Internet of Things security : case: IoToys

Abstract

The Internet of Things (IoT) is expanding rapidly, with an estimated 30 billion devices by 2025, and with this growth comes security challenges. This thesis examines the security requirements and architectural framework of the IoT, highlighting the need for confidentiality, integrity, authorisation, authentication and availability. It looks at different IoT architectures, including three-, four- and five-layer models, and identifies common security threats such as node capture, sniffing, false data injection and denial of service attacks. It also highlights the vulnerabilities of the Perception and Network layers, and suggests advanced security measures, including AI-driven technologies such as blockchain, to enhance IoT security. A focused analysis of smart toys reveals specific security concerns, such as unprotected network ports, unsecured Bluetooth, and lack of data encryption, which pose risks to children's privacy and safety. The study concludes with recommendations for improving IoT security, particularly for IoToys, through increased parental awareness, secure communication channels and strong security protocols.