DOI QR코드

DOI QR Code

Cloud of Things (CoTs): Security Threats and Attacks

  • Almtrafi, Sara Mutlaq (College of Computers and Information Technology Taif University) ;
  • Alkhudadi, Bdour Abduallatif (College of Computers and Information Technology Taif University) ;
  • Alsuwat, Hatim (Department of Computer Science College of Computer and Information Systems Umm Al Qura University) ;
  • Alsuwat, Emad (College of Computers and Information Technology Taif University)
  • 투고 : 2021.08.05
  • 발행 : 2021.08.30

초록

Cloud of things (CoTs) is a newer idea which combines cloud computing (CC) with the Internet of Things (IoT). IoT capable of comprehensively producing data, and cloud computing can be presented pathways that allow for the progression towards specific destinations. Integrating these technologies leads to the formation of a separate element referred to as the Cloud of Things (CoTs). It helps implement ideas that make businesses more efficient. This technology is useful for monitoring a device or a machine and managing or connecting them. Since there are a substantial amount of machines that can run the IoT, there is now more data available from the IoT that would have to be stored on a local basis for a provisional period, and this is impossible. CoTs is used to help manage and analyze data to additionally create usable information by permitting and applying the development of advanced technology. However, combining these elements has a few drawbacks in terms of how secure the process is. This investigation aims to recent study literature from the past 3 years that talk about how secure the technology is in terms of protecting by authentication, reliability, availability, confidentiality, and access control. Additionally, this investigation includes a discussion regarding some kinds of potential attacks when using Cloud of Things. It will also cover what the various authors recommend and conclude with as well as how the situation can be approached to prevent an attack.

키워드

참고문헌

  1. Atlam, H. F., Alenezi, A., Alharthi, A., Walters, R. J., & Wills, G. B. (2017, June). Integration of cloud computing with internet of things: challenges and open issues. In 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) (pp. 670-675). IEEE.
  2. Paul, A., & Jeyaraj, R. (2019). Internet of Things: A primer. Human Behavior and Emerging Technologies, 1(1), 37-47. https://doi.org/10.1002/hbe2.133
  3. Farahzadi, A., Shams, P., Rezazadeh, J., & Farahbakhsh, R. (2018). Middleware technologies for cloud of things: a survey. Digital Communications and Networks, 4(3), 176-188 https://doi.org/10.1016/j.dcan.2017.04.005
  4. Tadapaneni, N. R. (2018). Cloud Computing: Opportunities and Challenges. Available at SSRN 3563342.
  5. Bhawiyuga, A., Kartikasari, D. P., Amron, K., Pratama, O. B., & Habibi, M. W. (2019). Architectural design of IoT-cloud computing integration platform. Telkomnika, 17(3), 1399-1408. https://doi.org/10.12928/telkomnika.v17i3.11786
  6. Pacheco, L., Alchieri, E., & Solis, P. (2017, April). Architecture for Privacy in Cloud of Things. In ICEIS (2) (pp. 487-494)
  7. Alabdulatif, A., Khalil, I., & Ahmed, S. H. (2018). Integration of Internet of Things (IoT) and Cloud Computing: Privacy Concerns and Possible Solutions. Integration, 2017.
  8. Li, W., Santos, I., Delicato, F. C., Pires, P. F., Pirmez, L., Wei, W., & Khan, S. (2017). System modelling and performance evaluation of a three-tier Cloud of Things. Future Generation Computer Systems, 70, 104-125. https://doi.org/10.1016/j.future.2016.06.019
  9. Riyaz Belgaum, M., Soomro, S., Alansari, Z., Alam, M., Musa, S., & Suud, M. M. (2018). Challenges: Bridge between Cloud and IoT. arXiv e-prints, arXiv-1803.
  10. Sahmim, S., & Gharsellaoui, H. (2017). Privacy and security in internet-based computing: cloud computing, internet of things, cloud of things: a review. Procedia computer science, 112, 1516-1522. https://doi.org/10.1016/j.procs.2017.08.050
  11. Choudhury, T., Gupta, A., Pradhan, S., Kumar, P., & Rathore, Y. S. (2017, October). Privacy and security of cloud-based internet of things (IoT). In 2017 3rd International Conference on Computational Intelligence and Networks (CINE) (pp. 40-45). IEEE.
  12. Tian, Y, Kaleemullah, M. M., Rodhaan, M. A., Song, B., Al-Dhelaan, A., & Ma, T. (2019). A privacy preserving location service for cloud-of-things system. Journal of Parallel and Distributed Computing, 123, 215-222. https://doi.org/10.1016/j.jpdc.2018.09.005
  13. Al-Asli, M., Elrabaa, M. E., & Abu-Amara, M. (2018). FPGA-based symmetric re-encryption scheme to secure data processing for cloud-integrated internet of things. IEEE Internet of Things Journal, 6(1), 446-457. https://doi.org/10.1109/jiot.2018.2864513
  14. Liu, S., Yu, J., Xiao, Y., Wan, Z., Wang, S., & Yan, B. (2020). BC-SABE: Blockchain-Aided Searchable Attribute-Based Encryption for Cloud-IoT. IEEE Internet of Things Journal, 7(9), 7851-7867. https://doi.org/10.1109/jiot.2020.2993231
  15. Wu, B., Wang, C., & Yao, H. (2020). Security analysis and secure channel-free certificateless searchable public key authenticated encryption for a cloud-based Internet of things. PloS one, 15(4), e0230722. https://doi.org/10.1371/journal.pone.0230722
  16. Abualese, H., Al-Rousan, T., & Al-Shargabi, B. (2019). A New Trust Framework for E-Government in Cloud of Things. International Journal of Electronics and Telecommunications, 65.
  17. Atiewi, S., Al-Rahayfeh, A., Almiani, M., Yussof, S., Alfandi, O., Abugabah, A., & Jararweh, Y. (2020). Scalable and secure big data IoT system based on multifactor authentication and lightweight cryptography. IEEE Access, 8, 113498-113511. https://doi.org/10.1109/ACCESS.2020.3002815
  18. Xiong, S., Ni, Q., Wang, L., & Wang, Q. (2020). SEM-ACSIT: secure and efficient multiauthority access control for IoT cloud storage. IEEE Internet of Things Journal, 7(4), 2914-2927 https://doi.org/10.1109/jiot.2020.2963899
  19. da Silva Martins, W., Estrella, J. C., Bruschi, S. M., de Azevedo, L. J. D. M., & Andreazi, G. T. (2020, October). Performance evaluation for signing JSON tokens in access control for the cloud of things. In 2020 IEEE Cloud Summit (pp. 72-78). IEEE.
  20. He, J., Zhang, Z., Li, M., Zhu, L., & Hu, J. (2018). Provable data integrity of cloud storage service with enhanced security in the internet of things. IEEE Access, 7, 6226-6239. https://doi.org/10.1109/ACCESS.2018.2889296
  21. Zhu, H., Yuan, Y., Chen, Y., Zha, Y., Xi, W., Jia, B., & Xin, Y. (2019). A secure and efficient data integrity verification scheme for cloud-IoT based on short signature. IEEE Access, 7, 90036-90044. https://doi.org/10.1109/ACCESS.2019.2924486
  22. Yang, H., & Kim, Y. (2019). Design and implementation of high-availability architecture for IoT-cloud services. Sensors, 19(15), 3276. https://doi.org/10.3390/s19153276
  23. Yeh, T., & Tu, Y. (2018, December). Enhancing data availability through automatic replication in the hadoop cloud system. In 2018 9th International Symposium on Parallel Architectures, Algorithms and Programming (PAAP) (pp. 86-93). IEEE.
  24. Sohal, A. S., Sandhu, R., Sood, S. K., & Chang, V. (2018). A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Computers & Security, 74, 340-354. https://doi.org/10.1016/j.cose.2017.08.016
  25. Gurulakshmi, K., & Nesarani, A. (2018, May). Analysis of IoT Bots against DDOS attack using Machine learning algorithm. In 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI) (pp. 1052-1057). IEEE.
  26. Ravi, N., & Shalinie, S. M. (2020). Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture. IEEE Internet of Things Journal, 7(4), 3559-3570 https://doi.org/10.1109/jiot.2020.2973176
  27. Alsaidi, A., & Kausar, F. (2018, September). Security attacks and countermeasures on cloud assisted IoT applications. In 2018 IEEE International Conference on Smart Cloud (SmartCloud) (pp. 213-217). IEEE.
  28. Wang, X., Ning, Z., Zhou, M., Hu, X., Wang, L., Hu, B. ... & Guo, Y. (2018). A privacy-preserving message forwarding framework for opportunistic cloud of things. IEEE Internet of Things Journal, 5(6), 5281-5295. https://doi.org/10.1109/JIOT.2018.2864782
  29. Mohammadnia, H., & Slimane, S. B. (2020, April). IoTNETZ: Practical Spoofing Attack Mitigation Approach in SDWN Network. In 2020 Seventh International Conference on Software Defined Systems (SDS) (pp. 5-13). IEEE
  30. Li, F., Zhang, K., Chen, S., Yang, H., & Wang, B. (2020, November). Research on Key Technologies of Active Defense for Distribution Internet of Things Service Security. In 2020 IEEE International Conference on Information Technology, Big Data and Artificial Intelligence (ICIBA) (Vol. 1, pp. 676-679). IEEE.
  31. Song, Y., Liu, T., Wei, T., Wang, X., Tao, Z., & Chen, M. (2020). Fda3: Federated defense against adversarial attacks for cloud-based iiot applications. IEEE Transactions on Industrial Informatics.
  32. Nguyen, T. G., Phan, T. V., Nguyen, B. T., So-In, C., Baig, Z. A., & Sanguanpong, S. (2019). Search: A collaborative and intelligent nids architecture for sdn-based cloud iot networks. IEEE access, 7, 107678-107694 https://doi.org/10.1109/ACCESS.2019.2932438