Abstract
IoT technologies are becoming pervasive in public and private sectors and represent presently an integral part of our daily life. The advantages offered by these technologies are frequently coupled with serious security issues that are often not properly overseen or even ignored. The IoT threat landscape is extremely wide and complex and involves a wide variety of hardware and software technologies. In this framework, the security of application layer protocols is of paramount importance since these protocols are at the basis of the communications among applications and services running on different IoT devices and on cloud/edge infrastructures. This paper offers a comprehensive survey of application layer protocol security by presenting the main challenges and findings. More specifically, the paper focuses on the most popular protocols devised in IoT environments for messaging/data sharing and for service discovery. The main threats of these protocols as well as the Common Vulnerabilities and Exposures (CVE) for their products and services are analyzed and discussed in detail. Good practices and measures that can be adopted to mitigate threats and attacks are also investigated. Our findings indicate that ensuring security at the application layer is very challenging. IoT devices are exposed to numerous security risks due to lack of appropriate security services in the protocols as well as to vulnerabilities or incorrect configuration of the products and services being deployed. Moreover, the constrained capabilities of these devices affect the types of security services that can be implemented.
Highlights
The Internet of Things (IoT) ecosystem encompasses a growing number of smart objects connected to the Internet and characterized by diverse capabilities, such as sensing, actuating, processing, storing and communicating [1,2]
This paper offers a comprehensive analysis of the security risks and challenges affecting the most popular application layer protocols employed in IoT environments
The methodological approach followed in our study is based on the examination of the security specifications of the protocol standards and on the analysis of the Common Vulnerabilities and Exposures (CVE) collected in the National Vulnerability Database (NVD) over six years since 2014
Summary
The IoT ecosystem encompasses a growing number of smart objects connected to the Internet and characterized by diverse capabilities, such as sensing, actuating, processing, storing and communicating [1,2]. IoT technologies offer enormous potentials to consumers and industry They improve quality of life, increase operational efficiency and productivity, allow real-time decisions and create new business opportunities. The McKinsey Global Institute predicts that IoT technologies could have an annual economic impact of 3.9 to 11.1 trillion USD worldwide by 2025 All these benefits are often coupled with many security risks and challenges. This paper offers a comprehensive analysis of the security risks and challenges affecting the most popular application layer protocols employed in IoT environments. Analysis and discussion of the potential security threats and attacks affecting the application layer protocols typical of IoT environments;.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
