Scribd
Upload
30 views2 pages

4 1

The document discusses the differences between cybersecurity and IoT security, highlighting the specific threats to IoT devices and the importance of securing them due to their vulnerabilities. It outlines the concepts of threats, vulnerabilities, and risks, along with common IoT attacks such as botnet attacks and data breaches. Additionally, it describes the process of threat modeling for IoT systems, emphasizing asset identification, threat recognition, vulnerability analysis, risk assessment, and mitigation strategies.

Uploaded by

Shivam Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
30 views2 pages

4 1

The document discusses the differences between cybersecurity and IoT security, highlighting the specific threats to IoT devices and the importance of securing them due to their vulnerabilities. It outlines the concepts of threats, vulnerabilities, and risks, along with common IoT attacks such as botnet attacks and data breaches. Additionally, it describes the process of threat modeling for IoT systems, emphasizing asset identification, threat recognition, vulnerability analysis, risk assessment, and mitigation strategies.

Uploaded by

Shivam Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Name: Priyanshu Ray Introduction to internet of things

System ID: 2021381047 Assignment 4

Roll no: 210101374

1. Explain the difference between Cyber security versus IoT security and cyber-physical
systems and also mention the need of to secure IOT?

Cybersecurity protects IT systems; IoT Security focuses on device-specific threats like weak
authentication and network vulnerabilities.

Cyber-Physical Systems (CPS) combine physical components (e.g., sensors) with computation and
networking.

Need for IoT Security: IoT devices often lack security features, making them targets for hacking, data
theft, and operational disruption.

2. Explain about Primer on threats, vulnerability, and risks (TVR)?

Threats: Potential events or actions that exploit vulnerabilities to cause harm, such as hacking
attempts or malware.

Vulnerabilities: Weaknesses in a system that can be exploited, like unpatched software or weak
passwords.

Risks: The likelihood and impact of a threat exploiting a vulnerability.

3. Explain about Common IoT attacks with Real time examples?

• Botnet Attacks: IoT devices are hijacked to form botnets for DDoS attacks. Example: Mirai
Botnet in 2016 disrupted major websites by exploiting unsecured IoT devices.
• Man-in-the-Middle (MITM) Attacks: Intercepting communication between IoT devices.
Example: Attacking smart home devices to access personal data.
• Firmware Exploits: Exploiting outdated firmware to control devices. Example: Targeting
industrial IoT devices for unauthorized control.
• Data Breaches: Accessing sensitive data stored on IoT devices. Example: Hacking fitness
trackers to reveal personal health information.

4. Explain about Threat modeling for an IoT system?

Threat modeling identifies, analyzes, and mitigates potential threats in an IoT system. Key steps
include:

1. Asset Identification: Identifying critical components, such as devices, data, and networks.

2. Threat Identification: Recognizing potential threats (e.g., unauthorized access, data


tampering).
3. Vulnerability Analysis: Assessing weaknesses in the IoT system.

4. Risk Assessment: Evaluating the likelihood and impact of each threat.

5. Mitigation Strategies: Implementing measures such as encryption, authentication, and


regular updates.

Example: A smart thermostat threat model would consider unauthorized access, data breaches, and
device control by malicious actors, with mitigation including strong encryption and secure software
updates.

You might also like