Articles Data Breaches and Identity Theft | Page 15

78 M. Abomhara and G. M. Køien
3.2 Classification of Possible Intruders
A Dolev-Yao (DY) type of intruder shall generally be assumed [53, 54]. That
is, an intruder which is in effect the network and which may intercept all
or any message ever transmitted between IoT devices and hubs. The DY
intruder is extremely capable but its capabilities are slightly unrealistic. Thus,
safety will be much stronger if our IoT infrastructure is designed to be
DY intruder resilient. However, the DY intruder lacks one capability that
ordinary intruders may have, namely, physical compromise. Thus, tamper-
proof devices are also greatly desirable. This goal is of course unattainable,
but physical tamper resistance is nevertheless a very important goal, which,
together with tamper detection capabilities (tamper evident) may be a sufficient
first-line defense.
In the literature intruders are classified into two main types: internal and
external. Internal intruders are users with privileges or authorized access to a
system with either an account on a server or physical access to the network
[21, 37]. External intruders are people who do not belong to the network
domain. All intruders, whether internal or external, can be organized in many
ways and involve individual attackers to spy agencies working for a country.
The impact of an intrusion depends on the goals to be achieved. An individual
attacker could have small objectives while spy agencies could have larger
motives [55]. The various types of intruders will be discussed hereby based
on their numbers, motives and objectives.
3.2.1 Individuals
Individual hackers are professionals who work alone and only target systems
with low security [55]. They lack resources or expertise of professional
hacking teams, organizations or spy agencies. Individual hacker targets are
relatively small in size or diversity and the attacks launched have rela-
tively lower impact than ones launched by organized groups (discussed in
3.2.2). Social engineering techniques are most commonly used by individual
attackers, as they have to obtain basic information about a target system
like the address, password, port information, etc. Public and social media
websites are the most common places where general users can be deceived
by hackers. Moreover, operating systems used on laptops, PCs, and mobile
phones have common and known vulnerabilities exploitable by individual
attackers.
Financial institutions such as banks are also major targets for individual
attackers as they know that such types of networks carry financial transactions
that can be hacked, and thus attackers can manipulate the information in