Protect your IoT system with a few lines of code


Blog IoT
20 September, 2017 0

In the last two years, Internet of Things (IoT) has grown exponentially, increasing its presence in our lives. Nowadays, we have TVs connected to the internet, cars connected to the internet, cameras in our garage that send us images through the internet, and everything you can imagine will be on the internet in the short term. 

However, there are several reasons to be cautious regarding IoT security: these devices can be easily hacked due to their (poor-security) design, they can be used to violate our privacy, or they can be used to attack other targets, as it happened with Dyn Attack last year.

One of the main reasons why IoT devices are vulnerable is different vendors use different communication protocols, which increases the complexity of establishing security standards. Moreover, some security protocols are not compatible with energy-saving policies. Besides, the time-to-market challenge vs. security is also another dilemma.

Our review from experts’ publications allowed us to identify some solutions like the use of a standard protocol for encryption, authentication, and authorization for IoT communications. Besides, analytics technologies that evaluate the device’s behavior of the devices seem to be a promising path.

Simple security solution approach for HTTP-running IoT devices

The following Node.js code proposes a monitor server that records information from usage indicators on the device (we assume in the example that the device runs an HTTP server). It also registers the failures to detect possible Denial of Service (DoS) attacks. Logged information can be analyzed to detect functional faults and to trigger alerts. Machine learning and other big data techniques can be used for processing the information.

var Client = require(‘node-rest-client’).Client;
var mongoose = require(‘mongoose’);
LogSecurity = mongoose.model(‘LogSecurity’);
const period = 10000;
function SecPol() {
  var logSec= new LogSecurity();
  var client = new Client();
  client.get(“http://device_ip:device_port/monitor“, function (data, response) { = (new Date() +”,”+ data) {
    if (err){
      console.log(‘[‘ + err + ‘]’);
  }).on(‘error’, function(err){
    logSec.log = (new Date() +”,”+”no connection!”) {
      if (err){
        console.log(‘[‘ + err + ‘]’);
setInterval(SecPol, period);

IoT Security represents a big challenge for the IT community. We must face it responsibly. Take some time to evaluate your security threats while developing an IoT system; you’ll save a lot of time and money. ? 


Leave a Reply

Your email address will not be published. Required fields are marked *

Wednesday September 20, 2017 - 22:09 Blog, IoT
Recent posts
Using Mockito to create Java Unit Test

Let’s start with the definition given by the official page. “Mockito is a mocking framework that tastes really good. It […]

Read More…

Continue reading
1 December, 2020
From idea to deploy

When the great idea and background just isn’t enough […]

Read More…

Continue reading
11 August, 2020
Reclaim your disk space from Xcode

Do you have problems with the space on your disk? You are in the right place! This post is for […]

Read More…

Continue reading
25 June, 2020
RoR – Get your exceptions notified via Slack

Have you ever wanted to be one step ahead, and be notified of any unwanted exception before your users have […]

Read More…

Continue reading
18 October, 2018