IoT security: Review, blockchain solutions, and open challenges

Abstract With the advent of smart homes, smart cities, and smart everything, the Internet of Things (IoT) has emerged as an area of incredible impact, potential, and growth, with Cisco Inc. predicting to have 50 billion connected devices by 2020. However, most of these IoT devices are easy to hack and compromise. Typically, these IoT devices are limited in compute, storage, and network capacity, and therefore they are more vulnerable to attacks than other endpoint devices such as smartphones, tablets, or computers. In this paper, we present and survey major security issues for IoT. We review and categorize popular security issues with regard to the IoT layered architecture, in addition to protocols used for networking, communication, and management. We outline security requirements for IoT along with the existing attacks, threats, and state-of-the-art solutions. Furthermore, we tabulate and map IoT security problems against existing solutions found in the literature. More importantly, we discuss, how blockchain, which is the underlying technology for bitcoin, can be a key enabler to solve many IoT security problems. The paper also identifies open research problems and challenges for IoT security.

[1]  Jon Postel,et al.  User Datagram Protocol , 1980, RFC.

[2]  Rabia Riaz,et al.  Security analysis survey and framework design for IP connected LoWPANs , 2009, 2009 International Symposium on Autonomous Decentralized Systems.

[4]  Peng Jiang,et al.  A Survey on the Security of Blockchain Systems , 2017, Future Gener. Comput. Syst..

[5]  Ruttikorn Varakulsiripunth,et al.  Detecting Sinkhole attacks in wireless sensor networks , 2009, 2009 ICCAS-SICE.

[6]  Klaus Wehrle,et al.  Distributed Configuration, Authorization and Management in the Cloud-Based Internet of Things , 2017, 2017 IEEE Trustcom/BigDataSE/ICESS.

[7]  Ing-Ray Chen,et al.  A survey of intrusion detection in wireless network applications , 2014, Comput. Commun..

[8]  Raouf Boutaba,et al.  Overcoming Adversaries in Sensor Networks: A Survey of Theoretical Models and Algorithmic Approaches for Tolerating Malicious Interference , 2011, IEEE Communications Surveys & Tutorials.

[9]  Silvio Lattanzi,et al.  SoK: The Evolution of Sybil Defense via Social Networks , 2013, 2013 IEEE Symposium on Security and Privacy.

[10]  Juan Carlos De Martin,et al.  Blockchain for the Internet of Things: A systematic literature review , 2016, 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA).

[11]  Namje Park,et al.  Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle , 2015, Sensors.

[12]  Thiemo Voigt,et al.  Lightweight IKEv2: A Key Management Solution for both Compressed IPsec and IEEE 802.15.4 Security , 2012 .

[13]  Vladimir Oleshchuk,et al.  Internet of things and privacy preserving technologies , 2009, 2009 1st International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology.

[14]  Wan Choi,et al.  Enhanced Secrecy in Stochastic Wireless Networks: Artificial Noise With Secrecy Protected Zone , 2014, IEEE Transactions on Information Forensics and Security.

[15]  Guevara Noubir,et al.  Low-power DoS attacks in data wireless LANs and countermeasures , 2003, MOCO.

[16]  B. Liang,et al.  Mobile Edge Computing , 2020, Encyclopedia of Wireless Networks.

[17]  Bo Yang,et al.  Efficient naming, addressing and profile services in Internet-of-Things sensory environments , 2014, Ad Hoc Networks.

[18]  Michael R. Lyu,et al.  On the Intruder Detection for Sinkhole Attack in Wireless Sensor Networks , 2006, 2006 IEEE International Conference on Communications.

[19]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[20]  Andreas M. Antonopoulos,et al.  Mastering Bitcoin: Unlocking Digital Crypto-Currencies , 2014 .

[21]  Chris McDonald,et al.  Circumventing Sinkholes and Wormholes in Ad-hoc Wireless Networks , 2005 .

[22]  Antonio F. Gómez-Skarmeta,et al.  ARMOUR: Large-scale experiments for IoT security & trust , 2016, 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT).

[23]  Mazliza Othman,et al.  Internet of Things security: A survey , 2017, J. Netw. Comput. Appl..

[24]  Steven L. Kinney Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology) , 2006 .

[25]  Dominic Wörner,et al.  When your sensor earns money: exchanging data for cash with Bitcoin , 2014, UbiComp Adjunct.

[26]  Thiemo Voigt,et al.  6LoWPAN Compressed DTLS for CoAP , 2012, 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems.

[27]  C.-C. Jay Kuo,et al.  Enhancing Physical-Layer Secrecy in Multiantenna Wireless Systems: An Overview of Signal Processing Approaches , 2013, IEEE Signal Processing Magazine.

[28]  HyunGon Kim,et al.  Protection Against Packet Fragmentation Attacks at 6LoWPAN Adaptation Layer , 2008, 2008 International Conference on Convergence and Hybrid Information Technology.

[29]  Johan Pouwelse,et al.  TrustChain: A Sybil-resistant scalable blockchain , 2017, Future Gener. Comput. Syst..

[30]  Ali Farrokhtala,et al.  Detection of sinkhole attack in wireless sensor networks , 2013, 2013 IEEE International Conference on Space Science and Communication (IconSpace).

[31]  Mininath K. Nighot,et al.  Secure CoAP Using Enhanced DTLS forInternet of Things , 2014 .

[32]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[33]  Jorge Sá Silva,et al.  Network‐layer security for the Internet of Things using TinyOS and BLIP , 2014, Int. J. Commun. Syst..

[34]  Jonathan Loo,et al.  The Impact of Rank Attack on Network Topology of Routing Protocol for Low-Power and Lossy Networks , 2013, IEEE Sensors Journal.

[35]  Young-Bae Ko,et al.  Mitigation of black hole attacks in Routing Protocol for Low Power and Lossy Networks , 2016, Secur. Commun. Networks.

[36]  Martin Reisslein,et al.  White space , 2016 .

[37]  Mubashir Husain Rehmani,et al.  Cognitive-Radio-Based Internet of Things: Applications, Architectures, Spectrum Related Functionalities, and Future Research Directions , 2017, IEEE Wireless Communications.

[38]  Maurizio A. Spirito,et al.  The VIRTUS Middleware: An XMPP Based Architecture for Secure IoT Communications , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[39]  Tassos Dimitriou,et al.  Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks , 2007, ALGOSENSORS.

[40]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[41]  Tetsutaro Uehara,et al.  Fog Computing: Issues and Challenges in Security and Forensics , 2015, 2015 IEEE 39th Annual Computer Software and Applications Conference.

[42]  Yu Zhang,et al.  An IoT electric business model based on the protocol of bitcoin , 2015, 2015 18th International Conference on Intelligence in Next Generation Networks.

[43]  Jorge Sá Silva,et al.  Enabling Network-Layer Security on IPv6 Wireless Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[44]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[45]  Daniele Quercia,et al.  Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue , 2010, 2010 Proceedings IEEE INFOCOM.

[46]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[47]  Óscar García-Morchón,et al.  End-to-End Transport Security in the IP-Based Internet of Things , 2012, 2012 21st International Conference on Computer Communications and Networks (ICCCN).

[48]  Louise Axon,et al.  Privacy-awareness in blockchain-based PKI , 2015 .

[49]  Luca Veltri,et al.  Enforcing Security Mechanisms in the IP-Based Internet of Things: An Algorithmic Overview , 2013, Algorithms.

[50]  Xiaowei Yang,et al.  SybilFence: Improving Social-Graph-Based Sybil Defenses with User Negative Feedback , 2013, ArXiv.

[51]  Jorge Sá Silva,et al.  End-to-end transport-layer security for Internet-integrated sensing applications with mutual and delegated ECC public-key authentication , 2013, 2013 IFIP Networking Conference.

[52]  Martin Bauer Nec,et al.  Internet of Things – Architecture IoT-A Deliverable D1.5 – Final architectural reference model for the IoT v3.0 , 2013 .

[53]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[54]  Tsuyoshi Murata,et al.  {m , 1934, ACML.

[55]  Aziz Mohaisen,et al.  Keep your friends close: Incorporating trust into social network-based Sybil defenses , 2011, 2011 Proceedings IEEE INFOCOM.

[56]  G. Umamaheswari,et al.  Detection of Sinkhole Attack in Wireless Sensor Networks Using Message Digest Algorithms , 2011, 2011 International Conference on Process Automation, Control and Computing.

[57]  Fernando Boavida,et al.  Why is IPSec a viable option for wireless sensor networks , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[58]  Pascal Thubert,et al.  Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks , 2011, RFC.

[59]  Lorenzo Mucchi,et al.  The Role of Physical Layer Security in IoT: A Novel Perspective , 2016, Inf..

[60]  Larry J. Greenstein,et al.  Channel-Based Detection of Sybil Attacks in Wireless Networks , 2009, IEEE Transactions on Information Forensics and Security.

[61]  Radha Poovendran,et al.  A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks , 2007, Wirel. Networks.

[62]  M. H. Rehmani,et al.  White space : De fi nitional perspectives and their role in exploiting spectrum opportunities , 2016 .

[63]  Gang Wang,et al.  Social Turing Tests: Crowdsourcing Sybil Detection , 2012, NDSS.

[64]  Pritee Parwekar,et al.  Detection of Sinkhole Attack in Wireless Sensor Network , 2016 .

[65]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[66]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[67]  Elias Z. Tragos,et al.  RERUM: Building a reliable IoT upon privacy- and security- enabled smart objects , 2014, 2014 IEEE Wireless Communications and Networking Conference Workshops (WCNCW).

[68]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[69]  Murat Demirbas,et al.  An RSSI-based scheme for sybil attack detection in wireless sensor networks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[70]  Arshdeep Bahga,et al.  Blockchain Platform for Industrial Internet of Things , 2016 .

[71]  Stephen E. Deering,et al.  Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification , 2006, RFC.

[72]  Jari Arkko,et al.  End-to-end security for sleepy smart object networks , 2012, 37th Annual IEEE Conference on Local Computer Networks - Workshops.

[73]  Xiaolei Dong,et al.  Security and Privacy for Cloud-Based IoT: Challenges , 2017, IEEE Communications Magazine.

[74]  Georg Carle,et al.  A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication , 2012, 37th Annual IEEE Conference on Local Computer Networks - Workshops.

[75]  Philip Levis,et al.  RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks , 2012, RFC.

[76]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[77]  Elisa Bertino,et al.  Robust Multi-Factor Authentication for Fragile Communications , 2014, IEEE Transactions on Dependable and Secure Computing.

[78]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[79]  Jorge Sá Silva,et al.  Application-Layer Security for the WoT: Extending CoAP to Support End-to-End Message Security for Internet-Integrated Sensing Applications , 2013, WWIC.

[80]  Richard P. Martin,et al.  Detecting and Localizing Wireless Spoofing Attacks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[81]  Levente Buttyán,et al.  VeRA - Version Number and Rank Authentication in RPL , 2011, 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems.

[82]  Maged Hamada Ibrahim,et al.  Octopus: An Edge-fog Mutual Authentication Scheme , 2016, Int. J. Netw. Secur..

[83]  Peter G. Neumann,et al.  The future of the internet of things , 2017, Commun. ACM.

[84]  Shahriar Mirabbasi,et al.  Wireless Energy Harvesting for Internet of Things , 2014 .

[85]  Ingo Friese,et al.  Challenges from the Identities of Things: Introduction of the Identities of Things discussion group within Kantara initiative , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[86]  Bharat K. Bhargava,et al.  Visualisation of wormholes in underwater sensor networks : a distributed approach , 1993 .

[87]  Alex Pentland,et al.  Enigma: Decentralized Computation Platform with Guaranteed Privacy , 2015, ArXiv.

[88]  A. Pirzada,et al.  Circumventing Sinkholes and Wormholes in Wireless Sensor Networks , 2005 .

[89]  Hanno Wirtz,et al.  6LoWPAN fragmentation attacks and mitigation mechanisms , 2013, WiSec '13.

[90]  Utz Roedig,et al.  Secure communication for the Internet of Things - a comparison of link-layer security and IPsec for 6LoWPAN , 2014, Secur. Commun. Networks.

[91]  Juri Mattila,et al.  The Blockchain Phenomenon – The Disruptive Potential of Distributed Consensus Architectures , 2016 .

[92]  Xiaohui Liang,et al.  Sybil Attacks and Their Defenses in the Internet of Things , 2014, IEEE Internet of Things Journal.

[93]  Hanno Wirtz,et al.  Tailoring end-to-end IP security protocols to the Internet of Things , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[94]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[95]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[96]  Ramjee Prasad,et al.  Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things , 2012, J. Cyber Secur. Mobil..

[97]  Sandeep Shankaran Kumar,et al.  Security Considerations around End-to-End Security in the IP-based Internet of Things , 2012 .

[98]  Rodrigo Roman,et al.  On the Vital Areas of Intrusion Detection Systems in Wireless Sensor Networks , 2013, IEEE Communications Surveys & Tutorials.

[99]  Chong Kuan Chen,et al.  IoT Security: Ongoing Challenges and Research Opportunities , 2014, 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications.

[100]  Jiyong Jang,et al.  A Time-Based Key Management Protocol for Wireless Sensor Networks , 2007, ISPEC.

[101]  Utz Roedig,et al.  Securing communication in 6LoWPAN with compressed IPsec , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[102]  Kevin Weekly,et al.  Evaluating sinkhole defense techniques in RPL networks , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[103]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..

[104]  Utz Roedig,et al.  Securing Internet of Things with Lightweight IPsec , 2010 .

[105]  Wenyuan Xu,et al.  Channel surfing and spatial retreats: defenses against wireless denial of service , 2004, WiSe '04.

[106]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[107]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[108]  Rituparna Chaki,et al.  A Survey of Recent Intrusion Detection Systems for Wireless Sensor Network , 2011, ArXiv.

[109]  Larry J. Greenstein,et al.  Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication , 2007, 2007 IEEE International Conference on Communications.

[110]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[111]  Edna Dias Canedo,et al.  Proposal of a secure, deployable and transparent middleware for Internet of Things , 2014, 2014 9th Iberian Conference on Information Systems and Technologies (CISTI).

[112]  Muhammad Khurram Khan,et al.  Design of sinkhole node detection mechanism for hierarchical wireless sensor networks , 2016, Secur. Commun. Networks.

[113]  Diego López-de-Ipiña,et al.  Otsopack: Lightweight semantic framework for interoperable ambient intelligence applications , 2014, Comput. Hum. Behav..

[114]  Jorge Sá Silva,et al.  Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues , 2015, IEEE Communications Surveys & Tutorials.

[115]  Daniel D. Giusto,et al.  The Internet of Things: 20th Tyrrhenian Workshop on Digital Communications , 2014 .

[116]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[117]  Wade Trappe,et al.  Light-weight Detection of Spoofing Attacks in Wireless Networks , 2006, 2006 IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[118]  Antonio F. Gómez-Skarmeta,et al.  SMARTIE project: Secure IoT data management for smart cities , 2015, 2015 International Conference on Recent Advances in Internet of Things (RIoT).

[119]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[120]  Y. Kim,et al.  Applications of elliptic curve cryptography: a light introduction to elliptic curves and a survey of their applications , 2017, CISRC.

[121]  Michele Zorzi,et al.  BlinkToSCoAP: An end-to-end security framework for the Internet of Things , 2015, 2015 7th International Conference on Communication Systems and Networks (COMSNETS).