A Survey of IoT Security Based on a Layered Architecture of Sensing and Data Analysis

The Internet of Things (IoT) is leading today’s digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond.

[1]  Jiafu Wan,et al.  A Blockchain-Based Solution for Enhancing Security and Privacy in Smart Factory , 2019, IEEE Transactions on Industrial Informatics.

[2]  Zibin Zheng,et al.  Blockchain for Internet of Things: A Survey , 2019, IEEE Internet of Things Journal.

[3]  Sarah Mount,et al.  Map as a Service: A Framework for Visualising and Maximising Information Return from Multi-Modal Wireless Sensor Networks , 2015, Sensors.

[4]  JanickeHelge,et al.  Security for 4G and 5G cellular networks , 2018 .

[5]  Mohammad Hammoudeh,et al.  Intrusion Detection and Countermeasure of Virtual Cloud Systems - State of the Art and Current Challenges , 2015 .

[6]  Ayodele Periola,et al.  Feature selection for intrusion detection system in a cluster-based heterogeneous wireless sensor network , 2019, Facta universitatis - series: Electronics and Energetics.

[7]  OdeluVanga,et al.  Design of a new CP-ABE with constant-size secret keys for lightweight devices using elliptic curve cryptography , 2016 .

[8]  M. Laurent-Maknavicius,et al.  PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT , 2018, Comput. Networks.

[9]  Muhammad Aamir,et al.  A Survey on DDoS Attack and Defense Strategies: From Traditional Schemes to Current Techniques , 2013 .

[10]  Mohammad Hammoudeh,et al.  Information extraction from sensor networks using the Watershed transform algorithm , 2015, Inf. Fusion.

[11]  Selçuk Köse,et al.  A Lightweight Masked AES Implementation for Securing IoT Against CPA Attacks , 2017, IEEE Transactions on Circuits and Systems I: Regular Papers.

[12]  Amit P. Sheth,et al.  Machine learning for Internet of Things data analysis: A survey , 2017, Digit. Commun. Networks.

[13]  Carsten Maple,et al.  Security and privacy in the internet of things , 2017 .

[14]  Mohammad Hammoudeh,et al.  Defence for Distributed Denial of Service Attacks in Cloud Computing , 2015 .

[15]  Syed Ali Hassan,et al.  Machine Learning in IoT Security: Current Solutions and Future Challenges , 2019, IEEE Communications Surveys & Tutorials.

[16]  Thar Baker,et al.  A Service-Oriented Approach for Sensing in the Internet of Things: Intelligent Transportation Systems and Privacy Use Cases , 2020, IEEE Sensors Journal.

[17]  D. T. Lee,et al.  Travel-time prediction with support vector regression , 2004, IEEE Transactions on Intelligent Transportation Systems.

[18]  Mahmoud Ammar,et al.  Journal of Information Security and Applications , 2022 .

[19]  Mumbai,et al.  Internet of Things (IoT): A Literature Review , 2015 .

[20]  Djamal Zeghlache,et al.  Lightweight collaborative key establishment scheme for the Internet of Things , 2014, Comput. Networks.

[21]  Antonios Argyriou,et al.  Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes , 2017, J. Netw. Comput. Appl..

[22]  Tooska Dargahi,et al.  PROUD: Verifiable Privacy-preserving Outsourced Attribute Based SignCryption supporting access policy Update for cloud assisted IoT applications , 2020, Future Gener. Comput. Syst..

[23]  Longfei Wu,et al.  A Survey on Security and Privacy Issues in Internet-of-Things , 2017, IEEE Internet of Things Journal.

[24]  Busra Ozdenizci,et al.  A Survey on Near Field Communication (NFC) Technology , 2012, Wireless Personal Communications.

[25]  Anurag Agarwal,et al.  The Internet of Things—A survey of topics and trends , 2014, Information Systems Frontiers.

[26]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[27]  Sarah Mount,et al.  Interpolation techniques for building a continuous map from discrete wireless sensor network data , 2013, Wirel. Commun. Mob. Comput..

[28]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[29]  Eric Tutu Tchao,et al.  On Distributed Denial of Service Current Defense Schemes , 2019, Technologies.

[30]  Abdulrahman Al-Ahmari,et al.  Requirements of the Smart Factory System: A Survey and Perspective , 2018, Machines.

[31]  Amir Masoud Rahmani,et al.  Internet of Things applications: A systematic review , 2019, Comput. Networks.

[32]  Alagan Anpalagan,et al.  Internet of Things (IoT) in 5G Wireless Communications , 2016, IEEE Access.

[33]  Victor Hugo C. de Albuquerque,et al.  A high-efficiency energy and storage approach for IoT applications of facial recognition , 2020, Image Vis. Comput..

[34]  Varghese Paul,et al.  A Secure and Efficient Lightweight Symmetric Encryption Scheme for Transfer of Text Files between Embedded IoT Devices , 2019, Symmetry.

[35]  Guang Yang,et al.  SaliencyGAN: Deep Learning Semisupervised Salient Object Detection in the Fog of IoT , 2020, IEEE Transactions on Industrial Informatics.

[36]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[37]  Vanga Odelu,et al.  Design of a new CP-ABE with constant-size secret keys for lightweight devices using elliptic curve cryptography , 2016, Secur. Commun. Networks.

[38]  Athanasios V. Vasilakos,et al.  BSeIn: A blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0 , 2018, J. Netw. Comput. Appl..

[39]  Gian Pietro Picco,et al.  RPL, the Routing Standard for the Internet of Things . . . Or Is It? , 2016 .

[40]  João Paulo Papa,et al.  Internet of Things: A survey on machine learning-based intrusion detection approaches , 2019, Comput. Networks.

[41]  Bo Hu,et al.  A Survey on Secure Wireless Body Area Networks , 2017, Secur. Commun. Networks.

[42]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[43]  Wan Haslina Hassan,et al.  Current research on Internet of Things (IoT) security: A survey , 2019, Comput. Networks.

[44]  Giovanni Russello,et al.  CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update , 2019, Secur. Priv..

[45]  Dharma P. Agrawal,et al.  Intrusion Detection in Homogeneous and Heterogeneous Wireless Sensor Networks , 2008, IEEE Transactions on Mobile Computing.

[46]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[47]  Mohammad Hammoudeh,et al.  Analysis of attribute-based cryptographic techniques and their application to protect cloud services , 2019, Trans. Emerg. Telecommun. Technol..

[48]  Mohamed Amine Ferrag,et al.  Blockchain Technologies for the Internet of Things: Research Issues and Challenges , 2018, IEEE Internet of Things Journal.

[49]  Houbing Song,et al.  Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures , 2019, IEEE Communications Surveys & Tutorials.

[50]  Yan Zhang,et al.  Distributed Uplink Offloading for IoT in 5G Heterogeneous Networks Under Private Information Constraints , 2019, IEEE Internet of Things Journal.