Abstract
The Internet of Things (IoT) has experienced constant growth in the number of devices deployed and the range of applications in which such devices are used. They vary widely in size, computational power, capacity storage, and energy. The explosive growth and integration of IoT in different domains and areas of our daily lives has created an Internet of Vulnerabilities (IoV). In the rush to build and implement IoT devices, security and privacy have not been adequately addressed. IoT devices, many of which are highly constrained, are vulnerable to cyber attacks, which threaten the security and privacy of users and systems. This survey provides a comprehensive overview of IoT in regard to areas of application, security architecture frameworks, recent security and privacy issues in IoT, as well as a review of recent similar studies on IoT security and privacy. In addition, the paper presents a comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented. Moreover, the study proposes mitigations and countermeasures, taking a multi-faceted approach rather than a per layer approach. Open research areas are also covered to provide researchers with the most recent research urgent questions in regard to securing IoT ecosystem.
Highlights
The Internet of Things (IoT) encompasses a wide range of application domains, including home, health, manufacturing and supply chain, agriculture, transportation, city and utilities
The Network layer is critical to the transport of information between IoT devices and Application layer processes; Denial of Service (DoS) attacks can threaten the availability of network services [15,16] and vulnerabilities in the wireless protocols lead to additional security threats [13]
Attacks in IoT application domains SCADA, Smart Power Grids, Intelligent Transportation Systems, E-Health and Medical Systems, and Smart Home and Automation are analyzed, with the authors finding that the closeness of device and target, exploitation of network and physical communication, and the extension of IoT device functionality played a role in the viability of an attack across all of the aforementioned application domains
Summary
The Internet of Things (IoT) encompasses a wide range of application domains, including home, health, manufacturing and supply chain, agriculture, transportation, city and utilities. The Network layer is critical to the transport of information between IoT devices and Application layer processes; Denial of Service (DoS) attacks can threaten the availability of network services [15,16] and vulnerabilities in the wireless protocols lead to additional security threats [13]. Review the latest related security and privacy similar studies in IoT; Discuss proposals for IoT security architectures and frameworks in recent literature; Provide a taxonomy of attacks on IoT; Present classification of attacks’ impacts according to NIST’s FIPS 199 definitions on loss of Confidentiality, Integrity and Availability (CIA) due to attacks on select smart devices; Discuss a multi-faceted approach to mitigation and countermeasures in IoT security; Allocate a section on open research area pertain to IoT ecosystem.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
