International Journal of Computer Science & Network Security

국제컴퓨터통신보호논문지학회 (International Journal of Computer Science & Network Security)
권호 표지
DOI QR코드

DOI QR Code

A Review of Security Threats of Internet of Things

  • Nargis Jamal (University of Lahore Gujrat Campus) ;
  • Sataish Riaz (University of Lahore Gujrat Campus) ;
  • Jawad Ibrahim (Faculty of Information Technology and Computer Science, University of Lahore Gujrat Campus Pakistan)
  • 투고 : 2024.06.05
  • 발행 : 2024.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

The Internet of Things (IoT) is a novel concept that allows a large number of objects to be connected to the Internet while also allowing them to be controlled remotely. The Internet of Things is extensive and has become an almost inseparable part of our daily lives. Users' personal data is frequently obtained by these linked gadgets and stored online. In recent years, the security of acquired data has become a major concern. As devices grow more linked, privacy and security concerns grow more pressing, and they must be addressed as soon as possible. IoT implementations and devices are particularly vulnerable to attacks that might adversely affect customer security and privacy, which might have an impact on their practical utility. The goal of this study is to bring attention to the security and privacy concerns that exist in IoT systems. To that purpose, the paper examines security challenges at each level of the IoT protocol stack, identifies underlying impediments and critical security requirements, and provides a rapid overview of available security solutions for securing IoT in a layered environment.

키워드

참고문헌

  1. K. Y. Najmi, M. A. AlZain, M. Masud, N. Z. Jhanjhi, J. Al-Amri, and M. Baz, "A survey on security threats and countermeasures in IoT to achieve users confidentiality and reliability," Mater. Today Proc., no. xxxx, pp. 2-7, 2021, doi: 10.1016/j.matpr.2021.03.417.
  2. X. Zhu, Y. Badr, J. Pacheco, and S. Hariri, "Autonomic Identity Framework for the Internet of Things," Proc. - 2017 IEEE Int. Conf. Cloud Auton. Comput. ICCAC 2017, pp. 69-79, 2017, doi: 10.1109/ICCAC.2017.14.
  3. Aqeel-ur-Rehman, S. U. Rehman, I. U. Khan, M. Moiz, and S. Hasan, "Security and privacy issues in IoT," Int. J. Commun. Networks Inf. Secur., vol. 8, no. 3, pp. 147-157, 2016, doi: 10.4018/978-1-5225-6070-8.ch007.
  4. S. Deep, X. Zheng, A. Jolfaei, D. Yu, P. Ostovari, and A. Kashif Bashir, "A survey of security and privacy issues in the Internet of Things from the layered context," Trans. Emerg. Telecommun. Technol., no. February, pp. 1-20, 2020, doi: 10.1002/ett.3935.
  5. A. Shukla and S. Tripathi, "Security Challenges and Issues of Internet of Things: Possible Solutions," SSRN Electron. J., no. ICIoTCT, pp. 342-348, 2018, doi: 10.2139/ssrn.3166735.
  6. P. Sethi and S. R. Sarangi, "Internet of Things: Architectures, Protocols, and Applications," J. Electr. Comput. Eng., vol. 2017, 2017, doi: 10.1155/2017/9324035.
  7. P. Dorey, "Securing the internet of things," Smart Cards, Tokens, Secur. Appl. Second Ed., no. September, pp. 445-468, 2017, doi: 10.1007/978-3-319-50500-8_16.
  8. S. A. Kumar, T. Vealey, and H. Srivastava, "Security in internet of things: Challenges, solutions and future directions," Proc. Annu. Hawaii Int. Conf. Syst. Sci., vol. 2016-March, pp. 5772-5781, 2016, doi: 10.1109/HICSS.2016.714.
  9. M. U.Farooq, M. Waseem, A. Khairi, and S. Mazhar, "A Critical Analysis on the Security Concerns of Internet of Things (IoT)," Int. J. Comput. Appl., vol. 111, no. 7, pp. 1-6, 2015, doi: 10.5120/19547-1280.
  10. W. Razouk, D. Sgandurra, and K. Sakurai, "A new security middleware architecture based on fog computing and cloud to support IoT constrained devices," ACM Int. Conf. Proceeding Ser., 2017, doi: 10.1145/3109761.3158413.
  11. S. Kraijak and P. Tuwanut, "A survey on internet of things architecture, protocols, possible applications, security, privacy, real-world implementation and future trends," Int. Conf. Commun. Technol. Proceedings, ICCT, vol. 2016-February, pp. 26-31, 2016, doi: 10.1109/ICCT.2015.7399787.
  12. M. Turkanovic, B. Brumen, and M. Holbl, "A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion," Ad Hoc Networks, vol. 20, pp. 96-112, 2014, doi: 10.1016/j.adhoc.2014.03.009.
  13. S. Kornemann, P. Langendorfer, and O. Stecklina, "SECI - Lightweight interpreter for security algorithms," IoTSec 2017 - Proc. ACM Work. Internet Things Secur. Issues Innov., pp. 1-6, 2017, doi: 10.1145/3084030.3084034.
  14. R. R. der and R. V. V. S. . Prasad, "Cloud Computing Research : Challenges and Security Issues," Int. J. Comput. Trends Technol., vol. 30, no. 3, pp. 157-161, 2015, doi: 10.14445/22312803/ijctt-v30p128.
  15. Q. Jing, A. V. Vasilakos, J. Wan, J. Lu, and D. Qiu, "Security of the Internet of Things: perspectives and challenges," Wirel. Networks, vol. 20, no. 8, pp. 2481-2501, 2014, doi: 10.1007/s11276-014-0761-7.
  16. H. Suo, J. Wan, C. Zou, and J. Liu, "Security in the internet of things: A review," Proc. - 2012 Int. Conf. Comput. Sci. Electron. Eng. ICCSEE 2012, vol. 3, pp. 648-651, 2012, doi: 10.1109/ICCSEE.2012.373.
  17. S. Singh, P. K. Sharma, S. Y. Moon, and J. H. Park, "Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions," J. Ambient Intell. Humaniz. Comput., vol. 0, no. 0, pp. 1-18, 2017, doi: 10.1007/s12652-017-0494-4.
  18. G. Bouloukakis, N. Georgantas, P. Ntumba, and V. Issarny, "Automated synthesis of mediators for middleware-layer protocol interoperability in the IoT," Futur. Gener. Comput. Syst., vol. 101, pp. 1271-1294, 2019, doi: 10.1016/j.future.2019.05.064.
  19. A. Jolfaei and K. Kant, "Privacy and Security of Connected Vehicles in Intelligent Transportation System," Proc. - 49th Annu. IEEE/IFIP Int. Conf. Dependable Syst. Networks - Suppl. Vol. DSN-S 2019, pp. 9-10, 2019, doi: 10.1109/DSN-S.2019.00010.
  20. M. El-Hajj, A. Fadlallah, M. Chamoun, and A. Serhrouchni, "A survey of internet of things (IoT) authentication schemes," Sensors (Switzerland), vol. 19, no. 5, pp. 1-43, 2019, doi: 10.3390/s19051141.
  21. Y. Yu, Y. Li, J. Tian, and J. Liu, "Blockchain-Based Solutions to Security and Privacy Issues in the Internet of Things," IEEE Wirel. Commun., vol. 25, no. 6, pp. 12-18, 2018, doi: 10.1109/MWC.2017.1800116.
  22. G. Anil Kumar and C. P. Shantala, "An extensive research survey on data integrity and deduplication towards privacy in cloud storage," Int. J. Electr. Comput. Eng., vol. 10, no. 2, pp. 2011-2022, 2020, doi: 10.11591/ijece.v10i2.pp2011-2022.
  23. B. S. Bhati and P. Venkataram, "Preserving Data Privacy During Data Transfer in MANETs," Wirel. Pers. Commun., vol. 97, no. 3, pp. 4063-4086, 2017, doi: 10.1007/s11277-017-4713-2.
  24. M. Qatawneh, W. Almobaideen, and O. AbuAlghanam, "Challenges of Blockchain Technology in Context Internet of Things: A Survey," Int. J. Comput. Appl., vol. 175, no. 16, pp. 13-20, 2020, doi: 10.5120/ijca2020920660.
  25. K. Ren, C. Wang, and Q. Wang, "for the Public Cloud," IEEE Internet Comput., vol. 16, no. 1, pp. 69-73, 2012. https://doi.org/10.1109/MIC.2012.14
  26. A. Jolfaei, A. Matinfar, and A. Mirghadri, "Preserving the confidentiality of digital images using a chaotic encryption scheme," Int. J. Electron. Secur. Digit. Forensics, vol. 7, no. 3, pp. 258-277, 2015, doi: 10.1504/IJESDF.2015.070389.
  27. A. Jolfaei and K. Kant, "A lightweight integrity protection scheme for fast communications in smart grid," ICETE 2017 - Proc. 14th Int. Jt. Conf. E-bus. Telecommun., vol. 4, no. Icete, pp. 31-42, 2017, doi: 10.5220/0006394200310042.
  28. L. Chhaya, P. Sharma, G. Bhagwatikar, and A. Kumar, "Wireless sensor network based smart grid communications: Cyber attacks, intrusion detection system and topology control," Electron., vol. 6, no. 1, 2017, doi: 10.3390/electronics6010005.
  29. Z. Li et al., "Research on PKI-like protocol for the internet of things," Proc. - 2013 5th Conf. Meas. Technol. Mechatronics Autom. ICMTMA 2013, pp. 915-918, 2013, doi: 10.1109/ICMTMA.2013.227.
  30. T. Hall and E. L. Ave, "Security challenges in the internet of things Danai Chasaki * and Christopher Mansour," vol. 5, no. 3, 2015.
  31. S. Al Salami, J. Baek, K. Salah, and E. Damiani, "Lightweight encryption for smart home," Proc. - 2016 11th Int. Conf. Availability, Reliab. Secur. ARES 2016, pp. 382-388, 2016, doi: 10.1109/ARES.2016.40.
  32. S. Raza, S. Duquennoy, T. Chung, D. Yazar, T. Voigt, and U. Roedig, "Securing communication in 6LoWPAN with compressed IPsec," 2011 Int. Conf. Distrib. Comput. Sens. Syst. Work. DCOSS'11, 2011, doi: 10.1109/DCOSS.2011.5982177.
  33. C. Zhang and R. Green, "Communication security in internet of thing: Preventive measure and avoid DDoS attack over IoT network," Simul. Ser., vol. 47, no. 3, pp. 8-15, 2015.
  34. O. Salman, S. Abdallah, I. H. Elhajj, A. Chehab, and A. Kayssi, "Identity-based authentication scheme for the Internet of Things," Proc. - IEEE Symp. Comput. Commun., vol. 2016-August, pp. 1109-1111, 2016, doi: 10.1109/ISCC.2016.7543884.
  35. J. L. Tsai and N. W. Lo, "A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services," IEEE Syst. J., vol. 9, no. 3, pp. 805-815, 2015, doi: 10.1109/JSYST.2014.2322973.
  36. H. Shafagh, A. Hithnawi, A. Droscher, S. Duquennoy, and W. Hu, "Talos: Encrypted query processing for the Internet of Things," SenSys 2015 - Proc. 13th ACM Conf. Embed. Networked Sens. Syst., pp. 197-210, 2015, doi: 10.1145/2809695.2809723.
  37. S. Horrow and A. Sardana, "Identity management framework for cloud based internet of things," ACM Int. Conf. Proceeding Ser., pp. 200-203, 2012, doi: 10.1145/2490428.2490456.
  38. S. Jafari, F. Mtenzi, R. Fitzpatrick, and B. O'Shea, "Security Metrics for e-Healthcare Information Systems: A Domain Specific Metrics Approach," Int. J. Digit. Soc., vol. 1, no. 4, pp. 238-245, 2010, doi: 10.20533/ijds.2040.2570.2010.0029.
  39. H. Abie and I. Balasingham, "Risk-Based Adaptive Security for Smart IoT in eHealth," no. SeTTIT, pp. 269-275, 2013, doi: 10.4108/icst.bodynets.2012.250235.
  40. L. Seitz and C. Gehrmann, "Authorization Framework for the Internet-of-Things."
  41. S. Cirani, M. Picone, P. Gonizzi, L. Veltri, and G. Ferrari, "IoT-OAS: An oauth-based authorization service architecture for secure services in IoT scenarios," IEEE Sens. J., vol. 15, no. 2, pp. 1224-1234, 2015, doi: 10.1109/JSEN.2014.2361406.
  42. N. Park, "Mutual authentication scheme in secure internet of things technology for comfortable lifestyle," Sensors (Switzerland), vol. 16, no. 1, pp. 1-16, 2015, doi: 10.3390/s16010020.