Abstract
The Internet of Things, abbreviated as IoT, is a new networking paradigm composed of wireless and wired networks, geographically distributed and interconnected by a “secured” backbone, essentially, the Internet. It connects billions of heterogeneous devices, called Things, using different communication technologies and provides end-users, all over the world, with a variety of smart applications. IoT constitutes a new evolution for the Internet in terms of diversity, size, and applications. It also invites cybercriminals who exploit IoT infrastructures to conduct large scale, distributed, and devastating cyberattacks that may have serious consequences. The security of IoT infrastructures strongly depends on the security of its wired and wireless infrastructures. Still, the wireless infrastructures are thought to be the most outspread, important, and vulnerable part of IoT. To achieve the security goals in the wireless infrastructures of IoT, it is crucial to have a comprehensive understanding of IoT attacks, their classification, and security solutions in such infrastructures. In this paper, we provide a survey of attacks related to the wireless infrastructures of IoT in general, and to the most used short-range wireless communication technologies in the resource-constrained part of IoT in particular. Namely, we consider Wi-Fi, Bluetooth, ZigBee, and RFID wireless communication technologies. The paper also provides a taxonomy of these attacks based on a security service-based attack classification and discusses existing security defenses and mechanisms that mitigate certain attacks as well as the limitations of these security mechanisms.
Highlights
Internet of Things (IoT) constitutes a new evolution of the classical Internet network in terms of diversity, size, and applications
We propose a taxonomy of attacks in IoT Wi-Fi, Bluetooth, ZigBee, and RFID infrastructures
We review the existing attacks that occurred on Wi-Fi, Bluetooth, ZigBee, and RFID wireless communication technologies in the last twenty years
Summary
Internet of Things (IoT) constitutes a new evolution of the classical Internet network in terms of diversity, size, and applications. These networks are geographically distributed and interconnected through a ‘‘secured’’ backbone, essentially, the Internet This diversified networking infrastructure allows billions of heterogeneous devices, called Things, to be connected to the same backbone [1], [2] and communicate with each other within the framework of smart applications [3]–[15]. We adopt a security service-based attack classification to review the attacks that occurred in the last two decades on the most used short-range wireless communication technologies of IoT. (3) Most of the wireless IoT infrastructures that adopt these technologies are resource-constrained and are subject to different types of attacks. (4) The wireless infrastructure of IoT is the most vulnerable part of IoT Attackers may exploit this part as an entry point to build their attacking network over the air. We can learn from the current ones to understand and prevent the same attacks from happening on the upcoming technologies. (6) For the sake of the length of the paper and topicframing, we have not considered mid/long-range wireless communication technologies, such as Wise, M-Bus (MeterBus), RIIoT (Radiocrafts Industrial IoT), Tinymesh, WiMax, licensed LPWAN technologies (e.g., LTE-M, EC-GSM, and NB-IoT), unlicensed LPWAN technologies (e.g., MYTHINGS, LoRa, and Sigfox), and cellular technologies (e.g., 3G, 4G/LTE, and 5G)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
