Assesing the Services, Security Threaths, Challenges and Solutions in the Internet of Things

The purpose of this paper is to chalk out the criticality of the most important pillar of the Internet of Things (IoT), i.e., Security and Privacy (S&P). IoT has seen its journey from implausible and impossible to sustainable and tenable. Its rate of expansion into various grounds from agriculture to sports; personal health to intelligent traffic detection; waste management to smart homes is astonishing, dramatic, and unforeseen. With such vast adaptability and functionality, its security remains the biggest concern because, in contrast to the traditional networks, IoT faces huge vulnerabilities, some of which are inherent and others explicit. The existing security solutions cannot be implemented in IoT because of its unique characteristics. Therefore, there is a dire need to develop novel security procedures befitting IoT. This paper spots the features that are peculiar to IoT and concurrently analyzes the security threats, and challenges they pose. This work also provides a glimpse of the major IoT implementations with their particular security requirements and challenges. Moreover, this paper critically evaluates the proposed countermeasures to security attacks on different features and why they cannot be used in IoT environments. Also, it is found that most of the security solutions used in IoT devices are inspired by Wireless Sensor Networks (WSN, but the striking differences among the two make them inadequate in IoT. The security requirements and challenges peculiar to various IoT services are also identified. To assist the researchers in remaining up-to-date, we for the first time have thoroughly expressed some of the most famous and practical attacks faced across the world in the recent past, how much damage they caused, how many financial losses were faced, etc.

[1]  Roel Wieringa,et al.  Role-Based Access Control in Retrospect , 2012, Computer.

[2]  Thomas Narten,et al.  Neighbor Discovery for IP Version 6 (IPv6) , 1996, RFC.

[3]  Somesh Jha,et al.  FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution , 2013, USENIX Security Symposium.

[4]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.

[5]  Luca Bruno,et al.  AVATAR: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares , 2014, NDSS.

[6]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[7]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[8]  Tayeb Lemlouma,et al.  A survey on health monitoring systems for health smart homes , 2018, International Journal of Industrial Ergonomics.

[9]  Wassnaa Al-Mawee,et al.  Privacy and Security Issues in IoT Healthcare Applications for the Disabled Users a Survey , 2012 .

[10]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[11]  Claude Castelluccia,et al.  Hierarchical Mobile IPv6 Mobility Management (HMIPv6) , 2005, RFC.

[12]  Carmen D Dirksen,et al.  Literature review on monitoring technologies and their outcomes in independently living elderly people , 2015, Disability and rehabilitation. Assistive technology.

[13]  Jalel Ben-Othman,et al.  Survey on VANET security challenges and possible cryptographic solutions , 2014, Veh. Commun..

[14]  Gerhard P. Hancke,et al.  Implementing the Internet of Things vision in industrial wireless sensor networks , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[15]  Ryuji Wakikawa,et al.  Network Mobility (NEMO) Basic Support Protocol , 2005, RFC.

[16]  Thomas Olzak,et al.  What is virtualization , 2009 .

[17]  Syed Rameem Zahra,et al.  MNP: Malicious Node Prevention in Vehicular Ad Hoc Networks , 2018 .

[18]  Soonghwan Ro,et al.  Inter-domain mobility support in Proxy Mobile IPv6 using overlap function of mobile access gateway , 2015, Wirel. Networks.

[20]  Charles E. Perkins,et al.  IP Mobility Support for IPv4 , 2002, RFC.

[21]  Karl N. Levitt,et al.  Is Anybody Home? Inferring Activity From Smart Home Network Traffic , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[22]  Luca Mainetti,et al.  An IoT-aware AAL system for elderly people , 2016, 2016 International Multidisciplinary Conference on Computer and Energy Science (SpliTech).

[23]  Bjorn De Sutter,et al.  ARMor: Fully verified software fault isolation , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[24]  Robert Green,et al.  Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network , 2015, SpringSim.

[25]  Weisong Shi,et al.  On security challenges and open issues in Internet of Things , 2018, Future Gener. Comput. Syst..

[26]  Sanjay Jha,et al.  Wireless Sensor Networks for Battlefield Surveillance , 2006 .

[27]  Shadi Aljawarneh,et al.  Mobility management of Internet of Things: Protocols, challenges and open issues , 2017, 2017 International Conference on Engineering & MIS (ICEMIS).

[28]  David Brumley,et al.  Towards Automated Dynamic Analysis for Linux-based Embedded Firmware , 2016, NDSS.

[29]  E. Kannan,et al.  A Novel Hybrid Key Management Scheme for Establishing Secure Communication in Wireless Sensor Networks , 2015, Wirel. Pers. Commun..

[30]  Kewei Sha,et al.  Noname Manuscript No. (will Be Inserted by the Editor) Multipath Routing Techniques in Wireless Sensor Networks: a Survey , 2022 .

[31]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[32]  Munam Ali Shah,et al.  Fog computing: Security issues, solutions and robust practices , 2017, 2017 23rd International Conference on Automation and Computing (ICAC).

[33]  Lei Shu,et al.  Smart Factory of Industry 4.0: Key Technologies, Application Case, and Challenges , 2018, IEEE Access.

[34]  Tim Güneysu,et al.  High-Performance and Lightweight Lattice-Based Public-Key Encryption , 2016, IoTPTS@AsiaCCS.

[35]  Sanjay Silakari,et al.  Detection of Malicious Nodes (DMN) in Vehicular Ad-Hoc Networks☆ , 2015 .

[36]  Weisong Shi,et al.  Edge Computing: Vision and Challenges , 2016, IEEE Internet of Things Journal.

[37]  Tai-Hoon Kim,et al.  Smart City and IoT , 2017, Future Gener. Comput. Syst..

[38]  Towards a definition of the Internet of Things ( IoT ) , 2015 .

[39]  Akbar Ghaffar Pour Rahbar,et al.  Detection of malicious vehicles (DMV) through monitoring in Vehicular Ad-Hoc Networks , 2011, Multimedia Tools and Applications.

[40]  Yong Wang,et al.  A survey of security issues in wireless sensor networks , 2006, IEEE Communications Surveys & Tutorials.

[41]  Hyun-Su Kim,et al.  CoAP-Based Mobility Management for the Internet of Things , 2015, Sensors.

[42]  Zongjian He,et al.  An ultra-lightweight white-box encryption scheme for securing resource-constrained IoT devices , 2016, ACSAC.

[43]  R. Hollands Will the real smart city please stand up? , 2008, The Routledge Companion to Smart Cities.

[44]  Peng Liu,et al.  The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved , 2018, IEEE Internet of Things Journal.

[45]  Leandros Maglaras,et al.  Security and Privacy in Fog Computing: Challenges , 2017, IEEE Access.

[46]  R. E. Hall,et al.  VISION OF A SMART CITY , 2000 .

[47]  Md. Motaharul Islam,et al.  Sensor Proxy Mobile IPv6 (SPMIPv6)—A Novel Scheme for Mobility Supported IP-WSNs , 2011, Sensors.

[48]  Karim Eldefrawy SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust , 2012, NDSS 2012.

[49]  Aurélien Francillon,et al.  A Large-Scale Analysis of the Security of Embedded Firmwares , 2014, USENIX Security Symposium.

[50]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[51]  Myung-Ki Shin,et al.  Handover Latency Analysis of a Network-Based Localized Mobility Management Protocol , 2008, 2008 IEEE International Conference on Communications.

[52]  Fuchun Guo,et al.  CP-ABE With Constant-Size Keys for Lightweight Devices , 2014, IEEE Transactions on Information Forensics and Security.

[53]  Zhu Han,et al.  Data Collection and Wireless Communication in Internet of Things (IoT) Using Economic Analysis and Pricing Models: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[54]  Basavaraj Patil,et al.  Proxy Mobile IPv6 , 2008, RFC.

[55]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[56]  Mazliza Othman,et al.  Internet of Things security: A survey , 2017, J. Netw. Comput. Appl..

[57]  Inwhee Joe,et al.  An efficient inter-domain handover scheme with minimized latency for PMIPv6 , 2012, 2012 International Conference on Computing, Networking and Communications (ICNC).

[58]  Subramaniam Shamala,et al.  A cluster-based proxy mobile IPv6 for IP-WSNs , 2012, EURASIP J. Wirel. Commun. Netw..

[59]  Dan Keun Sung,et al.  Modeling and Analysis of an Energy-Efficient Mobility Management Scheme in IP-Based Wireless Networks† , 2011, Sensors.

[60]  Chong-Sun Hwang,et al.  A Comparative Analysis on the Signaling Load of Mobile IPv6 and Hierarchical Mobile IPv6: Analytical Approach , 2006, IEICE Trans. Inf. Syst..

[61]  B. Liang,et al.  Mobile Edge Computing , 2020, Encyclopedia of Wireless Networks.

[62]  Levi B. Larkey,et al.  In-Situ Data Quality Assurance for Environmental Applications of Wireless Sensor Networks , 2006 .

[63]  Shen Bin,et al.  Research on data mining models for the internet of things , 2010, 2010 International Conference on Image Analysis and Signal Processing.

[64]  Qi Alfred Chen,et al.  ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms , 2017, NDSS.

[65]  Nermin Kajtazovic,et al.  Privilege-Based Remote Attestation: Towards Integrity Assurance for Lightweight Clients , 2015, IoTPTS@AsiaCCS.

[66]  T. Derek,et al.  What do we mean by intelligent buildings , 1997 .

[67]  Sung-Gi Min,et al.  An Authentication and Key Management Mechanism for Resource Constrained Devices in IEEE 802.11-based IoT Access Networks , 2017, Sensors.

[68]  Charles E. Perkins,et al.  Mobility support in IPv6 , 1996, MobiCom '96.

[69]  Trent Jaeger,et al.  TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone , 2017, MobiSys.

[70]  John A. Stankovic,et al.  Security in wireless sensor networks , 2004, SASN '04.

[71]  Prashant Pandey,et al.  Cloud computing , 2010, ICWET.

[72]  Daqiang Zhang,et al.  VCMIA: A Novel Architecture for Integrating Vehicular Cyber-Physical Systems and Mobile Cloud Computing , 2014, Mobile Networks and Applications.

[73]  Jaydip Sen,et al.  Internet of Things - Applications and Challenges in Technology and Standardization , 2011 .

[74]  Walter M. Kroner,et al.  An intelligent and responsive architecture , 1997 .