Internet of Things security: A survey

The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the IoT are rapidly increasing with a major security concern. This study focuses on the state-of-the-art IoT security threats and vulnerabilities by conducting an extensive survey of existing works in the area of IoT security. The taxonomy of the current security threats in the contexts of application, architecture, and communication is presented. This study also compares possible security threats in the IoT. We discuss the IoT security scenario and provide an analysis of the possible attacks. Open research issues and security implementation challenges in IoT security are described as well. This study aims to serve as a useful manual of existing security threats and vulnerabilities of the IoT heterogeneous environment and proposes possible solutions for improving the IoT security architecture.

[1]  Nor Badrul Anuar,et al.  Secure and dependable software defined networks , 2016, J. Netw. Comput. Appl..

[2]  Hannu Tenhunen,et al.  International Conference on Ambient Systems , Networks and Technologies ( ANT 2015 ) SEA : A Secure and E ffi cient Authentication and Authorization Architecture for IoT-Based Healthcare Using Smart Gateways , 2015 .

[3]  Alexander Gluhak,et al.  A survey on facilities for experimental internet of things research , 2011, IEEE Communications Magazine.

[4]  Daeyoung Kim,et al.  Practical security analysis for the constrained node networks: Focusing on the DTLS protocol , 2015, 2015 5th International Conference on the Internet of Things (IOT).

[5]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[6]  HuWen,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, ADHOCNETS 2013.

[7]  Peter Friess,et al.  Internet of Things Applications - From Research and Innovation to Market Deployment , 2014 .

[8]  C. Lu Overview of Security and Privacy Issues in the Internet of Things , 2014 .

[9]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[10]  Ángel Leonardo Valdivieso Caraguay,et al.  SDN: Evolution and Opportunities in the Development IoT Applications , 2014 .

[11]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[12]  Sven Schade,et al.  Next Generation Air Quality Platform: Openness and Interoperability for the Internet of Things , 2016, Sensors.

[13]  Lizhong Jin,et al.  A Novel Secure Architecture for the Internet of Things , 2011, 2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS).

[14]  Jaydip Sen,et al.  Internet of Things - Applications and Challenges in Technology and Standardization , 2011 .

[15]  Sakir Sezer,et al.  Queen ' s University Belfast-Research Portal Are We Ready for SDN ? Implementation Challenges for Software-Defined Networks , 2016 .

[16]  Changiz Valmohammadi Examining the perception of Iranian organizations on Internet of Things solutions and applications , 2016 .

[17]  Pino Caballero-Gil,et al.  Authentication Based on Non-Interactive Zero-Knowledge Proofs for the Internet of Things , 2016, Sensors.

[18]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[19]  Jia Guo,et al.  A survey of trust computation models for service management in internet of things systems , 2017, Comput. Commun..

[20]  Jan Nolin,et al.  The Internet of Things and convenience , 2016, Internet Res..

[21]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[22]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[23]  Hilde Marita Oen Interoperability at the Application Layer in the Internet of Things , 2015 .

[24]  Andrzej Duda,et al.  OSCAR: Object security architecture for the Internet of Things , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[25]  Bryan Scotney,et al.  Smart City Architecture and its Applications Based on IoT , 2015, ANT/SEIT.

[26]  Yasir Mehmood,et al.  Enabling Communication Technologies for Smart Cities , 2017, IEEE Communications Magazine.

[27]  Hong Liu,et al.  Cyber-physical-social-thinking space based science and technology framework for the Internet of Things , 2015, Science China Information Sciences.

[28]  Athanasios V. Vasilakos,et al.  Future Internet of Things: open issues and challenges , 2014, Wireless Networks.

[29]  Arkady B. Zaslavsky,et al.  Context Aware Computing for The Internet of Things: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[30]  Rrk Sharma,et al.  RELATING INTERNET OF THINGS (IoT) ARCHITECTURES TO STRATEGY TYPES OF ORGANIZATIONS: A CONCEPTUAL FRAMEWORK , 2015 .

[31]  Kai Zhao,et al.  A Survey on the Internet of Things Security , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[32]  Daniel W. Engels,et al.  Black SDN for the Internet of Things , 2015, 2015 IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems.

[33]  Mirjami Jutila,et al.  An Adaptive Edge Router Enabling Internet of Things , 2016, IEEE Internet of Things Journal.

[34]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[35]  Ramjee Prasad,et al.  Proposed embedded security framework for Internet of Things (IoT) , 2011, 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE).

[36]  Daniele Miorandi,et al.  A secure and quality-aware prototypical architecture for the Internet of Things , 2016, Inf. Syst..

[37]  Maurizio A. Spirito,et al.  Denial-of-Service detection in 6LoWPAN based Internet of Things , 2013, 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[38]  Victor C. M. Leung,et al.  Green Internet of Things for Smart World , 2015, IEEE Access.

[39]  Mahmoud Al-Ayyoub,et al.  SDIoT: a software defined based internet of things framework , 2015, Journal of Ambient Intelligence and Humanized Computing.

[40]  Cauvery Raju Defending Against Resource Depletion Attacks in Wireless Sensor Networks , 2014 .

[41]  Lida Xu,et al.  A visualization platform for internet of things in manufacturing applications , 2016, Internet Res..

[42]  Soma Bandyopadhyay,et al.  Why not keep your personal data secure yet private in IoT?: Our lightweight approach , 2015, 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP).

[43]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[44]  Nor Badrul Anuar,et al.  The role of big data in smart city , 2016, Int. J. Inf. Manag..

[45]  Antonio F. Gómez-Skarmeta,et al.  SAFIR: Secure access framework for IoT-enabled services on smart buildings , 2015, J. Comput. Syst. Sci..

[46]  Mianxiong Dong,et al.  Securing distributed storage for Social Internet of Things using regenerating code and Blom key agreement , 2015, Peer Peer Netw. Appl..

[47]  Maurizio A. Spirito,et al.  DEMO: An IDS framework for internet of things empowered by 6LoWPAN , 2013, CCS.

[48]  Athanasios V. Vasilakos,et al.  Security of the Internet of Things: perspectives and challenges , 2014, Wireless Networks.

[49]  Daniele Miorandi,et al.  A security-and quality-aware system architecture for Internet of Things , 2014, Information Systems Frontiers.

[50]  Muaz A. Niazi,et al.  Towards Agent-Based Model Specification in Smart Grid: A Cognitive Agent-based Computing Approach , 2017, Interdisciplinary Description of Complex Systems.

[51]  Munam Ali Shah,et al.  Constraints in the IoT: The World in 2020 and Beyond , 2016 .

[52]  Peter A. Chow-White,et al.  An empirical study of the rise of big data in business scholarship , 2016, Int. J. Inf. Manag..

[53]  Ramjee Prasad,et al.  Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges , 2010, CNSA.

[54]  Djamel Tandjaoui,et al.  An end-to-end secure key management protocol for e-health applications , 2015, Comput. Electr. Eng..

[55]  Min Chen,et al.  Mobile multimedia sensor networks: architecture and routing , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[56]  Marie-Helen Maras,et al.  Internet of Things: security and privacy implications , 2015 .

[57]  Flauzac Olivier,et al.  New Security Architecture for IoT Network , 2015, ANT/SEIT.

[58]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[59]  Waqas Aman,et al.  Managing security trade-offs in the Internet of Things using adaptive security , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[60]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[61]  Daniel W. Engels,et al.  A secure IoT architecture for Smart Cities , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[62]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[63]  Chunhua Jin,et al.  Practical access control for sensor networks in the context of the Internet of Things , 2016, Comput. Commun..

[64]  M. Ufuk Çaglayan,et al.  Extracting trust information from security system of a service , 2012, J. Netw. Comput. Appl..

[65]  Ramesh Karri,et al.  Hardware and embedded security in the context of internet of things , 2013, CyCAR '13.

[66]  Mexhid Ferati,et al.  Augmenting Requirements Gathering for People with Special Needs Using IoT: A Position Paper , 2016, 2016 IEEE/ACM Cooperative and Human Aspects of Software Engineering (CHASE).

[67]  Theodore Tryfonas,et al.  The Internet of Things: a security point of view , 2016, Internet Res..

[68]  Charles E. Rohrs,et al.  LIMERIC: A Linear Adaptive Message Rate Algorithm for DSRC Congestion Control , 2013, IEEE Transactions on Vehicular Technology.

[69]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[70]  Anurag Agarwal,et al.  The Internet of Things—A survey of topics and trends , 2015, Inf. Syst. Frontiers.

[71]  Muaz A. Niazi,et al.  Modeling the Internet of Things, Self-Organizing and Other Complex Adaptive Communication Networks: A Cognitive Agent-Based Computing Approach , 2016, PloS one.

[72]  Chakib Bekara,et al.  Security Issues and Challenges for the IoT-based Smart Grid , 2014, FNC/MobiSPC.

[73]  Rushitaa Gupta,et al.  Mobile Applications Modelling and Security Handling in Cloud-Centric Internet of Things , 2015, 2015 Second International Conference on Advances in Computing and Communication Engineering.

[74]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[75]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[76]  Yau-Hwang Kuo,et al.  An adaptive approach to weighted fair queue with QoS enhanced on IP network , 2001, Proceedings of IEEE Region 10 International Conference on Electrical and Electronic Technology. TENCON 2001 (Cat. No.01CH37239).

[77]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[78]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[79]  Wang Jin,et al.  Research on Trust Model of Sensor Nodes in WSNs , 2012 .

[80]  Pallavi Srivastava,et al.  Secure and optimized data storage for IoT through cloud framework , 2015, International Conference on Computing, Communication & Automation.

[81]  Sumit Mishra,et al.  Network security protocol for constrained resource devices in Internet of things , 2015, 2015 Annual IEEE India Conference (INDICON).

[82]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[83]  马华东 Internet of Things: Objectives and Scientific Challenges , 2011 .

[84]  Bruce E. Massis,et al.  The Internet of Things and its impact on the library , 2016 .

[85]  Michael J. Covington,et al.  Threat implications of the Internet of Things , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).

[86]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[87]  RomanRodrigo,et al.  Trust management systems for wireless sensor networks , 2010 .

[88]  Gu Li-ze,et al.  Trust management mechanism for Internet of Things , 2014, China Communications.

[89]  Ricardo Neisse,et al.  A Model-Based Security Toolkit for the Internet of Things , 2014, 2014 Ninth International Conference on Availability, Reliability and Security.

[90]  Saad Harous,et al.  Internet of things: Applications and challenges , 2016, 2016 12th International Conference on Innovations in Information Technology (IIT).

[91]  Wade Trappe,et al.  An authentication framework for hierarchical ad hoc sensor networks , 2003, WiSe '03.

[92]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[93]  Ron Borland,et al.  Does Reactance against Cigarette Warning Labels Matter? Warning Label Responses and Downstream Smoking Cessation amongst Adult Smokers in Australia, Canada, Mexico and the United States , 2016, PloS one.

[94]  Pavan Pongle,et al.  A survey: Attacks on RPL and 6LoWPAN in IoT , 2015, 2015 International Conference on Pervasive Computing (ICPC).

[95]  Hafiz Farooq Ahmad,et al.  A lightweight message authentication scheme for Smart Grid communications in power sector , 2016, Comput. Electr. Eng..

[96]  Yunxin Li,et al.  An Overview of the DSRC/WAVE Technology , 2010, QSHINE.

[97]  Rodrigo Roman,et al.  Trust management systems for wireless sensor networks: Best practices , 2010, Comput. Commun..

[98]  Sanggon Lee,et al.  Security Analysis and Improvements of Authentication and Access Control in the Internet of Things , 2014, Sensors.

[99]  Sushil Jajodia,et al.  LEAP - efficient security mechanisms for large-scale distributed sensor networks , 2003, SenSys.

[100]  Ola Angelsmark,et al.  International Conference on Ambient Systems , Networks and Technologies ( ANT 2015 ) Calvin – Merging Cloud and IoT , 2015 .

[101]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[102]  Antonio Puliafito,et al.  An authentication model for IoT clouds , 2015, 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[103]  Riccardo Bonetto,et al.  Secure communication for smart IoT objects: Protocol stacks, use cases and practical examples , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[104]  Eleonora Borgia,et al.  The Internet of Things vision: Key features, applications and open issues , 2014, Comput. Commun..

[105]  Andrei V. Gurtov,et al.  Two-phase authentication protocol for wireless sensor networks in distributed IoT applications , 2014, 2014 IEEE Wireless Communications and Networking Conference (WCNC).

[106]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[107]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[108]  Young-Sik Jeong,et al.  A secure and scalable storage system for aggregate data in IoT , 2015, Future Gener. Comput. Syst..

[109]  Ioannis Lambadaris,et al.  PRE-Fog: IoT trace based probabilistic resource estimation at Fog , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[110]  Fadi Al-Turjman,et al.  CAR Approach for the Internet of Things , 2016, Canadian Journal of Electrical and Computer Engineering.

[111]  Anjali Sardana,et al.  Identity management framework for cloud based internet of things , 2012, SecurIT '12.

[112]  Xiaohong Jiang,et al.  On Secure Wireless Communications for IoT Under Eavesdropper Collusion , 2016, IEEE Transactions on Automation Science and Engineering.

[113]  Steve Mansfield-Devine Securing the Internet of Things , 2016 .

[114]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[115]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.