychopathic (or terrorist) activities, but they can be also used to design powerful computational strategies to disrupt or control large-scale social networks. Because of current intensive studies of the human brain and the mind, the privacy of IoT biometric data of (some) individuals may even become the subject of national security. 14.1.4 Economic networks Economics studies production and distribution of services and goods 60. It con- tributes rich and universal tools which can be readily used to describe the dynam- ics of other systems. For instance, academic publishing, once purely driven by the advancement of our knowledge, is now a much more complex process 2. In particular, as research methods improved and vast amounts of knowledge were made available, research productivity increased considerably. The number of researchers in science and technology worldwide have increased exponentially in the past two decades, so following marketing and sales rules are now very impor- tant for survival in the very competitive world of academia 11. A study 12 on the outcomes of globalization made the following three (among others) crucial observations: First, globalization revealed that scientific and technical knowl- edge is very liquid, so it flows to geographical areas with sufficient financial resources. Second, worldwide competition in research created strong pressure to deliver research results at the lowest prices possible (a so-called Dutch auction) while forming an (unsustainable) “winner takes all” competition. Third, “hard work” is no longer a winning strategy once it has been adopted by most players in the system. As globalization has tremendously increased competition for resources, many networks are forced to operate in a low-resource regime (e.g., many systems have been made more green) which is very different from a regime with abun- dant resources. Hence, the economic wars in today’s world are intensifying as the means of achieving geopolitical objectives. For instance, we can recognize ongo- ing monetary wars (e.g., quantitative easing, competitive currency devaluations),Computational Security for the IoT and Beyond  369 financial wars (accumulating exports to improve the trade balance, manipulating the prices of commodities such as precious metals and oil, producing suspicious credit and other ratings, using government obligations as debt collateral, etc.), economic sanctions (artificially limiting international trade), as well as intellec- tual property wars (often concerning the patent portfolios of large pharmaceutical and high-technology companies). The key to understanding economic warfare is that, due to globalization, national economies are now much more tightly inter- connected, so any negative consequences are likely to spread through a global economic network 20. Moreover, exploiting economic asymmetries and creat- ing structures of mutually protective economic elements are some of the (general) tactics used in the current economic wars. The IoT will improve existing and enable new economic processes such as tracking and managing the inventories of goods, delivering parcels, supporting e-commerce activities (online shopping), optimizing supply chains and manufac- turing, creating smart environments for assisted living, personalized healthcare, and so on. Unfortunately, introducing intelligence into these economic processes will also create opportunities for more sophisticated small-scale as well as large- scale attacks and exploitation as part of economic warfare. 14.1.5 Computer networks Computer security has been the subject of extensive investigations, so most of the research on security exists in this area. The most valuable outcome of these efforts is that the security principles discovered in computer networks can be transferred (possibly with some modifications) to other systems that can be mod- eled as networks. Thus, all networks are prone to hacking and hijacking and other types of attacks. For example, the service flows in the network can be disrupted, and rogue actions can spontaneously propagate through the network. To better illustrate attacks on computer systems, we describe the principles of a piece of malicious software (malware) known as the rootkit. A basic idea of the rootkit software is the installation of a small program near or at the core of the operating system (on cell phones, on the IoT middle- ware, etc.). Such low-level deployment allows the rootkit to hide its presence from most other programs and processes, so it can operate in a stealth mode and remain undetected for very long periods of time 36. Methods to detect the rootkit involve behavioral-based methods, signature and difference scanning, and a memory dump analysis. The rootkit typically opens the back doors for other malicious software, and can enable to gain the system access with administra- tor’s privileges. Some strategies for rootkit deployment include social engineer- ing to obtain initial administrator-level access to the system, or compromising the core update to be distributed to the server. For instance, the successful hack- ing of a company’s internal computer network was demonstrated several times by first gaining unauthorized access to a less secure personal computer of a close370  Security and Privacy in Internet of Things (IoTs) family member of a key employee or executive of the company. Similarly, to secure the network of IoT devices, it is not sufficient to deploy secure gateways with firewalls, as the hackers will search for vulnerable nodes to bypass these defenses. The IoT network will be inevitably less secure than the traditional com- puter network due to the presence of nodes with limited computing power, so one has to be concerned with attacks initiated at these nodes of the IoT network, since they can then escalate into a conventional attack on the whole computer network (the Internet). Finally, the cyberwars over computer (and soon also over IoT) networks 15 are becoming the primary objective in the global competition for resources rather than being only a traditionally supporting element of conventional war games 10. Hence, these wars are large-scale politically and economically motivated hacking attempts. Recently, several governments publicly admitted that they are developing cyberattack strategies in addition to their existing cyberdefenses. The cyberwars are likely to be combined with other types of modern warfare strate- gies, as explained in 10. Unfortunately, the IoT will enhance modern cyberwars by, for example, providing more accurate information about remotely located objects and environments (cities, buildings, individuals, weather, energy distri- bution grids, goods supply grids, etc.). 14.2 Computational Tools for Complex Systems Empirical data are central to computational engineering for the creation of meaningful models of complex systems, and for the accelerating of the prod- uct development cycle and shortening of the time to market. There are two dis- tinct approaches to data-driven modeling: so-called reverse modeling devises mathematical models to fit measured data, whereas forward modeling devises experiments to obtain the data that are the most useful for a given modeling strat- egy. The first approach has been used in computational science for many years. The newer, second approach aims to develop computational vision systems by attempting to directly reconstruct the characteristics of real-world systems. The second approach also has provenly better power in making predictions about sys- tem properties and uncovering unobserved relationships. However, modeling of dynamic systems is, in general, very challenging, as it is often limited to selected processes that are deemed to be the most important. It is very likely that modern- day hackers will exploit these computational approaches extensively to devise sophisticated and possibly multiscale and multidomain attacks against increas- ingly more complex systems while evaluating and limiting their chances of being detected. In general, data can be collected from the (IoT) sensors, generated as inputs at human–machine interfaces, or be already stored in databases and remotely accessed via the World Wide Web. There are significant privacy and ethical issuesComputational Security for the IoT and Beyond  371 concerning any sources of data, whether considering the sites of their generation or storage. In addition, there are still uncertainties about  What data to collect and  How to use information extracted from data which gives rise to many open issues. For example, just as we do not store every packet passing through the Internet, we should not store all data from every sensor in the IoT. There is a trade-off between the real-time (online) learning from data and the accuracy of extracted information. Distributed data must be aggregated before applying data analytics and visualization. Since “sensing data without knowing the location is meaningless,” the utility of the IoT is improved significantly by exploiting the spatiotemporal contexts. Such so-called geospa- tial analytics are inspired by the long-existing Geographic Information Sys- tems (GIS) 37. More importantly, structured as well as unstructured data are increasingly labeled by metadata to aid processing (mining) for the extraction of knowledge. It is likely that securing such metadata is more critical than securing actual data. In general, computational methods are now being introduced into the tradi- tional experiment-driven disciplines in life sciences and humanities such as biol- ogy, medicine, psychology, sociology, and even history. The main objective of these efforts is to recreate these disciplines on more rigorous mathematical foun- dations. It is then only a matter of time before computational security emerges to allow more systematic and rigorous study of security of complex systems. Thus, all major hacking attempts are likely to move away from random ad hoc discov- eries and exploitation of vulnerabilities to the use of more scientific approaches. Computational hacking will strive to achieve similar goals, but more system- atically and at different (i.e., very large) scales and possibly across different domains, well outside traditional computer networks. Obviously, computational security is concerned about scientific approaches to security rather than the secu- rity of computing. In the following section, we will review some of the most promising model- ing methodologies that can be used for computational security analysis of com- plex systems. A sophisticated targeted attack (i.e., the target is set a priori, in advance) can be constructed analogously to other engineering design work flows. For instance, a computationally aided attack may evolve following these steps: 1. Identifying and gathering relevant data from existing sources, and possibly also actively probing the system to solicit additional useful data. 2. Data evaluation and model building for the targeted system (multiple mod- els at different scales and in different domains likely required). 3. Security assessment of the model using computer simulations (mathemat- ical analysis likely to be intractable due to model complexity).372  Security and Privacy in Internet of Things (IoTs) 4. Exploiting the identified vulnerabilities to create an initial strategy of the attack. 5. Refining the attack strategy and devising its implementation under the concealment, available timescales and resources, and other required constraints. These steps can be iterated in the course of the attack to adaptively increase chances of success and of concealing the attack. 14.2.1 Signal processing tools Due to uncertainties in system models (parameter values and model structure) and the random behavior of actors often observed in many complex systems, statistical description and statistical signal processing must be used 30. Many statistical signal processing problems rely on the ergodicity (i.e., the statistical averages are not time varying) and stationarity (i.e., the time averages are non- random) of the underlying random processes in the models. The main idea is that these signal processing methods work well on average, for the vast majority of inputs and system internal states. More recently, statistical signal processing approaches are considering the probability intervals in addition to the first- and second-order statistics corresponding to the statistical mean and variance, respec- tively 24, 28. Statistical inferences are the basis of estimation theory, which focuses on the problems of finding the values of model parameters. These parameters are typically arranged into a discrete finite-dimensional vector, or they may be continuous-time signals. Good inference strategies are strongly dependent on how much statistical information is known a priori about the parameters. On the other hand, testing of hypotheses is the main task of detection theory. In this case, the parameters of interest are discrete random variables, and we want to know how likely (how probable) their different outcomes are upon observing some data a posteriori. Estimation and detection theory are both built from the first principles of probability theory. However, for more complex problems—for instance, involving high-dimensional and structured data—more practical meth- ods beyond the first principles have been developed such as machine learning, pattern recognition, and fuzzy logic 46. For instance, an adversary may use machine learning to identify the predictable patterns of the system processes to devise a powerful attack and avoid detection. Deep learning attempts to learn efficient representations of unlabeled data, and then to follow similar principles as neural networks with multiple layers of nonlinear processing 22. Game theory studies mathematical models of cooperative and competing strategies among interacting intelligent players. For example, it can be used to devise unpredictable schedules of security checks under minimum resource con- straints 58.Computational Security for the IoT and Beyond  373 To simulate the collective dynamics of complex systems and solve difficult problems, multiagent models and multiagent systems, respectively, have been developed 21. The latter involves the intelligent agents within complex net- works. The reasoning of these agents can have a form of algorithmic search, function, or reinforcement learning. Prior to multiagent simulations, the dynam- ics of complex systems were typically modeled by a set of time-dependent dif- ferential equations expressing the internal states of the system. These models usually lead to emerging or cyclical system behavior. However, their descriptive power is often limited to highly aggregated scenarios, since they do not account for time-varying relationships among the agents as they exploit their intelligence. Consensus learning over networks is concerned with the analysis and algo- rithms for information diffusion in complex systems 49. It generalizes central- ized data fusion which does not scale well and has a single point of failure. It also generalizes highly vulnerable incremental linear learning as shown in Fig- ure 14.4. Distributed learning is robust against link and node failures, and it has a good speed of convergence for small-world type of networks. Using the results of graph theory and control theory, performance guarantees can be given as a function of the network structure 49. Model (c) in Figure 14.4 has diverse applications, including synchronization of coupled oscillators, flocking, gossip- ing, belief propagation, and load balancing in networks. Finally, the algorithms are a crucial step of the implementation of signal pro- cessing methods. Their design is especially important for large-scale problems and time-critical applications such as online learning from large numbers of data sources. Algorithm design is also challenging when computing resources are constrained; for example, in IoT sensor nodes, using cryptography for securing information is difficult. Evolutionary algorithms are popular for simulations of large-scale complex systems 7; they are trial-and-error stochastic optimization methods that are inspired by the principles of Darwinian evolution. 14.2.2 Network science tools Network science is a rapidly emerging field developing mathematical tools for studying complex networks 47. It capitalizes on results from many other disciplines such as graph theory, statistical mechanics, and data visualization and algorithms. Initial efforts were focused on describing the structure of (a) (b) (c) Figure 14.4: Information consensus as (a) centralized fusion, (b) incremental learn- ing, and (c) fully distributed cooperative learning (circles: sources; squares: sinks).374  Security and Privacy in Internet of Things (IoTs) networks 54, since the ultimate goal is to predict system properties from their structure. Further efforts in network science considered processes and phenom- ena in networks. Current research is concerned with dynamic networks that evolve over time. Some of the most important network (complex system) prop- erties studied by network science are: connectivity, autonomy, emergence, non- equilibrium steady states, self-organization, and evolution. Connectivity is an integral quantity: deciding whether the two nodes are connected is only possible over a nonzero time interval. The autonomy of nodes is a necessary condition to allow their intelligent decisions. Even though the emergent macroscopic behav- ior from local interactions is nonrandom, it is so complex that it is unpredictable. The existence of states close to an equilibrium (being nonstable) is a crucial con- dition for the system to keep evolving. Self-organization is a form of structural adaptivity in response to actual or perceived (anticipated) external perturbations or events. Evolution itself is a long-term, large-scale adaptivity to the external environment. Network models are usually derived from available data, and they are often only approximations or subgraphs of the whole system. The literature refers to the study of network structures as social network analysis (SNA) 54. SNA offers different types of metrics to evaluate network connectivity, centrality, tran- sitivity (e.g., clustering), similarity, searchability, routing, partitioning (e.g., com- munities), and other properties. For instance, centrality metrics assess the impor- tance of nodes (or edges) within the network structure; they are predictive of a node’s (edge’s) influence on some phenomena and events such as malfunction and failure, disease spreading, and information flows. In general, the network metrics can assume network nodes or edges. The metrics can be defined locally for every node or edge, or for a group of nodes or edges, while possibly taking into account whether the network represents a directed graph or not. Network metrics assuming the unit-weight edges are widely accepted. Redefining the metrics for weighted and, thus, more realistic network models is not straightforward, so many such metrics have been pro- posed in the literature. Another topic of significant practical interest is to specify the procedures for generating artificial random and nonrandom large-scale net- work models with the desired structural properties. Except for a simple, purely random network generator, more realistic scale-free and small-world network constructions utilize preferential attachment and random rewirings. The network robustness against failures, the spreading of epidemics, infor- mation cascades, and searching and routing phenomena are of particular interest to computational security. Network robustness is evaluated as a change in the network metrics when nodes or edges are being removed or added. Alternatively, network resilience is its ability to resist a change due to external disturbances. Network resilience is the speed at which the network returns to normal function- ing after external perturbations. The spreading of epidemics and information cas- cades predict the autonomous distribution of material objects (e.g., viruses and

Advise: Why You Wasting Money in Costly SEO Tools, Use World's Best Free SEO Tool Ubersuggest.