Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

Chapter 4: IoT Communication Layer Attack Surface

Other
Iqbal Mardhotillah
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
Chapter 4: IoT Communication Layer Attack Surface by Mind Map: Chapter 4: IoT Communication Layer Attack Surface

1. OWASP Communication Layer Vulnerabilities

1.1. Attack Surface

1.1.1. Device Network Suface

1.1.1.1. (Vulnerabilities) Injection

1.1.1.2. (Vulnerabilities) Denial of service

1.1.1.3. (Vulnerabilities) Replay attack

1.1.2. Network Traffic

1.1.2.1. (Vulnerabilities) LAN traffic

1.1.2.2. (Vulnerabilities) Short Range

1.1.2.3. (Vulnerabilities) LAN to internet traffic

2. Communication Channels

2.1. Types of wireless networks

2.1.1. WBAN

2.1.2. WPAN

2.1.3. WHAN

2.1.4. WFAN

2.1.5. WNAN

3. Wireless Protocol

3.1. IEEE 802.15.4

3.1.1. Device Roles

3.1.1.1. Full Function Device (FFD)

3.1.1.2. Personal Area Network (PAN) Coordinator

3.1.1.3. Reduced Function Device (RFD)

3.1.2. Topologies

3.1.2.1. Star Topology

3.1.2.2. Mesh Topology

3.1.2.3. Cluster Tree Topology

3.1.3. Security

3.1.3.1. Access control

3.1.3.2. Message integrity

3.1.3.3. Message confidentiality

3.1.3.4. Replay protection

3.1.4. Mesh Protocol

3.1.4.1. 6LoWPAN

3.1.4.2. Zigbee

3.1.4.3. Thread

3.2. Bluetooth Low Energy (BLE)

3.3. Wi-Fi

3.4. Near Field Communication (NFC)

3.5. Cellular

3.6. Low-power WAN Protocols (LPWAN)

4. Bluetooth and Wi-Fi

4.1. Often used in IoT systems that require simplicity of setup, such as a home IoT network.

4.2. the most common wireless protocols and are found in most connected homes, home automation and security applications will frequently use them.

5. Common IP Vulnerabilities

5.1. DoS attacks

5.2. DDoS attacks

5.3. ICMP attacks

5.4. Address spoofing attacks

5.5. Man-in-the-middle attack (MITM)

5.6. Session hijacking

6. IoT Communication Layer Vulnerabilities

6.1. The sensor network

6.2. The IoT gateway

6.3. The uplink to the internet

6.4. The enterprise IT network

7. TCP Vulnerabilities

7.1. Reliable delivery

7.2. Flow control

7.3. Stateful communication

8. TCP SYN Flood Attack

8.1. attack exploits the TCP three-way handshake.

8.2. TCP reset attack can be used to terminate TCP communications between two hosts.

9. UDP Vulnerabilities

9.1. UDP is not protected by any encryption

9.2. UDP flood attack

10. Security for IoT Communication Protocol

10.1. device firmware

10.2. physical interfaces

10.3. IoT Gateway

10.4. Communication Channel

10.5. Local, Mobile, Remote Applications and protocols

11. Isolation of IT and OT Traffic

11.1. Important to reduce the size of the overall attack surface by establishing smaller zones of trust through the use of firewalls and other security technologies

12. Threat Model for IoT Communication Technologies

12.1. Insecure network service

12.1.1. Ensure all devices operates with a minimal number of networks portas active.

12.2. Lack of transportation encryption

12.2.1. Consider makin a firewall option available for the product.