Skip to main content
SpringerLink
Log in

Security Issues in Internet of Things: Principles, Challenges, Taxonomy

  • Conference paper
  • First Online:
Recent Innovations in Computing (ICRIC 2020)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 701))

Included in the following conference series:

Abstract

The Internet of Things (IoT) has great potential to change the fundamental way of interacting with technology in daily life, and for ease, it also observes and records user preferences that challenge privacy in another way. IoT devices are suspended to extensive usage even more than mobile phones and attain more access to private and secured data. With the growth of connected devices, mobile security is already a challenge, so perspective challenges for IoT connected devices must be much greater than considered at present and can be primarily categorized into safety, security and privacy. Rigorous development of security techniques should be an essential process toward the foundation of strong IoT systems to achieve and retain user trust. The survey in this paper reviewed and analyzed security principles, attacks and countermeasures at different layers of IoT-layered architecture, considering the bottlenecks of IoT systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ashton, K.: That ‘Internet of Things’ thing. RFID J. 22(7), 97–114 (2009)

    Google Scholar 

  2. Bodkhe, U., Mehta, D., Tanwar, S., Bhattacharya, P., Singh, P.K., Hong, W.: A survey on decentralized consensus mechanisms for cyber physical systems. IEEE Access 8, 54371–54401 (2020)

    Article  Google Scholar 

  3. Sharma, A., Sharma, R.: A review of applications, approaches, and challenges in Internet of Things (IoT). In: Proceedings of ICRIC 2019, pp. 257–269, Springer (2020).

    Google Scholar 

  4. Tan, L., Wang, N.: Future Internet: The Internet of Things. In: 3rd International Conference On Advanced Computer Theory & Engineering, vol. 5, pp. V5–376. IEEE (2010).

    Google Scholar 

  5. Gan, G., Lu, Z., Jiang, J.: Internet of Things security analysis. In: International Conference On Internet Technology And Applications, pp. 1–4. IEEE (2011).

    Google Scholar 

  6. Rastogi, N., Singh, S.K. Singh, P.K.: Privacy and security issues in big data: through Indian prospective. In: 3rd International Conference on Internet of Things: Smart Innovation and Usages, pp. 1–11, Bhimtal (2018).

    Google Scholar 

  7. Liu, L., Lai, S.: ALOHA-based anti-collision algorithms used in RFID system. In: International Conference On Wireless Communications, Networking And Mobile Computing, pp. 1–4. IEEE (2006).

    Google Scholar 

  8. Suo, H., Wan, J., Zou, C. Liu, J.: Security In the Internet of Things: a review. In: International Conference On Computer Science And Electronics Engineering, vol. 3, pp. 648–651. IEEE (2012).

    Google Scholar 

  9. Xiaohui, X.: Study on security problems and key technologies of the Internet of Things. In: International Conference On Computational And Information Sciences, pp. 407–410. IEEE (2013).

    Google Scholar 

  10. Zhang, L., Wang, Z.: Integration of RFID Into wireless sensor networks: architectures, opportunities and challenging problems. In: International Conference On Grid And Cooperative Computing Workshops, pp. 463–469. IEEE (2006).

    Google Scholar 

  11. Cherdantseva, Y., Hilton, J.: A reference model of information assurance & security. In: International Conference On Availability, Reliability And Security, pp. 546–555. IEEE (2013).

    Google Scholar 

  12. Burmester, M., De Medeiros, B.: RFID security: attacks, countermeasures and challenges. In: RFID Academic Convocation, The RFID Journal Conference (2007).

    Google Scholar 

  13. Thorat, N.B., Sreevardhan, C.: Survey on security threats and solutions for near field communication. Int. J. Res. Eng. Technol. 3(12), 291–295. IJRET (2014).

    Google Scholar 

  14. Padhy, R.P., Patra, M.R., Satapathy, S.C.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)

    Google Scholar 

  15. Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures In the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013)

    Article  Google Scholar 

  16. Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks, No. RFC 6550 (2012).

    Google Scholar 

  17. Asim, M., Iqbal, W.: IoT operating systems and security challenges. Int. J. Comput. Sci. Inf. Secur. 14(7), 314 (2016).

    Google Scholar 

  18. Sen, J.: Security in wireless sensor networks. Wirel. Sens. Netw.: Curr. Status Fut. Trends 407 (2012).

    Google Scholar 

  19. Le, A., Loo, J., Luo, Y., Lasebae, A.: The impacts of internal threats towards routing protocol for low power and Lossy network performance. In: IEEE Symposium on Computers and Communications, pp. 000789–000794. IEEE (2013).

    Google Scholar 

  20. Mayzaud, A., Badonnel, R., Chrisment, I.: A taxonomy of attacks in RPL-based Internet of Things. Int. J. Netw. Secur. 18(3), 459–473 (2016)

    Google Scholar 

  21. Kim, H.: Protection against packet fragmentation attacks At 6LoWPAN adaptation layer. In: International Conference on Convergence and Hybrid Information Technology, pp. 796–801. IEEE (2008).

    Google Scholar 

  22. Hummen, R., Hiller, J., Wirtz, H., Henze, M., Shafagh, H., Wehrle, K.: 6LoWPAN fragmentation attacks & mitigation mechanisms. In: Proceedings of The 6th ACM Conference on Security & Privacy In Wireless & Mobile Networks, pp. 55–66. ACM (2013).

    Google Scholar 

  23. Kumar, R., Chauhan, N., Kumar, P., Chand, N., Khan, A.U.: Privacy aware prevention of Sybil attack in vehicular ad hoc networks. In: Singh, P., Bhargava, B., Paprzycki, M., Kaushal, N., Hong, W.C. (eds.) Handbook of Wireless Sensor Networks: Issues and Challenges in Current Scenario’s, vol. 1132, pp. 364–380. Advances in Intelligent Systems and Computing. Springer, Cham (2020)

    Chapter  Google Scholar 

  24. Zeng, K., Govindan, K., Mohapatra, P.: Non-cryptographic authentication and identification in wireless networks. Netw. Secur. 1, 3 (2010)

    Google Scholar 

  25. Xiao, L., Greenstein, L.J., Mandayam, N.B., Trappe, W.: Channel-based detection of Sybil attacks in wireless networks. IEEE Trans. Inf. Forensics Secur. 4(3), 492–503 (2009)

    Article  Google Scholar 

  26. Demirbas, M., & Song, Y.: An RSSI-Based Scheme For Sybil Attack Detection In Wireless Sensor Networks. In: International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 5. IEEE (2006).

    Google Scholar 

  27. Li, Q., Trappe, W.: Light-weight detection of spoofing attacks in wireless networks. In: IEEE International Conference on Mobile Ad Hoc and Sensor Systems, pp. 845–851. IEEE (2006).

    Google Scholar 

  28. Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the Internet of Things. IEEE Internet Things J. 1(5), 372–383 (2014)

    Article  Google Scholar 

  29. Alvisi, L., Clement, A., Epasto, A., Lattanzi, S., Panconesi, A.: SOK: The evolution of Sybil defense via social networks. In: IEEE Symposium on Security And Privacy, pp. 382–396. IEEE (2013).

    Google Scholar 

  30. Cao, Q., & Yang, X.: SybilFence: improving social-graph-based Sybil defenses with user negative feedback. In: arXiv preprint at arXiv:1304.3819. (2013).

  31. Mohaisen, A., Hopper, N., Kim, Y.: Keep your friends close: incorporating trust into social network-based Sybil defenses. In: Proceedings IEEE INFOCOM, pp. 1943–1951. IEEE (2011).

    Google Scholar 

  32. Quercia, D., Hailes, S.: Sybil attacks against mobile users: friends and foes to the rescue. In: Proceedings IEEE INFOCOM, pp. 1–5. IEEE (2010).

    Google Scholar 

  33. Tumrongwittayapak, C., Varakulsiripunth, R.: Detecting sinkhole attacks in wireless sensor networks. In: ICCAS-SICE (pp. 1966–1971). IEEE (2009).

    Google Scholar 

  34. Choi, B.G., Cho, E.J., Kim, J.H., Hong, C.S., Kim, J.H.: A sinkhole attack detection mechanism for LQI based mesh routing in WSN. In: International Conference on Information Networking, pp. 1–5. IEEE (2009).

    Google Scholar 

  35. Sharmila, S., Umamaheswari, G.: Detection of sinkhole attack in wireless sensor networks using message digest algorithms. In: International Conference on Process Automation, Control and Computing (pp. 1–6). IEEE (2011).

    Google Scholar 

  36. Bhattasali, T., Chaki, R.: A survey of recent intrusion detection systems for wireless sensor network. In: International Conference on Network Security and Applications, pp. 268–280. Springer, Berlin, Heidelberg (2011).

    Google Scholar 

  37. Kasinathan, P., Pastrone, C., Spirito, M.A., Vinkovits, M.: Denial-of-service detection in 6LoWPAN based Internet of Things. In: International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 600–607. IEEE (2013).

    Google Scholar 

  38. Brachmann, M., Keoh, S.L., Morchon, O.G., Kumar, S.S.: End-to-end transport security in the IP-based Internet of Things. In: International Conference on Computer Communications and Networks, pp. 1–5. IEEE (2012).

    Google Scholar 

  39. Granjal, J., Monteiro, E., Silva, J.S.: Application-layer security for the WoT: extending CoAP to support end-to-end message security for internet-integrated sensing applications. In: International Conference on Wired/Wireless Internet Communication, pp. 140–153. Springer, Berlin, Heidelberg (2013).

    Google Scholar 

  40. Sethi, M., Arkko, J., Keränen, A.: End-to-end security for sleepy smart object networks. In: 37th Annual IEEE Conference on Local Computer Networks-Workshops, pp. 964–972. IEEE (2012).

    Google Scholar 

  41. Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP). URL: https://tools.ietf.org/html/rfc7252 (2014).

  42. Khedr, W.I.: SRFID: a hash-based security scheme for low cost RFID systems. Egypt. Inf. J. 14(1), 89–98 (2013)

    MathSciNet  Google Scholar 

  43. Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Frontiers 12(5), 491–505 (2010)

    Article  Google Scholar 

  44. Pongle, P., Chavan, G.: A survey: attacks on RPL and 6LoWPAN in IoT. In: International conference on pervasive computing ICPC, pp. 1–6. IEEE (2015).

    Google Scholar 

  45. Dvir, A., Buttyan, L.: VeRA-version number and rank authentication In RPL. In: IEEE 8th International Conference on Mobile Ad-Hoc and Sensor Systems, pp. 709–714. IEEE (2011).

    Google Scholar 

  46. Le, A., Loo, J., Lasebae, A., Vinel, A., Chen, Y., Chai, M.: The impact of rank attack on network topology of routing protocol for low-power and Lossy networks. IEEE Sens. J. 13(10), 3685–3692 (2013)

    Article  Google Scholar 

  47. What is a UDP flood—ddos attack glossary—incapsula. URL https://www.incapsula.com/ddos/attack-glossary/udp-flood.html. Last accessed 2020/2/27.

  48. Xu, W., Trappe, W., Zhang, Y., Wood, T.: The feasibility of launching and detecting jamming attacks in wireless networks. In: Proceedings of the 6th ACM International Symposium On Mobile Ad Hoc Networking and Computing, pp. 46–57. ACM (2005).

    Google Scholar 

  49. Noubir, G., Lin, G.: Low-power DoS attacks in data wireless LANs and countermeasures. ACM SIGMOBILE: Mob. Comput. Commun. Rev. 7(3), 29–30 (2003)

    Google Scholar 

  50. Xu, W., Wood, T., Trappe, W., Zhang, Y.: Channel surfing and spatial retreats: defenses against wireless denial of service. In: Proceedings of the 3rd ACM Workshop on Wireless security, pp. 80–89. ACM (2004).

    Google Scholar 

  51. Jang, J., Kwon, T., Song, J.: A time-based key management protocol for wireless sensor networks. In: International Conference on Information Security Practice and Experience, pp. 314–328. Springer, Berlin, Heidelberg (2007).

    Google Scholar 

  52. Weekly, K., Pister, K.: Evaluating sinkhole defense techniques in RPL networks. In: IEEE International Conference on Network Protocols (pp. 1–6). IEEE (2012).

    Google Scholar 

  53. Ahmed, F., Ko, Y.B.: Mitigation of black hole attacks in routing protocol for low power and Lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016)

    Article  Google Scholar 

  54. Wazid, M., Das, A.K., Kumari, S., Khan, M.K.: Design of sinkhole node detection mechanism for hierarchical wireless sensor networks. Secur. Commun. Netw. 9(17), 4596–4614 (2016)

    Article  Google Scholar 

  55. Krontiris, I., Dimitriou, T., Giannetsos, T., Mpasoukos, M.: Intrusion detection of sinkhole attacks in wireless sensor networks. In: International Symposium on Algorithms And Experiments For Sensor Systems, Wireless Networks And Distributed Robotics, pp. 150–161. Springer, Berlin, Heidelberg (2007)

    Google Scholar 

  56. Raju, I., Parwekar, P.: Detection of sinkhole attack in wireless sensor network. In: Proceedings of Second International Conference on Computer and Communication Technologies, 3, 629–636, Springer (2015).

    Google Scholar 

  57. Ngai, E.C., Liu, J., Lyu, M.R.: On the intruder detection for sinkhole attack in wireless sensor networks. In: IEEE International Conference on Communications, vol. 8, pp. 3383–3389. IEEE (2006).

    Google Scholar 

  58. Poovendran, R., Lazos, L.: A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks. Wirel. Netw. 13(1), 27–59 (2007)

    Article  Google Scholar 

  59. Salehi, S. A., Razzaque, M. A., Naraei, P., Farrokhtala, A.: Detection of sinkhole attack in wireless sensor networks. In 2013 IEEE International Conference on Space Science and Communication, pp. 361–365. IEEE (2013).

    Google Scholar 

  60. Xiao, Q., Boulet, C., Gibbons, T.: RFID security issues in military supply chains. In: Second International Conference on Availability, Reliability and Security, pp. 599–605. IEEE (2007).

    Google Scholar 

  61. Vidgren, N., Haataja, K., Patino-Andres, J.L., Ramirez-Sanchis, J.J., Toivanen, P.: Security threats in ZigBee-enabled systems: vulnerability evaluation, practical experiments, countermeasures, and lessons learned. In: Hawaii International Conference on System Sciences, pp. 5132–5138. IEEE (2013).

    Google Scholar 

  62. Tay, H. J., Tan, J., & Narasimhan, P.: A survey of security vulnerabilities in Bluetooth low energy beacons. Carnegie Mellon University Parallel Data Lab Technical Report CMU-PDL-16-109 (2016).

    Google Scholar 

  63. Wang, G., Mohanlal, M., Wilson, C., Wang, X., Metzger, M., Zheng, H., Zhao, B. Y.: Social turing tests: crowdsourcing Sybil detection. In: arXiv preprint arXiv:1205.3856. (2012).

  64. Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in The Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)

    Article  Google Scholar 

  65. Kibirige, G.W., & Sanga, C.: A survey on detection of sinkhole attack in wireless sensor network. arXiv preprint arXiv:1505.01941 (2015).

  66. Haataja, K.: Bluetooth network vulnerability to disclosure, integrity and Denial-of-service attacks. In: Proceedings of the Annual Finnish Data Processing Week at the University of Petrozavodsk, vol. 7, 63–103 (2005)

    Google Scholar 

  67. Ongtang, M., McLaughlin, S., Enck, W., McDaniel, P.: Semantically rich application centric security in Android. Secur. Commun. Netw. 5(6), 658–673 (2012)

    Article  Google Scholar 

  68. Chandna, S., Singh, R., Akhtar, F.: Data Scavenging threat in cloud computing. Int. J. Adv. Comput. Sci. Cloud Comput. 2(2), 17–22 (2014)

    Google Scholar 

  69. Gupta, M., Gopalakrishnan, G., Sharman, R.: Countermeasures against Distributed Denial of Service. School of Management State University of New York Buffalo, NY (2017)

    Google Scholar 

  70. Conzon, D., Bolognesi, T., Brizzi, P., Lotito, A., Tomasi, R., Spirito, M.A.: The Virtus middleware: an XMPP based architecture for secure IoT communications. In: International Conference on Computer Communications and Networks, pp. 1–6. IEEE (2012).

    Google Scholar 

  71. Brachmann, M., Garcia-Mochon, O., Keoh, S.L., Kumar, S.S.: Security considerations around end-to-end security in the IP-based Internet of Things. In: Workshop on Smart Object Security, In Conjunction With IETF83, Paris, France (2012).

    Google Scholar 

  72. A Gómez-Goiri P Orduña J Diego D López-De-Ipiña 2014 OTSOPACK: lightweight semantic framework for interoperable ambient intelligence applications Comput. Hum. Behav. 30 460 467

    Google Scholar 

  73. Liu, C.H., Yang, B., Liu, T.: Efficient naming, addressing and profile services in Internet-of-Things sensory environments. Ad Hoc Netw. 18, 85–101 (2014)

    Article  Google Scholar 

  74. Ferreira, H.G.C., de Sousa, R.T., de Deus, F.E.G., Canedo, E.D.: Proposal of a secure, deployable and transparent middleware for Internet of Things. In: 9th Iberian Conference on Information Systems And Technologies (CISTI), pp. 1–4. IEEE (2014).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chitkara University School of Engineering & Technology, Chitkara University, Himachal Pradesh, India

    Manik Gupta & Shaily Jain

  2. Department of Computer Science & Engineering, Chandigarh College of Engineering & Technology, Chandigarh, India

    R. B. Patel

Authors
  1. Manik Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shaily Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. R. B. Patel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manik Gupta .

Editor information

Editors and Affiliations

  1. Department of Computer Science & Engineering, ABES Engineering College, Ghaziabad, Uttar Pradesh, India

    Pradeep Kumar Singh

  2. Central University of Jammu, Jammu and Kashmir, India

    Yashwant Singh

  3. Department of Electrical Engineering, Indian Institute of Technology Patna, Patna, Bihar, India

    Maheshkumar H. Kolekar

  4. Department of Management Sciences, Indian Institute of Technology Delhi, New Delhi, Delhi, India

    Arpan Kumar Kar

  5. Department of Computer Engineering, National Institute of Technology Kurukshetra, Kurukshetra, Haryana, India

    Jitender Kumar Chhabra

  6. Department of Computer Science and Information Technology, Kwantlen Polytechnic University, Surrey, BC, Canada

    Abhijit Sen

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gupta, M., Jain, S., Patel, R.B. (2021). Security Issues in Internet of Things: Principles, Challenges, Taxonomy. In: Singh, P.K., Singh, Y., Kolekar, M.H., Kar, A.K., Chhabra, J.K., Sen, A. (eds) Recent Innovations in Computing. ICRIC 2020. Lecture Notes in Electrical Engineering, vol 701. Springer, Singapore. https://doi.org/10.1007/978-981-15-8297-4_52

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-8297-4_52

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-8296-7

  • Online ISBN: 978-981-15-8297-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation