HISTORY OF IoT The Internet of Things, as a concept, wasn’t officially named until 1999, but one of the first examples of an IoT is from the early 1980s, and was a Coca Cola machine, located at the Carnegie Mellon University. Local programmers would connect through the Internet to the refrigerated appliance, and check to see if there was a drink available, and if it was cold, before making the trip to purchase one. Kevin Ashton, MIT’s Executive Director of Auto-ID Labs, coined the phrase “Internet of Things” in 1999. He was the first to describe the IoT, while making a presentation for Procter & Gamble, but the definition of the IoT has evolved over time. Mr. Ashton stated: “Today computers, and, therefore, the Internet, are almost wholly dependent on human beings for information. Nearly all of the roughly 50 petabytes of data available on the Internet were first captured and created by human beings by typing, pressing a record button, taking a digital picture or scanning a barcode. The problem is, people have limited time, attention, and accuracy. All of which means they are not very good at capturing data about things in the real world. If we had computers that knew everything there was to know about things, using data they gathered without any help from us, we would be able to track and count everything and greatly reduce waste, loss, and cost. We would know when things needed replacing, repairing, or recalling and whether they were fresh, or past their best.”
The Early 2000s (Kevin Ashton (the guy who came up with the name “Internet of Things”) believed Radio Frequency Identification (RFID) was a prerequisite for the Internet of Things — primarily as an inventory tracking solution. In hindsight, Inventory tracking has become one of the more obvious advantages of the IoT. He concluded if all devices were “tagged,” computers could manage, track, and inventory them. To some extent, the tagging of things has been achieved through technologies such as digital watermarking, barcodes, and QR codes.) In 2002-2003, Walmart and the US Department of Defense were the first large organizations to embrace Ashton’s model of tracking inventory using tagging, RFID, and the Internet of Things. Ring, a doorbell that links to your smartphone, provides an excellent example of the T00nternet of Things being used at home. Ring signals you when the doorbell is pressed, and lets you see who it is, and to speak with them. The Ring doorbell was developed in 2011 by Jamie Siminoff because he wanted to see who was at his door while he was in the garage, working. He couldn’t hear the doorbell from the garage and kept missing deliveries. An additional and important component in developing a functional IoT took place in June of 2012, when the major Internet service providers and web companies agreed to increase address space on the global Internet by enabling IPV6 for their services and products. Steve Leibson, of the Computer History Museum, stated, “The address space expansion means that we could assign an IPV6 address to every atom on the surface of the earth, and still have enough addresses left to do another 100+ earths.” Put another way, we are not going to run out of internet addresses anytime soon.
IoT Getting Smarter “Smart cities” can use the IoT to reduce waste and maximize the efficient use of energy. The IoT can also be used to streamline traffic flows and locate available parking. In 2012, The Swiss Federal Office of Energy started a pilot program called “Smart City Switzerland.” They brought representatives from universities, business, and public administration together to discuss new ideas for the urban environment. Smart City Switzerland has over sixty projects underway and supports new scientific partnerships and innovation. (Smart City Switzerland has evolved into something quite impressive.) A well-designed smart city supports all kind of sensors that are connected to the internet and provides: Traffic monitoring- Real-time tracking and reporting of traffic. Air quality monitoring- Integrated IoT sensors can identify polluters. Smart transportation- Smart traffic lights streamline traffic efficiency and public transport. Smart parking- Sensors installed in pavement, etc. to determine occupancy of the parking lot, which is communicated to drivers. Smart public lighting- Low energy lighting combined with timing and sensors. Smart buildings- When connected to the smart city by way of the internet, it becomes a part of the city infrastructure. A smart building, by itself, uses sensors and automated processes to control the building’s operations, which includes air conditioning, heating, ventilation, security, lighting, and other systems. Smart buildings are integrated systems and share vital information. The Industrial Internet of Things (IIoT) The Industrial Internet of Things (IIoT) is an extension of the IoT, and uses actuators and smart sensors, which are networked together with a company’s industrial applications. The goal is to give industries greater efficiency and reliability. The IIoT includes robotics and software-defined production processes. The cloud’s massive storage capacity (2002) was necessary for the modern version of the IIot to become a reality. The IIoT came into being in roughly 2010, with several large companies developing their own systems. GE is given credit for creating the term “Industrial Internet of Things,” In 2012. The Internet of Things Becomes a Part of Life By the year 2013, the IoT had become a system using multiple technologies, ranging from the Internet to wireless communication and from micro-electromechanical systems (MEMS) to embedded systems. This includes almost anything you can think of, ranging from mobile phones to building maintenance to the jet engine of an airplane. Medical devices, such as a heart monitor implant or a biochip transponder in a farm animal, can transfer data over a network and are members of the IoT. The IoT Goes Mobile – 2015 Smartphones are part of the IoT, and have become an important communications tool for many individuals. In 2015, they joined the IoT with a high degree of enthusiasm from marketers. The sensors within these devices are monitored by marketing departments, who send out certain promotions based on the customer and the product’s location. The healthcare industry has also taken advantage of this trend. Devices, such as smartwatches, smartphones, and ingestible monitors can keep track of a patient’s data regarding blood pressure, heart rate, and other concerns in real time. Cars and trucks have become members of the IoT. A connected vehicle works with other devices over wireless networks. This technology allows various “connected networks” to access and communicate with the vehicles. Cars and trucks are already loaded with sensors and technology, including OBD (on-board diagnostics) and GPS. By maximizing their use of these technologies, businesses can extract information from their fleets about maintenance requirements, driving conditions, and routes in real-time. Self-driving cars use the cloud to respond to adjacent cars, traffic data, maps, weather, surface conditions, etcetera. Use of the cloud helps the vehicles to monitor their surroundings and make better decisions. Self-driving cars are new members of the IOT. The first truly self-driving vehicle appeared in the 1980s. In October of 2021, May Mobility launched a pilot program to test their self-driving software. Human neighborhoods are now becoming part of the interconnected community called the Internet of Things.
What’s the role of AI in the IoT When discussing IoT and AI, we should understand precisely what every definition means. Artificial intelligence (AI) is a reproduction of human intelligence by machines and computer systems. It can be different systems like natural language processing, speech recognition and machine vision. The Internet of things (IoT) is a physical device which can connect to the Internet, or it can have its own networking that is more preferably in contact with cyber security. IoT and AI are closely related to each other and develop in parallel. At the same time, AI and IoT can work together. An outstanding example of this collaboration is Tesla. AI, in that case, can predict the behavior of pedestrians, define road conditions, suitable speed, weather conditions etc. It’s called predictive maintenance feature of AI over the IoT sensors. Undoubtedly, it became possible with reliable mechanism of data collection and improved analytics within cloud servers, because all IoT produce huge amount of data every second. In the same time, progressive and cautious product management strategy leaded to the AI-controlled energy optimization in order to reduce environmental harms and costs. AI in IoT is usually used for intelligent data analysis and scientific business decision-making. However, IoT devices are often operated in insecure environments. Nowadays, very few lightweight security and privacy solutions are designed specifically for the devices and servers running within the IoT. Consequently, AI-based IoT applications present additional protection and privacy challenges, including data privacy disclosure, cyber-attacks, data breach, etc. Certainly, we’re not the only ones who thought about the AI-induced vulnerabilities in IoT applications, more to say - developers turned AI back to human security purposes, and created prediction models for cyber-attacks accidents in the IoT network. Here are the most fascinating examples:
Artificial intelligence is playing an increasingly important role in cybersecurity — for both good and bad. Organizations can leverage the latest AI-based tools to better detect threats and protect their systems and data resources. But cyber criminals can also use the technology to launch more sophisticated attacks. Among the types of products that use AI are antivirus/antimalware, data loss prevention, fraud detection/anti-fraud, identity and access management, intrusion detection/prevention system, and risk and compliance management. + In general, AI is used to help detect attacks more accurately and then prioritize responses based on real world risk it allows automated or semi-automated responses to attacks, and finally provides more accurate modelling to predict future attacks – AI can be used to identify patterns in computer systems that reveal weaknesses in software or security programs, thus allowing hackers to exploit those newly discovered weaknesses When combined with stolen personal information or collected open source data such as social media posts, cyber criminals can use AI to create large numbers of phishing emails to spread malware or collect valuable information. Security experts have noted that AI-generated phishing emails actually have higher rates of being opened — [for example] tricking possible victims to click on them and thus generate attacks — than manually crafted phishing emails AI can also be used to design malware that is constantly changing, to avoid detection by automated defensive tools. Constantly changing malware signatures can help attackers evade static defenses such as firewalls and perimeter detection systems. Similarly, AI-powered malware can sit inside a system, collecting data and observing user behavior up until it’s ready to launch another phase of an attack or send out information it has collected with relatively low risk of detection. AI&IoT IoT is about using computer tools to automate real-world processes, and like all automation tasks, it's expected to reduce the need for direct human participation. Although IoT is aimed at reducing human work, it doesn't eliminate the need for human judgments and decisions. That's where AI can step in and improve the IoT system significantly.
AI benefits in IoTs industry Artificial intelligence (AI) can provide numerous benefits for addressing cybersecurity issues in the context of the Internet of Things (IoT). Some of the ways AI can benefit IoT cybersecurity are: Threat detection: AI algorithms can analyze large amounts of data from IoT devices and identify potential security threats in real-time. These algorithms can learn to recognize patterns that may indicate a security breach or attack and quickly alert security personnel to take action. Anomaly detection: AI algorithms can learn the normal behavior of IoT devices and detect when any device is behaving abnormally, indicating a possible cyber-attack. This can help to identify new and unknown threats that may not be detected by traditional security measures. Improved authentication: AI can provide advanced authentication methods that can recognize individual users or devices based on behavioral patterns or biometric data. This can help prevent unauthorized access to IoT devices and ensure that only authorized users are accessing the devices. Predictive maintenance: AI algorithms can help to identify potential vulnerabilities and weaknesses in IoT devices, allowing security teams to take preventive measures before a security breach occurs. This can reduce the risk of security incidents and improve the overall security of IoT networks. Threat response: AI can help to automate threat response processes, allowing security teams to respond to threats quickly and effectively. This can reduce the time it takes to detect and respond to security incidents and limit the damage caused by cyber-attacks. In summary, AI can provide numerous benefits for IoT cybersecurity by improving threat detection, anomaly detection, authentication, predictive maintenance, and threat response. By leveraging AI technologies, IoT networks can be made more secure and resilient against cyber-attacks.
Examples of AI software or tools that can help with each of the list points Threat detection: Darktrace: https://www.darktrace.com/ Vectra AI: https://www.vectra.ai/ CylancePROTECT: https://www.blackberry.com/us/en/products/cylanceprotect Anomaly detection: Kount: https://www.kount.com/ Anodot: https://www.anodot.com/ LogRhythm: https://logrhythm.com/ Improved authentication: HYPR: https://www.hypr.com/ FaceFirst: https://www.facefirst.com/ BehavioSec: https://www.behaviosec.com/ Predictive maintenance: Uptake: https://www.uptake.com/ C3.ai: https://c3.ai/ Senseye: https://www.senseye.io/ Threat response: Demisto: https://www.paloaltonetworks.com/products/secure-the-future/demisto IBM Resilient: https://www.ibm.com/security/resilient Siemplify: https://www.siemplify.co/
Most of the AI software and tools that I listed can be used in various contexts beyond just IoT cybersecurity. However, they can also be applied specifically to IoT cybersecurity. Here are some examples of how each of the items can be applied to IoT cybersecurity: Threat detection: Darktrace, Vectra AI, and CylancePROTECT can all be used to detect threats in IoT devices and networks. Anomaly detection: Kount, Anodot, and LogRhythm can all be used to detect anomalous behavior in IoT devices and networks. Improved authentication: HYPR, FaceFirst, and BehavioSec can all be used to improve authentication for IoT devices and networks. Predictive maintenance: Uptake, C3.ai, and Senseye can all be used to provide predictive maintenance for IoT devices and networks. Threat response: Demisto, IBM Resilient, and Siemplify can all be used to respond to security threats in IoT devices and networks. So while these AI tools are not used exclusively for IoT cybersecurity, they can all be applied to address security issues in IoT networks.
SIEM systems for the IoTs monitoring There are several Security Information and Event Management (SIEM) systems that can be used for IoTs monitoring. Here are some examples: Splunk: Splunk Enterprise Security is a SIEM platform that can be used to monitor and analyze security events in IoT networks. IBM QRadar: IBM QRadar is a SIEM platform that can be used to monitor IoT devices and networks, and can detect and respond to security threats. LogRhythm: LogRhythm is a SIEM platform that can be used to monitor and analyze security events in IoT devices and networks. McAfee Enterprise Security Manager: McAfee Enterprise Security Manager is a SIEM platform that can be used to monitor and analyze security events in IoT networks. AlienVault: AlienVault is a SIEM platform that can be used to monitor IoT devices and networks, and can detect and respond to security threats. Graylog: Graylog is a SIEM platform that can be used to collect and analyze log data from IoT devices and networks, and can detect and respond to security threats. Elastic Security: Elastic Security is a SIEM platform that can be used to monitor IoT devices and networks, and can detect and respond to security threats. These SIEM systems can be used to monitor IoT devices and networks, and provide real-time alerts and responses to security threats. They can also help to identify patterns and trends in security events and provide insights to improve overall security posture. AI in IoTs success use cases
One famous use case of AI in IoT monitoring is the use of machine learning algorithms for anomaly detection in IoT networks. Machine learning algorithms can learn to recognize normal patterns of behavior in IoT devices and networks and can alert security teams when any device or network is behaving abnormally, which could indicate a security breach. For example, in the energy industry, machine learning algorithms are used to detect abnormal patterns in the energy usage data collected from smart meters to detect energy theft or fraud. This enables energy companies to identify and address these issues more quickly and efficiently than traditional methods.
AI in IoTs failure use cases
One example of the fail of AI in IoT cybersecurity monitoring is the case of the Mirai botnet. In 2016, the Mirai botnet compromised hundreds of thousands of IoT devices, including security cameras and routers, and used them to launch a massive Distributed Denial of Service (DDoS) attack on the Dyn DNS service. Despite using AI-based security solutions, the botnet was able to evade detection and exploit security vulnerabilities in IoT devices. This was due to several factors, including poor device security, lack of security updates, and the use of default passwords. While AI-based solutions can be effective for IoT cybersecurity monitoring, they are not a silver bullet and should be used in conjunction with other security measures, such as strong passwords and regular security updates, to provide a comprehensive security approach.
Response to Mirai botnet attack The Mirai botnet attack in 2016 was a wake-up call for the IoT industry and highlighted the urgent need for improved IoT cybersecurity measures. In response to the attack, there was a concerted effort by the cybersecurity industry, government agencies, and IoT device manufacturers to improve IoT security. Here are some of the key actions that were taken: IoT Security Standards: Industry groups and government agencies worked to establish security standards for IoT devices. For example, the US National Institute of Standards and Technology (NIST) published a set of IoT security guidelines to help manufacturers build more secure devices. Firmware Updates: IoT device manufacturers issued firmware updates to patch vulnerabilities and improve security in existing devices. Botnet Takedowns: Law enforcement agencies took down several botnets, including the Mirai botnet, to disrupt cybercriminal operations and prevent further attacks. Improved Authentication: Device manufacturers improved authentication mechanisms for IoT devices, such as requiring stronger passwords and implementing two-factor authentication. AI-Based Security Solutions: Companies developed AI-based security solutions to detect and prevent IoT security threats in real-time. These actions helped to improve IoT security, but there is still much work to be done. The IoT industry continues to face significant security challenges due to the vast number of devices and the complexity of the IoT ecosystem. Ongoing efforts to improve IoT security include the development of new security technologies and standards, increased awareness and education for consumers and businesses, and continued collaboration between industry and government stakeholders.
The Intersection of AI and IoT: Threats and Opportunities for Smart Watches
Over the past decade, the growth of both AI and IoT has been exponential. In particular, the integration of AI in IoT devices like smart watches has provided a wealth of opportunities, from more accurate tracking to personalized recommendations. However, this integration has also introduced new threats and vulnerabilities.
One key opportunity is the ability of AI to provide more personalized and accurate data. By analyzing user behavior, AI algorithms can offer customized recommendations and feedback to improve health and fitness outcomes. Additionally, AI can help to detect anomalies or health issues in real-time, providing users with timely alerts and improving the overall effectiveness of these devices.
However, there are also significant threats associated with the integration of AI in IoT devices. One major issue is privacy. AI algorithms often require large amounts of data to train and improve, but collecting this data can raise privacy concerns if it includes sensitive personal information. This can put users at risk if their data is mishandled or exploited by hackers.
Another threat is the potential for AI to be manipulated or biased. As seen in the Citizen Lab report "Every Step You Fake," vulnerabilities in IoT devices can allow attackers to modify data and create false records. AI systems are not immune to such manipulation, and the use of biased or manipulated data can result in flawed recommendations or decisions that harm users.
Looking ahead, it is clear that the integration of AI and IoT will continue to shape the landscape of smart watches and other IoT devices in the coming years. To ensure that the benefits of AI are maximized while minimizing the risks, it is important to implement strong security measures, such as encryption and authentication, to protect user data. Additionally, the use of ethical frameworks and guidelines can help to ensure that AI systems are designed and used in ways that promote user privacy and fairness.
In conclusion, the integration of AI and IoT has brought both opportunities and threats to smart watches and other IoT devices. By addressing the challenges and maximizing the benefits, we can ensure that these devices continue to improve and enhance our lives in the years to come. "Every Step You Fake" - Vulnerabilities in IoT
The article "Every Step You Fake" examines vulnerabilities in IoT (Internet of Things) devices that can be used to track and monitor users without their consent. Researchers from Citizen Lab conducted tests on several devices, including smart watches, fitness trackers, and health apps, and found several critical vulnerabilities.
One vulnerability is that many devices do not have the proper level of protection against data tampering. This allows attackers to modify the data transmitted by the device and create false records. For example, a fitness tracker may show that a user has walked 10,000 steps, even if they have actually taken far fewer.
The key vulnerability associated with Bluetooth is the use of unsecured connections. Bluetooth devices can be easily discovered and paired with, which can make it easy for attackers to intercept and access the data transmitted between devices. Without proper encryption and authentication, this can lead to data interception and theft, as well as the possibility of unauthorized access to the device itself. Therefore, it is important to use secure Bluetooth connections and ensure that devices are not vulnerable to Bluetooth-based attacks. This can lead to data interception and its use by attackers to track users.
Researchers also found that some devices use standard and easily hackable passwords, which can allow attackers to gain access to the device and its data.
These vulnerabilities can have serious consequences for users. For example, attackers can use data obtained from devices for extortion or blackmail. They can also use the data to penetrate the systems of banks and other organizations.
Researchers recommend that users be cautious when using IoT devices and monitor what data is being transmitted. They also recommend that IoT device manufacturers improve the level of protection of their products and use stronger authentication and encryption methods.
To protect against vulnerabilities in IoT devices, here are some recommendations:
Keep devices updated: Make sure to regularly update the firmware and software of your IoT devices to ensure they have the latest security patches and bug fixes.
Use strong passwords: Create strong and unique passwords for your IoT devices and change them regularly. Avoid using default or easily guessable passwords.
Use two-factor authentication: Enable two-factor authentication wherever possible to add an extra layer of security.
Disable unnecessary features: Disable features or services that are not needed or used, such as remote access or file sharing, to reduce the attack surface of your device.
Use secure connections: Whenever possible, use secure connections such as HTTPS or VPN to access your IoT devices remotely.
Monitor device activity: Regularly check the activity logs of your IoT devices for any suspicious activity, such as unauthorized access or data transfers.
Research devices before purchase: Before purchasing an IoT device, research the manufacturer's security practices and check for any reported vulnerabilities or security incidents.
Keep networks secure: Secure your home or office network with strong passwords and encryption, and use a separate network for IoT devices to minimize the risk of compromise.
By following these recommendations, you can help protect your IoT devices and personal data from potential threats and vulnerabilities.