Muath A. Obaidat,Suhaib Obeidat,Jennifer Holst,Abdullah Al Hayajneh,Joseph Brown

DOI: https://doi.org/10.3390/computers9020044

2020-05-30

Computers

Abstract:The Internet of Things (IoT) has experienced constant growth in the number of devices deployed and the range of applications in which such devices are used. They vary widely in size, computational power, capacity storage, and energy. The explosive growth and integration of IoT in different domains and areas of our daily lives has created an Internet of Vulnerabilities (IoV). In the rush to build and implement IoT devices, security and privacy have not been adequately addressed. IoT devices, many of which are highly constrained, are vulnerable to cyber attacks, which threaten the security and privacy of users and systems. This survey provides a comprehensive overview of IoT in regard to areas of application, security architecture frameworks, recent security and privacy issues in IoT, as well as a review of recent similar studies on IoT security and privacy. In addition, the paper presents a comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented. Moreover, the study proposes mitigations and countermeasures, taking a multi-faceted approach rather than a per layer approach. Open research areas are also covered to provide researchers with the most recent research urgent questions in regard to securing IoT ecosystem.

Yasmine Harbi,Zibouda Aliouat,Allaoua Refoufi,Saad Harous

DOI: https://doi.org/10.1109/access.2021.3103725

IF: 3.9

2021-01-01

IEEE Access

Abstract:The Internet of Things (IoT) aims to transform everyday physical objects into an interconnected ecosystem with digital data accessible anywhere and anytime. “Things” in IoT are embedded with sensing, processing, and actuating capabilities and cooperate in providing smart and innovative services autonomously. The rapid spread of IoT services arises different security vulnerabilities that need to be carefully addressed. Several emerging and promising technologies and techniques are introduced to improve the security of IoT. This paper aims to provide an up-to-date vision of the current research topics related to IoT security. Initially, we introduce common elements and protocols of IoT to demystify the origins of threats in IoT. Then, we propose a taxonomy of IoT attacks and analyze the security vulnerabilities of IoT at different layers. Subsequently, we provide a comparison of recent security schemes based on emerging solutions including fog computing, edge computing, software-defined networking (SDN), blockchain, lightweight cryptography, homomorphic and searchable encryption, and machine learning. Finally, security challenges are discussed and future directions are highlighted for future interested researchers.

computer science, information systems,telecommunications,engineering, electrical & electronic

Usman Tariq,Irfan Ahmed,Ali Kashif Bashir,Kamran Shaukat

DOI: https://doi.org/10.3390/s23084117

IF: 3.9

2023-04-20

Sensors

Abstract:The emergence of the Internet of Things (IoT) technology has brought about tremendous possibilities, but at the same time, it has opened up new vulnerabilities and attack vectors that could compromise the confidentiality, integrity, and availability of connected systems. Developing a secure IoT ecosystem is a daunting challenge that requires a systematic and holistic approach to identify and mitigate potential security threats. Cybersecurity research considerations play a critical role in this regard, as they provide the foundation for designing and implementing security measures that can address emerging risks. To achieve a secure IoT ecosystem, scientists and engineers must first define rigorous security specifications that serve as the foundation for developing secure devices, chipsets, and networks. Developing such specifications requires an interdisciplinary approach that involves multiple stakeholders, including cybersecurity experts, network architects, system designers, and domain experts. The primary challenge in IoT security is ensuring the system can defend against both known and unknown attacks. To date, the IoT research community has identified several key security concerns related to the architecture of IoT systems. These concerns include issues related to connectivity, communication, and management protocols. This research paper provides an all-inclusive and lucid review of the current state of anomalies and security concepts related to the IoT. We classify and analyze prevalent security distresses regarding IoT's layered architecture, including connectivity, communication, and management protocols. We establish the foundation of IoT security by examining the current attacks, threats, and cutting-edge solutions. Furthermore, we set security goals that will serve as the benchmark for assessing whether a solution satisfies the specific IoT use cases.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Samundra Deep,Xi Zheng,Alireza Jolfaei,Dongjin Yu,Pouya Ostovari,Ali Kashif Bashir

DOI: https://doi.org/10.1002/ett.3935

IF: 3.6

2020-03-16

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Internet of Things (IoT) is a novel paradigm, which not only facilitates a large number of devices to be ubiquitously connected over the Internet but also provides a mechanism to remotely control these devices. The IoT is pervasive and is almost an integral part of our daily life. These connected devices often obtain user's personal data and store it online. The security of collected data is a big concern in recent times. As devices are becoming increasingly connected, privacy and security issues become more and more critical and these need to be addressed on an urgent basis. IoT implementations and devices are eminently prone to threats that could compromise the security and privacy of the consumers, which, in turn, could influence its practical deployment. In recent past, some research has been carried out to secure IoT devices with an intention to alleviate the security concerns of users. There have been research on blockchain technologies to tackle the privacy and security issues of the collected data in IoT. The purpose of this paper is to highlight the security and privacy issues in IoT systems. To this effect, the paper examines the security issues at each layer in the IoT protocol stack, identifies the under‐lying challenges and key security requirements and provides a brief overview of existing security solutions to safeguard the IoT from the layered context.</p>

telecommunications

Hichem Mrabet,Sana Belguith,Adeeb Alhomoud,Abderrazak Jemai

DOI: https://doi.org/10.3390/s20133625

2020-06-28

Abstract:The Internet of Things (IoT) is leading today's digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond.

Mumin Adam,Mohammad Hammoudeh,Rana Alrawashdeh,Basil Alsulaimy

DOI: https://doi.org/10.1109/access.2024.3382709

IF: 3.9

2024-01-01

IEEE Access

Abstract:The Internet of Things (IoT) emerged as a pervasive technology, facilitating the seamless interaction of devices, individuals, and services, enabling data exchange and task execution across various domains. While the impact of IoT is undeniably transformative, its extensive proliferation raised significant concerns surrounding security, privacy, and trust, which stand as critical barriers to the widespread adoption and advancement of IoT technology. This review article explores IoT security, privacy, and trust research using a 3-layer IoT architecture. After introducing the fundamental tenets of IoT security, privacy, and trust, it proceeds to examine the prevalent security requirements within IoT architectures and their associated challenges. Then, the survey investigates the recent trends in research dedicated to addressing security, privacy, and trust issues within IoT systems. Furthermore, this article reviews the latest advancements and methodologies designed to secure IoT systems against security breaches and protect the privacy of sensitive data. Finally, the survey outlines unresolved challenges within the IoT security landscape and potential solutions. By offering this consolidated insight, this article offers a bridge between foundational and advanced IoT security topics, providing researchers with an in-depth understanding of current IoT security, privacy, and trust challenges, as well as cutting-edge solutions tailored to address the security and trust-related obstacles faced by IoT applications. This comprehensive overview equips the IoT community with the knowledge necessary to navigate the complex terrain of security, privacy, and trust in IoT systems.

computer science, information systems,telecommunications,engineering, electrical & electronic

Pintu Kumar Sadhu,Venkata P. Yanambaka,Ahmed Abdelgawad

DOI: https://doi.org/10.3390/s22197433

IF: 3.9

2022-10-01

Sensors

Abstract:The overwhelming acceptance and growing need for Internet of Things (IoT) products in each aspect of everyday living is creating a promising prospect for the involvement of humans, data, and procedures. The vast areas create opportunities from home to industry to make an automated lifecycle. Human life is involved in enormous applications such as intelligent transportation, intelligent healthcare, smart grid, smart city, etc. A thriving surface is created that can affect society, the economy, the environment, politics, and health through diverse security threats. Generally, IoT devices are susceptible to security breaches, and the development of industrial systems could pose devastating security vulnerabilities. To build a reliable security shield, the challenges encountered must be embraced. Therefore, this survey paper is primarily aimed to assist researchers by classifying attacks/vulnerabilities based on objects. The method of attacks and relevant countermeasures are provided for each kind of attack in this work. Case studies of the most important applications of the IoT are highlighted concerning security solutions. The survey of security solutions is not limited to traditional secret key-based cryptographic solutions, moreover physical unclonable functions (PUF)-based solutions and blockchain are illustrated. The pros and cons of each security solution are also discussed here. Furthermore, challenges and recommendations are presented in this work.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zainab Alansari,Nor Badrul Anuar,Amirrudin Kamsin,Mohammad Riyaz Belgaum,Jawdat Alshaer,Safeeullah Soomro,Mahdi H. Miraz

DOI: https://doi.org/10.48550/arXiv.1807.04087

2018-07-11

Abstract:Internet of Things (IoT) is one of the emerging technologies of this century and its various aspects, such as the Infrastructure, Security, Architecture and Privacy, play an important role in shaping the future of the digitalised world. Internet of Things devices are connected through sensors which have significant impacts on the data and its security. In this research, we used IoT five layered architecture of the Internet of Things to address the security and private issues of IoT enabled services and applications. Furthermore, a detailed survey on Internet of Things infrastructure, architecture, security, and privacy of the heterogeneous objects were presented. The paper identifies the major challenge in the field of IoT; one of them is to secure the data while accessing the objects through sensing machines. This research advocates the importance of securing the IoT ecosystem at each layer resulting in an enhanced overall security of the connected devices as well as the data generated. Thus, this paper put forwards a security model to be utilised by the researchers, manufacturers and developers of IoT devices, applications and services.

Computers and Society,Networking and Internet Architecture

Rachit,Shobha Bhatt,Prakash Rao Ragiri

DOI: https://doi.org/10.1007/s42452-021-04156-9

2021-01-01

SN Applied Sciences

Abstract:Abstract The Internet of Things (IoT) is a network of embedded devices that are uniquely identifiable and have embedded software required to communicate between the transient states. The purpose of this study is to explore discrete IoT security challenges pertaining to currently deployed IoT standards and protocols. We have presented a detailed review in this study that focuses on IoT's imminent security aspects, covering identification of risks pertaining to the current IoT system, novel security protocols, and security projects proffered in recent years. This work presents an updated review of the IoT architecture in the protocols and standards that are proffered for the next-gen IoT systems. A security-specific comparative analysis of protocols, standards, and proffered security models are presented as per IoT security requirements. This study elicits the need for standardization at the communication and data audit level, which exposes the hardware, software, and data to various threats and attacks. Our study reveals a need for protocols that are competent enough to be accorded for over one threat vector. This paper provides an insight into the latest security research trends, which will prove beneficial in the development of IoT security. The research outcomes can benefit the research community in IoT by integrating IoT-based devices' best security aspects.

Ayyoob Hamza,Hassan Habibi Gharakheili,Vijay Sivaraman

DOI: https://doi.org/10.48550/arXiv.2008.09339

2020-08-21

Abstract:IoT devices are increasingly utilized in critical infrastructure, enterprises, and households. There are several sophisticated cyber-attacks that have been reported and many networks have proven vulnerable to both active and passive attacks by leaking private information, allowing unauthorized access, and being open to denial of service attacks. This paper aims firstly, to assist network operators to understand the need for an IoT network security solution, and then secondly, to survey IoT network attack vectors, cyber threats, and countermeasures with a focus on improving the robustness of existing security solutions. Our first contribution highlights viewpoints on IoT security from the perspective of stakeholders such as manufacturers, service providers, consumers, and authorities. We discuss the differences between IoT and IT systems, the need for IoT security solutions, and we highlight the key components required for IoT network security system architecture. For our second contribution, we survey the types of IoT attacks by grouping them based on their impact. We discuss various attack techniques, threats, and shortfalls of existing countermeasures with an intention to enable future research into improving IoT network security.

Cryptography and Security,Networking and Internet Architecture

Aejaz Nazir Lone,Suhel Mustajab,Mahfooz Alam

DOI: https://doi.org/10.1002/spy2.318

2023-04-14

Security and Privacy

Abstract:It has become possible to link anything and everything to the Internet in recent decades due to the expanding Internet of Things (IoT). As a result, our usage of technology has changed a lot, causing digital disruption in the real world. IoT allows drones, sensors, digital set‐top boxes, surveillance cameras, wearable technology, and medical equipment to be connected to the internet. Healthcare, manufacturing, utilities, transportation, and housing are among the various sectors that has become intelligent. Recently, we have seen a surge in cybersecurity challenges and opportunities for the improvement of various IoT applications. Although cybersecurity and the IoT are extensively researched, there is a dearth of studies that exclusively focus on the evolution of cybersecurity challenges in the area of AI and machine learning, blockchain and zero trust, lightweight security, integration of IoT with 5G networks, and many more in the IoT world. The availability of environment‐capturing sensors and internet‐connected tracking devices allows for private life surveillance and cloud data transmission. Therefore, a significant problem for researchers and developers is to ensure the CIA (Confidentiality, Integrity, and Availability) security triangle for people. This paper presents a comprehensive study of cybersecurity applications, challenges, and opportunities in the IoT world. The IoT architectural layer, attacks against the IoT layer, and related issues are highlighted. Furthermore, cybersecurity issues and challenges in IoT along with the strength and weaknesses of existing techniques are discussed in detail. Our study will provide insight into various current cybersecurity research trends in the IoT world.

Nasr Abosata,Saba Al-Rubaye,Gokhan Inalhan,Christos Emmanouilidis

DOI: https://doi.org/10.3390/s21113654

IF: 3.9

2021-05-24

Sensors

Abstract:The growth of the Internet of Things (IoT) offers numerous opportunities for developing industrial applications such as smart grids, smart cities, smart manufacturers, etc. By utilising these opportunities, businesses engage in creating the Industrial Internet of Things (IIoT). IoT is vulnerable to hacks and, therefore, requires various techniques to achieve the level of security required. Furthermore, the wider implementation of IIoT causes an even greater security risk than its benefits. To provide a roadmap for researchers, this survey discusses the integrity of industrial IoT systems and highlights the existing security approaches for the most significant industrial applications. This paper mainly classifies the attacks and possible security solutions regarding IoT layers architecture. Consequently, each attack is connected to one or more layers of the architecture accompanied by a literature analysis on the various IoT security countermeasures. It further provides a critical analysis of the existing IoT/IIoT solutions based on different security mechanisms, including communications protocols, networking, cryptography and intrusion detection systems. Additionally, there is a discussion of the emerging tools and simulations used for testing and evaluating security mechanisms in IoT applications. Last, this survey outlines several other relevant research issues and challenges for IoT/IIoT security.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Diego M. Mendez,Ioannis Papapanagiotou,Baijian Yang

DOI: https://doi.org/10.1080/19393555.2018.1458258

2017-07-11

Abstract:The Internet of Things (IoT) is intended for ubiquitous connectivity among different entities or "things". While its purpose is to provide effective and efficient solutions, security of the devices and network is a challenging issue. The number of devices connected along with the ad-hoc nature of the system further exacerbates the situation. Therefore, security and privacy has emerged as a significant challenge for the IoT. In this paper,we aim to provide a thorough survey related to the privacy and security challenges of the IoT. This document addresses these challenges from the perspective of technologies and architecture used. This work focuses also in IoT intrinsic vulnerabilities as well as the security challenges of various layers based on the security principles of data confidentiality, integrity and availability. This survey analyzes articles published for the IoT at the time and relates it to the security conjuncture of the field and its projection to the future.

Cryptography and Security

Inayat Ali,Sonia Sabir,Zahid Ullah

2024-08-08

Abstract:The Internet of Things (IoT) is one of the emerging technologies that has grabbed the attention of researchers from academia and industry. The idea behind Internet of things is the interconnection of internet enabled things or devices to each other and to humans, to achieve some common goals. In near future IoT is expected to be seamlessly integrated into our environment and human will be wholly solely dependent on this technology for comfort and easy life style. Any security compromise of the system will directly affect human life. Therefore security and privacy of this technology is foremost important issue to resolve. In this paper we present a thorough study of security problems in IoT and classify possible cyberattacks on each layer of IoT architecture. We also discuss challenges to traditional security solutions such as cryptographic solutions, authentication mechanisms and key management in IoT. Device authentication and access controls is an essential area of IoT security, which is not surveyed so far. We spent our efforts to bring the state of the art device authentication and access control techniques on a single paper.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Muhammad Aqeel,Fahad Ali,Muhammad Waseem Iqbal,Toqir A. Rana,Muhammad Arif,Rabiul Auwul

DOI: https://doi.org/10.1155/2022/5724168

IF: 2.336

2022-09-30

Journal of Sensors

Abstract:The recent two decades have witnessed tremendous growth in Internet of things (IoT) applications. There are more than 50 billion devices connected globally. IoT applications' connectivity with the Internet persistently victimized them with a divergent range of traditional threats, including viruses, worms, malware, spyware, Trojans, malicious code injections, and backdoor attacks. Traditional threats provide essential services such as authentication, authorization, and accountability. Authentication and authorization are the process of verifying that a subject is bound to an object. Traditional authentication and authorization mechanisms use three different factors to identity a subject to verify if the subject has the right capability to access the object. Further, it is defined that a computer virus is a type of malware. Malware includes computer viruses, worms, Trojan horses, spyware, and ransomware. There is a high probability that IoT systems can get infected with a more sophisticated form of malware and high-frequency electromagnetic waves. Purpose oriented with distinct nature IoT devices is developed to work in a constrained environment. So there is a dire need to address these security issues because relying on existing traditional techniques is not good. Manufacturers and researchers must think about resolving these security and privacy issues. Most importantly, this study identifies the knowledge and research gap in this area. The primary objective of this systematic literature review is to discuss the divergent types of threats that target IoT systems. Most importantly, the goal is to understand the mode of action of these threats and develop the recovery mechanism to cover the damage. In this study, more than 170 research articles are systematically studied to understand security and privacy issues. Further, security threats and attacks are categorized on a single platform and provide an analysis to explain how and to what extent they damage the targeted IoT systems. This review paper encapsulates IoT security threats and categorizes and analyses them by implementing a comparative study. Moreover, the research work concludes to expand advanced technologies, e.g., blockchain, machine learning, and artificial intelligence, to guarantee security, privacy, and IoT systems.

engineering, electrical & electronic,instruments & instrumentation

Qi Jing,Athanasios V. Vasilakos,Jiafu Wan,Jingwei Lu,Dechao Qiu

DOI: https://doi.org/10.1007/s11276-014-0761-7

IF: 2.701

2014-01-01

Wireless Networks

Abstract:Internet of Things (IoT) is playing a more and more important role after its showing up, it covers from traditional equipment to general household objects such as WSNs and RFID. With the great potential of IoT, there come all kinds of challenges. This paper focuses on the security problems among all other challenges. As IoT is built on the basis of the Internet, security problems of the Internet will also show up in IoT. And as IoT contains three layers: perception layer, transportation layer and application layer, this paper will analyze the security problems of each layer separately and try to find new problems and solutions. This paper also analyzes the cross-layer heterogeneous integration issues and security issues in detail and discusses the security issues of IoT as a whole and tries to find solutions to them. In the end, this paper compares security issues between IoT and traditional network, and discusses opening security issues of IoT.

Aniruddha Bhattacharjya,Xiaofeng Zhong,Jing Wang,Xing Li

DOI: https://doi.org/10.1007/978-3-319-92564-6_7

2018-01-01

Abstract:The Internet of Things (IoT) signifies the interconnection of exceedingly heterogeneous networked entities, for instance, sensors, actuators, smart phones, etc. In accord with concrete functions, the network structure of the IoT is divided into three hierarchies: the bottom hierarchy is the sensing equipment for information acquisition; the middle hierarchy is the network for data transmission, whereas the top hierarchy is intended for applications and middleware. The uniqueness of the IoT proclaims new challenges to security requirements, dissimilar from previous technology trends. Moreover, to guarantee resilience, fail-over and recovery mechanisms must be provided to uphold operations under failure or attacks, and to return to normal operations (failure/attack mitigation). To uphold the end-to-end method, the gateway requirements to endure invisible to the communicating endpoints. The Constrained …

Youakim Badr,Xiaoyang Zhu,Mansour Naser Alraja

DOI: https://doi.org/10.1007/s11761-021-00327-z

2021-10-01

Service Oriented Computing and Applications

Abstract:In the past few years, the Internet of Things (IoT) has emerged, grown and gradually affected the daily lives of human beings in many new application domains, ranging from wearable devices, smart manufacturing, to smart homes and ambient intelligence just to mention a few. However, realizing the full potential of IoT while ensuring user security and privacy remains an open research challenge. Existing security solutions and techniques are mainly conceived for centralized and distributed information systems and are not directly applicable to IoT-based systems. In fact, IoT systems have unconventional characteristics such as intermittent connectivity, high scalability, dynamic changes and limited resources and thus require a paradigm shift to develop innovative security and privacy solutions. In this survey, we firstly give an overview of security and privacy in IoT. After defining the context of IoT systems, we identify four main characteristics, which imply unprecedented threats and challenges to existing security solutions and techniques. From the perspective of these characteristics and IoT security requirements, we identify and elaborate specific threats and challenges related to the radio-frequency identification (RFID), wireless sensor networks (WSNs) and mobile delay tolerant networks (MDTNs), which are building blocks in many IoT-based systems. In addition, we discuss potential countermeasures to handle IoT threats and challenges.

Swastik Kumar Sahu,Kaushik Mazumdar

DOI: https://doi.org/10.3389/frai.2024.1397480

2024-05-15

Frontiers in Artificial Intelligence

Abstract:The rapid proliferation of Internet of Things (IoT) devices across various industries has revolutionized the way we interact with technology. However, this widespread adoption has also brought about significant security challenges that must be addressed to ensure the integrity and confidentiality of data transmitted and processed by IoT systems. This survey paper delves into the diverse array of security threats faced by IoT devices and networks, ranging from data breaches and unauthorized access to physical tampering and denial-of-service attacks. By examining the vulnerabilities inherent in IoT ecosystems, we highlight the importance of implementing robust security measures to safeguard sensitive information and ensure the reliable operation of connected devices. Furthermore, we explore cutting-edge technologies such as blockchain, edge computing, and machine learning as potential solutions to enhance the security posture of IoT deployments. Through a comprehensive analysis of existing security frameworks and best practices, this paper aims to provide valuable insights for researchers, practitioners, and policymakers seeking to fortify the resilience of IoT systems in an increasingly interconnected world.

Sakshi Rai,Ujawal Rai,Chetan Randhye,Achal Amrutkar,Prof. Manisha More

DOI: https://doi.org/10.22214/ijraset.2023.57413

2023-12-31

International Journal for Research in Applied Science and Engineering Technology

Abstract:Abstract: The proliferation of Internet of Things (IoT) devices has transformed the way we interact with the digital world, offering unprecedented connectivity and convenience. However, this rapid expansion brings forth profound challenges concerning privacy, data protection, and security. This survey paper comprehensively explores the multifaceted landscape of IoT, dissecting its architecture, and delving into the intricate web of concerns surrounding user privacy, data safeguarding, and system security.Beginning with an examination of the IoT architecture, we dissect the interconnected layers, ranging from sensors to cloud platforms, illustrating the intricate pathways of data flow. The survey meticulously unfolds the privacy challenges embedded in the constant data collection, tracking, and profiling mechanisms intrinsic to IoT devices. Drawing on real-world examples, we underscore the tangible consequences of privacy breaches and the potential erosion of user trust.In the realm of data protection, we delve into the complexities of safeguarding data integrity, confidentiality, and availability within the IoT ecosystem. Regulatory frameworks, notably the General Data Protection Regulation (GDPR), are scrutinized for their impact on shaping data protection practices. Concurrently, the paper uncovers common security threats in IoT, emphasizing vulnerabilities in devices and the looming risks associated with unauthorized access and data breaches.Navigating through the regulatory landscape, the survey provides an overview of existing standards and regulations governing IoT. Case studies spotlight instances of privacy breaches, data protection lapses, and security vulnerabilities, offering practical insights into the implications of these incidents. Mitigation strategies, encompassing encryption, authentication, and access control, are explored to address the identified concerns.As the paper concludes, it synthesizes the key findings, emphasizing the urgency of continued efforts to fortify IoT against privacy, data protection, and security challenges. The survey anticipates future trends and challenges, offering a roadmap for researchers, policymakers, and industry stakeholders to collectively forge a secure and privacy-aware IoT landscape.