Review on Vulnerabilities of IoT Security

IoT is referred as Internet of objects and wireless sensor networks and RFID are enabled in the fields of education, health, agriculture and entertainment. The IoT is the development production of the computer science and communication technology. The vulnerable nature of IoT is related to the security and privacy issues. The user may face as the consequence of the spread of IoT technology. The survey is focused on security loopholes arising out of the information exchange technologies used in IoT. Data analytics utilizes IoT and Big Data and it faces security challenges to protect their important data. In 2020, the wide amount of data could be generated by using the technologies of IoT and Big Data. The purpose of this survey is to analyze the vulnerable security issues and risk involved in each layer of the IoT as per to our knowledge the first survey with some goals.


INTRODUCTION
The IoT is the combination of physical objects with sensors, actuators and controllers with connectivity to the public world via the internet. The term "IoT" was first coined in 1998 and it is defined as, "the internet of things allows people and things to be connected anytime, anyplace with anything and anyone ideally using any path or network and any service". Due to technological development there is increase in number of interconnected sensing and computing devices.
The information that can be accessed through the IoT devices are susceptible to the hackers to evaluate the security loopholes of the IoT devices. IoT is collecting data from various sources and making them useful. Big Data can be defined as collection of data with sizes beyond the ability of commonly used software tools to capture and analyze within a stipulated time. Business organization uses Big Data to compete in market and outperform and use data driven technologies to innovate, compete and capture value. Big Data organization to make better decision to compete. The BI techniques include Big Data analytics which extracts the information using data mining. Recent techniques such as data mining, predictive analysis, statistical analysis are performed in organizations.
There is no technology and protocol to support the IoT and it deals with, Motivation for IoT security. Security issues in IoT architecture. IoT applications and security issues and attacks in various layers.

REVIEW ON IoT SECURITY
In the current scenario, security in technology plays a major role in IoT. There are number of protocols and technologies that are available to address most of the security issues for wireless networks, but still there are many security issues in each layer. The whole communication infrastructure of the IoT is flawed from the security standpoint and is susceptible to loss of privacy for the end users. The security issues of each layer are described below.

PERCEPTION LAYER:
This layer is a sensor network and RFID security policy and it is the lowest layer where information can be passed across IoT network. The issues in sensor network are physical capture of sensor nodes, integrity and congestion attacks, eavesdropping and node replication networks. The issues in RFID networks are tampering attacks, leakage of information. Issues of this layer are unauthorized access, theft, wiretapping and replay attacks.

NETWORK LAYER:
This layer is also known as information transmission security policy. This is used to transfer of information across the network and it is implemented on communication framework. Issues created by this layer are to maintain authenticity, confidentiality, integrity, data availability.

MIDDLEWARE LAYER:
This layer is also known as information processing security policy and is used to process information and provide interface between network and application layer. Issues of this layer are privacy, security and reliability.

APPLICATION LAYER:
This layer is also known as information application security policy. Privacy is the major issue of this layer. The unauthorized persons could collect the information by hacking using this layer.

SECURITY ISSUES IN WIRELESS SENSOR NETWORK (WSN):
A WSN is a wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants, at different locations. A wireless sensor network is an important element in IoT paradigm. Sensor nodes may not have global ID because of the large amount of overhead and large number of sensors. WSN based on IoT has received remarkable attention in many areas, such as military, homeland security, healthcare, precision agriculture monitoring, manufacturing, habitat monitoring, forest fire and flood detection.
The oppressive operations that can be performed in a wireless sensor network can be categorized under three categories: Attacks on secrecy and authentication. Silent attacks on service integrity. Attacks on network availability.

SECURITY ISSUES IN RADIO FREQUENCY IDENTIFICATION (RFID):
Radio Frequency Identification (RFID) is a system that transmits the identity of an object or person wirelessly using radio waves in the form of a serial number. RFID technology plays an important role in IoT for solving identification issues of objects around us in a cost effective manner. RFID used in information tags and they use radio frequency waves for interacting and exchange information without any requirement for alignment in the same line of sight or physical contact. This uses Automatic Identification and Data Capture (AIDC).
Active tag-This houses a battery internally, which facilitates the interaction of its unique EPC with its surrounding EPCs remotely from a limited distance. Passive tag-The information relay of EPC occurs only by activation by a transceiver from a predefined range of the tag.
This is mainly used as RFID tags for automated exchange of information without any manual involvement. The most common attacks are Attack on Authenticity-This attack render a RFID tag to malfunction and misbehave under the scan of a tag reader, its EPC giving misinformation against the unique numerical combination identity assigned to it. Attack on Integrity-The capturing of the identification information through the manipulation of the tags by rogue readers. Attack on Confidentiality-A tag can be traced through rogue readers, which may result in giving up of sensitive information.
Attack on Availability-The communicating signal between the reader and the tag is intercepted, recorded and replayed upon the receipt of any query from the reader at a later time, thus faking the availability of the tag.