[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3230833.3232800acmotherconferencesArticle/Chapter ViewAbstractPublication PagesaresConference Proceedingsconference-collections
research-article

Security Threats and Possible Countermeasures in IoT Applications Covering Different Industry Domains

Published: 27 August 2018 Publication History

Abstract

The world is witnessing the emerging role of Internet of Things (IoT) as a technology that is transforming different industries, global community and its economy. Currently a plethora of interconnected smart devices have been deployed for diverse pervasive applications and services, and billions more are expected to be connected to the Internet in the near future. The potential benefits of IoT include improved quality of life, convenience, enhanced energy efficiency, and more productivity. Alongside these potential benefits, however, come increased security risks and potential for abuse. Arguably, this is partly because many IoT start-ups and electronics hobbyists lack security expertise, and some established companies do not make security a priority in their designs, and hence they produce IoT devices that are often ill-equipped in terms of security. In this paper, we discuss different IoT application areas, and identify security threats in IoT architecture. We consider security requirements and present typical security threats for each of the application domains. Finally, we present several possible security countermeasures, and introduce the IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework, which is still under development. IoT-HarPSecA is aimed at facilitating the design and prototyping of secure IoT devices.

References

[1]
D. Borio, C. O'Driscoll, and J. Fortuny. 2012. GNSS Jammers: Effects and countermeasures. In 6th ESA Workshop on Satellite Navigation Technologies (Navitec 2012) European Workshop on GNSS Signals and Signal Processing. 1--7.
[2]
P. Boughton. 2018. World's Smallest Seismic Sensor for the Internet of Things. (2018). http://www.engineerlive.com/content/world-s-smallest-seismic-sensor-internet-things
[3]
C. Cervantes, D. Poplade, M. Nogueira, and A. Santos. 2015. Detection of Sinkhole Attacks for Supporting Secure Routing on 6LoWPAN for Internet of Things. In IFIP/IEEE International Symposium on Integrated Network Management (IM). 606--611.
[4]
H. Chan, A. Perrig, and D. Song. 2003. Random Key Predistribution Schemes for Sensor Networks. In Symposium on Security and Privacy, 2003. 197--213.
[5]
A. Das, Rishikesh, and P. N. Astya. 2017. A Relative Survey of Various LEACH based Routing Protocols in Wireless Sensor Networks. In International Conference on Computing, Communication and Automation (ICCCA). 630--636.
[6]
S. N. Firdous, Z. Baig, C. Valli, and A. Ibrahim. 2017. Modelling and Evaluation of Malicious Attacks against the IoT MQTT Protocol. In IEEE International Conference on Internet of Things (iThings). 748--755.
[7]
D. Fraunholz, D. Krohmer, S. D. Anton, and H. Dieter Schotten. 2017. Investigation of Cyber Crime Conducted by Abusing Weak or Default Passwords with a Medium Interaction Honeypot. In International Conference on Cyber Security And Protection Of Digital Services (Cyber Security). 1--7.
[8]
C. C. Grant, A. Jones, A. Hamins, and N. Bryner. Jan., 2015. Realizing the Vision of Smart Fire Fighting. IEEE Potentials 34, 1 (Jan., 2015), 35--40.
[9]
R. Hoque, S. Hassan, M. A. Sadaf, A. Galib, and T. F. Karim. 2015. Earthquake Monitoring and Warning System. In International Conference on Advances in Electrical Engineering (ICAEE). 109--112.
[10]
M. Ibrahim, A. Elgamri, S. Babiker, and A. Mohamed. 2015. Internet of Things based Smart Environmental Monitoring using the Raspberry-Pi Computer. In 5th International Conference on Digital Information Processing and Communications (ICDIPC). 159--164.
[11]
G. Kambourakis, C. Kolias, and A. Stavrou. 2017. The Mirai Botnet and the IoT Zombie Armies. In IEEE Military Communications Conference (MILCOM). 267--272.
[12]
S. Kapoor, H. Pahuja, and B. Singh. 2016. Real Time Monitoring Alert System for Landslide. In 2nd International Conference on Contemporary Computing and Informatics (IC3I). 584--589.
[13]
G. Kecskemeti, G. Casale, D. N Jha, J. Lyon, and R. Ranjan. 2017. Modelling and Simulation Challenges in Internet of Things. IEEE Cloud Computing 4, 1 (Jan 2017), 62--69.
[14]
M. Ma, P. Wang, and C. H. Chu. 2018. Redundant Reader Elimination in Large-Scale Distributed RFID Networks. IEEE Internet of Things Journal PP, 99 (2018), 1--1.
[15]
M. Marjani, F. Nasaruddin, A. Gani, A. Karim, I. A. T. Hashem, A. Siddiqa, and I. Yaqoob. 2017. Big IoT Data Analytics: Architecture, Opportunities, and Open Research Challenges. IEEE Access 5 (2017), 5247--5261.
[16]
S. Nastic, H. L. Truong, and S. Dustdar. 2017. Data and Control Points: A Programming Model for Resource-constrained IoT Cloud Edge Devices. In IEEE International Conference on Systems, Man, and Cybernetics (SMC). 3535--3540.
[17]
D. Niewolny. 2014. How the Internet of Things Is Revolutionizing Healthcare. (2014). http://cache.freescale.com/files/corporate/doc/white_paper/IOTREVH\EALCARWP.pdf (accessed 20.02.15).
[18]
NIST. May, 2015. Research Roadmap for Smart Fire Fighting. Technical Report. 1--223 pages.
[19]
S. R. Oh and Y. G. Kim. 2017. Security Requirements Analysis for the IoT. In International Conference on Platform Technology and Service (PlatCon). 1--6.
[20]
A. A. Osuwa, E. B. Ekhoragbon, and L. T. Fat. 2017. Application of Artificial Intelligence in Internet of Things. In 9th International Conference on Computational Intelligence and Communication Networks (CICN). 169--173.
[21]
S. M. A. Oteafy and H. S. Hassanein. 2018. IoT in the Fog: A Roadmap for Data-Centric IoT Development. IEEE Communications Magazine 56, 3 (MARCH 2018), 157--163.
[22]
J. Pacheco, D. Ibarra, A. Vijay, and S. Hariri. 2017. IoT Security Framework for Smart Water System. In IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA). 1285--1292.
[23]
B. D. Patel and A. D. Patel. 2016. A Trust Based Solution for Detection of Network Layer Attacks in Sensor Networks. In International Conference on Micro-Electronics and Telecommunication Engineering (ICMETE). 121--126.
[24]
Q. Qi and F. Tao. 2018. Digital Twin and Big Data Towards Smart Manufacturing and Industry 4.0: 360 Degree Comparison. IEEE Access PP, 99 (2018), 1--1.
[25]
Y. Qiu and M. Ma. 2016. APMIPv6-Based Secured Mobility Scheme for 6LoWPAN. In IEEE Global Communications Conference (GLOBECOM). 1--6.
[26]
M. G. Samaila, M. Neto, D. A. B. Fernandes, M. M. Freire, and P. R. M. Inácio. May, 2018. Challenges of securing Internet of Things devices: A survey. Security and Privacy 1, 2 (May, 2018), e20. arXiv:https://onlinelibrary.wiley.com/doi/pdf/10.1002/spy2.20
[27]
M. G. Samaila, J. B. F. Sequeiros, A. F. P. P. Correia, M. M. Freire, and P. R. M. Inácio. 2018. Networks of the Future. CRC Press, Chapter A Quick Perspective on the Current State of IoT Security: A Survey, 431--464.
[28]
A. Shifa, M. N. Asghar, and M. Fleury. 2016. Multimedia Security Perspectives in IoT. In Sixth International Conference on Innovative Computing Technology (INTECH). 550--555.
[29]
S. Singh and N. Singh. 2015. Internet of Things (IoT): Security Challenges, Business Opportunities Reference Architecture for E-commerce. In International Conference on Green Computing and Internet of Things (ICGCIoT). 1577--1581.
[30]
Y. SivaKrishna, P. Rajalakshmi, J. Bandaru, A. Kumar, M. P. R. S. Kiran, M. A. Zubair, and U. B. Desai. 2015. Performance Analysis of Hybrid Multiple Radio IoT Architecture for Ubiquitous Connectivity. In IEEE 2nd World Forum on Internet of Things (WF-IoT). 198--203.
[31]
E. Smith and L. Fuller. 2017. Control Systems and the Internet of Things -Shrinking the Factory. In 56th FITCE Congress. 68--73.
[32]
S. W. Soliman, M. A. Sobh, and A. M. Bahaa-Eldin. 2017. Taxonomy of Malware Analysis in the IoT. In 12th International Conference on Computer Engineering and Systems (ICCES). 519--529.
[33]
W. Sun, J. Liu, and H. Zhang. 2017. When Smart Wearables Meet Intelligent Vehicles: Challenges and Future Directions. IEEE Wireless Communications 24, 3 (Jun. 2017), 58--65.
[34]
N. Tuptuk and S. Hailes. 2018. Security of smart manufacturing systems. Journal of Manufacturing Systems 47 (2018), 93--106.
[35]
P. Varga, S. Plosz, G. Soos, and C. Hegedus. May, 2017. Security Threats and Issues in Automation IoT,. In 13th IEEE International Workshop on Factory Communication Systems (WFCS). 1--6.
[36]
J. Voas. 2016. Demystifying the Internet of Things. Computer 49, 6 (June 2016), 80--83.
[37]
wiseGEEK. 2015. What is a Barbie Doll? (2015). http://www.wisegeek.com/what-is-a-barbie-doll.htm (accessed 19.02.15).
[38]
T. Yalçin. 2016. Compact ECDSA Engine for IoT Applications. Electronics Letters 52, 15 (2016), 1310--1312.

Cited By

View all
  • (2024)Health IoT Threats: Survey of Risks and VulnerabilitiesFuture Internet10.3390/fi1611038916:11(389)Online publication date: 23-Oct-2024
  • (2023)Heterogeneous IoT (HetIoT) security: techniques, challenges and open issuesMultimedia Tools and Applications10.1007/s11042-023-16715-w83:12(35371-35412)Online publication date: 29-Sep-2023
  • (2022)A Systematic Literature Review on Machine and Deep Learning Approaches for Detecting Attacks in RPL-Based 6LoWPAN of Internet of ThingsSensors10.3390/s2209340022:9(3400)Online publication date: 29-Apr-2022
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security
August 2018
603 pages
ISBN:9781450364485
DOI:10.1145/3230833
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

  • Universität Hamburg: Universität Hamburg

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2018

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Application domains
  2. Internet of Things
  3. IoT-HarPSecA
  4. Security
  5. Security framework
  6. Security requirements

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ARES 2018

Acceptance Rates

ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;
Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)44
  • Downloads (Last 6 weeks)2
Reflects downloads up to 13 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2024)Health IoT Threats: Survey of Risks and VulnerabilitiesFuture Internet10.3390/fi1611038916:11(389)Online publication date: 23-Oct-2024
  • (2023)Heterogeneous IoT (HetIoT) security: techniques, challenges and open issuesMultimedia Tools and Applications10.1007/s11042-023-16715-w83:12(35371-35412)Online publication date: 29-Sep-2023
  • (2022)A Systematic Literature Review on Machine and Deep Learning Approaches for Detecting Attacks in RPL-Based 6LoWPAN of Internet of ThingsSensors10.3390/s2209340022:9(3400)Online publication date: 29-Apr-2022
  • (2022)A Systematic Survey: Security Threats to UAV-Aided IoT Applications, Taxonomy, Current Challenges and Requirements With Future Research DirectionsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2022.3220043(1-19)Online publication date: 2022
  • (2021)Dependability and Security Quantification of an Internet of Medical Things Infrastructure Based on Cloud-Fog-Edge Continuum for Healthcare Monitoring Using Hierarchical ModelsIEEE Internet of Things Journal10.1109/JIOT.2021.30814208:21(15704-15748)Online publication date: 1-Nov-2021
  • (2021)A Trust-Based Framework to Reduce Message Dissemination Latency Using CFC Model for Internet of VehicleSoft Computing for Problem Solving10.1007/978-981-16-2712-5_38(461-479)Online publication date: 14-Oct-2021
  • (2019)IoT-HarPSecAProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340514(1-7)Online publication date: 26-Aug-2019
  • (2019)Using a Deep-Learning Approach for Smart IoT Network Packet Analysis2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW.2019.00039(291-299)Online publication date: Jun-2019

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media