Building Trust on the IoT Connected World: Addressing Security Challenges in IoT Architectures and Applications
Keywords:
IoT, IoT Architecture, IoT Security, IoT Applications, Security Challenges, Security SolutionsAbstract
IoT is revolutionizing how we interact with the world, connecting everyday objects and enabling a vast array of applications. However, this interconnectedness raises critical security concerns. This paper delves into the foundation of the IoT, exploring various architectures that support its functionality. We then examine the diverse applications that leverage these architectures, highlighting the potential benefits they offer across various domains. However, the paper argues that without robust security measures, the true potential of IoT cannot be fully realized. We analyse the vulnerabilities inherent in IoT systems, exploring common security issues such as weak authentication, data breaches, and botnet attacks. To address these challenges, the paper investigates existing and emerging solutions that can fortify the security posture of the IoT ecosystem. This includes exploring secure communication protocols, encryption techniques, and leveraging advancements in technologies like blockchain and machine learning. By providing a comprehensive understanding of IoT architectures, applications, and security considerations, this paper aims to guide researchers and developers in building a more secure and trustworthy foundation for the future of the IoT.
Downloads
References
M. Seliem, K. Elgazzar, and K. Khalil, "Towards privacy preserving iot environments: a survey," Wireless Communications and Mobile Computing, 2018.
S. Vashi, J. Ram, J. Modi, S. Verma, and C. Prakash, "Internet of Things (IoT): A vision, architectural elements, and security issues," Int. Conf. on IoT in Social, Mobile, Analytics and Cloud, pp. 492-496, 2017.
Y. Chahid, M. Benabdellah, and A. Azizi, "Internet of things security," Int. Conf on Wireless Technologies, Embedded and Intelligent Systems, pp. 1-6, 2017.
M. R. Abdmeziem, D. Tandjaoui, and I. Romdhani, "Architecting the internet of things: state of the art," Int. Conf. on Robots and Sensor Clouds, pp. 55-75, 2016.
H. Elazhary, "Internet of Things (IoT), mobile cloud, cloudlet, mobile IoT, IoT cloud, fog, mobile edge, and edge emerging computing paradigms: Disambiguation and research directions," Journal of Network and Computer Applications, vol. 128, pp. 105-140, 2019.
Y. I. N. Yuehong, Y. Zeng, X. Chen, and Y. Fan, "The internet of things in healthcare: An overview," Journal of Industrial Information Integration, vol. 1, pp. 3-13, 2016.
W. H. Hassan, "Current research on Internet of Things (IoT) security: A survey," Computer Networks, vol. 148, pp. 283-294, 2019.
H. Suo, J. Wan, C. Zou, J. Liu," Security in the internet of things: a review ", Computer Science and Electronics Engineering (ICCSEE), 012 international conference, vol. 3, pp. 648-651, 2012.
A. Abdullah, R. Hamad, M. Abdulrahman, H. Moala and S. Elkhediri, "CyberSecurity: A Review of Internet of Things (IoT) Security Issues, Challenges and Techniques," 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, 2019.
M. Frustaci, P. Pace, G. Aloi and G. Fortino, "Evaluating Critical Security Issues of the IoT World: Present and Future Challenges," in IEEE Internet of Things Journal, vol. 5, no. 4, pp. 2483-2495, Aug. 2018.
A. Gharaibeh, M. A. Salahuddin, S. J. Hussini, A. Khreishah, I. Khalil, M. Guizani, and A. Al-Fuqaha, ``Smart cities: A survey on data management, security, and enabling technologies,'' IEEE Commun. Surveys Tuts., vol. 19, no. 4, pp. 2456 2501, 4th Quart., 2017.
D. Eckhoff and I. Wagner, ``Privacy in the smart city Applications, technologies, challenges, and solutions,'' IEEE Commun. Surveys Tuts., vol. 20, no. 1, pp. 489 516, 1st Quart., 2018.
X. Xia, Y. Xiao, and W. Liang, ``ABSI: An adaptive binary splitting algorithm for malicious meter inspection in smart grid,'' IEEE Trans. Inf. Forensics Security, vol. 14, no. 2, pp. 445 458, 2019.
V. Namboodiri, V. Aravinthan, S. N. Mohapatra, B. Karimi, and W. Jewell, ``Toward a secure wireless-based home area network for metering in smart grids,'' IEEE Syst. J., vol. 8, no. 2, pp. 509 520, Jun. 2014.
N. N. Dlamini and K. Johnston, ``The use, benefits and challenges of using the Internet of Things (IoT) in retail businesses: A literature review,'' in Proc. Int. Conf. Adv. Comput. Commun. Eng. (ICACCE), Nov. 2016, pp. 430 436.
A. C. Jose and R. Malekian, ``Improving smart home security: Integrating logical sensing into smart home,'' IEEE Sensors J., vol. 17, no. 13, pp. 4269 4286, Jul. 2017.
Bridgera. IoT System | Sensors and Actuators. Accessed: Feb. 9, 2019. [Online]. Available: https://bridgera.com/IoT-system-sensors-actuators/
Tictecbell. Sensor d'Ultrasons. Accessed: Feb. 11, 2019. [Online]. Available: https://sites.google.com/site/tictecbell/Arduino/ultrasons/
S. Kumar, S. Sahoo, A. Mahapatra, A. K. Swain, and K. K. Mahapatra, ``Security enhancements to system on chip devices for IoT perception layer,'' in Proc. IEEE Int. Symp. Nanoelectron. Inf. Syst. (iNIS), Dec. 2017, pp. 151 156.
C.-H. Liao, H.-H. Shuai, and L.-C. Wang, ``Eavesdropping prevention for heterogeneous Internet of Things systems,'' in Proc. 15th IEEE Annu. Consum. Commun. Netw. Conf. (CCNC), Jan. 2018, pp. 1 2.
APWG. Phishing Activity Trends Report. Accessed: Feb. 12, 2019. [Online]. Available: https://docs.apwg.org/reports/apwg_trends_report_q4_2017.pdf
C. Li and C. Chen, ``A multi-stage control method application in the fight against phishing attacks,'' in Proc. 26th Comput. Secur. Acad. Commun. Across Country, 2011, p. 145.
C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, ``DDoS in the IoT: Mirai and other Botnets,'' Computer, vol. 50, no. 7, pp. 80 84, 2017.
S. Bandyopadhyay, M. Sengupta, S. Maiti, and S. Dutta, ``A survey of middleware for Internet of Things,'' in Recent Trends in Wireless and Mobile Networks. Springer, 2011, pp. 288 296.
Q. Zhang and X. Wang, ``SQL injections through back-end of RFID system,'' in Proc. Int. Symp. Comput. Netw. Multimedia Technol., Jan. 2009, pp. 1 4.
R. Dorai and V. Kannan, ``SQL injection-database attack revolution and prevention,'' J. Int. Commercial Law Technol., vol. 6, no. 4, p. 224, 2011.
M. A. Razzaque, M. Milojevic-Jevric, A. Palade, and S. Clarke, ``Middleware for Internet of Things: A survey,'' IEEE Internet Things J., vol. 3, no. 1, pp. 70 95, Feb. 2016.
Acunetix. Insecure Deserialization. Accessed: Feb. 9, 2019. [Online]. Available: https://www.acunetix.com/blog/articles/owasp-top-10-2017/
J. Kumar, B. Rajendran, B. S. Bindhumadhava, and N. S. C. Babu, ``XML wrapping attack mitigation using positional token,'' in Proc. Int. Conf. Public Key Infrastruct. Appl. (PKIA), Nov. 2017, pp. 36 42.
WS-Attacks. Attack Subtypes. Accessed: Feb. 9, 2019. [Online]. Available: https://www.ws-attacks.org/XML_Signature_Wrapping
C. Fife. Securing the IoT Gateway. Accessed: Feb. 9, 2019. [Online]. Available: https://www.citrix.com/blogs/2015/07/24/securing-the-IoTgateway/
A. Stanciu, T.-C. Balan, C. Gerigan, and S. Zam r, ``Securing the IoT gateway based on the hardware implementation of a multi pattern search algorithm,'' in Proc. Int. Conf. Optim. Elect. Electron. Equip. (OPTIM) Int. Aegean Conf. Elect. Mach. Power Electron. (ACEMP), May 2017, pp. 1001 1006.
S.-C. Cha, J.-F. Chen, C. Su, and K.-H. Yeh, ``A blockchain connected gateway for BLE-based devices in the Internet of Things,'' IEEE Access, vol. 6, pp. 24639 24649, 2018.
S. N. Swamy, D. Jadhav, and N. Kulkarni, ``Security threats in the application layer in IoT applications,'' in Proc. Int. Conf. IoT Social, Mobile, Analytics Cloud (I-SMAC), Feb. 2017, pp. 477 480.
H. A. Abdul-Ghani, D. Konstantas, and M. Mahyoub, ``A comprehensive IoT attacks survey based on a building-blocked reference model,'' Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 3, pp. 355 373, 2018.
N. Kshetri, ``Can blockchain strengthen the Internet of Things?'' IT Prof., vol. 19, no. 4, pp. 68 72, 2017.
W. Wang, P. Xu, and L. T. Yang, ``Secure data collection, storage and access in cloud-assisted IoT,'' IEEE Cloud Comput., vol. 5, no. 4, pp. 77 88, Jul. 2018.
S. Suhail, C. S. Hong, Z. U. Ahmad, F. Zafar, and A. Khan, ``Introducing secure provenance in IoT: Requirements and challenges,'' in Proc. Int. Workshop Secure Internet Things (SIoT), Sep. 2016, pp. 39 46.
L. Xiao, X. Wan, X. Lu, Y. Zhang, and D. Wu, ``IoT security techniques based on machine learning: How do IoT devices use AI to enhance security?'' IEEE Signal Process. Mag., vol. 35, no. 5, pp. 41 49, Sep. 2018.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
