The Internet of things (IoT) integrates a variety and many smart objects to communicate with each other without human involvement. The requirements for the extensive implementation of the IoT are rapidly growing with a major and essential security concern. This study focuses on the modern IoT security threats and vulnerabilities in the contexts of perception and network layer of IoT architecture by conducting a deep study of existing works in the area of IoT security. This study also aims to serve a useful manual of existing security threats and vulnerabilities of the IoT environment and provides the most promising solutions for enhancing the IoT security architecture.
Cite this article:
Aamir Hasan, V. K. Patle. Security Threats in Perception and Network Layer of Internet of Things (IoT): A Review. Int.J.Tech.2020;10(2): 143-152. doi: 10.5958/2231-3915.2020.00026.7
1. Q. Jing, A. V Vasilakos, J. Wan, J. Lu, and D. Qiu, “Security of the Internet of Things: perspectives and challenges,” Wirel. Networks, vol. 20, no. 8, pp. 2481–2501, 2014, doi: 10.1007/s11276-014-0761-7.
2. J. Lin, W. Yu, N. Zhang, X. Yang, H. Zhang and W. Zhao, "A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications," in IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1125-1142, Oct. 2017, doi: 10.1109/JIOT.2017.2683200
3. S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Things: The road ahead,” Comput. Networks, vol. 76, pp. 146–164, 2015, doi: https://doi.org/10.1016/j.comnet.2014.11.008.
4. A. Whitmore, A. Agarwal, and L. Da Xu, “The Internet of Things—A survey of topics and trends,” Inf. Syst. Front., vol. 17, no. 2, pp. 261–274, 2015, doi: 10.1007/s10796-014-9489-2.
5. L. Atzori, A. Iera, and G. Morabito, “The Internet of Things: A survey,” Comput. Networks, vol. 54, no. 15, pp. 2787–2805, 2010, doi: https://doi.org/10.1016/j.comnet.2010.05.010.
6. S. Horrow and A. Sardana, Identity management framework for cloud based internet of things. 2012.
7. A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications,” IEEE Commun. Surv. Tutorials, vol. 17, no. 4, pp. 2347–2376, 2015, doi: 10.1109/COMST.2015.2444095.
8. H. F. Atlam, A. Alenezi, A. Alharthi, R. J. Walters, and G. B. Wills, “Integration of Cloud Computing with Internet of Things: Challenges and Open Issues,” in 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2017, pp. 670–675, doi: 10.1109/iThings-GreenCom-CPSCom-SmartData.2017.105.
9. E. Borgia, D. Gomes, B. Lagesse, R. Lea, and D. Puccinelli, “Editorial Special Issue on Internet of Things: Research challenges and Solutions,” Comput. Commun., vol. 89–90, May 2016, doi: 10.1016/j.comcom.2016.04.024.
10. R. H. Weber, “Internet of Things – New security and privacy challenges,” Comput. Law Secur. Rev., vol. 26, no. 1, pp. 23–30, 2010, doi: https://doi.org/10.1016/j.clsr.2009.11.008.
11. S. Mansfield-Devine, “The secure way to use open source,” Comput. Fraud Secur., vol. 2016, pp. 15–20, May 2016, doi: 10.1016/S1361-3723(16)30046-X.
12. M. Jutila, “An Adaptive Edge Router Enabling Internet of Things,” IEEE Internet Things J., vol. 3, no. 6, pp. 1061–1069, 2016, doi: 10.1109/JIOT.2016.2550561.
13. N. YE, Y. Zhu, R. WANG, R. Malekian, and L. Qiao-min, “An Efficient Authentication and Access Control Scheme for Perception Layer of Internet of Things,” Appl. Math. Inf. Sci., vol. 8, Jul. 2014, doi: 10.12785/amis/080416.
14. R. Roman, C. Alcaraz, J. Lopez, and N. Sklavos, “Key management systems for sensor networks in the context of the Internet of Things,” Comput. Electr. Eng., vol. 37, no. 2, pp. 147–159, 2011, doi: https://doi.org/10.1016/j.compeleceng.2011.01.009.
15. B. Zhuming, W. Guoping, and X. L. Da, “A visualization platform for internet of things in manufacturing applications,” Internet Res., vol. 26, no. 2, pp. 377–401, Jan. 2016, doi: 10.1108/IntR-02-2014-0043.
16. J. Frizzo-Barker, P. Chow-White, M. Mozafari, and V. T. D. Ha, “An empirical study of the rise of big data in business scholarship,” Int. J. Inf. Manage., vol. 36, pp. 403–413, Jun. 2016, doi: 10.1016/j.ijinfomgt.2016.01.006.
17. A. Gluhak, S. Krco, M. Nati, D. Pfisterer, N. Mitton, and T. Razafindralambo, “A survey on facilities for experimental internet of things research,” IEEE Commun. Mag., vol. 49, no. 11, pp. 58–67, 2011, doi: 10.1109/MCOM.2011.6069710.
18. A. Roukounaki, S. Efremidis, J. Soldatos, J. Neises, T. Walloschke and N. Kefalakis, "Scalable and Configurable End-to-End Collection and Analysis of IoT Security Data : Towards End-to-End Security in IoT Systems," 2019 Global IoT Summit (GIoTS), Aarhus, Denmark, 2019, pp. 1-6, doi: 10.1109/GIOTS.2019.8766407.
19. B. Mostefa and G. Abdelkader, "A survey of wireless sensor network security in the context of Internet of Things," 2017 4th International Conference on Information and Communication Technologies for Disaster Management (ICT-DM), Münster, 2017, pp. 1-8, doi: 10.1109/ICT-DM.2017.8275691.
20. H. Suo, J. Wan, C. Zou, and J. Liu, “Security in the Internet of Things: A Review,” Proc. - 2012 Int. Conf. Comput. Sci. Electron. Eng. ICCSEE 2012, vol. 3, Mar. 2012, doi: 10.1109/ICCSEE.2012.373.
21. K. Zhao and L. Ge, “A Survey on the Internet of Things Security,” in 2013 Ninth International Conference on Computational Intelligence and Security, 2013, pp. 663–667, doi: 10.1109/CIS.2013.145.
22. M. Noura, M. Atiquzzaman, and M. Gaedke, “Interoperability in Internet of Things: Taxonomies and Open Challenges,” Mob. Networks Appl., vol. 24, no. 3, pp. 796–809, 2019, doi: 10.1007/s11036-018-1089-9.
23. J. Nolin and N. Olson, “The Internet of Things and Convenience,” Internet Res., vol. Vol. 26, Feb. 2016, doi: 10.1108/IntR-03-2014-0082.
24. I. Yaqoob, I. Hashem, Y. Mehmood, A. Gani, S. Mokhtar, and S. Guizani, “Enabling Communication Technologies for Smart Cities,” IEEE Commun. Mag., vol. 55, Jan. 2017, doi: 10.1109/MCOM.2017.1600232CM.
25. C. Valmohammadi, “Examining the perception of Iranian organizations on Internet of Things solutions and applications,” Ind. Commer. Train., vol. 48, Feb. 2016, doi: 10.1108/ICT-07-2015-0045.
26. P. Pongle and G. Chavan, “A survey: Attacks on RPL and 6LoWPAN in IoT,” in 2015 International Conference on Pervasive Computing (ICPC), 2015, pp. 1–6, doi: 10.1109/PERVASIVE.2015.7087034.
27. M. Bohge and W. Trappe, An authentication framework for hierarchical ad hoc sensor networks. 2003.
28. S. Laghari and M. A. Niazi, “Modeling the Internet of Things, Self-Organizing and Other Complex Adaptive Communication Networks: A Cognitive Agent-Based Computing Approach,” PLoS One, vol. 11, no. 1, pp. e0146760-, Jan. 2016, [Online]. Available: https://doi.org/10.1371/journal.pone.0146760.
29. C. Bekara, “Security Issues and Challenges for the IoT-based Smart Grid,” Procedia Comput. Sci., vol. 34, pp. 532–537, 2014, doi: https://doi.org/10.1016/j.procs.2014.07.064.
30. Ş. Bahtiyar and M. Ufuk Çağlayan, “Extracting trust information from security system of a service,” J. Netw. Comput. Appl., vol. 35, no. 1, pp. 480–490, 2012, doi: https://doi.org/10.1016/j.jnca.2011.10.002.
31. Ş. Bahtiyar and M. Ufuk Çağlayan, “Extracting trust information from security system of a service,” J. Netw. Comput. Appl., vol. 35, no. 1, pp. 480–490, 2012, doi: https://doi.org/10.1016/j.jnca.2011.10.002.
32. A. Akhunzada et al., “Secure and Dependable Software Defined Networks,” J. Netw. Comput. Appl., Dec. 2015, doi: 10.1016/j.jnca.2015.11.012.
33. H.-D. Ma, “Internet of Things: Objectives and Scientific Challenges,” J. Comput. Sci. Technol., vol. 26, pp. 919–924, Nov. 2011, doi: 10.1007/s11390-011-1189-5.
34. C. Perera, A. Zaslavsky, P. Christen, and D. Georgakopoulos, “Context Aware Computing for The Internet of Things: A Survey,” IEEE Commun. Surv. Tutorials, vol. 16, no. 1, pp. 414–454, 2014, doi: 10.1109/SURV.2013.042313.00197.
35. C.-W. Tsai, C.-F. Lai, and A. Vasilakos, “Future Internet of Things: open issues and challenges,” Wirel. Networks, vol. 20, pp. 2201–2217, Nov. 2014, doi: 10.1007/s11276-014-0731-0.
36. J. Yin and S. Madria, “ESecRout: An Energy Efficient Secure Routing for Sensor Networks,” Int. J. Distrib. Sens. Networks, vol. 4, Apr. 2008, doi: 10.1080/15501320802001101.
37. J. Wu, M. Dong, K. Ota, L. Liang, and Z. Zhou, “Securing distributed storage for Social Internet of Things using regenerating code and Blom key agreement,” Peer-to-Peer Netw. Appl., vol. 8, Jun. 2014, doi: 10.1007/s12083-014-0286-y.
38. B. Massis, “The Internet of Things and its impact on the library,” New Libr. World, vol. 117, pp. 289–292, Mar. 2016, doi: 10.1108/NLW-12-2015-0093.
39. C. Lee, L. Zappaterra, K. Choi, and H.-A. Choi, “Securing smart home: Technologies, security challenges, and security requirements,” in 2014 IEEE Conference on Communications and Network Security, 2014, pp. 67–72, doi: 10.1109/CNS.2014.6997467.
40. A. S. K. Pathan, H.-W. Lee, and C. S. Hong, Security in wireless sensor networks: issues and challenges, vol. 2. 2006.
41. S. Rahimi Moosavi et al., SEA: A Secure and Efficient Authentication and Authorization Architecture for IoT-Based Healthcare Using Smart Gateways, vol. 52. 2015.
42. Y. Zhang, Y. Shen, H. Wang, J. Yong, and X. Jiang, “On Secure Wireless Communications for IoT Under Eavesdropper Collusion,” IEEE Trans. Autom. Sci. Eng., vol. 13, no. 3, pp. 1281–1293, 2016, doi: 10.1109/TASE.2015.2497663.
43. Y. Zhang, Y. Shen, H. Wang, J. Yong, and X. Jiang, “On Secure Wireless Communications for IoT Under Eavesdropper Collusion,” IEEE Trans. Autom. Sci. Eng., vol. 13, no. 3, pp. 1281–1293, 2016, doi: 10.1109/TASE.2015.2497663.
44. K. Zhao and L. Ge, A Survey on the Internet of Things Security. 2013.
45. M. V Bharathi, R. C. Tanguturi, C. Jayakumar, and K. Selvamani, “Node capture attack in Wireless Sensor Network: A survey,” in 2012 IEEE International Conference on Computational Intelligence and Computing Research, 2012, pp. 1–3, doi: 10.1109/ICCIC.2012.6510237.
46. X. Yang, J. Lin, W. Yu, P. Moulema, X. Fu, and W. Zhao, “A Novel En-Route Filtering Scheme Against False Data Injection Attacks in Cyber-Physical Networked Systems,” IEEE Trans. Comput., vol. 64, no. 1, pp. 4–18, 2015, doi: 10.1109/TC.2013.177.
47. J. Lin, W. Yu, X. Yang, G. Xu, and W. Zhao, “On False Data Injection Attacks against Distributed Energy Routing in Smart Grid,” in 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems, 2012, pp. 183–192, doi: 10.1109/ICCPS.2012.26.
48. J. Lin, W. Yu, and X. Yang, “Towards Multistep Electricity Prices in Smart Grid Electricity Markets,” IEEE Trans. Parallel Distrib. Syst., vol. 27, no. 1, pp. 286–302, 2016, doi: 10.1109/TPDS.2015.2388479.
49. X. Yang et al., “Towards a Low-Cost Remote Memory Attestation for the Smart Grid,” Sensors (Basel)., vol. 15, pp. 20799–20824, Aug. 2015, doi: 10.3390/s150820799.
50. A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla, “SWATT: softWare-based attestation for embedded devices,” in IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004, 2004, pp. 272–282, doi: 10.1109/SECPRI.2004.1301329.
51. N. Zhao, F. R. Yu, M. Li, and V. C. M. Leung, “Anti-Eavesdropping Schemes for Interference Alignment (IA)-Based Wireless Networks,” IEEE Trans. Wirel. Commun., vol. 15, no. 8, pp. 5719–5732, 2016, doi: 10.1109/TWC.2016.2568188.
52. G. Gomez, F. J. Lopez-Martinez, D. Morales-Jimenez, and M. R. McKay, “On the Equivalence Between Interference and Eavesdropping in Wireless Communications,” IEEE Trans. Veh. Technol., vol. 64, no. 12, pp. 5935–5940, 2015, doi: 10.1109/TVT.2014.2387475.
53. N. Bressan, L. Bazzaco, N. Bui, P. Casari, L. Vangelista, and M. Zorzi, “The Deployment of a Smart Monitoring System Using Wireless Sensor and Actuator Networks,” in 2010 First IEEE International Conference on Smart Grid Communications, 2010, pp. 49–54, doi: 10.1109/SMARTGRID.2010.5622015.
54. M. Sarkar and D. B. Roy, “Prevention of sleep deprivation attacks using clustering,” in 2011 3rd International Conference on Electronics Computer Technology, 2011, vol. 5, pp. 391–394, doi: 10.1109/ICECTECH.2011.5942027.
55. I. Andrea, C. Chrysostomou, and G. Hadjichristofi, “Internet of Things: Security vulnerabilities and challenges,” in 2015 IEEE Symposium on Computers and Communication (ISCC), 2015, pp. 180–187, doi: 10.1109/ISCC.2015.7405513.
56. S. H. Ahmed, G. Kim, and D. Kim, “Cyber Physical System: Architecture, applications and research challenges,” in 2013 IFIP Wireless Days (WD), 2013, pp. 1–5, doi: 10.1109/WD.2013.6686528.
57. S. U. Maheswari, N. S. Usha, E. A. M. Anita, and K. R. Devi, “A novel robust routing protocol RAEED to avoid DoS attacks in WSN,” in 2016 International Conference on Information Communication and Embedded Systems (ICICES), 2016, pp. 1–5, doi: 10.1109/ICICES.2016.7518942.
58. M. Chuang and J. Lee, “TEAM: Trust-extended authentication mechanism for vehicular ad hoc networks,” in 2011 International Conference on Consumer Electronics, Communications and Networks (CECNet), 2011, pp. 1758–1761, doi: 10.1109/CECNET.2011.5768376.
59. I. Chen, J. Guo, and F. Bao, “Trust management for service composition in SOA-based IoT systems,” in 2014 IEEE Wireless Communications and Networking Conference (WCNC), 2014, pp. 3444–3449, doi: 10.1109/WCNC.2014.6953138.
60. A. Sarkar, “Significance of Smart Cities in 21st Century: An International Business Perspective,” Focus J. Int. Bus., vol. 2, Feb. 2015, doi: 10.17492/focus.v2i2.8623.
61. U. K. Chaurasia and V. Singh, “MAODV: Modified wormhole detection AODV protocol,” in 2013 Sixth International Conference on Contemporary Computing (IC3), 2013, pp. 239–243, doi: 10.1109/IC3.2013.6612197.
62. K. Ren, W. Lou, and Y. Zhang, “Multi-user Broadcast Authentication in Wireless Sensor Networks,” in 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, 2007, pp. 223–232, doi: 10.1109/SAHCN.2007.4292834.
63. P. yi, Y. Wu, F. Zou, and N. Liu, “A Survey on Security in Wireless Mesh Networks,” IETE Tech. Rev., vol. 27, Jan. 2010, doi: 10.4103/0256-4602.58969.
64. I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A survey on sensor networks,” IEEE Commun. Mag., vol. 40, no. 8, pp. 102–114, 2002, doi: 10.1109/MCOM.2002.1024422.
65. M. Chuang and J. Lee, “TEAM: Trust-extended authentication mechanism for vehicular ad hoc networks,” in 2011 International Conference on Consumer Electronics, Communications and Networks (CECNet), 2011, pp. 1758–1761, doi: 10.1109/CECNET.2011.5768376.