Skip to main content

Cyber Security Threats to IoT Applications and Service Domains

Abstract

We are currently living in the post-PC era where smartphones and other wireless handheld devices are changing our environment, making it more interactive, adaptive and informative. Termed as Internet of Things (IoT) evolving into Internet of Everything, the new ecosystem combines wireless sensor networks, cloud computing, analytical data, interactive technologies, as well as smart devices, to provision solutions in which the objects are embedded with network connectivity and an identifier to enhance object-to-object interactions. IoT innovation is advancing and provides diverse smart solutions or applications. From e-transport to e-health; smart living to e-manufacturing and many other e-solutions. In this environment, the rising trend of cyber attacks on systems infrastructure coupled with the system inherent vulnerabilities presents a source of concern not only to the vendors, but also to the consumer. These security concerns need to be addressed in order to ensure user confidence so as to promote wide acceptance and reap the potentials of IoT. From the perspectives of firmware, hardware and software infrastructure setups, this paper looks at some of the major IoT application and service domains, and analyze the cybersecurity challenges which are likely to drive IoT research in the near future.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

References

  1. Statista. https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/.

  2. Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7), 1645–1660.

    Article  Google Scholar 

  3. Karimi, K., & Atkinson, G. (2013). What the Internet of Things (IoT) needs to become a reality. White Paper, FreeScale and ARM.

  4. Caceres, R., & Friday, A. (2012). Ubicomp systems at 20: Progress, opportunities, and challenges. IEEE Pervasive Computing, 11(1), 14–21.

    Article  Google Scholar 

  5. López, T. S., Ranasinghe, D. C., Harrison, M., & McFarlane, D. (2012). Adding sense to the Internet of Things. Personal and Ubiquitous Computing, 16(3), 291–308.

    Article  Google Scholar 

  6. Lund, D., Turner, V., MacGillivray, C., & Morales, M. (2014). Worldwide and regional Internet of Things (IoT) 2014–2020 forecast: A virtuous circle of proven value and demand. IDC.

  7. Matuszak, G., Bell, G., & Le, D. (2015). Security and the IoT ecosystem. KPMG, December 2015, 132631–G.

  8. Darianian, M., & Michael, M. P. (2008) Smart home mobile RFID-based Internet-of-Things systems and services. In International conference on advanced computer theory and engineering, 2008. ICACTE’08 (pp. 116–120).

  9. Ashton, K. (2009). That ‘Internet of Things’ thing. RFID Journal, 22, 97–114.

  10. Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266–2279.

    Article  Google Scholar 

  11. ITU. (2005). ITU network reports, Internet of Things, Geneva.

  12. Evans, D. L., Bond, P. J., & Bement, A. L., Jr. (2004). Standards for security categorization of federal information and information systems. Gaithersburg: U. S. Department of Commerce.

  13. Pandya, D., & Patel, N. J. (2016). OWASP top 10 vulnerability analyses in government websites. International Journal of Enterprise Computing and Business Systems, 6(1).

  14. Touhill, G. J., & Touhill, J. C. (2014). Cybersecurity for executives: A practical approach. Hoboken, NJ: Wiley.

    Book  Google Scholar 

  15. CVE—CVE-2016-5344. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5344. Accessed December 08, 2016.

  16. CVE-2016-7571: Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web scr. http://www.cvedetails.com/cve/CVE-2016-7571/. Accessed December 08, 2016.

  17. NVD—Detail. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8581. Accessed December 08, 2016.

  18. Vermesan, O., et al. (2014). Internet of Things: Strategic research and innovation agenda. Alborg: River Publishers.

    Google Scholar 

  19. Vermesan, O., & Friess, P. (2013). Internet of Things: Converging technologies for smart environments and integrated ecosystems. Alborg: River Publishers.

    Google Scholar 

  20. Quashie Azasoo, J., & Tweneboah-Koduah, S. (2016). Cybersecurity architecture in smart metering systems. In Smart living and privacy. Unpublished paper. CMI Annual Conference, Copenhagen, Denmark.

  21. CVE-2016-8666—Red hat customer portal. https://access.redhat.com/security/cve/cve-2016-8666. Accessed December 08, 2016.

  22. IERC-European Research Cluster on the Internet of Things. http://www.internet-of-things-research.eu/about_iot.htm. Accessed December 22, 2016.

  23. Kosasi, C., Saragih, H., & Kom, M. (2014). How RFID Technology boosts Walmart’s supply chain management. STMIK Pontianak Bakrie University.

  24. Vulnerability distribution of cve security vulnerabilities by types. http://www.cvedetails.com/vulnerabilities-by-types.php. Accessed December 08, 2016.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Knud Erik Skouby.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Tweneboah-Koduah, S., Skouby, K.E. & Tadayoni, R. Cyber Security Threats to IoT Applications and Service Domains. Wireless Pers Commun 95, 169–185 (2017). https://doi.org/10.1007/s11277-017-4434-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4434-6

Keywords

  • Internet of Things
  • Internet of Everything
  • Cyber threats
  • Systems vulnerabilities
  • IoT infrastructure
  • IoT applications