Threats and Challenges for Security Measures on the Internet of Things
DOI:
https://doi.org/10.26512/lstr.v14i1.38843Keywords:
Internet of Things. Security. Smart City. Privacy.Abstract
[Purpose] The Internet of Things (IoT) has grown rapidly in the past few years and billions of devices are connected to the IoT network for collecting and sharing data globally for various applications. Due to the billions of connected devices, there is a potential risk of data loss, identity theft, device manipulation, trust issues, falsification of data, network/server manipulation, and various impacts in the application of IoT platforms. The IoT-enabled devices are growing rapidly day by day leading to amplify the threats to the reliability of the network.
[Methodology/Approach/design] The research work aims to push the present state of the art by identifying privacy and security requirements that IoT is presently needed.
[Findings] Various existing solutions for security in IoT and their limitations are addressed. Security issues such as trust based privacy policies for context-awareness, efficient holistic frameworks, and lightweight strategy for system resource constraints are identified.
[Practical Implications] The technological age of IoT will be relying on a large number of devices is forecast to expand substantially. Although many of the technology-related privacy and security challenges exist, developers and researchers need to work in collaboration to resolve those threats, as they have accomplished with several other related technologies.
Downloads
References
P. Friess and P. Guillemin, “Internet of things strategic research roadmap,” The Cluster of European Research Projects, 2009.
Dohr, A., et al. (2010). The internet of things for ambient assisted living. 2010 Seventh International Conference on Information Technology, Ieee.
BCC Research, “Sensors: Technologies and global markets,” BCC Research, 2011.
I. F. Akyildiz, Y. Weilian, Y. Sankarasubramaniam and E. Cayirci, “A survey on sensor networks,”
Communications Magazine, IEEE, vol. 40, no. 8, pp. 102-114, August 2002.
O. Corcho and R. Garcia-Castro, “Five Challenges for the Semantic Sensor Web,” Semantic Web, vol. 1, no. 1,2, pp. 121-125, 2010.
L. Atzori, A. Iera and G. Morabito, “The Internet of Things: A survey,” Computer Networks, vol. 54, no. 1, pp. 2787-2805, 2010.
A. Dunkels and J. P. Vasseur, IP for Smart Objects, IPSO Alliance White Paper No. 1, 2008.
D. Surie, O. Laguionie and T. Pederson, “Wireless sensor networking of everyday objects in a smart home environment,” in Intelligent Sensors, Sensor Networks and Information Processing, Sydney, 2006.
Garrido, P. C., et al. (2010). A model for the development of NFC contextawareness applications on internet of things. Near Field Communication (NFC), 2010 Second International Workshop on, IEEE.
K.Ashton,“That 'Internet of Things' Thing,” [Online]. Available: http://www.rfidjournal.com/articles/view?4986. [Accessed 20 05 2013].
Korhonen, I., et al. (2003). "Health monitoring in the home of the future." Engineering in Medicine and Biology Magazine, IEEE 22(3): 66-73.
Pantelopoulos, A. and N. G. Bourbakis (2010). "A survey on wearable sensorbased systems for health monitoring and prognosis." Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on 40(1): 1-12.
Barnickel, J., et al. (2010). Security and privacy for mobile electronic health monitoring and recording systems. World of Wireless Mobile and Multimedia Networks (WoWMoM), 2010 IEEE International Symposium on a, IEEE.
[Darianian, M. and M. P. Michael (2008). Smart home mobile RFID-based Internetof-Things systems and services. Advanced Computer Theory and Engineering, 2008. ICACTE'08. International Conference on, IEEE.
[ Schaffers, H., et al. (2011). "Smart Cities and the Future Internet: Towards Cooperation Frameworks for Open Innovation." Future internet assembly 6656(31): 431- 446.
Gerla, M., et al. (2014). Internet of vehicles: From intelligent grid to autonomous cars and vehicular clouds. Internet of Things (WF-IoT), 2014 IEEE World Forum on, IEEE.
Gudivada, V. N., et al. (2015). "Big Data: Promises and Problems." IEEE Computer 48(3): 20-23.
R.Khan.,S.U Khan., R.Zaheer and S.Khan, : Future of Internet-The internet of things architecture, possible applications and key challenges , in Proc. IEEE 10th International Conference. Frontiers of Information Technology pp.257-260(2012).
H.Ning., H.Liu., and L.Yang :Cyberentity security in the internet of things , computer, vol 46,no.4,pp 46-53 (2013).
S.Cesare : Breaking the security of physical devices, accessed on 07- Nov 2016.
Internet of Things research study, accessed on 20-Oct 2016.
Razzaq, Mirza Abdur, et al. "Security issues in the Internet of Things (IoT): a comprehensive study." International Journal of Advanced Computer Science and Applications 8.6 (2017): 383.
Tawalbeh, Lo’ai, et al. "IoT Privacy and security: Challenges and solutions." Applied Sciences 10.12 (2020): 4102.
Awad, N. F. and M. S. Krishnan (2006). "The personalization privacy paradox: an empirical evaluation of information transparency and the willingness to be profiled online for personalization." MIS Quarterly: 13-28.
Luigi Atzori, Antonio Iera, and Giacomo Morabito. “The Internet of Things: A survey”. In: Computer Networks 54.15 (2010), pp. 2787 –2805. ISSN: 1389-1286
Hui Suoa, Jiafu Wan, Caifeng Zoua, Jianqi Liu, “ Security in the Internet of Things: A Review”, Proceedings of the 2012 International Conference on Computer Science and Electronics Engineering (ICCSEE), Hangzhou, China, pp. 648- 651, 23-25 March 2012.
Luigi Atzori, Antonio Iera, Giacomo Morabito, “The Internet of Things: A Survey”, Elsevier, Computer Networks, vol. 54, pp. 2787– 2805, 2010.
M.U. Farooq, Muhammad Waseem, Anjum Khairi, Sadia Mazhar, “A Critical Analysis on the Security Concerns of Internet of Things (IoT)”, International Journal of Computer Applications, vol. 111, no. 7, pp. 1-6, 2015.
M.U. Farooq, Muhammad Waseem, Sadia Mazhar, “A Review on Internet of Things (IoT)”, International Journal of Computer Applications, vol. 113, no. 1, pp1-7, 2015.
Pallavi Sethi, Smruti R. Sarangi, “Internet of Things: Architectures, Protocols, and Applications”, Journa
AJ Brush et al. “Home automation in the wild: challenges and opportunities”. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM. 2011, pp. 2115– 2124.
Huansheng Ning and Hong Liu.,Laurenct T Yang , Cyberentity security in the internet of Things, Vol 46,No.4 pp.46-53 (April 2013).
Reijo M Savola., Habtamu Abie ., Markus Sihvonen:Towards metrics driven adaptive security management in e-health IoT applications, Proc of the 7th International Conference on Body Area Networks, pp.276-281 (2012).
Lui., Xiao., Chen : Authentication and access control in the Internet of Things ,32nd International Conference on distributed computing systems workshop (ICDCSW) ,pp.588-592 ,(2012).
. Kozlo et al: Security and Privacy Threats in IoT architectures, Proc of the 7th International Conference on Body Area Networks, pp.256-262 (2012).
Abie H., and Balasingham :RISK based adaptive security for smart IoT in e-health , Proc of the 7th International Conference on Body Area Networks, pp.269-275 (2012).
Abie H., and Balasingham I.: Adaptive security and trust management for autonomic message oriented middleware, IEEE 6th Intl conference on mobile Adhoc and Sensor Networks (MASS’09) pp.810-817 (2009).
Wei B Weissmann O ., and Dressler F., : Comprehensive and comparative metric for information security , in Proc of IFIP – International Conference on Telecommunication security ,modelling and analysis ,pp 1-10 (2005).
Li You Guo., Jiang Ming Fu: The reinforcement of communication security of internet of things , International Symposium on information science and Engineering , pp531-534 (2010).
Miessler, D. S., Craig (2014). "Internet of Things Top Ten." OWASP.
Zhao, K. and L. Ge (2013). A survey on the internet of things security. Computational Intelligence and Security (CIS), 2013 9th International Conference on, IEEE.
Leo, M., et al. (2014). A federated architecture approach for Internet of Things security. Euro Med Telco Conference (EMTC), 2014, IEEE.
Roman, R., et al. (2011). "Securing the internet of things." Computer 44(9): 51-58.
Atzori, L., et al. (2010). "The internet of things: A survey." Computer networks 54(15): 2787-2805.
Rose, K., et al. (2015). "The Internet of Things (IoT): An Overview–Understanding the Issues and Challenges of a More Connected World." Internet Society
Skarmeta, A. and M. V. Moreno (2013). "Internet of things." Secure Data Management: 48-53.
Whitmore, A., et al. (2015). "The Internet of Things—A survey of topics and trends." Information Systems Frontiers 17(2): 261-274.
D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, “Inferring internet denial-of-service activity,” ACM Transactions on Computer Systems, vol. 24, no. 2, pp. 115–139, 2006.
Y. Hu, Y. Wu, and H. Wang, “Detection of insider selective forwarding attack based on monitor node and trust mechanism in WSN,” Wireless Sensor Network, vol. 6, no. 11, pp. 237–248, 2014.
F. Liu, X. Cheng, and D. Chen, “Insider attacker detection in wireless sensor networks,” in Proceedings of INFOCOM, pp. 1937–1945, Anchorage, AK, USA, 2007.
P. Sarigiannidis, E. Karapistoli, and A. A. Economides, “Detecting sybil attacks in wireless sensor networks using UWB ranging-based information,” Expert Systems with Applications, vol. 42, no. 21, pp. 7560–7572, 2015.
D. Juneja and N. Arora, “An ant based framework for preventing DDoS Attack in wireless sensor networks,” International Journal of Advancements in Technology, vol. 1, no. 1, pp. 34–44, 2010.
P. Kasinathan, C. Pastrone, M. A. Spirito, and M. Vinkovits, “Denial-of service detection in 6LoWPAN based internet of things,” in Proceedings of International Conference on Wireless and Mobile Computing, Networking and Communications, pp. 600–607, Lyon, France, 2013.
S. Misra, P. V. Krishna, H. Agarwal, A. Saxena, and M. S. Obaidat, “A learning automata based solution for preventing distributed denial of service in internet of things,” in Proceedings of International Conference on Internet of 5ings and 4th International Conference on Cyber, Physical and Social Computing, pp. 114–122, Dalian, China, 2011.
P. Kasinathan, G. Costamagna, H. Khaleel, C. Pastrone, and M. A. Spirito, “DEMO: an IDS framework for internet of things empowered by 6LoWPAN,” in Proceedings of ACM SIGSAC Conference on Computer & Communications Security, Berlin, Germany, November 2013.
P. Pongle and G. Chavan, “A survey: attacks on RPL and 6LoWPAN in IoT,” in Proceedings of International Conference on Pervasive Computing (ICPC), 2015.
S. Hameed and U. Ali, “HADEC: hadoop-based live DDoS detection framework,” EURASIP Journal on Information Security, vol. 2018, no. 1, p. 11, 2018.
S. Hameed and H. A. Khan, “SDN based collaborative scheme for mitigation of DDoS attacks,” Future Internet, vol. 10, no. 3, p. 23, 2018.
Tahir, McDonald-Maier and A. Fernando, "A novel ICMetric based framework for securing the Internet of Things," IEEE International Conference on Consumer Electronics, pp. 469-470, 2016.
Zhang, C.Liu and Z. H, "A Novel Approach to IoT Security Based on Immunology," in Ninth International Conference on Computational Intelligence and Security, 2013.
C. L. and Zhou, "Multimedia traffic security architecture for the internet of things," vol. 25, no. 3, pp. 35-40, 2011.
Rose, "Security meets nanoelectronics for Internet of things," in International Great Lakes Symposium on VLSI, 2016.
L. Santos, Guimarães, d. C. Rodrigues, Granville and Tarouco, "A DTLSbased security architecture for the Internet of Things," in IEEE Symposium on Computers and Communication, 2015.
Stepanova and Zegzhda, "Achieving Internet of Things security via providing topological sustainability," in Science and Information, London, 2015.
Raza, L.Seitz, D.Sitenkov and G.Selander, "S3K: Scalable Security With Symmetric Keys—DTLS Key Establishment for the Internet of Things," IEEE Transactions on Automation Science and Engineering, vol. 13, no. 3, 2016.
[66] Andrea, I., Chrysostomou, C., & Hadjichristofi, G., “Internet of Things: Security vulnerabilities and challenges”, In 2015 IEEE Symposium on Computers and Communication (ISCC) , pp. 180-187, 2015.
Babar, S., Stango, A., Prasad, N., Sen, J., & Prasad, R., “Proposed embedded security framework for internet of things (iot)”, In 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronics.
Gordon, L. A. and M. P. Loeb (2002). "The economics of information security investment." ACM Transactions on Information and System Security (TISSEC) 5(4): 438- 457
Ponemon, L. (2015). "Cost of data breach study: Global Analysis." Poneomon Institute sponsored by IBM.
Sandra, L. (2012). "Anonymous cyber-attacks cost."
Schatz, D. and R. Bashroush (2016). "The impact of repeated data breach events on organisations’ market value." Information and Computer Security 24(1): 73-92.
Spanos, G. and L. Angelis (2016). "The impact of information security events to the stock market: A systematic literature review." Computers & Security 58: 216-229.
Anderson, C. L. and R. Agarwal (2010). "Practicing safe computing: a multimedia empirical examination of home computer user security behavioral intentions." MIS Quarterly 34(3): 613-643.
Mulani, T. T. and S. V. Pingle (2016). "Internet of Things." International Research Journal of Multidisciplinary Studies 2(3)
S. Hameed and H. A. Khan, “SDN based collaborative scheme for mitigation of DDoS attacks,” Future Internet, vol. 10, no. 3, p. 23, 2018.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 Law, State and Telecommunications Review
This work is licensed under a Creative Commons Attribution 4.0 International License.
By submitting this paper to the Law, State and Telecommunications Review,
I hereby declare that I agree to the terms of the Creative Commons Attribution 4.0 International (CC BY 4.0).