Ievgeniia Kuzminykh,Bogdan Ghita,Jose M. Such

DOI: https://doi.org/10.1007/978-3-030-97777-1_5

2020-12-07

Abstract:Many companies consider IoT as a central element for increasing competitiveness. Despite the growing number of cyberattacks on IoT devices and the importance of IoT security, no study has yet primarily focused on the impact of IoT security measures on the security challenges. This paper presents a review of the current state of security of IoT in companies that produce IoT products and have begun a transformation towards the digitalization of their products and the associated production processes. The analysis of challenges in IoT security was conducted based on the review of resources and reports on IoT security, while mapping the relevant solutions/measures for strengthening security to the existing challenges. This mapping assists stakeholders in understanding the IoT security initiatives regarding their business needs and issues. Based on the analysis, we conclude that almost all companies have an understanding of basic security measures as encryption, but do not understand threat surface and not aware of advanced methods of protecting data and devices. The analysis shows that most companies do not have internal experts in IoT security and prefer to outsource security operations to security providers.

Cryptography and Security

Alexander D Dovhan,Yan O Bernaziuk,Taras Y Tkachuk

Abstract:Objective: Introduction: One of the areas of the Internet of Things (further IoT) popularisation is medicine. Along with significant progress in this area, cyber security threats are on the rise. Thus, the issue of IoT technology's scientific understanding in medicine is of particular relevance. The aim: The purpose of the study is to analyze the global tendencies of IoT development in medicine, identify major threats and define priority areas for their localization and prevention. Patients and methods: Materials and methods: The materials were primarily international standards, norms of international and national law, analysis of international companies' activities. The theoretical basis was the IoT researches of A. Ross, O. Baranov, V. Vishnevsky. General theoretical (epistemological, functional-structural) and special (comparative, inductive) methods of research were used. Conclusion: Conclusions: It has been proven that security and privacy issues are one of the main obstacles to IoT development. Specific recommendations for IoT developers in the medical field are proposed, which should include flexible standards, clear rules, and strict obligations with severe penalties for violations.

Usman Tariq,Irfan Ahmed,Ali Kashif Bashir,Kamran Shaukat

DOI: https://doi.org/10.3390/s23084117

IF: 3.9

2023-04-20

Sensors

Abstract:The emergence of the Internet of Things (IoT) technology has brought about tremendous possibilities, but at the same time, it has opened up new vulnerabilities and attack vectors that could compromise the confidentiality, integrity, and availability of connected systems. Developing a secure IoT ecosystem is a daunting challenge that requires a systematic and holistic approach to identify and mitigate potential security threats. Cybersecurity research considerations play a critical role in this regard, as they provide the foundation for designing and implementing security measures that can address emerging risks. To achieve a secure IoT ecosystem, scientists and engineers must first define rigorous security specifications that serve as the foundation for developing secure devices, chipsets, and networks. Developing such specifications requires an interdisciplinary approach that involves multiple stakeholders, including cybersecurity experts, network architects, system designers, and domain experts. The primary challenge in IoT security is ensuring the system can defend against both known and unknown attacks. To date, the IoT research community has identified several key security concerns related to the architecture of IoT systems. These concerns include issues related to connectivity, communication, and management protocols. This research paper provides an all-inclusive and lucid review of the current state of anomalies and security concepts related to the IoT. We classify and analyze prevalent security distresses regarding IoT's layered architecture, including connectivity, communication, and management protocols. We establish the foundation of IoT security by examining the current attacks, threats, and cutting-edge solutions. Furthermore, we set security goals that will serve as the benchmark for assessing whether a solution satisfies the specific IoT use cases.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Aejaz Nazir Lone,Suhel Mustajab,Mahfooz Alam

DOI: https://doi.org/10.1002/spy2.318

2023-04-14

Security and Privacy

Abstract:It has become possible to link anything and everything to the Internet in recent decades due to the expanding Internet of Things (IoT). As a result, our usage of technology has changed a lot, causing digital disruption in the real world. IoT allows drones, sensors, digital set‐top boxes, surveillance cameras, wearable technology, and medical equipment to be connected to the internet. Healthcare, manufacturing, utilities, transportation, and housing are among the various sectors that has become intelligent. Recently, we have seen a surge in cybersecurity challenges and opportunities for the improvement of various IoT applications. Although cybersecurity and the IoT are extensively researched, there is a dearth of studies that exclusively focus on the evolution of cybersecurity challenges in the area of AI and machine learning, blockchain and zero trust, lightweight security, integration of IoT with 5G networks, and many more in the IoT world. The availability of environment‐capturing sensors and internet‐connected tracking devices allows for private life surveillance and cloud data transmission. Therefore, a significant problem for researchers and developers is to ensure the CIA (Confidentiality, Integrity, and Availability) security triangle for people. This paper presents a comprehensive study of cybersecurity applications, challenges, and opportunities in the IoT world. The IoT architectural layer, attacks against the IoT layer, and related issues are highlighted. Furthermore, cybersecurity issues and challenges in IoT along with the strength and weaknesses of existing techniques are discussed in detail. Our study will provide insight into various current cybersecurity research trends in the IoT world.

Viktor Lobyzov,Volgograd State University,Vadim Shevtsov,,

DOI: https://doi.org/10.15688/nbit.jvolsu.2021.2.3

2021-10-01

NBI Technologies

Abstract:The Internet of Things is a new trend in the development of information technologies, actively spreading as interconnected functional nodes that by default have the means to ensure interaction directly with each other, or with the external environment. The development of such networks is a phenomenon that can radically change the world economy, as well as social processes. As a result of the application of this layer of information technologies, the need for direct human control over actions and operations will be eliminated. One of the most common household examples is a “smart home” – a computer network of interconnected devices using various data transfer protocols with the ability to access this network from an external network. So, thanks to IoT, it is possible to configure devices in the house by remote access. The paper deals with the main security methods against attacks and threats of IIoT devices. The information infrastructure was analyzed, an idea of the architecture of IIoT systems was obtained, and the information transmission path was identified. An analysis of the IIoT regulatory framework governing security, architecture and data exchange in IIoT systems has been carried out, documents governing the Industrial Internet of Things have been identified. The best communication protocol has been identified. Subsequently, the threats of the protocol were selected, and possible means and methods of protection were identified. For IIoT gateways, the concept of a hardware-software complex was presented as a prototype, and a comparison was made with existing solutions.

Muhammad Muzamil Aslam,Ali Tufail,Ki-Hyung Kim,Rosyzie Anna Awg Haji Mohd Apong,Muhammad Taqi Raza

DOI: https://doi.org/10.3390/s23187999

IF: 3.9

2023-09-21

Sensors

Abstract:In recent years, the Internet of Things (IoT) has had a big impact on both industry and academia. Its profound impact is particularly felt in the industrial sector, where the Industrial Internet of Things (IIoT), also known as Industry 4.0, is revolutionizing manufacturing and production through the fusion of cutting-edge technologies and network-embedded sensing devices. The IIoT revolutionizes several industries, including crucial ones such as oil and gas, water purification and distribution, energy, and chemicals, by integrating information technology (IT) with industrial control and automation systems. Water, a vital resource for life, is a symbol of the advancement of technology, yet knowledge of potential cyberattacks and their catastrophic effects on water treatment facilities is still insufficient. Even seemingly insignificant errors can have serious consequences, such as aberrant pH values or fluctuations in the concentration of hydrochloric acid (HCI) in water, which can result in fatalities or serious diseases. The water purification and distribution industry has been the target of numerous hostile cyber security attacks, some of which have been identified, revealed, and documented in this paper. Our goal is to understand the range of security threats that are present in this industry. Through the lens of IIoT, the survey provides a technical investigation that covers attack models, actual cases of cyber intrusions in the water sector, a range of security difficulties encountered, and preventative security solutions. We also explore upcoming perspectives, illuminating the predicted advancements and orientations in this dynamic subject. For industrial practitioners and aspiring scholars alike, our work is a useful, enlightening, and current resource. We want to promote a thorough grasp of the cybersecurity landscape in the water industry by combining key insights and igniting group efforts toward a safe and dependable digital future.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Muath A. Obaidat,Suhaib Obeidat,Jennifer Holst,Abdullah Al Hayajneh,Joseph Brown

DOI: https://doi.org/10.3390/computers9020044

2020-05-30

Computers

Abstract:The Internet of Things (IoT) has experienced constant growth in the number of devices deployed and the range of applications in which such devices are used. They vary widely in size, computational power, capacity storage, and energy. The explosive growth and integration of IoT in different domains and areas of our daily lives has created an Internet of Vulnerabilities (IoV). In the rush to build and implement IoT devices, security and privacy have not been adequately addressed. IoT devices, many of which are highly constrained, are vulnerable to cyber attacks, which threaten the security and privacy of users and systems. This survey provides a comprehensive overview of IoT in regard to areas of application, security architecture frameworks, recent security and privacy issues in IoT, as well as a review of recent similar studies on IoT security and privacy. In addition, the paper presents a comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented. Moreover, the study proposes mitigations and countermeasures, taking a multi-faceted approach rather than a per layer approach. Open research areas are also covered to provide researchers with the most recent research urgent questions in regard to securing IoT ecosystem.

Mahyar Taj Dini,Volodymyr Sokolov

DOI: https://doi.org/10.5281/zenodo.2528814

2019-02-23

Abstract:The rapid development of "smart" devices leads to explosive growth of unprotected or partially protected home networks. These networks are easy prey for unauthorized access, the collection of personal information (including from surveillance cameras), interference in the operation of individual devices and the entire system as a whole. In addition, existing solutions for managing a smart house offer work in the cloud, which in turn reduces the availability of the system and simultaneously increases the risk of the unscrupulous use of personal information by the service provider (up to the sale of data to a third party). This article examines the existing access technologies, their weaknesses, and offers solutions to improve the overall security of the system with a local IoT gateway and virtual subnets.

Cryptography and Security,Networking and Internet Architecture

Ayyoob Hamza,Hassan Habibi Gharakheili,Vijay Sivaraman

DOI: https://doi.org/10.48550/arXiv.2008.09339

2020-08-21

Abstract:IoT devices are increasingly utilized in critical infrastructure, enterprises, and households. There are several sophisticated cyber-attacks that have been reported and many networks have proven vulnerable to both active and passive attacks by leaking private information, allowing unauthorized access, and being open to denial of service attacks. This paper aims firstly, to assist network operators to understand the need for an IoT network security solution, and then secondly, to survey IoT network attack vectors, cyber threats, and countermeasures with a focus on improving the robustness of existing security solutions. Our first contribution highlights viewpoints on IoT security from the perspective of stakeholders such as manufacturers, service providers, consumers, and authorities. We discuss the differences between IoT and IT systems, the need for IoT security solutions, and we highlight the key components required for IoT network security system architecture. For our second contribution, we survey the types of IoT attacks by grouping them based on their impact. We discuss various attack techniques, threats, and shortfalls of existing countermeasures with an intention to enable future research into improving IoT network security.

Cryptography and Security,Networking and Internet Architecture

Omerah Yousuf,Roohie Naaz Mir

DOI: https://doi.org/10.1108/ICS-07-2018-0084

2019-10-07

Information and Computer Security

Abstract:Internet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an extremely critical issue for IoT that needs to be addressed efficiently. Heterogeneity being an inherent characteristic of IoT gives rise to many security issues that need to be addressed from the perspective of new architectures such as software defined networking, cryptographic algorithms, federated cloud and edge computing. The paper analyzes the IoT security from three perspectives: three-layer security architecture, security issues at each layer and security countermeasures. The paper reviews the current state of the art, protocols and technologies used at each layer of security architecture. The paper focuses on various types of attacks that occur at each layer and provides the various approaches used to countermeasure such type of attacks. The data exchanged between the different devices or applications in the IoT environment are quite sensitive; thus, the security aspect plays a key role and needs to be addressed efficiently. This indicates the urgent needs of developing general security policy and standards for IoT products. The efficient security architecture needs to be imposed but not at the cost of efficiency and scalability. The paper provides empirical insights about how the different security threats at each layer can be mitigated. The paper fulfills the need of having an extensive and elaborated survey in the field of IoT security, along with suggesting the countermeasures to mitigate the threats occurring at each level of IoT protocol stack.

Pintu Kumar Sadhu,Venkata P. Yanambaka,Ahmed Abdelgawad

DOI: https://doi.org/10.3390/s22197433

IF: 3.9

2022-10-01

Sensors

Abstract:The overwhelming acceptance and growing need for Internet of Things (IoT) products in each aspect of everyday living is creating a promising prospect for the involvement of humans, data, and procedures. The vast areas create opportunities from home to industry to make an automated lifecycle. Human life is involved in enormous applications such as intelligent transportation, intelligent healthcare, smart grid, smart city, etc. A thriving surface is created that can affect society, the economy, the environment, politics, and health through diverse security threats. Generally, IoT devices are susceptible to security breaches, and the development of industrial systems could pose devastating security vulnerabilities. To build a reliable security shield, the challenges encountered must be embraced. Therefore, this survey paper is primarily aimed to assist researchers by classifying attacks/vulnerabilities based on objects. The method of attacks and relevant countermeasures are provided for each kind of attack in this work. Case studies of the most important applications of the IoT are highlighted concerning security solutions. The survey of security solutions is not limited to traditional secret key-based cryptographic solutions, moreover physical unclonable functions (PUF)-based solutions and blockchain are illustrated. The pros and cons of each security solution are also discussed here. Furthermore, challenges and recommendations are presented in this work.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Mei Wang,Baohua Zhang

DOI: https://doi.org/10.1088/1755-1315/634/1/012035

2021-02-01

IOP Conference Series: Earth and Environmental Science

Abstract:Abstract The Internet of Things system is a product of the combination of information technology in the rapid development of computer technology, and it is an important foundation for the development of the information age. But we cannot ignore computer network security issues in the application of the Internet of Things. In order to effectively control the security issues of the Internet of Things, we have to study and analyze the potential security risks in the current Internet of Things computer network. In addition, we should explore reliable network security control measures and computer remote control technology. Only in this way can the further development of the IoT system be promoted.

Mohan Krishna Kagita,Navod Thilakarathne,Dharmendra Singh Rajput,Dr Surekha Lanka

DOI: https://doi.org/10.48550/arXiv.2009.06341

2020-09-14

Computers and Society

Abstract:The Internet of Things, or IoT, refers to the billions of physical objects around the planet that are now connected to the Internet, many of which store and exchange the data without human interaction. In recent years the Internet of Things (IoT) has incredibly become a groundbreaking technical innovation that has contributed to massive impact in the ways where all the information is handled incorporate companies, computer devices, and even kitchen equipment and appliances, are designed and made. The main focus of this chapter is to systematically review the security and privacy of the Internet of Things in the present world. Most internet users are genuine, yet others are cybercriminals with individual expectations of misusing information. With such possibilities, users should know the potential security and privacy issues of IoT devices. IoT innovations are applied on numerous levels in a system that we use daily in our day-to-day life. Data confidentiality is a significant issue. The interconnection of various networks makes it impossible for users to assert extensive control of their data. Finally, this chapter discusses the IoT Security concerns in the literature and providing a critical review of the current approach and proposed solutions on present issues on the Privacy protection of IoT devices.

Shantanu Pal,Zahra Jadidi

DOI: https://doi.org/10.3390/app11209393

2021-10-10

Applied Sciences

Abstract:Industrial Internet of Things (IIoT) can be seen as an extension of the Internet of Things (IoT) services and applications to industry with the inclusion of Industry 4.0 that provides automation, reliability, and control in production and manufacturing. IIoT has tremendous potential to accelerate industry automation in many areas, including transportation, manufacturing, automobile, marketing, to name a few places. When the benefits of IIoT are visible, the development of large-scale IIoT systems faces various security challenges resulting in many large-scale cyber-attacks, including fraudulent transactions or damage to critical infrastructure. Moreover, a large number of connected devices over the Internet and resource limitations of the devices (e.g., battery, memory, and processing capability) further pose challenges to the system. The IIoT inherits the insecurities of the traditional communication and networking technologies; however, the IIoT requires further effort to customize the available security solutions with more focus on critical industrial control systems. Several proposals discuss the issue of security, privacy, and trust in IIoT systems, but comprehensive literature considering the several aspects (e.g., users, devices, applications, cascading services, or the emergence of resources) of an IIoT system is missing in the present state of the art IIoT research. In other words, the need for considering a vision for securing an IIoT system with broader security analysis and its potential countermeasures is missing in recent times. To address this issue, in this paper, we provide a comparative analysis of the available security issues present in an IIoT system. We identify a list of security issues comprising logical, technological, and architectural points of view and consider the different IIoT security requirements. We also discuss the available IIoT architectures to examine these security concerns in a systematic way. We show how the functioning of different layers of an IIoT architecture is affected by various security issues and report a list of potential countermeasures against them. This study also presents a list of future research directions towards the development of a large-scale, secure, and trustworthy IIoT system. The study helps understand the various security issues by indicating various threats and attacks present in an IIoT system.

Maria Papaioannou,Marina Karageorgou,Georgios Mantas,Victor Sucasas,Ismael Essop,Jonathan Rodriguez,Dimitrios Lymberopoulos

DOI: https://doi.org/10.1002/ett.4049

IF: 3.6

2020-07-23

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Internet of medical things (IoMT) is an emerging technology aiming to improve the patient's quality of life by enabling personalized e‐health services without limitations on time and location. Nevertheless, IoMT devices (eg, medical sensors) that constitute the key underlying elements of the IoMT edge network are vulnerable to various types of security threats and thus, they pose a significant risk to patient's privacy and safety. Based on that and the fact that the security is a critical factor for the successful integration of IoMT technology into pervasive healthcare systems, there is an urgent need for novel security mechanisms to preserve the security of the IoMT edge network. Toward this direction, the first step is the comprehensive understanding of existing and potential threats to the IoMT edge network environment. Thus, in this article, we provide a categorization of security threats to the edge network environment based on the major security objectives that they target. Moreover, we present a categorization of security countermeasures, derived from the literature, against threats to IoMT edge networks. The authors' intent is to provide a foundation for organizing research efforts toward the development of proper security countermeasures for protecting IoMT edge networks against internal and external threats.</p>

telecommunications

Parushi Malhotra,Yashwant Singh,Pooja Anand,Deep Kumar Bangotra,Pradeep Kumar Singh,Wei-Chiang Hong

DOI: https://doi.org/10.3390/s21051809

2021-03-05

Abstract:The escalated growth of the Internet of Things (IoT) has started to reform and reshape our lives. The deployment of a large number of objects adhered to the internet has unlocked the vision of the smart world around us, thereby paving a road towards automation and humongous data generation and collection. This automation and continuous explosion of personal and professional information to the digital world provides a potent ground to the adversaries to perform numerous cyber-attacks, thus making security in IoT a sizeable concern. Hence, timely detection and prevention of such threats are pre-requisites to prevent serious consequences. The survey conducted provides a brief insight into the technology with prime attention towards the various attacks and anomalies and their detection based on the intelligent intrusion detection system (IDS). The comprehensive look-over presented in this paper provides an in-depth analysis and assessment of diverse machine learning and deep learning-based network intrusion detection system (NIDS). Additionally, a case study of healthcare in IoT is presented. The study depicts the architecture, security, and privacy issues and application of learning paradigms in this sector. The research assessment is finally concluded by listing the results derived from the literature. Additionally, the paper discusses numerous research challenges to allow further rectifications in the approaches to deal with unusual complications.

Aniruddha Bhattacharjya,Xiaofeng Zhong,Jing Wang,Xing Li

DOI: https://doi.org/10.1007/978-3-319-92564-6_7

2018-01-01

Abstract:The Internet of Things (IoT) signifies the interconnection of exceedingly heterogeneous networked entities, for instance, sensors, actuators, smart phones, etc. In accord with concrete functions, the network structure of the IoT is divided into three hierarchies: the bottom hierarchy is the sensing equipment for information acquisition; the middle hierarchy is the network for data transmission, whereas the top hierarchy is intended for applications and middleware. The uniqueness of the IoT proclaims new challenges to security requirements, dissimilar from previous technology trends. Moreover, to guarantee resilience, fail-over and recovery mechanisms must be provided to uphold operations under failure or attacks, and to return to normal operations (failure/attack mitigation). To uphold the end-to-end method, the gateway requirements to endure invisible to the communicating endpoints. The Constrained …

Rishit Lakhani

DOI: https://doi.org/10.18535/ijecs/v12i11.4779

2023-11-30

International Journal Of Engineering And Computer Science

Abstract:In fact, the mushrooming development of IoT has reshaped industries and everyday life in connecting devices, networks, and systems. Accompanying this phenomenal growth are formidable challenges related to cybersecurity. The major reasons why IoT networks are more susceptible to a variety of cyber threats are the limited computational resources of devices, a lack of standardized security protocols, and the large-scale interconnectedness of devices. This paper throws light on some of the major cybersecurity threats to IoT networks, such as device vulnerabilities, network-based attacks, and data breaches. It further pays attention to the root causes of such vulnerability exposures. Further, it discusses an in-depth analysis of some of the existing defense mechanisms involving advanced authentication methods, encryption techniques, and network security measures. The work also probes into some state-of-the-art security technologies like blockchain and artificial intelligence that hold immense promise for securing IoT. It analyzes real case studies of IoT attacks, such as the Mirai Botnet and Jeep Cherokee Hack, to depict the impact of such threats and extract some helpful lessons in securing future IoT systems. The paper then concludes with discussions on the ever-evolving IoT cybersecurity landscape and how new approaches to defense strategies continue to be thought out, developed, and implemented as these risks continue to mount.

Iqbal H. Sarker,Asif Irshad Khan,Yoosef B. Abushark,Fawaz Alsolami

DOI: https://doi.org/10.1007/s11036-022-01937-3

2022-03-14

Mobile Networks and Applications

Abstract:The Internet of Things (IoT) is one of the most widely used technologies today, and it has a significant effect on our lives in a variety of ways, including social, commercial, and economic aspects. In terms of automation, productivity, and comfort for consumers across a wide range of application areas, from education to smart cities, the present and future IoT technologies hold great promise for improving the overall quality of human life. However, cyber-attacks and threats greatly affect smart applications in the environment of IoT. The traditional IoT security techniques are insufficient with the recent security challenges considering the advanced booming of different kinds of attacks and threats. Utilizing artificial intelligence (AI) expertise, especially machine and deep learning solutions, is the key to delivering a dynamically enhanced and up-to-date security system for the next-generation IoT system. Throughout this article, we present a comprehensive picture on IoT security intelligence, which is built on machine and deep learning technologies that extract insights from raw data to intelligently protect IoT devices against a variety of cyber-attacks. Finally, based on our study, we highlight the associated research issues and future directions within the scope of our study. Overall, this article aspires to serve as a reference point and guide, particularly from a technical standpoint, for cybersecurity experts and researchers working in the context of IoT.

computer science, information systems,telecommunications, hardware & architecture

Samundra Deep,Xi Zheng,Alireza Jolfaei,Dongjin Yu,Pouya Ostovari,Ali Kashif Bashir

DOI: https://doi.org/10.1002/ett.3935

IF: 3.6

2020-03-16

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Internet of Things (IoT) is a novel paradigm, which not only facilitates a large number of devices to be ubiquitously connected over the Internet but also provides a mechanism to remotely control these devices. The IoT is pervasive and is almost an integral part of our daily life. These connected devices often obtain user's personal data and store it online. The security of collected data is a big concern in recent times. As devices are becoming increasingly connected, privacy and security issues become more and more critical and these need to be addressed on an urgent basis. IoT implementations and devices are eminently prone to threats that could compromise the security and privacy of the consumers, which, in turn, could influence its practical deployment. In recent past, some research has been carried out to secure IoT devices with an intention to alleviate the security concerns of users. There have been research on blockchain technologies to tackle the privacy and security issues of the collected data in IoT. The purpose of this paper is to highlight the security and privacy issues in IoT systems. To this effect, the paper examines the security issues at each layer in the IoT protocol stack, identifies the under‐lying challenges and key security requirements and provides a brief overview of existing security solutions to safeguard the IoT from the layered context.</p>

telecommunications