IoT Security – A Practical Guide from Perry Lea

Editor’s Note: Securing the Internet of Things (IoT) is critical not only for the integrity of data streams and software within each IoT application, but also for the integrity of the enterprise resources tied into those applications. IoT security is a complex problem, requiring a systematic approach for understanding possible threats and corresponding mitigation methods.

In Chapter 12 of Internet of Things for Architects, Perry Lea delves into the core principles of IoT security. This chapter is presented as part of a multi‑part series, including:

• Cyberspeak 101
• Anatomy of IoT cyber attacks
• Physical and hardware security
• Cryptography
• Critical cryptographic capabilities
• Software‑defined perimeter and blockchain

Adapted from Internet of Things for Architects, by Perry Lea.

Chapter 12. IoT Security

By Perry Lea

Cyber Security Vernacular

The opening chapter of the book outlined the sheer scale of the Internet of Things—billions of devices connected worldwide and a double‑digit growth rate that turns the analog world into the largest attack surface on the planet. Exploits, malware, and rogue actors already disrupt businesses, networks, and lives on a global scale. As architects, we must understand the IoT stack and embed security at every layer—from the sensor to the cloud.

Historically, many IoT deployments treat security as an afterthought. Constraints on memory, processing power, and power consumption often make it difficult to apply the same enterprise‑grade protections found in modern PCs and web platforms. This chapter addresses those gaps by reviewing the most damaging IoT‑specific attacks and outlining practical countermeasures across the stack: physical devices, communication protocols, and network infrastructure.

We also explore advanced concepts such as software‑defined perimeters and blockchain, and conclude with a discussion of the United States Cybersecurity Improvement Act of 2017 and its implications for IoT manufacturers.

Attack and Threat Terminology

Below is a concise glossary of the most common attack vectors that target IoT systems:

• Amplification attack: Leverages legitimate services (e.g., NTP, DNS) to magnify traffic toward a victim. NTP can amplify by 556×, while DNS amplification reaches 179×.
• ARP spoof: Sends forged ARP messages, linking an attacker’s MAC address with a legitimate IP.
• Banner scans: Identify system information by probing network services and parsing response headers.
• Botnets: Networks of compromised IoT devices coordinated by a command‑and‑control server, typically used for DDoS, spam, or espionage.
• Brute force: Exhaustive trial of credentials or keys until success.
• Buffer overflow: Overwrites memory beyond allocated bounds, allowing malicious code execution—especially prevalent in C/C++ codebases lacking bounds checking.
• C2 (Command & Control): Central server that issues instructions to compromised devices.
• Correlation power analysis attack: Extracts encryption keys by correlating measured power consumption during cryptographic operations.
• Dictionary attack: Uses a pre‑compiled list of username/password pairs to gain unauthorized access.
• Distributed Denial of Service (DDoS): Overwhelms a target by flooding it with traffic from many sources.
• Fuzzing: Sends malformed data to discover vulnerabilities based on device responses.
• Man‑in‑the‑Middle (MITM): Intercepts and potentially alters communication between two parties.
• NOP sleds: Sequences of no‑operation instructions that help align the instruction pointer during a buffer overflow.
• Replay attack: Re‑transmits captured network packets to deceive the receiver.
• Remote Code Execution (RCE): Allows an attacker to run arbitrary code on a device, often via a buffer overflow or vulnerability in a protocol.

Understanding these terms is the first step toward building resilient IoT systems that can withstand the evolving threat landscape.