Top

previous chapter MWAMLB: Modified Weighted Active Load Balancing...

next chapter A Review of Anomaly Detection Techniques Using ...

Hint

Swipe to navigate through the chapters of this book

2021 | OriginalPaper | Chapter

Security Issues in Internet of Things: Principles, Challenges, Taxonomy

Read first chapter

Authors: Manik Gupta, Shaily Jain, R. B. Patel

Publisher: Springer Singapore

Published in: Recent Innovations in Computing

» Get access to the full-text

Abstract

The Internet of Things (IoT) has great potential to change the fundamental way of interacting with technology in daily life, and for ease, it also observes and records user preferences that challenge privacy in another way. IoT devices are suspended to extensive usage even more than mobile phones and attain more access to private and secured data. With the growth of connected devices, mobile security is already a challenge, so perspective challenges for IoT connected devices must be much greater than considered at present and can be primarily categorized into safety, security and privacy. Rigorous development of security techniques should be an essential process toward the foundation of strong IoT systems to achieve and retain user trust. The survey in this paper reviewed and analyzed security principles, attacks and countermeasures at different layers of IoT-layered architecture, considering the bottlenecks of IoT systems.

Please log in to get access to this content

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 69.000 Bücher
über 500 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 50.000 Bücher
über 380 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Maschinenbau + Werkstoffe

Testen Sie jetzt 30 Tage kostenlos.

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 58.000 Bücher
über 300 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

inform now

Ashton, K.: That ‘Internet of Things’ thing. RFID J. 22(7), 97–114 (2009)

Bodkhe, U., Mehta, D., Tanwar, S., Bhattacharya, P., Singh, P.K., Hong, W.: A survey on decentralized consensus mechanisms for cyber physical systems. IEEE Access 8, 54371–54401 (2020) CrossRef

Sharma, A., Sharma, R.: A review of applications, approaches, and challenges in Internet of Things (IoT). In: Proceedings of ICRIC 2019, pp. 257–269, Springer (2020).

Tan, L., Wang, N.: Future Internet: The Internet of Things. In: 3rd International Conference On Advanced Computer Theory & Engineering, vol. 5, pp. V5–376. IEEE (2010).

Gan, G., Lu, Z., Jiang, J.: Internet of Things security analysis. In: International Conference On Internet Technology And Applications, pp. 1–4. IEEE (2011).

Rastogi, N., Singh, S.K. Singh, P.K.: Privacy and security issues in big data: through Indian prospective. In: 3rd International Conference on Internet of Things: Smart Innovation and Usages, pp. 1–11, Bhimtal (2018).

Liu, L., Lai, S.: ALOHA-based anti-collision algorithms used in RFID system. In: International Conference On Wireless Communications, Networking And Mobile Computing, pp. 1–4. IEEE (2006).

Suo, H., Wan, J., Zou, C. Liu, J.: Security In the Internet of Things: a review. In: International Conference On Computer Science And Electronics Engineering, vol. 3, pp. 648–651. IEEE (2012).

Xiaohui, X.: Study on security problems and key technologies of the Internet of Things. In: International Conference On Computational And Information Sciences, pp. 407–410. IEEE (2013).

10.

Zhang, L., Wang, Z.: Integration of RFID Into wireless sensor networks: architectures, opportunities and challenging problems. In: International Conference On Grid And Cooperative Computing Workshops, pp. 463–469. IEEE (2006).

11.

Cherdantseva, Y., Hilton, J.: A reference model of information assurance & security. In: International Conference On Availability, Reliability And Security, pp. 546–555. IEEE (2013).

12.

Burmester, M., De Medeiros, B.: RFID security: attacks, countermeasures and challenges. In: RFID Academic Convocation, The RFID Journal Conference (2007).

13.

Thorat, N.B., Sreevardhan, C.: Survey on security threats and solutions for near field communication. Int. J. Res. Eng. Technol. 3(12), 291–295. IJRET (2014).

14.

Padhy, R.P., Patra, M.R., Satapathy, S.C.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)

15.

Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures In the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013) CrossRef

16.

Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks, No. RFC 6550 (2012).

17.

Asim, M., Iqbal, W.: IoT operating systems and security challenges. Int. J. Comput. Sci. Inf. Secur. 14(7), 314 (2016).

18.

Sen, J.: Security in wireless sensor networks. Wirel. Sens. Netw.: Curr. Status Fut. Trends 407 (2012).

19.

Le, A., Loo, J., Luo, Y., Lasebae, A.: The impacts of internal threats towards routing protocol for low power and Lossy network performance. In: IEEE Symposium on Computers and Communications, pp. 000789–000794. IEEE (2013).

20.

Mayzaud, A., Badonnel, R., Chrisment, I.: A taxonomy of attacks in RPL-based Internet of Things. Int. J. Netw. Secur. 18(3), 459–473 (2016)

21.

Kim, H.: Protection against packet fragmentation attacks At 6LoWPAN adaptation layer. In: International Conference on Convergence and Hybrid Information Technology, pp. 796–801. IEEE (2008).

22.

Hummen, R., Hiller, J., Wirtz, H., Henze, M., Shafagh, H., Wehrle, K.: 6LoWPAN fragmentation attacks & mitigation mechanisms. In: Proceedings of The 6th ACM Conference on Security & Privacy In Wireless & Mobile Networks, pp. 55–66. ACM (2013).

23.

Kumar, R., Chauhan, N., Kumar, P., Chand, N., Khan, A.U.: Privacy aware prevention of Sybil attack in vehicular ad hoc networks. In: Singh, P., Bhargava, B., Paprzycki, M., Kaushal, N., Hong, W.C. (eds.) Handbook of Wireless Sensor Networks: Issues and Challenges in Current Scenario’s, vol. 1132, pp. 364–380. Advances in Intelligent Systems and Computing. Springer, Cham (2020) CrossRef

24.

Zeng, K., Govindan, K., Mohapatra, P.: Non-cryptographic authentication and identification in wireless networks. Netw. Secur. 1, 3 (2010)

25.

Xiao, L., Greenstein, L.J., Mandayam, N.B., Trappe, W.: Channel-based detection of Sybil attacks in wireless networks. IEEE Trans. Inf. Forensics Secur. 4(3), 492–503 (2009) CrossRef

26.

Demirbas, M., & Song, Y.: An RSSI-Based Scheme For Sybil Attack Detection In Wireless Sensor Networks. In: International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 5. IEEE (2006).

27.

Li, Q., Trappe, W.: Light-weight detection of spoofing attacks in wireless networks. In: IEEE International Conference on Mobile Ad Hoc and Sensor Systems, pp. 845–851. IEEE (2006).

28.

Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the Internet of Things. IEEE Internet Things J. 1(5), 372–383 (2014) CrossRef

29.

Alvisi, L., Clement, A., Epasto, A., Lattanzi, S., Panconesi, A.: SOK: The evolution of Sybil defense via social networks. In: IEEE Symposium on Security And Privacy, pp. 382–396. IEEE (2013).

30.

Cao, Q., & Yang, X.: SybilFence: improving social-graph-based Sybil defenses with user negative feedback. In: arXiv preprint at arXiv:1304.3819. (2013).

31.

Mohaisen, A., Hopper, N., Kim, Y.: Keep your friends close: incorporating trust into social network-based Sybil defenses. In: Proceedings IEEE INFOCOM, pp. 1943–1951. IEEE (2011).

32.

Quercia, D., Hailes, S.: Sybil attacks against mobile users: friends and foes to the rescue. In: Proceedings IEEE INFOCOM, pp. 1–5. IEEE (2010).

33.

Tumrongwittayapak, C., Varakulsiripunth, R.: Detecting sinkhole attacks in wireless sensor networks. In: ICCAS-SICE (pp. 1966–1971). IEEE (2009).

34.

Choi, B.G., Cho, E.J., Kim, J.H., Hong, C.S., Kim, J.H.: A sinkhole attack detection mechanism for LQI based mesh routing in WSN. In: International Conference on Information Networking, pp. 1–5. IEEE (2009).

35.

Sharmila, S., Umamaheswari, G.: Detection of sinkhole attack in wireless sensor networks using message digest algorithms. In: International Conference on Process Automation, Control and Computing (pp. 1–6). IEEE (2011).

36.

Bhattasali, T., Chaki, R.: A survey of recent intrusion detection systems for wireless sensor network. In: International Conference on Network Security and Applications, pp. 268–280. Springer, Berlin, Heidelberg (2011).

37.

Kasinathan, P., Pastrone, C., Spirito, M.A., Vinkovits, M.: Denial-of-service detection in 6LoWPAN based Internet of Things. In: International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 600–607. IEEE (2013).

38.

Brachmann, M., Keoh, S.L., Morchon, O.G., Kumar, S.S.: End-to-end transport security in the IP-based Internet of Things. In: International Conference on Computer Communications and Networks, pp. 1–5. IEEE (2012).

39.

Granjal, J., Monteiro, E., Silva, J.S.: Application-layer security for the WoT: extending CoAP to support end-to-end message security for internet-integrated sensing applications. In: International Conference on Wired/Wireless Internet Communication, pp. 140–153. Springer, Berlin, Heidelberg (2013).

40.

Sethi, M., Arkko, J., Keränen, A.: End-to-end security for sleepy smart object networks. In: 37th Annual IEEE Conference on Local Computer Networks-Workshops, pp. 964–972. IEEE (2012).

41.

Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP). URL: https://tools.ietf.org/html/rfc7252 (2014).

42.

Khedr, W.I.: SRFID: a hash-based security scheme for low cost RFID systems. Egypt. Inf. J. 14(1), 89–98 (2013) MathSciNet

43.

Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Frontiers 12(5), 491–505 (2010) CrossRef

44.

Pongle, P., Chavan, G.: A survey: attacks on RPL and 6LoWPAN in IoT. In: International conference on pervasive computing ICPC, pp. 1–6. IEEE (2015).

45.

Dvir, A., Buttyan, L.: VeRA-version number and rank authentication In RPL. In: IEEE 8th International Conference on Mobile Ad-Hoc and Sensor Systems, pp. 709–714. IEEE (2011).

46.

Le, A., Loo, J., Lasebae, A., Vinel, A., Chen, Y., Chai, M.: The impact of rank attack on network topology of routing protocol for low-power and Lossy networks. IEEE Sens. J. 13(10), 3685–3692 (2013) CrossRef

47.

What is a UDP flood—ddos attack glossary—incapsula. URL https://www.incapsula.com/ddos/attack-glossary/udp-flood.html. Last accessed 2020/2/27.

48.

Xu, W., Trappe, W., Zhang, Y., Wood, T.: The feasibility of launching and detecting jamming attacks in wireless networks. In: Proceedings of the 6th ACM International Symposium On Mobile Ad Hoc Networking and Computing, pp. 46–57. ACM (2005).

49.

Noubir, G., Lin, G.: Low-power DoS attacks in data wireless LANs and countermeasures. ACM SIGMOBILE: Mob. Comput. Commun. Rev. 7(3), 29–30 (2003)

50.

Xu, W., Wood, T., Trappe, W., Zhang, Y.: Channel surfing and spatial retreats: defenses against wireless denial of service. In: Proceedings of the 3rd ACM Workshop on Wireless security, pp. 80–89. ACM (2004).

51.

Jang, J., Kwon, T., Song, J.: A time-based key management protocol for wireless sensor networks. In: International Conference on Information Security Practice and Experience, pp. 314–328. Springer, Berlin, Heidelberg (2007).

52.

Weekly, K., Pister, K.: Evaluating sinkhole defense techniques in RPL networks. In: IEEE International Conference on Network Protocols (pp. 1–6). IEEE (2012).

53.

Ahmed, F., Ko, Y.B.: Mitigation of black hole attacks in routing protocol for low power and Lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016) CrossRef

54.

Wazid, M., Das, A.K., Kumari, S., Khan, M.K.: Design of sinkhole node detection mechanism for hierarchical wireless sensor networks. Secur. Commun. Netw. 9(17), 4596–4614 (2016) CrossRef

55.

Krontiris, I., Dimitriou, T., Giannetsos, T., Mpasoukos, M.: Intrusion detection of sinkhole attacks in wireless sensor networks. In: International Symposium on Algorithms And Experiments For Sensor Systems, Wireless Networks And Distributed Robotics, pp. 150–161. Springer, Berlin, Heidelberg (2007)

56.

Raju, I., Parwekar, P.: Detection of sinkhole attack in wireless sensor network. In: Proceedings of Second International Conference on Computer and Communication Technologies, 3, 629–636, Springer (2015).

57.

Ngai, E.C., Liu, J., Lyu, M.R.: On the intruder detection for sinkhole attack in wireless sensor networks. In: IEEE International Conference on Communications, vol. 8, pp. 3383–3389. IEEE (2006).

58.

Poovendran, R., Lazos, L.: A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks. Wirel. Netw. 13(1), 27–59 (2007) CrossRef

59.

Salehi, S. A., Razzaque, M. A., Naraei, P., Farrokhtala, A.: Detection of sinkhole attack in wireless sensor networks. In 2013 IEEE International Conference on Space Science and Communication, pp. 361–365. IEEE (2013).

60.

Xiao, Q., Boulet, C., Gibbons, T.: RFID security issues in military supply chains. In: Second International Conference on Availability, Reliability and Security, pp. 599–605. IEEE (2007).

61.

Vidgren, N., Haataja, K., Patino-Andres, J.L., Ramirez-Sanchis, J.J., Toivanen, P.: Security threats in ZigBee-enabled systems: vulnerability evaluation, practical experiments, countermeasures, and lessons learned. In: Hawaii International Conference on System Sciences, pp. 5132–5138. IEEE (2013).

62.

Tay, H. J., Tan, J., & Narasimhan, P.: A survey of security vulnerabilities in Bluetooth low energy beacons. Carnegie Mellon University Parallel Data Lab Technical Report CMU-PDL-16-109 (2016).

63.

Wang, G., Mohanlal, M., Wilson, C., Wang, X., Metzger, M., Zheng, H., Zhao, B. Y.: Social turing tests: crowdsourcing Sybil detection. In: arXiv preprint arXiv:1205.3856. (2012).

64.

Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in The Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013) CrossRef

65.

Kibirige, G.W., & Sanga, C.: A survey on detection of sinkhole attack in wireless sensor network. arXiv preprint arXiv:1505.01941 (2015).

66.

Haataja, K.: Bluetooth network vulnerability to disclosure, integrity and Denial-of-service attacks. In: Proceedings of the Annual Finnish Data Processing Week at the University of Petrozavodsk, vol. 7, 63–103 (2005)

67.

Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application centric security in Android. Secur. Commun. Netw. 5(6), 658–673 (2012) CrossRef

68.

Chandna, S., Singh, R., Akhtar, F.: Data Scavenging threat in cloud computing. Int. J. Adv. Comput. Sci. Cloud Comput. 2(2), 17–22 (2014)

69.

Gupta, M., Gopalakrishnan, G., Sharman, R.: Countermeasures against Distributed Denial of Service. School of Management State University of New York Buffalo, NY (2017)

70.

Conzon, D., Bolognesi, T., Brizzi, P., Lotito, A., Tomasi, R., Spirito, M.A.: The Virtus middleware: an XMPP based architecture for secure IoT communications. In: International Conference on Computer Communications and Networks, pp. 1–6. IEEE (2012).

71.

Brachmann, M., Garcia-Mochon, O., Keoh, S.L., Kumar, S.S.: Security considerations around end-to-end security in the IP-based Internet of Things. In: Workshop on Smart Object Security, In Conjunction With IETF83, Paris, France (2012).

72.

A Gómez-Goiri P Orduña J Diego D López-De-Ipiña 2014 OTSOPACK: lightweight semantic framework for interoperable ambient intelligence applications Comput. Hum. Behav. 30 460 467

73.

Liu, C.H., Yang, B., Liu, T.: Efficient naming, addressing and profile services in Internet-of-Things sensory environments. Ad Hoc Netw. 18, 85–101 (2014) CrossRef

74.

Ferreira, H.G.C., de Sousa, R.T., de Deus, F.E.G., Canedo, E.D.: Proposal of a secure, deployable and transparent middleware for Internet of Things. In: 9th Iberian Conference on Information Systems And Technologies (CISTI), pp. 1–4. IEEE (2014).

Title

Security Issues in Internet of Things: Principles, Challenges, Taxonomy

Book

Recent Innovations in Computing

Print ISBN: 978-981-15-8296-7

Electronic ISBN: 978-981-15-8297-4

https://doi.org/10.1007/978-981-15-8297-4

DOI

https://doi.org/10.1007/978-981-15-8297-4_52

Authors:

Manik Gupta
Shaily Jain
R. B. Patel

Publisher

Springer Singapore

Sequence number

Premium Partner

Image Credits