Chapter 3 Design Patterns for IoT 71
CHALLENGES AND SOLUTIONS FOR DESIGNING
ARCHITECTURE FOR IoT
While designing IoT architectures, you can face a number of challenges. As a software architect,
you have to realize that IoT is a lot dierent than website and desktop management systems.
Therefore, you cannot aord to use the same conventional and traditional approach in the IoT
applications. Instead, you have to think dierently if you want to address challenges in IoT. To
solve these issues, review the following proposed solutions.
Challenge #1: Security
Security holds a key priority in the IoT ecosystem. It is imperative that users must have trust in
their IoT devices so they can share data without any doubts. When IoT devices are not designed
properly against vulnerabilities then they can face several risks at their entry points. These risks
are mainly cyberattacks which can expose sensitive data and compromise the entire system.
Since in an IoT ecosystem, there are several devices, therefore each device is prone to hacking.
Some of the security issues are as follows.
2016 marks as a special year for IoT—Mirai came into the scene at that time. Mirai is one
of the most infamous IoT malware which was responsible to disconnect thousands of user in a
large-scale internet outage. Cybercriminals used DDoS attack to infect the systems. The target
was a major telecommunication company, Dyn, a renowned DNS provider, as their systems
were primarily targeted in the cyberattack. Three years after, the malware has become more
updated and sophisticated. Currently, cybersecurity experts have identified a Windows Trojan
which can help Mirai’s cybercriminal group to attack a greater number of IoT devices.
Mirai is a malicious piece of code which is designed to infect those IoT devices which
run on Linux. It scans IoT devices with weak security, hacks them, adds them into a botnet,
and is then exploited to run DDoS attacks while device credentials are distributed over Telnet.
Therefore, in order to save yourself from such threats, it is necessary to fortify your security IoT
infrastructure.
Solution
Note that the strategy to secure the IoT ecosystem is not a temporary one, it is a permanent solu-
tion. Part of the responsibility belongs to the IoT venders so they can secure and update their
devices regularly. To do this, patching should be done on periodic intervals through automation.
One of the techniques to do this is the use of an OS like Ubuntu with Snap so devices are updated
speedily. The use of such atomic styles makes it convenient to write and deploy patches.
Another technique is to lock down your Internet of Things OS and applications. Similarly,
you should ensure that the IoT device has the least possible network services. To defend web-
sites and intranet, you can use DDoS prevention strategies. For instance, you can try to enforce
your routers and drop junk packets. On a similar note, you can also keep ICMP or any other
irrelevant external protocol out of your use. Additionally, do not forget to install a strong fire-
wall and update the rules for the server.
One of the solutions to block cyberattack is to increase TTL for the DNS caches and servers.
Generally, DNS servers have 5 minutes or 600 seconds time limit for TTL. You can increase it
to six hours or 21,600 seconds. In this way, your local systems can defend themselves for a long
time against DNS attacks.
Internet_of_Things_CH03_pp055-080.indd 71 9/3/2019 10:13:08 AM
Get Internet of Things now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
