Abstract
The Internet of Things (IoT) has great potential to change the fundamental way of interacting with technology in daily life, and for ease, it also observes and records user preferences that challenge privacy in another way. IoT devices are suspended to extensive usage even more than mobile phones and attain more access to private and secured data. With the growth of connected devices, mobile security is already a challenge, so perspective challenges for IoT connected devices must be much greater than considered at present and can be primarily categorized into safety, security and privacy. Rigorous development of security techniques should be an essential process toward the foundation of strong IoT systems to achieve and retain user trust. The survey in this paper reviewed and analyzed security principles, attacks and countermeasures at different layers of IoT-layered architecture, considering the bottlenecks of IoT systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ashton, K.: That ‘Internet of Things’ thing. RFID J. 22(7), 97–114 (2009)
Bodkhe, U., Mehta, D., Tanwar, S., Bhattacharya, P., Singh, P.K., Hong, W.: A survey on decentralized consensus mechanisms for cyber physical systems. IEEE Access 8, 54371–54401 (2020)
Sharma, A., Sharma, R.: A review of applications, approaches, and challenges in Internet of Things (IoT). In: Proceedings of ICRIC 2019, pp. 257–269, Springer (2020).
Tan, L., Wang, N.: Future Internet: The Internet of Things. In: 3rd International Conference On Advanced Computer Theory & Engineering, vol. 5, pp. V5–376. IEEE (2010).
Gan, G., Lu, Z., Jiang, J.: Internet of Things security analysis. In: International Conference On Internet Technology And Applications, pp. 1–4. IEEE (2011).
Rastogi, N., Singh, S.K. Singh, P.K.: Privacy and security issues in big data: through Indian prospective. In: 3rd International Conference on Internet of Things: Smart Innovation and Usages, pp. 1–11, Bhimtal (2018).
Liu, L., Lai, S.: ALOHA-based anti-collision algorithms used in RFID system. In: International Conference On Wireless Communications, Networking And Mobile Computing, pp. 1–4. IEEE (2006).
Suo, H., Wan, J., Zou, C. Liu, J.: Security In the Internet of Things: a review. In: International Conference On Computer Science And Electronics Engineering, vol. 3, pp. 648–651. IEEE (2012).
Xiaohui, X.: Study on security problems and key technologies of the Internet of Things. In: International Conference On Computational And Information Sciences, pp. 407–410. IEEE (2013).
Zhang, L., Wang, Z.: Integration of RFID Into wireless sensor networks: architectures, opportunities and challenging problems. In: International Conference On Grid And Cooperative Computing Workshops, pp. 463–469. IEEE (2006).
Cherdantseva, Y., Hilton, J.: A reference model of information assurance & security. In: International Conference On Availability, Reliability And Security, pp. 546–555. IEEE (2013).
Burmester, M., De Medeiros, B.: RFID security: attacks, countermeasures and challenges. In: RFID Academic Convocation, The RFID Journal Conference (2007).
Thorat, N.B., Sreevardhan, C.: Survey on security threats and solutions for near field communication. Int. J. Res. Eng. Technol. 3(12), 291–295. IJRET (2014).
Padhy, R.P., Patra, M.R., Satapathy, S.C.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures In the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013)
Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks, No. RFC 6550 (2012).
Asim, M., Iqbal, W.: IoT operating systems and security challenges. Int. J. Comput. Sci. Inf. Secur. 14(7), 314 (2016).
Sen, J.: Security in wireless sensor networks. Wirel. Sens. Netw.: Curr. Status Fut. Trends 407 (2012).
Le, A., Loo, J., Luo, Y., Lasebae, A.: The impacts of internal threats towards routing protocol for low power and Lossy network performance. In: IEEE Symposium on Computers and Communications, pp. 000789–000794. IEEE (2013).
Mayzaud, A., Badonnel, R., Chrisment, I.: A taxonomy of attacks in RPL-based Internet of Things. Int. J. Netw. Secur. 18(3), 459–473 (2016)
Kim, H.: Protection against packet fragmentation attacks At 6LoWPAN adaptation layer. In: International Conference on Convergence and Hybrid Information Technology, pp. 796–801. IEEE (2008).
Hummen, R., Hiller, J., Wirtz, H., Henze, M., Shafagh, H., Wehrle, K.: 6LoWPAN fragmentation attacks & mitigation mechanisms. In: Proceedings of The 6th ACM Conference on Security & Privacy In Wireless & Mobile Networks, pp. 55–66. ACM (2013).
Kumar, R., Chauhan, N., Kumar, P., Chand, N., Khan, A.U.: Privacy aware prevention of Sybil attack in vehicular ad hoc networks. In: Singh, P., Bhargava, B., Paprzycki, M., Kaushal, N., Hong, W.C. (eds.) Handbook of Wireless Sensor Networks: Issues and Challenges in Current Scenario’s, vol. 1132, pp. 364–380. Advances in Intelligent Systems and Computing. Springer, Cham (2020)
Zeng, K., Govindan, K., Mohapatra, P.: Non-cryptographic authentication and identification in wireless networks. Netw. Secur. 1, 3 (2010)
Xiao, L., Greenstein, L.J., Mandayam, N.B., Trappe, W.: Channel-based detection of Sybil attacks in wireless networks. IEEE Trans. Inf. Forensics Secur. 4(3), 492–503 (2009)
Demirbas, M., & Song, Y.: An RSSI-Based Scheme For Sybil Attack Detection In Wireless Sensor Networks. In: International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 5. IEEE (2006).
Li, Q., Trappe, W.: Light-weight detection of spoofing attacks in wireless networks. In: IEEE International Conference on Mobile Ad Hoc and Sensor Systems, pp. 845–851. IEEE (2006).
Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the Internet of Things. IEEE Internet Things J. 1(5), 372–383 (2014)
Alvisi, L., Clement, A., Epasto, A., Lattanzi, S., Panconesi, A.: SOK: The evolution of Sybil defense via social networks. In: IEEE Symposium on Security And Privacy, pp. 382–396. IEEE (2013).
Cao, Q., & Yang, X.: SybilFence: improving social-graph-based Sybil defenses with user negative feedback. In: arXiv preprint at arXiv:1304.3819. (2013).
Mohaisen, A., Hopper, N., Kim, Y.: Keep your friends close: incorporating trust into social network-based Sybil defenses. In: Proceedings IEEE INFOCOM, pp. 1943–1951. IEEE (2011).
Quercia, D., Hailes, S.: Sybil attacks against mobile users: friends and foes to the rescue. In: Proceedings IEEE INFOCOM, pp. 1–5. IEEE (2010).
Tumrongwittayapak, C., Varakulsiripunth, R.: Detecting sinkhole attacks in wireless sensor networks. In: ICCAS-SICE (pp. 1966–1971). IEEE (2009).
Choi, B.G., Cho, E.J., Kim, J.H., Hong, C.S., Kim, J.H.: A sinkhole attack detection mechanism for LQI based mesh routing in WSN. In: International Conference on Information Networking, pp. 1–5. IEEE (2009).
Sharmila, S., Umamaheswari, G.: Detection of sinkhole attack in wireless sensor networks using message digest algorithms. In: International Conference on Process Automation, Control and Computing (pp. 1–6). IEEE (2011).
Bhattasali, T., Chaki, R.: A survey of recent intrusion detection systems for wireless sensor network. In: International Conference on Network Security and Applications, pp. 268–280. Springer, Berlin, Heidelberg (2011).
Kasinathan, P., Pastrone, C., Spirito, M.A., Vinkovits, M.: Denial-of-service detection in 6LoWPAN based Internet of Things. In: International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 600–607. IEEE (2013).
Brachmann, M., Keoh, S.L., Morchon, O.G., Kumar, S.S.: End-to-end transport security in the IP-based Internet of Things. In: International Conference on Computer Communications and Networks, pp. 1–5. IEEE (2012).
Granjal, J., Monteiro, E., Silva, J.S.: Application-layer security for the WoT: extending CoAP to support end-to-end message security for internet-integrated sensing applications. In: International Conference on Wired/Wireless Internet Communication, pp. 140–153. Springer, Berlin, Heidelberg (2013).
Sethi, M., Arkko, J., Keränen, A.: End-to-end security for sleepy smart object networks. In: 37th Annual IEEE Conference on Local Computer Networks-Workshops, pp. 964–972. IEEE (2012).
Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP). URL: https://tools.ietf.org/html/rfc7252 (2014).
Khedr, W.I.: SRFID: a hash-based security scheme for low cost RFID systems. Egypt. Inf. J. 14(1), 89–98 (2013)
Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Frontiers 12(5), 491–505 (2010)
Pongle, P., Chavan, G.: A survey: attacks on RPL and 6LoWPAN in IoT. In: International conference on pervasive computing ICPC, pp. 1–6. IEEE (2015).
Dvir, A., Buttyan, L.: VeRA-version number and rank authentication In RPL. In: IEEE 8th International Conference on Mobile Ad-Hoc and Sensor Systems, pp. 709–714. IEEE (2011).
Le, A., Loo, J., Lasebae, A., Vinel, A., Chen, Y., Chai, M.: The impact of rank attack on network topology of routing protocol for low-power and Lossy networks. IEEE Sens. J. 13(10), 3685–3692 (2013)
What is a UDP flood—ddos attack glossary—incapsula. URL https://www.incapsula.com/ddos/attack-glossary/udp-flood.html. Last accessed 2020/2/27.
Xu, W., Trappe, W., Zhang, Y., Wood, T.: The feasibility of launching and detecting jamming attacks in wireless networks. In: Proceedings of the 6th ACM International Symposium On Mobile Ad Hoc Networking and Computing, pp. 46–57. ACM (2005).
Noubir, G., Lin, G.: Low-power DoS attacks in data wireless LANs and countermeasures. ACM SIGMOBILE: Mob. Comput. Commun. Rev. 7(3), 29–30 (2003)
Xu, W., Wood, T., Trappe, W., Zhang, Y.: Channel surfing and spatial retreats: defenses against wireless denial of service. In: Proceedings of the 3rd ACM Workshop on Wireless security, pp. 80–89. ACM (2004).
Jang, J., Kwon, T., Song, J.: A time-based key management protocol for wireless sensor networks. In: International Conference on Information Security Practice and Experience, pp. 314–328. Springer, Berlin, Heidelberg (2007).
Weekly, K., Pister, K.: Evaluating sinkhole defense techniques in RPL networks. In: IEEE International Conference on Network Protocols (pp. 1–6). IEEE (2012).
Ahmed, F., Ko, Y.B.: Mitigation of black hole attacks in routing protocol for low power and Lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016)
Wazid, M., Das, A.K., Kumari, S., Khan, M.K.: Design of sinkhole node detection mechanism for hierarchical wireless sensor networks. Secur. Commun. Netw. 9(17), 4596–4614 (2016)
Krontiris, I., Dimitriou, T., Giannetsos, T., Mpasoukos, M.: Intrusion detection of sinkhole attacks in wireless sensor networks. In: International Symposium on Algorithms And Experiments For Sensor Systems, Wireless Networks And Distributed Robotics, pp. 150–161. Springer, Berlin, Heidelberg (2007)
Raju, I., Parwekar, P.: Detection of sinkhole attack in wireless sensor network. In: Proceedings of Second International Conference on Computer and Communication Technologies, 3, 629–636, Springer (2015).
Ngai, E.C., Liu, J., Lyu, M.R.: On the intruder detection for sinkhole attack in wireless sensor networks. In: IEEE International Conference on Communications, vol. 8, pp. 3383–3389. IEEE (2006).
Poovendran, R., Lazos, L.: A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks. Wirel. Netw. 13(1), 27–59 (2007)
Salehi, S. A., Razzaque, M. A., Naraei, P., Farrokhtala, A.: Detection of sinkhole attack in wireless sensor networks. In 2013 IEEE International Conference on Space Science and Communication, pp. 361–365. IEEE (2013).
Xiao, Q., Boulet, C., Gibbons, T.: RFID security issues in military supply chains. In: Second International Conference on Availability, Reliability and Security, pp. 599–605. IEEE (2007).
Vidgren, N., Haataja, K., Patino-Andres, J.L., Ramirez-Sanchis, J.J., Toivanen, P.: Security threats in ZigBee-enabled systems: vulnerability evaluation, practical experiments, countermeasures, and lessons learned. In: Hawaii International Conference on System Sciences, pp. 5132–5138. IEEE (2013).
Tay, H. J., Tan, J., & Narasimhan, P.: A survey of security vulnerabilities in Bluetooth low energy beacons. Carnegie Mellon University Parallel Data Lab Technical Report CMU-PDL-16-109 (2016).
Wang, G., Mohanlal, M., Wilson, C., Wang, X., Metzger, M., Zheng, H., Zhao, B. Y.: Social turing tests: crowdsourcing Sybil detection. In: arXiv preprint arXiv:1205.3856. (2012).
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in The Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)
Kibirige, G.W., & Sanga, C.: A survey on detection of sinkhole attack in wireless sensor network. arXiv preprint arXiv:1505.01941 (2015).
Haataja, K.: Bluetooth network vulnerability to disclosure, integrity and Denial-of-service attacks. In: Proceedings of the Annual Finnish Data Processing Week at the University of Petrozavodsk, vol. 7, 63–103 (2005)
Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application centric security in Android. Secur. Commun. Netw. 5(6), 658–673 (2012)
Chandna, S., Singh, R., Akhtar, F.: Data Scavenging threat in cloud computing. Int. J. Adv. Comput. Sci. Cloud Comput. 2(2), 17–22 (2014)
Gupta, M., Gopalakrishnan, G., Sharman, R.: Countermeasures against Distributed Denial of Service. School of Management State University of New York Buffalo, NY (2017)
Conzon, D., Bolognesi, T., Brizzi, P., Lotito, A., Tomasi, R., Spirito, M.A.: The Virtus middleware: an XMPP based architecture for secure IoT communications. In: International Conference on Computer Communications and Networks, pp. 1–6. IEEE (2012).
Brachmann, M., Garcia-Mochon, O., Keoh, S.L., Kumar, S.S.: Security considerations around end-to-end security in the IP-based Internet of Things. In: Workshop on Smart Object Security, In Conjunction With IETF83, Paris, France (2012).
A Gómez-Goiri P Orduña J Diego D López-De-Ipiña 2014 OTSOPACK: lightweight semantic framework for interoperable ambient intelligence applications Comput. Hum. Behav. 30 460 467
Liu, C.H., Yang, B., Liu, T.: Efficient naming, addressing and profile services in Internet-of-Things sensory environments. Ad Hoc Netw. 18, 85–101 (2014)
Ferreira, H.G.C., de Sousa, R.T., de Deus, F.E.G., Canedo, E.D.: Proposal of a secure, deployable and transparent middleware for Internet of Things. In: 9th Iberian Conference on Information Systems And Technologies (CISTI), pp. 1–4. IEEE (2014).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gupta, M., Jain, S., Patel, R.B. (2021). Security Issues in Internet of Things: Principles, Challenges, Taxonomy. In: Singh, P.K., Singh, Y., Kolekar, M.H., Kar, A.K., Chhabra, J.K., Sen, A. (eds) Recent Innovations in Computing. ICRIC 2020. Lecture Notes in Electrical Engineering, vol 701. Springer, Singapore. https://doi.org/10.1007/978-981-15-8297-4_52
Download citation
DOI: https://doi.org/10.1007/978-981-15-8297-4_52
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-8296-7
Online ISBN: 978-981-15-8297-4
eBook Packages: Computer ScienceComputer Science (R0)