Autonomic schemes for threat mitigation in Internet of Things

Internet of Things (IoT) refers to the expansion of Internet technologies to include wireless sensor networks (WSNs) and smart objects by extensive interfacing of exclusively identifiable, distributed communication devices. Due to the close connection with the physical world, it is an important requirement for IoT technology to be self-secure in terms of a standard information security model components. Autonomic security should be considered as a critical priority and careful provisions must be taken in the design of dynamic techniques, architectures and self-sufficient frameworks for future IoT. Over the years, many researchers have proposed threat mitigation approaches for IoT and WSNs. This survey considers specific approaches requiring minimal human intervention and discusses them in relation to self-security. This survey addresses and brings together a broad range of ideas linked together by IoT, autonomy and security. More particularly, this paper looks at threat mitigation approaches in IoT using an autonomic taxonomy and finally sets down future directions.

[1]  Jürgen Gessner,et al.  Security architecture elements for IoT enabled automation networks , 2012, Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies & Factory Automation (ETFA 2012).

[2]  Kannan Ramchandran,et al.  Securing Dynamic Distributed Storage Systems Against Eavesdropping and Adversarial Attacks , 2010, IEEE Transactions on Information Theory.

[3]  Xiaodong Lin LSR: Mitigating Zero-Day Sybil Vulnerability in Privacy-Preserving Vehicular Peer-to-Peer Networks , 2013, IEEE Journal on Selected Areas in Communications.

[4]  Zach Shelby,et al.  Constrained RESTful Environments (CoRE) Link Format , 2012, RFC.

[5]  Jianhua Ma,et al.  P2P soft security: On evolutionary dynamics of P2P incentive mechanism , 2011, Comput. Commun..

[6]  Adam D. Smith,et al.  Composition attacks and auxiliary information in data privacy , 2008, KDD.

[7]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[8]  Stefano Chessa,et al.  Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards , 2007, Comput. Commun..

[9]  Lizhong Jin,et al.  A Novel Secure Architecture for the Internet of Things , 2011, 2016 International Conference on Intelligent Networking and Collaborative Systems (INCoS).

[10]  Athanasios V. Vasilakos,et al.  ReTrust: Attack-Resistant and Lightweight Trust Management for Medical Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[11]  Xiang Li,et al.  A Survey of Security Mechanisms with Direct Sequence Spread Spectrum Signals , 2013, J. Comput. Sci. Eng..

[12]  Jaydip Sen,et al.  Embedded security for Internet of Things , 2011, 2011 2nd National Conference on Emerging Trends and Applications in Computer Science.

[13]  Mark O'Neill The Internet of Things: do more devices mean more risks? , 2014 .

[14]  Luciano da Fontoura Costa,et al.  2D Euclidean distance transform algorithms: A comparative survey , 2008, CSUR.

[15]  Paul Müller,et al.  Tackling Security and Privacy Issues in Radio Frequency Identification Devices , 2004, Pervasive.

[16]  Claudio Soriente,et al.  Data Security in Unattended Wireless Sensor Networks , 2009, IEEE Transactions on Computers.

[17]  Emil Vassev,et al.  The ASSL Formalism for Real-Time Autonomic Systems , 2013 .

[18]  Alvin S. Lim,et al.  A survey of broadcast authentication schemes for wireless networks , 2015, Ad Hoc Networks.

[19]  Raj Jain,et al.  A survey of the research on future internet architectures , 2011, IEEE Communications Magazine.

[20]  Debanjan Ghosh,et al.  Self-healing systems - survey and synthesis , 2007, Decis. Support Syst..

[21]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[22]  Natalija Vlajic,et al.  Self-Healing Wireless Sensor Networks , 2009 .

[23]  Manpreet Kaur,et al.  Detection and Mitigation of Sinkhole Attack in Wireless Sensor Network , 2016, 2016 International Conference on Micro-Electronics and Telecommunication Engineering (ICMETE).

[24]  Sheroz Khan,et al.  Autonomic protocol and architecture for devices in Internet of Things , 2014, 2014 IEEE Innovative Smart Grid Technologies - Asia (ISGT ASIA).

[25]  Song Han,et al.  Efficient threshold self-healing key distribution with sponsorization for infrastructureless wireless networks , 2009, IEEE Transactions on Wireless Communications.

[26]  H. T. Mouftah,et al.  The internet of things [Guest Editorial] , 2011, IEEE Commun. Mag..

[27]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[28]  F. Pergalani,et al.  A Systemic Approach , 2007 .

[29]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[30]  Moe Z. Win,et al.  Intentional Network Interference for Denial of Wireless Eavesdropping , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[31]  Gang Zhou,et al.  DEEJAM: Defeating Energy-Efficient Jamming in IEEE 802.15.4-based Wireless Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[32]  Ramjee Prasad,et al.  Threshold Cryptography-based Group Authentication (TCGA) scheme for the Internet of Things (IoT) , 2014, 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE).

[33]  Devu Manikantan Shila,et al.  Defending selective forwarding attacks in WMNs , 2008, 2008 IEEE International Conference on Electro/Information Technology.

[34]  Hongwei Zhang,et al.  GS3: scalable self-configuration and self-healing in wireless sensor networks , 2003, Comput. Networks.

[35]  Dusit Niyato,et al.  Rate limiting client puzzle schemes for denial-of-service mitigation , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[36]  Noel E. O'Connor,et al.  Low-Energy Symmetric Key Distribution in Wireless Sensor Networks , 2011, IEEE Transactions on Dependable and Secure Computing.

[37]  Gu Li-ze,et al.  Trust management mechanism for Internet of Things , 2014, China Communications.

[38]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[39]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[40]  Virendra Pal Singh,et al.  Hello Flood Attack and its Countermeasures in Wireless Sensor Networks , 2010 .

[41]  Stefan Bouckaert,et al.  Various Detection Techniques and Platforms for Monitoring Interference Condition in a Wireless Testbed , 2012, FP7 FIRE/EULER.

[42]  S. Shankar Sastry,et al.  Time synchronization attacks in sensor networks , 2005, SASN '05.

[43]  M. Amin,et al.  Toward self-healing energy infrastructure systems , 2001 .

[44]  Jürgen Schönwälder,et al.  Management of resource constrained devices in the internet of things , 2012, IEEE Communications Magazine.

[45]  Gabriel Montenegro,et al.  IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals , 2007, RFC.

[46]  Athanasios V. Vasilakos,et al.  SecCloud: Bridging Secure Storage and Computation in Cloud , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[47]  Liang Zhou,et al.  Multimedia traffic security architecture for the internet of things , 2011, IEEE Network.

[48]  M. Bansal,et al.  Mobile Ad hoc Networking ( MANET ) : Routing Protocol Performance Issues and Evaluation Considerations , 2010 .

[49]  Jana Koehler,et al.  On Autonomic Computing Architectures , 2003 .

[50]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[51]  Claudio Soriente,et al.  POSH: Proactive co-Operative Self-Healing in Unattended Wireless Sensor Networks , 2008, 2008 Symposium on Reliable Distributed Systems.

[52]  Shusen Yang,et al.  A survey on the ietf protocol suite for the internet of things: standards, challenges, and opportunities , 2013, IEEE Wireless Communications.

[53]  Xiang-Yang Li,et al.  Efficient Algorithms for p-Self-Protection Problem in Static Wireless Sensor Networks , 2008, IEEE Transactions on Parallel and Distributed Systems.

[54]  Nicola Bui,et al.  Low power link layer security for IoT: Implementation and performance analysis , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[55]  Laurence T. Yang,et al.  Cyberentity Security in the Internet of Things , 2013, Computer.

[56]  Kang G. Shin,et al.  Self-healing multi-radio wireless mesh networks , 2007, MobiCom '07.

[57]  Geoffrey Ye Li,et al.  A survey of energy-efficient wireless communications , 2013, IEEE Communications Surveys & Tutorials.

[58]  Tassos Dimitriou,et al.  Intrusion Detection of Sinkhole Attacks in Wireless Sensor Networks , 2007, ALGOSENSORS.

[59]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[60]  Levente Buttyán,et al.  Secure and reliable clustering in wireless sensor networks: A critical survey , 2012, Comput. Networks.

[61]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[62]  Felix Wortmann,et al.  Internet of Things , 2015, Business & Information Systems Engineering.

[63]  Raymond Chi-Wing Wong,et al.  On Eavesdropping Attacks in Wireless Sensor Networks with Directional Antennas , 2013, Int. J. Distributed Sens. Networks.

[64]  Madjid Merabti,et al.  Lightweight Sybil Attack Detection in MANETs , 2013, IEEE Systems Journal.

[65]  Elisabeth André,et al.  Trust-Based Decision-Making for Energy-Aware Device Management , 2014, UMAP.

[66]  Donald F. Towsley,et al.  Secure Wireless Communication with Dynamic Secrets , 2010, 2010 Proceedings IEEE INFOCOM.

[67]  Elisa Bertino,et al.  Trust Negotiation in Identity Management , 2007, IEEE Security & Privacy.

[68]  Stilianos Vidalis,et al.  Assessing Identity Theft in the Internet of Things , 2014 .

[69]  William Liu,et al.  Trust-based Adaptive Routing for Smart Grid Systems , 2014, J. Inf. Process..

[70]  Choong Seon Hong,et al.  A sinkhole attack detection mechanism for LQI based mesh routing in WSN , 2009, 2009 International Conference on Information Networking.

[71]  Ashok Kumar Turuk,et al.  A Survey on Selective Forwarding Attack in Wireless Sensor Networks , 2011, 2011 International Conference on Devices and Communications (ICDeCom).

[72]  Sourav Mukhopadhyay,et al.  Constant Storage Self-Healing Key Distribution with Revocation in Wireless Sensor Network , 2007 .

[73]  Helmut Knebl,et al.  Symmetric-Key Encryption , 2007 .

[74]  Salim Hariri,et al.  Online monitoring and analysis for self-protection against network attacks , 2004 .

[75]  Baoquan Zhang,et al.  Evaluation on security system of internet of things based on Fuzzy-AHP method , 2011, 2011 International Conference on E-Business and E-Government (ICEE).

[76]  Jawad A. Salehi,et al.  Design and Implementation of Spectrally-Encoded Spread-Time CDMA Transceiver , 2014, IEEE Communications Letters.

[77]  Jeffrey O. Kephart,et al.  The Vision of Autonomic Computing , 2003, Computer.

[78]  Thomas M. Chen,et al.  Authentication and Privacy , 2008, Encyclopedia of Wireless and Mobile Communications.

[79]  Antonella Molinaro,et al.  From MANET To IETF ROLL Standardization: A Paradigm Shift in WSN Routing Protocols , 2011, IEEE Communications Surveys & Tutorials.

[80]  Hamamache Kheddouci,et al.  Monitoring in mobile ad hoc networks: A survey , 2014, Comput. Networks.

[81]  Naveen K. Chilamkurti,et al.  On the security of a certificateless online/offline signcryption for Internet of Things , 2014, Peer-to-Peer Networking and Applications.

[82]  Anurag Agarwal,et al.  The Internet of Things—A survey of topics and trends , 2014, Information Systems Frontiers.

[83]  Dong Hoon Lee,et al.  CADE: Cumulative Acknowledgement Based Detection of Selective Forwarding Attacks in Wireless Sensor Networks , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[84]  P. Pandarinath Secure localization with defense against selective forwarding attacks in wireless sensor networks , 2011, 2011 3rd International Conference on Electronics Computer Technology.

[85]  Yevgeni Koucheryavy,et al.  Towards the era of wireless keys: How the IoT can change authentication paradigm , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[86]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[87]  Xin Wang,et al.  Joint reactive jammer detection and localization in an enterprise WiFi network , 2013, Comput. Networks.

[88]  Jong Hyuk Park,et al.  Secure Group Communication with Self-healing and Rekeying in Wireless Sensor Networks , 2007, MSN.

[89]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[90]  Bernd Scholz-Reiter,et al.  The Role of the Internet of Things for Increased Autonomy and Agility in Collaborative Production Environments , 2011, Architecting the Internet of Things.

[91]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[92]  Lynette I. Millett,et al.  Authentication and Its Privacy Effects , 2003, IEEE Internet Comput..

[93]  Robert Poor,et al.  Self-Healing Networks , 2003, ACM Queue.

[94]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[95]  Joseph P. Macker,et al.  Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations , 1999, RFC.

[96]  Mihaela Cardei,et al.  IEEE 802.15.4: Low Rate Wireless Personal Area Networks (PANs) , 2008, Encyclopedia of Wireless and Mobile Communications.

[97]  Ivan Howitt,et al.  IEEE 802.15.4 low rate - wireless personal area network coexistence issues , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[98]  Antonio Iera,et al.  The Internet of things , 2010 .

[99]  Kai Zhao,et al.  A Survey on the Internet of Things Security , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[100]  Julie A. McCann,et al.  A survey of autonomic computing—degrees, models, and applications , 2008, CSUR.

[101]  Sabrina Sicari,et al.  Privacy Aware Systems: From Models to Patterns , 2011 .

[102]  Nader Mohamed,et al.  Challenges in middleware solutions for the internet of things , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).

[103]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[104]  Ada Diaconescu,et al.  Future of Autonomic Computing and Conclusions , 2013 .

[105]  Wenyuan Xu,et al.  Wireless Jamming Localization by Exploiting Nodes' Hearing Ranges , 2010, DCOSS.

[106]  Xingming Sun,et al.  Selective forwarding attack detection using watermark in WSNs , 2009, 2009 ISECS International Colloquium on Computing, Communication, Control, and Management.

[107]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[108]  D.I. Kaklamani,et al.  A Proxy for Privacy: the Discreet Box , 2007, EUROCON 2007 - The International Conference on "Computer as a Tool".

[109]  Ahmad Khonsari,et al.  Detection and mitigation of sinkhole attacks in wireless sensor networks , 2014, J. Comput. Syst. Sci..

[110]  Boleslaw K. Szymanski,et al.  Self-healing routing: a study in efficiency and resiliency of data delivery in wireless sensor networks , 2007, SPIE Defense + Commercial Sensing.

[111]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[112]  Hoopad Mobahat Authentication and lightweight cryptography in low cost RFID , 2010, 2010 2nd International Conference on Software Technology and Engineering.

[113]  Yacine Challal,et al.  A Systemic Approach for IoT Security , 2013, 2013 IEEE International Conference on Distributed Computing in Sensor Systems.

[114]  Ramjee Prasad,et al.  Proposed embedded security framework for Internet of Things (IoT) , 2011, 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE).

[115]  Andrzej Duda,et al.  OSCAR: Object security architecture for the Internet of Things , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[116]  Song Han,et al.  WirelessHART: Applying Wireless Technology in Real-Time Industrial Process Control , 2008, 2008 IEEE Real-Time and Embedded Technology and Applications Symposium.

[117]  Moshe Kam,et al.  Toward an Automatic, Online Behavioral Malware Classification System , 2013, 2013 IEEE 7th International Conference on Self-Adaptive and Self-Organizing Systems.

[118]  Alexander Gluhak,et al.  A survey on facilities for experimental internet of things research , 2011, IEEE Communications Magazine.

[119]  Peng Ning,et al.  P2DAP — Sybil Attacks Detection in Vehicular Ad Hoc Networks , 2011, IEEE Journal on Selected Areas in Communications.

[120]  Klaus Hartke,et al.  Practical Issues with Datagram Transport Layer Security in Constrained Environments , 2014 .

[121]  Márk Jelasity,et al.  The Self-Star Vision , 2005, Self-star Properties in Complex Information Systems.

[122]  Simon Scott,et al.  A survey on mitigation methods to Black hole Attack on AODV routing protocol , 2013 .

[123]  AshrafQazi Mamoon,et al.  Autonomic schemes for threat mitigation in Internet of Things , 2015 .

[124]  Prasant Mohapatra,et al.  SHORT: self-healing and optimizing routing techniques for mobile ad hoc networks , 2003, MobiHoc '03.

[125]  Mohamed Hadi Habaebi,et al.  SIHAT: Simplifying Interfaces in Health-Nets for Achieving Telemetry , 2014 .

[126]  Wei Ren,et al.  How to Authenticate a Device? Formal Authentication Models for M2M Communications Defending against Ghost Compromising Attack , 2013, Int. J. Distributed Sens. Networks.

[127]  Carsten Bormann,et al.  6LoWPAN: The Wireless Embedded Internet , 2009 .

[128]  Shiyong Zhang,et al.  Flooding attack and defence in Ad hoc networks , 2006 .