Risk Management For The Internet Of Things

Provided Scenario

The Term internet of things was first incorporated in the world of IT in the late 1990s to describe devices that were networked with the power to compute and addressing of the internet. The idea has grown to a state where machines have full control of the internet rather than people.

This new use of advanced system technology has numerous difficulties for strategy, extending from range administration, security, information restriction, and business. It will take a long time to build up the approach systems to securely expand the advantages of IoT. This paper takes a gander in danger and how we measure it, as an approach to direct the advancement of arrangement, (Zhou & Chao 2011).

Every single new technology increases Risks. How much risk is also an issue to be addressed? Regardless of whether each and every IoT gadget is vulnerable against assault, this does not convert into huge new risk. We should even now inquire as to whether aggressors will abuse each vulnerability (impossible) and what the results of misuse would be—and these outcomes can go from trick to dangerous, yet in just a couple of cases is there genuine risk to society. What we have to consider is how much risk is expanded contrasted with the digital dangers we confront now, and how we can oversee and decrease the risk that originates from utilizing new advances like IoT without going overboard in manners that damage development, business enterprise, and financial development, (Yang 2014).

Organizations and users of various systems acknowledge and oversee risk. They settle on choices in view of their tolerance for risk and their assessments of both risk and the esteem given by the “risky” action. View of risk are molded by information and suppositions about wellbeing: that makers have made safe items, that measures and directions give direction to creation and utilize, and that courts will give cures if security comes up short, (Yang 2014).

It has turned into a normal practice in cybersecurity for scientists to declare some defenselessness or risk and for this to be grabbed by the media. It is free exposure, yet this training can twist our comprehension of risk and misrepresent it by taking an individual case outside of any relevant connection to the subject at hand. Anecdote thus comes in place of analysis. What counts is an evaluation of real outcomes. For IoT, while billions of IoT gadgets are being used, there has not been a solitary casualty credited to them. This may change as the use of IoT gadgets extends and as the capacities performed by IoT gadgets turn out to be more refined. For the time being, the nonattendance or risk should shape the foundation for any way to deal with IoT

As we have found in the keen lattice precedent, settling on the proper level of IoT self-rule is an essential inquiry for security. The harmony between independent activity and human control shapes IoT hazard. We can simply put into consideration a situation where there’s a probability of an IoT technology device to replace a human, (a good scenario is that of a driverless vehicle) or needs the aid of man (likewise a situation where keen vehicle that allows the motorist with the aid of robotizing technology to apply braking and cause shirking). The independence of a gadget should be verified from their activities follows with an argument that reflects back to the very first discussions of PCs, a scenario where major developers considered PCs were aiding in increasing the human process execution while other saw them as a replacement for human beings, (Zhou & Chao 2011).

Answer:

Numerous individuals have just communicated with a self-ruling figuring gadget when they play computer games. The PC produced “rival” in a computer game “detects” your activities and settles on choices on the best way to respond. This is finished by a great PC chip contained in the amusement box that is running programming makes a move because of your moves, in view of some prearranged menu of choices. This occurs in milliseconds. The outcome is a dream that the adversary is considering and collaborating with its condition. This present reality is significantly more unpredictable than the fake amusement condition, requiring numerous more data sources and considerably more mind boggling programming, yet video diversions demonstrate the potential for independent gadgets and make a format for building self-governing frameworks, (Zhou & Chao 2011)

In evaluating whether IoT makes open doors for disturbance that potential aggressors are probably going to misuse, the most vital factor isn’t vulnerability, it is plan. Aim is essential for seeing how powerless IoT gadgets increment chance.

 IoT vulnerabilities increment open doors for malevolent activity, however missing goal, this does not imply that all open doors will be taken.

Deciding the level of independence IoT devices can poses is a factor about risk. The level of control to give to the autonomous system is depends fully on the scenario. If the likelihood of an error occurring or changes not expected is high, autonomous devices may fail to respond as required. Therefore, until there’s more reason to be confident about how reliable and efficient the devices are, we should design systems that will allow for both manual and automated control for all vital services.

We can put IoT hazard in context by taking a gander at the recurrence of malevolent occasions in cyberspace. Over the most recent 15 years, there have been a large number of occurrence of cyber secret activities and cyber wrongdoing, a couple of dozen coercive acts (where states or no state gatherings—regularly acting intermediaries for states—disturbed system and information), and maybe three or four episodes that created physical harm or annihilation. These unsafe occurrences occurred as the Internet extended from a couple of hundred million to billions of clients. There have been, to date, no IoT episodes, despite the fact that IoT gadgets presently number in the billions.

Amid this period, there have been standard expectations of hugely problematic cyber occasions. None has happened. In spite of across the board and every now and again abused vulnerabilities, cyber occurrences fall into a generally unsurprising patter driven by monetary interests and global governmental issues. Vulnerability is certifiably not a decent indicator for assault: in the present circumstance is that most advanced gadgets are helpless, these vulnerabilities are routinely abused for wrongdoing and spying, yet not very many are misused to make physical damage, (Gan, Lu, & Jiang 2011).

There are likewise long-standing and genuine worries about the hazard that self-sufficient frameworks will overwhelm, contend with, and supplant people. Advancement toward such frameworks is dependent upon the improvement of computerized reasoning, where PCs think like people instead of work from a set program. Until further notice, the security challenges made by IoT will be triter: ensuring information and avoiding unapproved access and control.

Risk Assessment Techniques

What we are estimating here isn’t whether cyber-subordinate framework and administrations in the United States are powerless against cyber assault, however the amount IoT expands this vulnerability, (Gan, Lu, & Jiang 2011).

Social orders can apply these same devices to IoT. IoT makes three sorts of risk—an IoT gadget could glitch; it could be hacked; or our endeavors to ensure protection or make IoT gadgets more secure will make monetary mischief that exceeds the decrease in risk. Insurance agencies ascertain risk utilizing actuarial information, chronicled records that show how frequently an occasion is probably going to happen and what that occasion is probably going to cost. We don’t have actuarial information for most things in cybersecurity, including IoT. This makes the exact expectation of risk troublesome, however we can characterize the components that shape the risk condition:

• Vulnerability: The capacity of an assailant to get entrance and control of a registering gadget, controlling or separating information or controlling or interfering with administrations. Most analysts trust that the processing gadgets utilized in the Internet of Things will be considerably more defenseless than the Internet technology’s to which we are acclimated, given the specialized constraints of numerous IoT figuring gadgets. A large number of these gadgets will do not have the processing capacity to perform customary security elements of natural work areas and workstations, which makes them obvious objectives

• Intent: Simply in light of the fact that an IoT gadget is powerless does not imply that somebody will exploit it for noxious purposes. An aggressor needs to choose to misuse a vulnerability subsequent to computing whether assault will give political, military, financial, or social advantage. Goal can reflect basic perniciousness, wrongdoing, secret activities, fear based oppression, fighting—the majority of the standard thought processes found in cybersecurity.

• Consequences: Computing gadgets are powerless and aggressors may misuse these vulnerabilities, however the last inquiry is, so what? There is as of now an abnormal state of viciousness, wrongdoing, and mishap in social orders, which have an astounding capacity to retain such things. The majority of the vulnerabilities found in IoT gadgets prompt occasions that would qualify as tricks. The bigger inquiry is whether IoT presents foundational vulnerabilities that would prompt lost life or huge monetary mischief.

The above three techniques help in gauging the likelihood of a damaging IoT event. Most of the analysis and investigations have concentrated on IoT vulnerability, which is obviously high. This isn’t the most critical variable for anticipating risk. To evaluate the risk made by the blend of vulnerable gadgets, pernicious on-screen characters, and possibly unsafe outcomes, we have to ask how likely it is that we will see malevolent activity to abuse vulnerabilities to create damaging results. One of our errands in evaluating risk is to parse the number of inhabitants in IoT gadgets into those where criticality of capacity or adaptability of assault makes genuine risk. It is this crossing point of basic capacity and vulnerable gadgets where risk is most prominent, (Sicari, Rizzardi, Grieco & Coen-Porisini, 2015).

The very first thing is to accept that IoT will be not any more secure than some other Internet technology—and now and again, may even be less secure. The experience of the most recent 20 years has indicated that it is so hard to compose secure code. The complexity (or deficiency in that department) of the IoT gadget makes extra vulnerabilities. Numerous IoT gadgets will have a restricted capacity to fix and update their product. They will confront challenges in overseeing confirmation and encryption. Bigger, more refined IoT gadgets will be better ready to perform security capacities, yet these alternatives accompany extra expense and multifaceted nature that may lessen interest for them at the user level. Confinements on gadget execution will compel our capacity to anchor IoT.

Numerous IoT gadgets are user products. Situations for causing noteworthy damage by hacking customer IoT gadgets turn out to be progressively tricky as we search for conceivable circumstances where hacking user gadgets created something besides limited and transitory impact. Turning down coolers to make drain ruin could put extra weight on bovines, dairy ranchers, and markets. As assaults go, in any case, this isn’t exceptionally alarming.

To take an extraordinary case, if programmers could seize control of a basic flying machine framework, prompting an accident, the impact could be identical to a psychological oppressor shelling. This accept, notwithstanding, that the flying machine group couldn’t recapture control. A clear safeguard is guarantee that the group had the capacity to supersede IoT frameworks or to reset the framework to some fundamental working setup. Numerous gadgets we utilize now, for example, airplane, as of now are intended to manage segment disappointment, and pilot preparing programs consider. Also, taking control of a lift would require crushing the three or four mechanical security frameworks utilized by present day lifts.

Self-sufficiency and Risk

The repeatability of an IoT assault additionally decides its mental effect. Hacks that seem, by all accounts, to be repeatable and relentless will make dread and vulnerability, like the dread and vulnerability that held the United States after 9/11 when it was uncertain that the suicide assaults were not the opening rounds of a long crusade of assaults. The capacity to make a plane accident makes dread, yet the powerlessness to anticipate when and how regularly these occurrences will be rehashed increment that dread.

Most records of IoT powerlessness accept that a solitary hacking episode can be copied on a mass scale, yet in many occurrences, the test isn’t hacking a solitary auto or fridge, it is hacking a few thousand in circumstances and conditions that create mass impact. The quantity of factors associated with this sort of mass episode recommends that this sort of IoT hacking is extremely implausible, (Mulani & Pingle, 2016). We would prefer not to extrapolate fundamental impact from a precedent where programmers, under perfect conditions, can make a solitary gadget breakdown, into some bigger risk to wellbeing or security. The normal level of damage and even turmoil that advanced economies acknowledge as typical is high. IoT hacks would need to surpass this limit to be discernible.

Most IoT gadgets won’t perform basic capacities, nor will they produce or store basic information. This is especially valid for customer IoT gadgets. This implies regardless of whether these user gadgets are hacked, the outcome is destined to be disturbance. A country with more prominent introduction to tricks does not confront a flood in risk. It is fundamental risk—the capacity to make noteworthy disturbance by assaulting a solitary basic hub (like Fed Wire, the power matrix, or an atomic power plant) or by all the while assaulting countless to deliver critical impact. A basic safeguard is guarantee that some basic frameworks, which are not currently connected to the Internet, stay separated until the point when we can all the more likely survey and control risk.

Ransomware 

Ransomware has been distinguished as the principle cybersecurity danger since 2016, not just takes after the standard measure of influencing PCs and locking records, it can also gain control of frameworks, not simply the PC.  

At the point when particularly focused on, IoT ransomware can be opportune and basic, as opposed to irreversible. Programmers are anxious to target gadgets at once and put where there will be no compelling reason to reset the gadget

An aggressor breaks, hinders or farces interchanges between two frameworks. In an IoT situation, an aggressor could accept control of a brilliant actuator and thump a mechanical robot out of its assigned path and speed constrain – possibly harming a sequential construction system or harming administrators.

The aggressor seizes and viably expect control of a gadget. These assaults are very hard to recognize on the grounds that the assailant does not change the essential usefulness of the gadget. In addition, it just takes one gadget to possibly re-taint others, for instance, brilliant meters associated with a matrix. In an IoT situation, a ruffian could expect control of a keen meter and utilize the traded off gadget to dispatch ransomware assaults against Energy Management Systems (EMSs) or wrongfully siphon unmetered electrical cables.

The Question of Intent

This attack endeavors to render a machine or system asset inaccessible to its expected clients by incidentally or uncertainly disturbing administrations of a host associated with the Internet. On account of this attack, approaching traffic flooding a given system from different sources, making it hard to stop the digital hostile by basically hindering a solitary source. DoS and DDoS assaults can adversely influence a wide range IoT applications, causing genuine interruptions for utility administrations and assembling offices.

It is commonly referred to as phlashing. This is a very common threat that damages the gadget so severely that it requires substitution or reinstallation of equipment. BrickerBot, coded to abuse hard-coded passwords in IoT gadgets and cause lasting refusal of administration, is one such case of malware that could be utilized to impair basic hardware on a production line floor, in a wastewater treatment plant, or in an electrical substation

1. Security of Data

Securing information is certifiably not a new development in any business setting. Concerning the technological layout, securing data is not any unique aside from the normal level of the organization’s security. IoT will extraordinarily extend the measure of information exchanged and put away crosswise over national outskirts, making another need for security. IoT will just entangle the officially complex issues of information confinement and endeavors to limit information streams crosswise over fringes, however (likewise with these guidelines when all is said in done) they will make hindrances for producers who benefit from the worldwide market. The majority of this information will have little esteem and not influence protection. Guidelines to restrain the utilization of information from IoT gadgets must consider the estimation of the data, (Jing, Vasilakos, Wan, Lu & Qiu, 2014).  A German auto maker may gather information from outside clients in regards to their tire weight from locally available screens and exchange it, however the mischief to protection is nonexistent. The estimation of this IoT information, notwithstanding when amassed, will be low. Controls and assertions should mirror this and order IoT information by esteem and security affectability (e.g., individual wellbeing information instead of gadget information).

Information assurance makes unavoidable strains between open strategy and business choices. The essential pressure is the allurement for open approach to force larger answers for security or protection that don’t mirror the esteem or affectability of the capacity or information. Most IoT information won’t require strict security shields. IoT will require a graduated size of insurances and safety efforts that mirror the real level of risk, decided by potential powerlessness as well as by the esteem and affectability of the two information and capacities. To contend that all information is of equivalent esteem is out of date and off base.

Information made by IoT gadgets should be parsed to figure out where extra assurances like encryption are required (since encryption expands the expense and many-sided quality of gadgets) and where information does not require unique treatment. To contend that all information is of equivalent esteem is out of date and erroneous. Separating among vital and immaterial information (individual and collected) and characterizing criticality, (for example, security of life or potential monetary misfortune) distinguishes which IoT frameworks are of concern. In the event that we utilize these measurements, we find that IoT expands risk to wellbeing and protection at inadmissible levels in just few cases. Deloitte centers around the following causes of risk that are very imperative in the above technological organization: encourage interdependence, retrofitting, and broadening usefulness.

The principal source of risk is incorporating interoperability. A coveted element of IoT is the formation of a pool of clients which can incorporate different associations or partners, for example, providers and clients. An issue that regularly emerges isn’t having uniform norms to empower interoperability to work legitimately. Frequently, organizations will settle with IoT arrangements that haven’t been examined and tried appropriately which results in weakness, (Gubbi, Buyya, Marusic & Palaniswami, 2013). 

The next source of risk in IoT organization is concerning coordinating IoT with existing frameworks set up. Be that as it may, the ability of retrofitting these current frameworks to the vital security level for IoT arrangement may wind up weakened as technology persistently progresses. Deloitte prescribes continually deciding in favor of alert and supplanting the current gadgets.

The last source of risk in IoT organizations is endeavoring to expand the usefulness of existing frameworks. Frequently organizations are reluctant to receive new advancements because of cost limitation or vulnerability of the technology, (Gan, Lu, & Jiang  2011). Be that as it may, organizations have a tendency to expand the usefulness of their current frameworks to accomplish mechanical advances. In these circumstances there is a noteworthy risk of these altered frameworks lacking security. Similarly, likewise with retrofitting, Deloitte prescribes assessing the risks of expanding the usefulness of a current frameworks as opposed to supplanting the frameworks.

1. Verification and Encryption to Manage IoT Risk

The mechanical answers for making IoT more secure include encryption and solid verification of personality. More prominent utilization of encryption and enhanced validation capacities would decrease risk to protection and to security in all Internet applications, yet the selection of both encryption and verification have so far presented troublesome difficulties not only for IoT but rather for all Internet exercises.

IoT gadgets will make surges of new information on close to home conduct. The presentation of IoT advances comes as transitional minute for protection.

The known encryption solutions are the public key infrastructures (PKI) and secure transport layers (which includes TLS or SSl, commonly represented by the HTTPS). PKI is a technique to enable protected and secured channel for exchange of encryption keys, a common way to allows users to pass keys for encoding and decoding. Advanced industrial IoT machines capable of using existing encryption products, however simple devices might need the provision of lightweight encryption which demands a reduced memory and the power to process.  

SSL is commonly used as an encryption technology used to secure websites. SSL is somehow vulnerable; however, it ensures the provision of the needed level of security for several users. TLS is just a better version of SSL. SSL and TLS ensure a secured authentication, and with time, authentication techniques are said to get better more rapidly than the encryption technology.

1. Staying Vigilant

As the IoT technology extends, the scale, degree, and recurrence of the information gathered will likewise increment. Be that as it may, this makes new risks as more entryways are opened for interruption.

As already said, a typical element of the IoT organization is making a pool of clients, or environments, to empower sharing of data. While this is a huge esteem including highlight of IoT, the business stays defenseless against the security guidelines of outsider clients. In this sense the IoT risk administration structure necessitates that organizations be cautious by continually surveying the risks of outsider clients in the IoT environment.

1. Flexibility 

Flexibility is the capacity to acknowledge, address, and right risks keeping in mind the end goal to reestablish tasks as fast as could be expected under the circumstances. For IoT arrangements numerous means can be taken to guarantee strength relying upon the utilization of the framework. At the focal point of all frameworks ought to be execution of security-occasion checking controls to go about as an implicit safeguard. The motivation behind this is to guarantee the framework doesn’t make a cataclysmic occasion by containing and secluding occurrences, (Babar, Stango, Prasad, Sen, & Prasad, 2011). 

Another methodology is to set up a different system for your IoT gadgets. Similarly, as you offer one system for your visitors and another for your representatives, putting your IoT gadgets on this different system includes an obstruction between your gadget and the information it can capture should its security frameworks be endangered.

• Scan your system for suspicious action.

You may have seen that numerous safety efforts are about alleviation instead of counteractive action. While you can find a way to solidify your framework, it is troublesome if not difficult to shield against each potential gap in your framework. What you can do, be that as it may, is back an assailant off. Regardless of whether they access some portion of your system, you can recognize their assault and react productively.

This is the thing that rupture discovery checking programming is intended to do. Suspicious action could incorporate a bizarrely moderate system, over the top action at irregular hours from an ordinarily lethargic gadget, quick changes in document names, or endeavors to get to different zones of your system. You will most likely be unable to stop each assault. Be that as it may, the quicker you can close one down once it happens, the more you confine the general harm.

• Secure development lifecycle (SDL): 

Building a reliable and secure item implies working in security beginning at the outline and improvement stage. It incorporates techniques like danger displaying, to help comprehend and organize chance inside a framework. The SDL ought to likewise incorporate infiltration testing, proactive endeavors to break into items and administrations to recognize shortcomings and vulnerabilities to grow better securities against assault, (Wortmann & Flüchter, 2015).

• Change default or frail passwords: Attackers regularly utilize the most

straightforward strategies to infiltrate a framework. Default passwords give simple passage to an assailant when examining for targets. It is essential to require all clients, including executive records, to have solid passwords. Preferably, multifaceted confirmation ought to be utilized to anchor client accreditations.

• Guarantee secure firmware and the most recent OS updates: Connected gadgets

inside the IoT contain firmware, inserted programming that gives control, observing and information control of items and frameworks (i.e., sensors, movement lights and surveillance cameras). It is critical that every gadget in an IoT framework has the most recent and most secure firmware and working framework updates, (Weber, 2010).

• Information security: As information is a key empowering agent of IoT

achievement, it must be anticipated, overseen and dependably ensured similarly as some other basic business resource. The SDL procedure ought to incorporate “security by outline” standards, (Atzori, Iera & Morabito, 2010).

• Secure interchanges and confirmation: As IoT venture appropriation quickens,

technology sellers need to deliberately assess and streamline techniques for gadget correspondence and verification, (Chahid, Benabdellah, & Azizi, 2017). One part of security is shielding the respectability and privacy of IoT information and the other is the validation of every gadget put inside a system (i.e., confirmation of the security stance of the gadgets and approval levels of the clients previously they are permitted get to).

• Item security occurrence response: While the majority of the above are.

imperative, definitely security dangers will emerge that should be moderated sometime later, (Roman, Zhou & Lopez, 2013).  It is important that each merchant in the IoT framework must have a responsive, effectively reachable item security occurrence process. This procedure should unmistakably speak with affected clients, be receptive to security analysts and clients alike, and guarantee convenient, finish goals to what are regularly perplexing security issues.

Conclusion:

No safety efforts are immune to the future changes. Technology changes. New frameworks normally bring higher security for known issues while likewise making new shortcomings. Along these lines, it is critical to regard security as a continuous undertaking as opposed to a once-and-done arrangement. Moreover, you can set up a fantastic security plan for your present system, however nothing will supplant due tirelessness in observing your system, reacting to security dangers, and detailing ruptures in an opportune way.

References

Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer networks, 54(15), 2787-2805.

Bonomi, F., Milito, R., Zhu, J., & Addepalli, S. (2012, August). Fog computing and its role in the internet of things. In Proceedings of the first edition of the MCC workshop on Mobile cloud computing (pp. 13-16). ACM.

Babar, S., Stango, A., Prasad, N., Sen, J., & Prasad, R. (2011, February). Proposed embedded security framework for internet of things (iot). In Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronics Systems Technology (Wireless VITAE), 2011 2nd International Conference on (pp. 1-5). IEEE.

Chahid, Y., Benabdellah, M., & Azizi, A. (2017, April). Internet of things security. In Wireless Technologies, Embedded and Intelligent Systems (WITS), 2017 International Conference on (pp. 1-6). IEEE.

Gan, G., Lu, Z., & Jiang, J. (2011, August). Internet of things security analysis. In Internet Technology and Applications (iTAP), 2011 International Conference on (pp. 1-4). IEEE.

Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future generation computer systems, 29(7), 1645-1660.

Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the Internet of Things: perspectives and challenges. Wireless Networks, 20(8), 2481-2501.

Kopetz, H. (2011). Internet of things. In Real-time systems (pp. 307-323). Springer, Boston, MA.

Mulani, T. T., & Pingle, S. V. (2016). Internet of things. International Research Journal of Multidisciplinary Studies, 2(3).

Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266-2279.

Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer networks, 76, 146-164.

Suo, H., Wan, J., Zou, C., & Liu, J. (2012, March). Security in the internet of things: a review. In Computer Science and Electronics Engineering (ICCSEE), 2012 international conference on (Vol. 3, pp. 648-651). IEEE.

Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer networks, 76, 146-164.

Vlacheas, P., Giaffreda, R., Stavroulaki, V., Kelaidonis, D., Foteinos, V., Poulios, G., … & Moessner, K. (2013). Enabling smart cities through a cognitive management framework for the internet of things. IEEE communications magazine, 51(6), 102-111.

Wortmann, F., & Flüchter, K. (2015). Internet of things. Business & Information Systems Engineering, 57(3), 221-224.

Weber, R. H. (2010). Internet of Things–New security and privacy challenges. Computer law & security review, 26(1), 23-30.

Xia, F., Yang, L. T., Wang, L., & Vinel, A. (2012). Internet of things. International Journal of Communication Systems, 25(9), 1101-1102.

Yang, S. H. (2014). Internet of things. In Wireless Sensor Networks (pp. 247-261). Springer, London.

Zhou, L., & Chao, H. C. (2011). Multimedia traffic security architecture for the internet of things. IEEE Network, 25(3).

Zhao, K., & Ge, L. (2013, December). A survey on the internet of things security. In Computational Intelligence and Security (CIS), 2013 9th International Conference on (pp. 663-667). IEEE.