Skip to main content

Security Considerations for Internet of Things: A Survey

Abstract

Interconnecting “things” and devices that takes the form of wearables, sensors, actuators, mobiles, computers, meters, or even vehicles is a critical requirement for the current era. These inter-networked connections are serving the emerging applications home and building automation, smart cities and infrastructure, smart industries, and smart-everything. However, the security of these connected Internet of things (IoT) plays a centric role with no margin for error. After a review of the relevant, online literature on the topic and after looking at the market trends and developments, one can notice that there are still concerns with regard to security in IoT products and services. This paper is focusing on a survey on IoT security and aims to highlight the most significant problems related to safety and security in the IoT ecosystems. This survey identifies the general threat and attack vectors against IoT devices while highlighting the flaws and weak points that can lead to breaching the security. Furthermore, this paper presents solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and improvement suggestions.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4

References

  1. Abomhara M, et al. Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J Cyber Secur Mobil. 2015;4(1):65–88.

    Google Scholar 

  2. Abro A, Deng Z, Memon KA. A lightweight elliptic-elgamal-based authentication scheme for secure device-to-device communication. Future Internet. 2019;11(5):108.

    Google Scholar 

  3. Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M. Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun Surv Tutor. 2015;17(4):2347–76.

    Google Scholar 

  4. Almorsy M, Grundy J, Müller I. An analysis of the cloud computing security problem. 2016. arXiv preprint arXiv:1609.01107

  5. Ammar M, Russello G, Crispo B. Internet of things: a survey on the security of iot frameworks. J Inf Secur Appl. 2018;38:8–27.

    Google Scholar 

  6. Andrews SK, Rajavarman V, Ramamoorthy S. Implementing an IoT vehicular diagnostics system under an Rtos environment over ethernet IP. Medico Legal Update. 2018;18(1):548–54.

    Google Scholar 

  7. Anirudh M, Thileeban SA, Nallathambi DJ. Use of honeypots for mitigating dos attacks targeted on IoT networks. In: 2017 International conference on computer, communication and signal processing (ICCCSP). IEEE; 2017. p. 1–4.

  8. Arias O, Wurm J, Hoang K, Jin Y. Privacy and security in internet of things and wearable devices. IEEE Trans Multi Scale Comput Syst. 2015;1(2):99–109.

    Google Scholar 

  9. Arnaud J, Wright J. Network segregation in the digital substation. In: 13th International conference on development in power system protection 2016 (DPSP). IET; 2016. p. 1–4.

  10. Attify: IoT Security Exploitation Training. 2019. https://www.attify.com/iot-security-exploitation-training. Accessed 4 Sept 2019

  11. Attivo: Deception for attack detection of IoT devices. 2017. https://attivonetworks.com/documentation/Attivo-Networks-IoT.pdf. Accessed 4 Sept 2019.

  12. Banerjee U, Pathak A, Chandrakasan AP. 2.3 an energy-efficient configurable lattice cryptography processor for the quantum-secure internet of things. In: 2019 IEEE international solid-state circuits conference-(ISSCC). IEEE; 2019. p. 46–8.

  13. Banerjee U, Ukyab TS, Chandrakasan AP. Sapphire: a configurable crypto-processor for post-quantum lattice-based protocols. IACR Trans Cryptogr Hardw Embed Syst. 2019;2019:17–61.

    Google Scholar 

  14. Bär S, Reinhold O, Alt R. The role of cross-domain use cases in IoT: a case analysis. In: Proceedings of the 52nd Hawaii international conference on system sciences; 2019.

  15. Bodeau DJ, Graubart R, Fabius-Greene J. Improving cyber security and mission assurance via cyber preparedness (cyber prep) levels. In: 2010 IEEE Second international conference on social computing. IEEE; 2010. p. 1147–52.

  16. Borhani M, Liyanage M, Sodhro A, Kumar P, Jurcut A, Gurtov G. Secure and resilient communications in the industrial internet. In: Rak J, Hutchison D, editors. Guide to disaster-resilient communication networks. Computer communications and networks. Basel: Springer; 2020.

    Google Scholar 

  17. Cai H, Xu B, Jiang L, Vasilakos AV. Iot-based big data storage systems in cloud computing: perspectives and challenges. IEEE Internet Things J. 2016;4(1):75–87.

    Google Scholar 

  18. Calderoni L. Preserving context security in AWS IoT core. In: Proceedings of the 14th international conference on availability, reliability and security. ACM; 2019. p. 78.

  19. Calvillo CF, Sánchez-Miralles A, Villar J. Energy management and planning in smart cities. Renew Sustain Energy Rev. 2016;55:273–87.

    Google Scholar 

  20. Calzavara S, Focardi R, Nemec M, Rabitti A, Squarcina M. Postcards from the post-http world: amplification of https vulnerabilities in the web ecosystem. In: Postcards from the post-HTTP world: amplification of HTTPS vulnerabilities in the web ecosystem. IEEE; 2019. p. 0.

  21. Cao M, Wang L, Xu H, Chen D, Lou C, Zhang N, Zhu Y, Qin Z. Sec-d2d: a secure and lightweight d2d communication system with multiple sensors. IEEE Access. 2019;7:33759–70.

    Google Scholar 

  22. Chahid Y, Benabdellah M, Azizi A. Internet of things security. In: 2017 International conference on wireless technologies, embedded and intelligent systems (WITS). IEEE; 2017. p. 1–6.

  23. Chen CK, Zhang ZK, Lee SH, Shieh S. Penetration testing in the IoT age. Computer. 2018;51(4):82–5.

    Google Scholar 

  24. Chen D. Iot network segmentation when sensors fail. engrXiv. 2018. https://doi.org/10.31224/osf.io/9dy5x.

    Article  Google Scholar 

  25. Chen J, Su C, Yeh KH, Yung M. Special issue on advanced persistent threat. Elsevier. 2018. https://doi.org/10.1016/j.future.2017.11.005.

    Article  Google Scholar 

  26. Chen L, Chen L, Jordan S, Liu YK, Moody D, Peralta R, Perlner R, Smith-Tone D. Report on post-quantum cryptography. US Department of Commerce, National Institute of Standards and Technology; 2016.

  27. Cheng C, Lu R, Petzoldt A, Takagi T. Securing the internet of things in a quantum world. IEEE Commun Mag. 2017;55(2):116–20.

    Google Scholar 

  28. Chordiya AR, Majumder S, Javaid AY. Man-in-the-middle (mitm) attack based hijacking of http traffic using open source tools. In: 2018 IEEE international conference on electro/information technology (EIT). IEEE; 2018. p. 0438–43.

  29. Cisco: The Internet of Things Reference Model. 2014. http://cdn.iotwf.com/resources/71/IoT Reference Model White Paper June 4 2014.pdf. Accessed 30 Aug 2019.

  30. Conoscenti M, Vetro A, De Martin JC. Blockchain for the internet of things: a systematic literature review. In: 2016 IEEE/ACS 13th international conference of computer systems and applications (AICCSA). IEEE; 2016. p. 1–6.

  31. Conti M, Dragoni N, Lesyk V. A survey of man in the middle attacks. IEEE Commun Surv Tutor. 2016;18(3):2027–51.

    Google Scholar 

  32. Coşkun Y, Eygi M, Sezgin G, Kurt GK. Jamming resilience of LTE networks: a measurement study. In: International telecommunications conference. Springer; 2019. p. 151–62.

  33. Devi RS, Balaguru RJB, Amirtharajan R, Praveenkumar P. A novel quantum encryption and authentication framework integrated with IoT. In: Mahmood Z, editor. Security, privacy and trust in the IoT environment. Berlin: Springer; 2019. p. 123–50.

    Google Scholar 

  34. DeviceAuthority: Keyscaler platform overview. 2019. https://www.deviceauthority.com/platform/platform-overview. Accessed 9 Sept 2019.

  35. Dowling S, Schukat M, Melvin H. A zigbee honeypot to assess IoT cyberattack behaviour. In: 2017 28th irish signals and systems conference (ISSC). IEEE; 2017. p. 1–6.

  36. Duan R, Bijlani A, Ji Y, Alrawi O, Xiong Y, Ike M, Saltaformaggio B, Lee W. Automating patching of vulnerable open-source software versions in application binaries. In: NDSS; 2019.

  37. Endler M, Silva A, Cruz RA. An approach for secure edge computing in the internet of things. In: 2017 1st cyber security in networking conference (CSNet). IEEE; 2017. p. 1–8.

  38. Escamilla-Ambrosio P, Rodríguez-Mota A, Aguirre-Anaya E, Acosta-Bermejo R, Salinas-Rosales M. Distributing computing in the internet of things: cloud, fog and edge computing overview. In: NEO 2016. Springer; 2018. p. 87–115.

  39. EU: General Data Protection Regulation. 2019. https://gdpr-info.eu. Accessed 4 Sept 2019.

  40. Fernandes AM, Pai A, Colaco LMM. Secure SDLC for IoT based health monitor. In: 2018 Second international conference on electronics, communication and aerospace technology (ICECA). IEEE; 2018. p. 1236–41.

  41. Fernandes E, Jung J, Prakash A. Security analysis of emerging smart home applications. In: 2016 IEEE symposium on security and privacy (SP). IEEE; 2016. p. 636–54.

  42. Fernandes E, Paupore J, Rahmati A, Simionato D, Conti M, Prakash A. Flowfence: practical data protection for emerging IoT application frameworks. In: 25th \(\{\)USENIX\(\}\) security symposium (\(\{\)USENIX\(\}\) Security 16); 2016. p. 531–48.

  43. Fernandes E, Rahmati A, Eykholt K, Prakash A. Internet of things security research: a rehash of old ideas or new intellectual challenges? IEEE Secur Priv. 2017;15(4):79–84.

    Google Scholar 

  44. Ferraro P, King C, Shorten R. IOTA-based directed acyclic graphs without orphans. 2018. arXiv preprint arXiv:1901.07302.

  45. Florea BC. Blockchain and internet of things data provider for smart applications. In: 2018 7th mediterranean conference on embedded computing (MECO). IEEE; 2018. p. 1–4.

  46. Florit L. The role of open source in IoT. In: Rayes A, Salam S, editors. Internet of things from hype to reality. Berlin: Springer; 2019. p. 315–27.

    Google Scholar 

  47. Gaggioli A. Blockchain technology: living in a decentralized everything. Cyberpsychol Behav Soc Netw. 2018;21(1):65–6.

    Google Scholar 

  48. Gao Y, Ranasinghe DC, Al-Sarawi SF, Kavehei O, Abbott D. Emerging physical unclonable functions with nanotechnology. IEEE Access. 2016;4:61–80.

    Google Scholar 

  49. Gharaibeh A, Salahuddin MA, Hussini SJ, Khreishah A, Khalil I, Guizani M, Al-Fuqaha A. Smart cities: a survey on data management, security, and enabling technologies. IEEE Commun Surv Tutor. 2017;19(4):2456–501.

    Google Scholar 

  50. Gomes RM, Baunach M. Code generation from formal models for automatic RTOS portability. In: 2019 IEEE/ACM international symposium on code generation and optimization (CGO). IEEE; 2019. p. 271–2.

  51. Gopal TS, Meerolla M, Jyostna G, Eswari PRL, Magesh E. Mitigating mirai malware spreading in IoT environment. In: 2018 International conference on advances in computing, communications and informatics (ICACCI). IEEE; 2018. p. 2226–30.

  52. Gope P. LAAP: lightweight anonymous authentication protocol for D2D-aided fog computing paradigm. Comput Secur. 2019;86:223–37.

    Google Scholar 

  53. Granjal J, Monteiro E, Silva JS. Security for the internet of things: a survey of existing protocols and open research issues. IEEE Commun Surv Tutor. 2015;17(3):1294–312.

    Google Scholar 

  54. Grooby S, Dargahi T, Dehghantanha A. Protecting IoT and ICS platforms against advanced persistent threat actors: analysis of apt1, silent chollima and molerats. In: Dehghantanha A, Choo KK, editors. Handbook of big data and IoT security. Berlin: Springer; 2019. p. 225–55.

    Google Scholar 

  55. Guth J, et al. A detailed analysis of IoT platform architectures: concepts, similarities, and differences. In: Di Martino B, Li KC, Yang L, Esposito A, editors. Internet of everything. Internet of Things (Technology, Communications and Computing). Singapore: Springer; 2018.

    Google Scholar 

  56. Guzman A, Gupta A. IoT penetration testing cookbook: identify vulnerabilities and secure your smart devices. Birmingham: Packt Publishing Ltd.; 2017.

    Google Scholar 

  57. Hadar N, Siboni S, Elovici Y. A lightweight vulnerability mitigation framework for IoT devices. In: Proceedings of the 2017 workshop on internet of things security and privacy. ACM; 2017. p. 71–5.

  58. Haj-Yahya J, Wong MM, Pudi V, Bhasin S, Chattopadhyay A. Lightweight secure-boot architecture for RISC-v system-on-chip. In: 20th International symposium on quality electronic design (ISQED). IEEE; 2019. p. 216–23.

  59. Hao P, Wang X, Shen W. A collaborative PHY-aided technique for end-to-end iot device authentication. IEEE Access. 2018;6:42279–93.

    Google Scholar 

  60. Hao Y, Miao Y, Hu L, Hossain MS, Muhammad G, Amin SU. Smart-edge-cocaco: Ai-enabled smart edge with joint computation, caching, and communication in heterogeneous IoT. IEEE Netw. 2019;33(2):58–64.

    Google Scholar 

  61. Hittini H, Abdrabou A, Zhang L. Sadsa: security aware distribution system architecture for smart grid applications. In: 2016 12th international conference on innovations in information technology (IIT). IEEE; 2016. p. 1–6.

  62. Hussain MA, Jin H, Hussien ZA, Abduljabbar ZA, Abbdal SH, Ibrahim A. Enc-DNS-HTTP: utilising DNS infrastructure to secure web browsing. Secur Commun Netw. 2017;. https://doi.org/10.1155/2017/9479476.

    Article  Google Scholar 

  63. IoT-Security-Foundation: IoT Security Training. 2019. https://www.iotsecurityfoundation.org/iot-security-training/. Accessed 4 Sept 2019.

  64. Jalali A, Azarderakhsh R, Kermani MM. Neon sike: supersingular isogeny key encapsulation on armv7. In: International conference on security, privacy, and applied cryptography engineering. Springer; 2018. p. 37–51.

  65. Jang SE, Park ST, Lee SJ. A study on online fraud and abusing detection technology using web-based device fingerprinting. J Korea Inst Inf Secur Cryptol. 2018;28(5):1179–95.

    Google Scholar 

  66. Javed B, Iqbal MW, Abbas H. Internet of things (IoT) design considerations for developers and manufacturers. In: 2017 IEEE international conference on communications workshops (ICC workshops). IEEE; 2017. p. 834–9.

  67. Jin Y. Embedded system security in smart consumer electronics. In: Proceedings of the 4th international workshop on trustworthy embedded devices. ACM; 2014. p. 59.

  68. Jones S, Tremlet C, Jackson M. The fundamentals of secure boot and secure download: how to protect firmware and data within embedded devices. 2019. https://www.maximintegrated.com/en/app-notes/index.mvp/id/6426. Accessed 4 Sept 2019.

  69. Jurcut A. Automated logic-based technique for formal verification of security protocols. J Adv Comput Netw. 2018;6:77–85.

    Google Scholar 

  70. Jurcut A, Coffey T, Dojen R. Design guidelines for security protocols to prevent replay and parallel session attacks. J Comput Secur. 2014;45:255–73.

    Google Scholar 

  71. Jurcut A, Coffey T, Dojen R. Design requirements to counter parallel session attacks in security protocols. In: 12th IEEE annual conference on privacy, security and trust (PST–14). IEEE; 2014. p. 298–305.

  72. Jurcut A, Coffey T, Dojen R. A novel security protocol attack detection logic with unique fault discovery capability for freshness attacks and interleaving session attacks. IEEE Trans Dependable Secure Comput. 2017;16:969–83.

    Google Scholar 

  73. Jurcut A, Coffey T, Dojen R, Gyorodi R. Analysis of a key-establishment security protocol. J Comput Sci Control Syst. 2008;1:42–7.

    MATH  Google Scholar 

  74. Jurcut A, Coffey T, Dojen R, Gyorodi R. Security protocol design: a case study using key distribution protocols. J Comput Sci Control Syst. 2009;2:16–21.

    MATH  Google Scholar 

  75. Jurcut AD, Ranaweera P, Xu L. Introduction to IoT security. In: Liyanage M, Braeken A, Kumar P, Ylianttila M, editors. IoT security: advances in authentication. New York: Wiley; 2020. p. 27–64.

    Google Scholar 

  76. Karimanzira D, Rauschenbach T. Enhancing aquaponics management with IoT-based predictive analytics for efficient information utilization. Inf Process Agric. 2019;6:375–85.

    Google Scholar 

  77. Kasinathan P, Cuellar J. Securing the integrity of workflows in IoT. In: EWSN; 2018. p. 252–7.

  78. Kaushik S, Gandhi C. Cloud data security with hybrid symmetric encryption. In: 2016 International conference on computational techniques in information and communication technologies (ICCTICT). IEEE; 2016. p. 636–40.

  79. Keybase: Secure groups, files, and chat for everyone. https://keybase.io/. Accessed 9 Sept 2019.

  80. Klas GI. Edge cloud to cloud integration for IoT. 2016. https://yucianga.info/wpcontent/uploads/2016/02/16_02_04_Edge_cloud_to_coud_integration_for_IoT_v1.pdf. Accessed 28 Aug 2019.

  81. Klein S. IoT solutions in microsoft’s Azure IoT suite. Berlin: Springer; 2017.

    Google Scholar 

  82. Kliarsky A. Detecting attacks against the “internet of things”. SANS Institute InfoSec reading room. 2017. https://www.sans.org/reading-room/whitepapers/detection/detecting-attacks-039-internet-things-039-37712.

  83. Kodali RK, Yadavilli S. Mongoose RTOS based IoT implementation of surveillance system. In: 2018 International conference on communication, computing and internet of things (IC3IoT). IEEE; 2018. p. 155–8.

  84. Kolias C, Kambourakis G, Stavrou A, Voas J. Ddos in the IoT: Mirai and other botnets. Computer. 2017;50(7):80–4.

    Google Scholar 

  85. Kumar S, Sahoo S, Mahapatra A, Swain AK, Mahapatra K. Security enhancements to system on chip devices for IoT perception layer. In: 2017 IEEE international symposium on nanoelectronic and information systems (iNIS). IEEE; 2017. p. 151–6.

  86. Kumar T, Braeken A, Jurcut AD, et al. Age: authentication in gadget-free healthcare environments. Inf Technol Manag. 2019. https://doi.org/10.1007/s10799-019-00306-z.

    Article  Google Scholar 

  87. Kyriazis D, Varvarigou T. Smart, autonomous and reliable internet of things. Proc Comput Sci. 2013;21:442–8.

    Google Scholar 

  88. Labrado C, Thapliyal H. Hardware security primitives for vehicles. IEEE Consum Electron Mag. 2019;8(6):99–103.

    Google Scholar 

  89. Lehocine MB, Batouche M. Flexibility of managing VLAN filtering and segmentation in SDN networks. In: 2017 International symposium on networks, computers and communications (ISNCC). IEEE; 2017. p. 1–6.

  90. Leloglu E. A review of security concerns in internet of things. J Comput Commun. 2016;5(1):121–36.

    Google Scholar 

  91. Levshun D, Chechulin A, Kotenko I, Chevalier Y. Design and verification methodology for secure and distributed cyber-physical systems. In: 2019 10th IFIP international conference on new technologies, mobility and security (NTMS). IEEE; 2019. p. 1–5.

  92. Li S, Da Xu L, Zhao S. The internet of things: a survey. Inf Syst Front. 2015;17(2):243–59.

    Google Scholar 

  93. Lim JM, Kim Y, Yoo C. Chain veri: blockchain-based firmware verification system for IoT environment. In: 2018 IEEE international conference on internet of things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData). IEEE; 2018. p. 1050–6.

  94. Lin ATY, Lee J, Lee D, Chen CC. The development of IC packaging under the internet of things standards. In: 2016 11th International microsystems, packaging, assembly and circuits technology conference (IMPACT). IEEE; 2016. p. 209–11.

  95. Lin H, Bergmann N. Iot privacy and security challenges for smart home environments. Information. 2016;7(3):44.

    Google Scholar 

  96. Lin J, Yu W, Zhang N, Yang X, Zhang H, Zhao W. A survey on internet of things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 2017;4(5):1125–42.

    Google Scholar 

  97. LinkLabs: Symphony link-internet of things wireless LPWA. https://www.link-labs.com/symphony. Accessed 9 Sept 2019.

  98. Mahmoodi Y, Reiter S, Viehl A, Bringmann O, Rosenstiel W. Attack surface modeling and assessment for penetration testing of IoT system designs. In: 2018 21st Euromicro conference on digital system design (DSD). IEEE; 2018. p. 177–81.

  99. Mahmud R, Kotagiri R, Buyya R. Fog computing: a taxonomy, survey and future directions. In: Internet of everything. Springer; 2018. p. 103–30.

  100. Marchand C, Bossuet L, Mureddu U, Bochard N, Cherkaoui A, Fischer V. Implementation and characterization of a physical unclonable function for iot: a case study with the tero-puf. IEEE Trans Comput Aided Des Integr Circuits Syst. 2017;37(1):97–109.

    Google Scholar 

  101. Mavroeidis V, Vishi K, Zych MD, Jøsang A. The impact of quantum computing on present cryptography. 2018. arXiv preprint arXiv:1804.00200.

  102. Mehnaz S, Mudgerikar A, Bertino E. Rwguard: a real-time detection system against cryptographic ransomware. In: International symposium on research in attacks, intrusions, and defenses. Springer; 2018. p. 114–36.

  103. Milinković A, Milinković S, Lazić L. Choosing the right RTOS for IoT platform. Infoteh Jahorina. 2015;14:504–9.

    Google Scholar 

  104. Mohamed N, Yussoff Y, Isa M, Hashim H. Symmetric encryption using pre-shared public parameters for a secure TFTP protocol. J Eng Sci Technol. 2017;12(1):98–112.

    Google Scholar 

  105. Mukhopadhyay SC, Islam T. Wearable sensors; applications, design and implementation. IOP ebooks. Bristol, UK: IOP Publishing; 2017. ISBN: 978-0-7503-1505-0.

  106. Naimi S, Naimi S, Mazidi MA. The AVR microcontroller and embedded systems using assembly and C: using Arduino Uno and Atmel Studio; 2017.

  107. Navas RE, Le Bouder H, Cuppens N, Cuppens F, Papadopoulos GZ. Do not trust your neighbors! a small IoT platform illustrating a man-in-the-middle attack. In: International conference on ad-hoc networks and wireless. Springer; 2018. p. 120–5.

  108. Neshenko N, Bou-Harb E, Crichigno J, Kaddoum G, Ghani N. Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Commun Surv Tutor. 2019;21:2702–33.

    Google Scholar 

  109. Nguyen-Duc A, Khalid K, Shahid Bajwa S, Lønnestad T. Minimum viable products for internet of things applications: common pitfalls and practices. Fut Internet. 2019;11(2):50.

    Google Scholar 

  110. Oktug SF, Yaslan Y, Gulacar H. A prediction module for smart city IoT platforms. In: Mouftah HT, Erol-Kantarci M, Rehmani MH, editors. Transportation and power grid in smart cities: communication networks and services. New York: Wiley; 2018. p. 269–90.

    Google Scholar 

  111. Ouaddah A, Elkalam AA, Ouahman AA. Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA cooperation advances in information and communication technologies. Springer; 2017. p. 523–33.

  112. Ouaddah A, Mousannif H, Elkalam AA, Ouahman AA. Access control in IoT: survey and state of the art. In: 2016 5th international conference on multimedia computing and systems (ICMCS). IEEE; 2016. p. 272–7.

  113. Pa YMP, Suzuki S, Yoshioka K, Matsumoto T, Kasama T, Rossow C. Iotpot: a novel honeypot for revealing current IoT threats. J Inf Process. 2016;24(3):522–33.

    Google Scholar 

  114. Papert M, Pflaum A. Development of an ecosystem model for the realization of internet of things (IoT) services in supply chain management. Electron Mark. 2017;27(2):175–89.

    Google Scholar 

  115. Park HK, Lee K. A design of an AES-based security chip for IoT applications using verilog HDL. Trans Korean Inst Electr Eng P. 2018;67(1):9–14.

    Google Scholar 

  116. Park J, Jung M, Rathgeb EP. Survey for secure IoT group communication. In: 2019 IEEE international conference on pervasive computing and communications workshops (PerCom workshops). IEEE; 2019. p. 1026–31.

  117. Park S. OCF: new open IoT consortium. In: 2017 31st international conference on advanced information networking and applications workshops (WAINA). IEEE; 2017. p. 356–9.

  118. Pawar S, Vanwari P. Sybil attack in internet of things. Int J Eng Innov Technol (IJESIT). 2016;5(4):96–105.

    Google Scholar 

  119. Pflanzner T, Kertész A. A survey of IoT cloud providers. In: 2016 39th international convention on information and communication technology, electronics and microelectronics (MIPRO). IEEE; 2016. p. 730–5.

  120. Porambage P, Okwuibe J, Liyanage M, Ylianttila M, Taleb T. Survey on multi-access edge computing for internet of things realization. IEEE Commun Surv Tutor. 2018;20(4):2961–91.

    Google Scholar 

  121. Preskill J. Quantum computing in the NISQ era and beyond. Quantum. 2018;2:79.

    Google Scholar 

  122. Rahman AFA, Daud M, Mohamad MZ. Securing sensor to cloud ecosystem using internet of things (IoT) security framework. In: Proceedings of the international conference on internet of things and cloud computing; 2016. p. 1–5.

  123. Rajkumar MN. A survey on latest dos attacks: classification and defense mechanisms. Int J Innov Res Comput Commun Eng. 2013;1(8):1847–60.

    Google Scholar 

  124. Ranaweera P, Jurcut AD, Liyanage M. Realizing multi-access edge computing feasibility: security perspective. In: 2019 IEEE conference on standards for communications and networking (CSCN). IEEE; 2019. p. 1–7.

  125. Ray PP. A survey of iot cloud platforms. Future Comput Inf J. 2016;1(1–2):35–46.

    Google Scholar 

  126. Ray S. System-on-chip security assurance for IoT devices: cooperations and conflicts. In: 2017 IEEE custom integrated circuits conference (CICC). IEEE; 2017. p. 1–4.

  127. Ring T. Connected cars-the next targe tfor hackers. Netw Secur. 2015;2015(11):11–6.

    Google Scholar 

  128. Rivas M. Securing the home IoT network. SANS Institute InfoSec Reading Room. 2017. https://www.sans.org/reading-room/whitepapers/hsoffice/securing-20home-iot-network-37717.

  129. Roetteler M, Naehrig M, Svore KM, Lauter K. Quantum resource estimates for computing elliptic curve discrete logarithms. In: International conference on the theory and application of cryptology and information security. Springer; 2017. p. 241–70.

  130. Routray SK, Jha MK, Sharma L, Nyamangoudar R, Javali A, Sarkar S. Quantum cryptography for IoT: aperspective. In: 2017 International conference on IoT and application (ICIOT). IEEE; 2017. p. 1–4.

  131. Ryu M, Kim J, Yun J. Integrated semantics service platform for the internet of things: a case study of a smart office. Sensors. 2015;15(1):2137–60.

    Google Scholar 

  132. Samaniego M, Deters R. Blockchain as a service for IoT. In: 2016 IEEE international conference on internet of things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData). IEEE; 2016. p. 433–6.

  133. Samarakoon S, Bennis M, Saad W, Debbah M: Federated learning for ultra-reliable low-latency v2v communications. In: 2018 IEEE global communications conference (GLOBECOM). IEEE; 2018. p. 1–7.

  134. Sari A, Rahnama B, Eweoya I, Agdelen Z. Energizing the advanced encryption standard (AES) for better performance. Int J Sci Eng Res. 2016;7(4):992–1000.

    Google Scholar 

  135. Scaife N, Carter H, Traynor P, Butler KR. Cryptolock (and drop it): stopping ransomware attacks on user data. In: 2016 IEEE 36th international conference on distributed computing systems (ICDCS). IEEE; 2016. p. 303–12.

  136. Singh S, Yassine A. Iot big data analytics with fog computing for household energy management in smart grids. In: International conference on smart grid and internet of things. Springer; 2018. p. 13–22.

  137. Slama D, Puhlmann F, Morrish J, Bhatnagar RM. Enterprise IoT: strategies and best practices for connected products and services. Sebastopol: O’Reilly Media Inc.; 2015.

    Google Scholar 

  138. Souri A, Hussien A, Hoseyninezhad M, Norouzi M. A systematic review of IoT communication strategies for an efficient smart environment. Trans Emerg Telecommun Technol. 2019. https://doi.org/10.1002/ett.3736.

    Article  Google Scholar 

  139. Stojkoska BLR, Trivodaliev KV. A review of internet of things for smart home: challenges and solutions. J Clean Prod. 2017;140:1454–64.

    Google Scholar 

  140. Tonex: Iot security training course. 2019. https://www.tonex.com/iot-security-training-course/. Accessed 4 Sept 2019.

  141. Tyagi S, Agarwal A, Maheshwari P. A conceptual framework for IoT-based healthcare system using cloud computing. In: 2016 6th international conference-cloud system and big data engineering (confluence). IEEE; 2016. p. 503–7.

  142. Vaidya T, Burger E, Sherr M, Shields C. Where art thou, eve? Experiences laying traps for internet eavesdroppers. In: 10th \(\{\)USENIX\(\}\) workshop on cyber security experimentation and test (\(\{\)CSET\(\}\) 17); 2017.

  143. Vijayasarathy LR, Butler CW. Choice of software development methodologies: do organizational, project, and team characteristics matter? IEEE Softw. 2015;33(5):86–94.

    Google Scholar 

  144. Viriyasitavat W, Da Xu L, Bi Z, Pungpapong V. Blockchain and internet of things for modern business process in digital economy—the state of the art. IEEE Trans Comput Soc Syst. 2019;6(6):1420–32.

    Google Scholar 

  145. Voigt P, Von dem Bussche A. The EU general data protection regulation (GDPR): a practical guide. 1st ed. Cham: Springer; 2017.

    Google Scholar 

  146. Wang S, Wang C, Hu Q. Corking by forking: vulnerability analysis of blockchain. In: IEEE INFOCOM 2019-IEEE conference on computer communications. IEEE; 2019. p. 829–37.

  147. Yang K, Liu S, Cai L, Yilmaz Y, Chen PY, Walid A. Guest editorial special issue on AI enabled cognitive communication and networking for IoT. IEEE Internet Things J. 2019;6(2):1906–10.

    Google Scholar 

  148. Yang Y, Wu L, Yin G, Li L, Zhao H. A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 2017;4(5):1250–8.

    Google Scholar 

  149. Yang YG, Zhao QQ. Novel pseudo-random number generator based on quantum random walks. Sci Rep. 2016;6:20362.

    Google Scholar 

  150. Yi S, Qin Z, Li Q. Security and privacy issues of fog computing: a survey. In: International conference on wireless algorithms, systems, and applications. Springer; 2015. p. 685–95.

  151. Yilmaz O. Ultra-reliable and low-latency 5G communication. In: Proceedings of the European conference on networks and communications (EuCNC-16); 2016.

  152. Zamani E, He Y, Phillips M. On the security risks of the blockchain. J Comput Inf Syst. 2018. https://doi.org/10.1080/08874417.2018.1538709.

    Article  Google Scholar 

  153. Zhang J, Tan X, Wang X, Yan A, Qin Z. T2fa: transparent two-factor authentication. IEEE Access. 2018;6:32677–86.

    Google Scholar 

  154. Zhao K, Ge L. A survey on the internet of things security. In: 2013 Ninth international conference on computational intelligence and security. IEEE; 2013. p. 663–7.

  155. Zorzo AF, Nunes HC, Lunardi RC, Michelin RA, Kanhere SS. Dependable IoT using blockchain-based technology. In: 2018 eighth Latin-American symposium on dependable computing (LADC). IEEE; 2018. p. 1–9.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Anca Jurcut.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Jurcut, A., Niculcea, T., Ranaweera, P. et al. Security Considerations for Internet of Things: A Survey. SN COMPUT. SCI. 1, 193 (2020). https://doi.org/10.1007/s42979-020-00201-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-020-00201-3

Keywords

  • IoT security
  • IoT threats
  • Risk mitigation
  • Quantum computing
  • Blockchain