CS709 - MASTER OF SCIENCE (MSC)

CYBERSECURITY AND DIGITAL FORENSICS

CSP750 – RESEARCH METHODS IN

COMPUTING

ASSIGNMENT 1 – LITERATURE REVIEW ANALYSIS

PREPARED FOR: DR. SITI ARPAH BINTI AHMAD

PREPARED BY:
MOHD IZWAN BIN IBRAHIM (2022148387)

GROUP: CS7091 (202241)

SUBMISSION DATE: 12 NOVEMBER 2022

Assignment 1 - Literature Analysis

Table Of Contents.

NO DESCRIPTION PAGE
1. Table Of Contents 2
2. Articles / Papers Table. 3
3. Problem Summary. 5
4. Data Type and Sources Summary. 5
5. Solutions Summary. 6
6. References 8

CSP750 - Research Methods In Computing 2

 Assignment 1 - Literature Analysis

Articles / Papers Table.

No. Author, Year Problem Data Type and Sources Solution

1. Hodges, D. The risk to our physical security from Combining two areas of the academic Places the nascent vulnerabilities
Title: attacks originating in literature, residential burglary and associated with the smart-home into
Cyber-enabled burglary of cyberspace. smart-home security. the context of the process by which
smart homes. Technical vulnerabilities within the burglary is committed.
smart home. Analysis identifies some increased risk
during the target selection stage
phase
2. Davis, B. D., Janelle C. Personal space becomes vulnerable to Searches in both CVEs and NVD The need for a stronger focus on the
Mason, J. C., & Anwar, M. security and privacy attacks. repositories. security posture of lesser known
Title: Vulnerabilities and security posture of Experiments and vulnerability vendor devices as they are often less
Vulnerability Studies and smart home IoT devices. findings. regulated and faceless scrutiny.
Security Postures of IoT
Devices: A Smart Home
Case Study
3. Yu, R., Zhang, M., Relatively simple architectures, and Designs simulation experiments to Designs and implements a router
& Zhang, X. security vulnerabilities may exist in test devices. based smart home security analysis
Title: the perception layer, transport layer, Studying a variety of smart home system.
Smart Home Security and application layer. devices. The system that can effectively detect
Analysis System Based on Most of the security analysis and defend against contactless
The Internet of Things frameworks for IoT devices require attacks that smart homes may suffer,
additional high-performance devices. and has a small impact on home
The emerging "mining" malware and network performance.
other attack methods that directly
plunder the computing resources of
the device have

CSP750 - Research Methods In Computing 3

 Assignment 1 - Literature Analysis

4. Toutsop, O., Das, S., Increasingly sophisticated attacks. Z-Wave network was built on the Proposed an effective Intrusion
& Kornegay, K. Hackers might exploit sensor raspberry-pi gateway. Detection technique using a
Title: vulnerabilities to gain unauthorized Testbed’s equipment was also added combination of machine learning
Exploring The Security network access and use user data to the network. classifiers and deep learning.
Issues in Home-Based IoT through various IoT devices. Wireshark was used to capture Provide design implications to address
Devices Through Denial of DoS attacks continue to be a network traffic. such critical security flaws.
Service Attacks. significant concern even with Machine learning models such as
improved technologies and security logistic regression, decision tree,
protocols. random forest and support vector
By connecting smart home appliances machine as well as deep learning
to the Internet, the chance of model.
malicious attacks increases.
The commercial hub does not provide
enough versatility to the customer.
5. Dorai, G., Chi, H., Williams, All these devices are connected to the Experimental smart home setting To purchase vulnerability scanning
E. A., & Alo, R. A. home’s Wi-Fi network. This could using various connected devices. software or to deploy packet sniffing
Title: mean that if a security vulnerability IoT device simulator within the network-based tools.
Is your Smart Home a exists in even one of the devices in a Microsoft Azure framework. Isolate vulnerable devices in order to
Secure Home?” - Analysis smart home setting especially in a secure the smart home.
of Smart Home Breaches smart medical home, it could lead to The fundamental security measures
and an Approach for serious repercussions. and network scanning can greatly aid
Vulnerability Analysis and Tools are expensive and most people in coming up with measures to
Device Isolation are unaware of the existence of alleviate and retaliate IoT-based
security threats arise from attacks.
vulnerabilities that exist in smart Device-isolation techniques will help
home devices. any end user to safely isolate any
Devices at various costs from different vulnerable devices in the smart home
manufacturers makes it difficult to network and still keep them
study various protocols and security functional without affecting non-
control mechanisms. vulnerable devices in the network.

CSP750 - Research Methods In Computing 4

Assignment 1 - Literature Analysis

Problem Summary.

There are a lot of exploits out there that might make it difficult to safeguard and keep
a protected network at home. The increased prevalence of smart homes raises concerns
about the vulnerability of the protection to attacks launched from the internet. The smart
home might compromise security and privacy due to technical flaws. It is also essential to
draw attention to the security risks and flaws inherent in IoT devices used in the modern
smart home. Existing security research approaches for Internet of Things (IoT) devices
sometimes require additional high-performance hardware. There may be relatively basic
architectures and security weaknesses at the perception, transport, and application levels.
The device's computing power is actively stolen by new kinds of malware that engage
in "mining" operations and other attack methods. Intricate assaults have also become more
common. Hackers can exploit sensor flaws to access networks and steal user data from
various IoT devices. Keep in mind that denial-of-service attacks are still a significant issue
despite advancements in technology and security measures. The risk of cyberattacks rises
when smart home gadgets are connected to the Internet. Since all of these gadgets will be
connected to the homeowner's Wi-Fi network, the commercial hub must offer greater
flexibility to the client.
As a result, even if only one device in a smart home or smart medical home has a
security flaw, it could have far-reaching consequences for its inhabitants. The availability of
devices at varying prices from various manufacturers further contributed to these issues by
making it challenging to investigate extensively the diverse protocols and security control
mechanisms employed by all of these devices. Such resources can be pricey, and most
individuals are blind to the security risks that may emerge from using insecure smart home
technologies.

Data Type and Sources Summary.

By integrating the research on home invasion with smart-home protection, the data
collected helped to identify some of the issues we were facing. The data was gathered
through manual searching of CVEs and automated searching of NVD repositories. The
Common Vulnerability Enumeration (CVE) is an index of records for all known cybersecurity

CSP750 - Research Methods In Computing 5

Assignment 1 - Literature Analysis

vulnerabilities. Each includes a unique identifier, a brief description, and at least one publicly
accessible reference. NVD is only one of several cybersecurity products and services using
CVE Records. Changes to the CVE List are immediately reflected in NVD because the database
is built upon and synchronised with CVE.
The weaknesses of the smart home devices were also found by examining a variety of
smart home devices. Tests and vulnerability findings were done with the designs of simulation
experiments to test devices. The smart home devices were put through their paces with the
help of a Z-Wave network set up on a raspberry-pi gateway. The testbed's equipment was
also added to the network, and Wireshark was used to capture network traffic. The limitations
of these tools can be better understood using machine learning models like logistic
regression, decision trees, random forest, support vector machines, and deep learning
models.
The experimental type of tests on a smart home setting uses various linked gadgets to
collect data from various sources. IoT device simulators within the Microsoft Azure
framework were also used to ensure that several data types and sources were successfully
collected. Multiple types of data collection will help secure IoT devices at these smart homes.
Data was also collected by scanning for all connected devices in a smart home setting. In order
to do this, an open-source tool called Nmap, also called a Network Mapper, is being used to
collect data sources.

Solutions Summary.

However, there are workarounds for every security flaw in smart home appliance. For
instance, the environment in which a crime is committed must be updated to account for new
vulnerabilities related to the smart home. In addition, the study that highlights a few
heightened dangers throughout the target selection step also played a significant role in
ensuring the related vulnerabilities in specific IoT devices are covered. Since devices from
fewer well-known vendors are often subject to less regulation and anonymized scrutiny,
greater attention to their security posture is warranted. A mechanism for conducting security
assessments within these establishments is required to mitigate further the risk introduced
by the IoT in smart homes.

CSP750 - Research Methods In Computing 6

Assignment 1 - Literature Analysis

Further, a system that can effectively detect and defend against contactless attacks
that smart homes may incur can be implemented to prevent vulnerabilities and threats to the
smart house while having a minimal effect on the functionality of the home network. Another
way to help encounter IoT security threats is to combine machine learning classifiers with
deep learning is essential for developing efficient intrusion detection methods. Every IoT
appliance for the house needs to offer design implications for fixing severe security issues.
This may involve taking measures such as installing network-based tools for sniffing packets
or using vulnerability detection software.

Finally, the smart home's security relies on isolating potentially compromised devices
to help lower the risk of hackers attacking houses running with these smart devices.
Customers can utilize this device-isolation method to safely isolate any susceptible devices in
their innovative home network, allowing them to continue functioning without compromising
the security of other devices on the same network. Measures to prevent, mitigate, and react
against IoT-based threats can benefit tremendously from basic security practices and network
monitoring.

CSP750 - Research Methods In Computing 7

Assignment 1 - Literature Analysis

References.

Dorai, G., Williams, E. A., Chi, H., & Alo, R. A. (2020). “Is your Smart Home a Secure Home?” -

Analysis of Smart Home Breaches and an Approach for Vulnerability Analysis and

Device Isolation. 2020 IEEE 6th World Forum on Internet of Things (WF-IoT).

https://doi.org/10.1109/wf-iot48130.2020.9221420

Toutsop, O., Das, S., & Kornegay, K. (2021). Exploring The Security Issues in Home-Based IoT

Devices Through Denial of Service Attacks. 2021 IEEE SmartWorld, Ubiquitous

Intelligence &Amp; Computing, Advanced &Amp; Trusted Computing, Scalable

Computing &Amp; Communications, Internet of People and Smart City Innovation

(SmartWorld/SCALCOM/UIC/ATC/IOP/SCI).

https://doi.org/10.1109/swc50871.2021.00062

Yu, R., Zhang, X., & Zhang, M. (2021). Smart Home Security Analysis System Based on The

Internet of Things. 2021 IEEE 2nd International Conference on Big Data, Artificial

Intelligence and Internet of Things Engineering (ICBAIE).

https://doi.org/10.1109/icbaie52039.2021.9389849

Davis, B. D., Mason, J. C., & Anwar, M. (2020). Vulnerability Studies and Security Postures of

IoT Devices: A Smart Home Case Study. IEEE Internet of Things Journal, 7(10), 10102–

10110. https://doi.org/10.1109/jiot.2020.2983983

Hodges, D. (2021). Cyber-enabled burglary of smart homes. Computers &Amp; Security, 110,

102418. https://doi.org/10.1016/j.cose.2021.102418

CSP750 - Research Methods In Computing 8