deice change the password.

Even if some changes the

IoT and Security passwords they are often predicable combinations. All
these can lead to exploitation of accounts.

Abstract Insufficient awareness: There is a lot of insufficient

knowledge and awareness about the security risks
Iot or internet of things is a recent concept. It is all associated with IoT. Hence IoT devices and the lives
about varied digital devices correlating with one associated are exposed to potential cyber attacks.
another. The main aim of this paper is to understand the
risks and challenges associated with IoT and to suggest Device updates risks: One of the main challenges of
some mechanisms to prevent it. using Iot devices is the risks related to the weak
firmware or programs [4]. Software’s not getting right
updates or not getting any update at all can be risky.
Malware attacks: Malware attacks such as phishing
Introduction are grave concern for enterprises. Hackers might send
signals to the Iot devices which can trigger some
unwanted complexities such as spying, DDoS attacks,
The IoT of internet of things represent series of blackmailing for ransom ware and others [5].
electronic devices which are linked and engage in
communication with one another. Electrical and Privacy concerns: Iot devices generated huge data.
electronic devices work and operate together within a Intruding these devices and using personal information
network in IoT. Some common examples of IoT are and spying are confidentiality and privacy concerns
smart homes, wearable, smart cities, digital forensics associated with IoT.
etc. The main benefit of Iot is the convenience it
provides and its main weakness is its security aspects.
It is important to make IoT secured. This is because all Result and Discussion
these devices which are connected with the internet
deals with data. Cyber criminals and hackers are
always hunting for loopholes and weak access points to The advantages of connectivity are enormous and
intrude and steal data and use it for personal interests internet of things has brought a brand new wave of
[1]. A group of anonymous hackers breaking in a development. Today the whole world is using the
federal website is an example where confidential data internet to perform all the crucial activities. Hence it is
can be stolen and hence IoT needs security important to discuss some security mechanisms to
mechanisms. protect the Iot.
Authentication: All three Iot levels like the layer of
Work Done perception, layer of network and application layer must
all be entered through a multifactor authentication.
Hence all parties which are communication in IoT
devices must be first authenticated. A multi-factor
Threats and Risks related to IoT technology are many.
authentication or a MFA is a process where more than
Authentically threats: The IoT security is a major one security level is combined for control access [3].
concern. Smart devices for an example are not designed This is basically setting up of multiple mechanisms for
in terms of the architecture to provide strong security to logging in instead of sung one simple password.
this technology. Authentication of varied entities which
Better passwords: Using strong and complete
are interconnected and confidentiality of the data
passwords for device as well as wifi connection is
exchange are top challenges in the deployment of IoT
recommended. It is also need that passwords are
[2]. Iot comprises of multiple devices connected with
changed regularly. Makin complicated password is
them. All these devices collect information from many
important so the potential hacker does not get a clue.
sources. If features like the authentication or encryption
are overlooked then these can lead to sever concerns. Encryption: To protect the data privacy and
confidentiality, advance encrypting standard can be
Weak passwords: Not all who uses an Iot device is a
used with a highly secured algorithm. Very few devices
professional or a tech savvy person. Iot deice
posses encryption as a part involved in their basic
manufactures provide a login credential for secure log
configurations. Most web traffics must be using the
in of the customer. But very few on purchase of the
HTTPS, transport layer based security, and DNS [4]A. Jurcut, P. Ranaweera and L. Xu, "Introduction to
security formats, Secure File Transfer Protocols etc. IoT Security", IoT Security, vol. 2, no. 1, pp. 27-64,
2019. Available: 10.1002/9781119527978.ch2
Spread awareness: The most important of all is to [Accessed 13 June 2020].
educate users and employees and raise their awareness
about security breaches, risks and threats and the ways [5]H. Suo, J. Wan, C. Zou and J. Liu, "Security in the
to detect these at an early phase. Internet of Things: A Review", 2012 International
Conference on Computer Science and Electronics
Monitor the cloud: Continuous audit of the cloud will Engineering, vol. 1, no. 1, pp. 5-6, 2017. Available:
be providing a security framework to the cloud. 10.1109/iccsee.2012.373 [Accessed 13 June 2020].
Security Content Automation Protocol or SCAP is a
robust mechanism for making continuous cloud audit [6]S. Rizvi, A. Kurtz, J. Pfeffer and M. Rizvi,
[6]. "Securing the Internet of Things (IoT): A Security
Taxonomy for IoT", 2018 17th IEEE International
Conference On Trust, Security And Privacy In
Conclusion Computing And Communications/ 12th IEEE
International Conference On Big Data Science And
Engineering (TrustCom/BigDataSE), 2018. Available:
With the aid of the paper above, the awareness is 10.1109/trustcom/bigdatase.2018.00034 [Accessed 13
created about the challenges associated with IoT June 2020].
technology and some safety mechanisms. There is no
doubt that IoT has made life better. However, it is
extremely significant to make the defence strong and
be aware of cyber crime.

References
[1]M. Djekic, "The Internet of Things
Security", Tehnika, vol. 72, no. 2, pp. 309-312, 2017.
Available: 10.5937/tehnika1702309d [Accessed 13
June 2020].
[2]A. Gamundani, A. Phillips and H. Muyingi, "An
Overview of Potential Authentication Threats and
Attacks on Internet of Things(IoT): A Focus on Smart
Home Applications", 2018 IEEE International
Conference on Internet of Things (iThings) and IEEE
Green Computing and Communications (GreenCom)
and IEEE Cyber, Physical and Social Computing
(CPSCom) and IEEE Smart Data (SmartData), vol. 2,
no. 1, pp. 1-2, 2018. Available:
10.1109/cybermatics_2018.2018.00043 [Accessed 13
June 2020].
[3]M. Crossman and H. Liu, "Two-factor
authentication through near field
communication", 2016 IEEE Symposium on
Technologies for Homeland Security (HST), vol. 5, no.
2, pp. 3-6, 2016. Available: 10.1109/ths.2016.7568941
[Accessed 13 June 2020].