IoT Security: A Comprehensive View

  • Sumit Singh DhandaEmail author
  • Brahmjit Singh
  • Poonam Jindal
Part of the Intelligent Systems Reference Library book series (ISRL, volume 174)


With the advent of the Internet of Things (IoT), security has become a big concern as the size of the internet has engulfed all of the earth. IoT has given the internet the way and means to act which make the security scenario all the more difficult. Security has been the main concern in any network. Size of the network has a direct relation with the probability of a security breach. With the advent of the Internet of Things (IoT) era, the size of the network has extended beyond all the limits that have ever existed. It has spread all over the world. Perception layer that is the lowermost layer in IoT architecture is characterized by wireless sensor networks (WSN) and resource-constrained embedded devices. These devices are fairly limited in terms of memory, computation, power, and energy. It makes them vulnerable to a large number of attacks. Information security is of utmost importance as IoT systems automate critical applications such as traffic control etc. A number of solutions have been provided by the engineers and researchers such as blockchains, Intrusion detection systems, Lightweight cryptography, and various protocols, etc.


IoT Blockchain Lightweight cryptography Intruder detection systems 


  1. 1.
    Atzori, L., et al.: Understanding the Internet of Things: definition, potentials, and societal role of a fast-evolving paradigm. AdHoc Netw. (2017).
  2. 2.
    Chen, S., et al.: A vision of IoT: applications challenges, and opportunities with China perspective. IEEE Internet Things J. 1(4) (2014)Google Scholar
  3. 3.
    Evans, D.: The Internet of Things: How the Next Evolution of Internet is Changing Everything. CISCO IBSG (2011)Google Scholar
  4. 4.
    Lopez Research: An Introduction to Internet of Things, Part 1 of IoT Series (2013). Retrieved from:
  5. 5.
    Internet-of-Things Architecture (IoT-A), Project Deliverable D1.2—Initial Architectural Reference Model for IoT [Online]. Available at:
  6. 6.
    Introduction to Architectural Reference Model for the Internet of Things.
  7. 7.
    Ind. Internet Consortium, Needham: The industrial Internet reference architecture, version 1.7, MA, USA. Tech. Rep. IIC:PUB:G1:V1.07:PB:20150601, 4 Jun 2015 [Online]. Available at:
  8. 8.
    Adolphs, P.: RAMI 4.0: An Architectural Model for Industrie 4.0. Plattform Ind. 4.0, Berlin, Germany (2015) [Online]. Available at:
  9. 9.
    IEEE Standards Association: Standard for an Architectural Framework for the Internet of Things (IoT)—IEEE P2413 (2016)Google Scholar
  10. 10.
    Arrowhead: Automation Systems from IoT Arrowhead Framework: Concepts and Basic Architecture. Information Technology – Internet of Things Reference Architecture (IoT RA) (2017) [Online]. ISO Available at: Accessed 13 Jan 2017
  11. 11.
    Ragget, D.: Web of Things: enabling exponential growth of IoT services. Sao Paulo (2016). Retrieved from:
  12. 12.
    ISO: Information Technology – Internet of Things Reference Architecture (IoT RA). International Organization for Standardization, ISO Central Secretariat, Geneva, Switzerland (2015)Google Scholar
  13. 13.
    Zarpelão, B.B., Miani, R.S., Kawakani, C.T., de Alvarenga, S.C.: A survey of intrusion detection in Internet of Things. J. Netw. Comput. Appl. 84, 25–37 (2017)Google Scholar
  14. 14.
    Kshetri, N.: Can blockchain strengthen the Internet of Things? IT Professional, pp. 68–72. IEEE Computer Society (2017)Google Scholar
  15. 15.
    Dhanda, S.S., Singh, B., Jindal, P.: Wireless technologies in IoT: research challenges. In: Ray, K., Sharan, S., Rawat, S., Jain, S., Srivastava, S., Bandyopadhyay, A. (eds.) Engineering Vibration, Communication and Information Processing. Lecture Notes in Electrical Engineering, vol. 478. Springer, Singapore (2019)Google Scholar
  16. 16.
    The EPCglobal Architecture Framework, EPCglobal Final Version 1.3 (2009)Google Scholar
  17. 17.
    Welbourne, E., Battle, L., Cole, G., Gould, K., Rector, K., Raymer, S., Balazinska, M., Borriello, G.: Building the internet of things using RFID: the RFID ecosystem experience. IEEE Internet Comput. 13(3), 48–55 (2009)CrossRefGoogle Scholar
  18. 18.
    Belpaire, A.: Internet of things: already a reality today, interview in eurescommess@ge. Mag. Telecom Insiders 2 (2009)Google Scholar
  19. 19.
    Weber, R.H.: Internet of things—new security and privacy challenges. Comput. Law Secur. Rev. 26, 23–30 (2010)CrossRefGoogle Scholar
  20. 20.
    Sung, J., Sanchez-Lopez, T., Kim, D.: The Epc sensor network for RFID and WSN integration infrastructure. In: Proceedings of Fifth IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom 2007) (2007)Google Scholar
  21. 21.
    Parks, A.N., Sample, A.P., Zhao, Y., Smith, J.R.: A wireless sensing platform utilizing ambient RF energy. In: Proceedings of IEEE Topical Meeting on Wireless Sensors and Sensor Networks (2013)Google Scholar
  22. 22.
    Lopez, T.S., Ranasinghe, D., Harrison, M., McFarlane, D.: Adding sense to the internet of things: an architecture framework for smart object systems. Pervas. Ubiquitous Comput. 16(3), 291–308 (2012)CrossRefGoogle Scholar
  23. 23.
    Guinard, D., Trifa, V., Wilde, E.: Architecting a mashable open world wide web of things. Technical Report, ETH (2010)Google Scholar
  24. 24.
    Guinard, D., Trifa, V., Mattern, F., Wilde, E., Uckelmann, D., Harrison, M., Michahelles, F.: From the Internet of Things to the Web of Things: Resource Oriented Architecture and Best Practice, Architecting the Internet of Things (2011)Google Scholar
  25. 25.
    Minoli, D., Sohraby, K., Occhiogrosso, B.: IoT considerations, requirements, and architectures for smart buildings—energy optimization and next-generation building management systems. IEEE Internet Things J. 4(1), 269–283 (2017)Google Scholar
  26. 26.
    Duan, R., Chen, X., Xing, T.: A QoS architecture for IoT. IEEE International conference on Internet of Things, Cyber Physical and Social computing. (2011)Google Scholar
  27. 27.
    Frustaci, M., Pace, P., Aloi, G., Fortino, G.: Evaluating critical security issues of IoT world: present and future challenges. IEEE Internet Things J. 5(4), 2483–2495 (2018). Scholar
  28. 28.
    Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: IoT: survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)CrossRefGoogle Scholar
  29. 29.
    Kushalnagar, N., Montenegro, G., Schumacher, C.: IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): overview, assumptions, problem statement, and Goals. Internet Eng. Task Force (IETF), Fremont, CA, USA, RFC 4919, vol. 10 (2007)Google Scholar
  30. 30.
    Montenegro, G., Kushalnagar, N., Hui, J., Culler, D.: Transmission of IPv6 packets over IEEE 802.15. 4 networks. Internet Eng. Task Force (IETF), Fremont, CA, USA, Internet Proposed Std. RFC 4944 (2007)Google Scholar
  31. 31.
    Debar, H.: An introduction to intrusion-detection systems. In: Proceedings of Connect ‘2000, pp. 1–18 (2000)Google Scholar
  32. 32.
    Patel, A., Qassim, Q., Wills, C.: A survey of intrusion detection and prevention systems. Inf. Manag. Comput. Secur. 18(4), 277–290 (2010)CrossRefGoogle Scholar
  33. 33.
    Pongle, P., Chavan, G.: Real time intrusion and wormhole attack detection in Internet of Things. Int. J. Comput. Appl. 121(9), 1–9 (2015)Google Scholar
  34. 34.
    Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)CrossRefGoogle Scholar
  35. 35.
    Thanigaivelan, N.K., Nigussie, E., Kanth, R.K., Virtanen, S., Isoaho, J.: Distributed internal anomaly detection system for Internet-of-Things. In: Proceedings of the 13th IEEE Annual Consumer Communications Networking Conference (CCNC), pp. 319–320 (2016)Google Scholar
  36. 36.
    García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28, 18–28 (2009)Google Scholar
  37. 37.
    Roman, B., Jacob, S.C., Nikolaj, L., Simon, M.: Blockchain - The gateway to trust-free cryptographic transactions. Twenty-Fourth European Conference on Information Systems, Istanbul Turkey. Research paper, vol. 153 (2016)Google Scholar
  38. 38.
    Christidis, K., Devetsikiotis, M.: Blockchains and Smart Contracts for the Internet of Things, pp. 2292–2303. IEEE Access (2016)Google Scholar
  39. 39.
    Nordrum, A.: Wall Street firms to move trillions to blockchain in 2018. IEEE Spectrum (2017). Retrieved from:
  40. 40.
    Lewis, K.: Blockchain: four use cases transforming business. IBM Internet of Things blog (2017).
  41. 41.
    Lotay, K., DeCusatis, C.: Using blockchain technology to digitize supply chain systems. In: Proceedings of the National Conference on Undergraduate Research, Atlanta, GA, 3–5 Nov 2017 (2017)Google Scholar
  42. 42.
  43. 43.
    Peck, M., Wagman, D.: Blockchains allow rooftop solar energytrading. IEEE Spectrum (2017).
  44. 44.
    Flores, A., Gannon, K.: BlockChain on AWS: Disrupting the Norm. Paper GPSD301, AWS Re:Invent 2016 (2016).
  45. 45.
    Cisco Institution: Cisco 2017 annual cybersecurity report. Cisco, Tech. Rep. (2017)Google Scholar
  46. 46.
    Hypponen, M., Tuominen, T.: F-Secure 2017 State of Cybersecurity report. F-Secure, Tech. Rep. (2017)Google Scholar
  47. 47.
  48. 48.
  49. 49.
    DeCusatis, C., Zimmermann, M., Sager, A.: Identity-based Network Security for Commercial Blockchain Services (2018)Google Scholar
  50. 50.
    Singh, S., Sharma, P.K., Moon, S.Y., Park, J.H.: Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions. J. Ambient Intell. Hum. Comput. (2017).
  51. 51.
    Schneier, B.: IoT security: what’s plan B? IEEE Secur. Priv. 15(5), 96 (2017)CrossRefGoogle Scholar
  52. 52.
    Hatzivallis, G., Fysarakis, K., Papaefstathiou, I., Manifavas, C.: A review of lightweight block ciphers. J. Cryptogr. Eng. 8, 141–184 (2018)CrossRefGoogle Scholar
  53. 53.
    Schinianakis, D.: Alternative security options in the 5G and IoT era. IEEE Circuits Syst. Mag. 6–28 (2017)Google Scholar
  54. 54.
    Kong, J.H., Ang, L.-M., Seng, K.P.: A comprehensive survey of modern symmetric cryptographic solutions for resource constrained environments. J. Netw. Comput. Appl. 49, 15–50 (2015)CrossRefGoogle Scholar
  55. 55.
    Leander, G., Paar, C., Poschmann, A., Schramm, K.: New lightweight DES variants. In: Biryukov, A. (ed.) The 14th Annual Fast Software Encryption Workshop—FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Berlin, Germany (2007)Google Scholar
  56. 56.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Proceeding of Cryptographic Hardware and Embedded Systems—CHES 2007, pp. 450–466. Springer (2007)Google Scholar
  57. 57.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (extended abstract). In: Fast Software Encryption (FSE 2007). LNCS, vol. 4593, pp. 181–195. Springer (2007)Google Scholar
  58. 58.
    De Canniere, C., Dunkelman, O., Kneževíc, M.: KATAN and KTANTAN—a family of small and efficient hardware-oriented block ciphers. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 272–288. Springer (2009)Google Scholar
  59. 59.
    Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: TWINE: a lightweight, versatile block cipher. In: Proceeding of ECRYPT Workshop on Lightweight Cryptography 2011, pp. 146–169 (2011)Google Scholar
  60. 60.
    Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçın, T.: PRINCE—a low-latency block cipher for pervasive computing applications. In: Proceeding of ASIACRYPT 2012, pp. 208–225. Springer (2012)Google Scholar
  61. 61.
    Karakoç, F., Demirci, H., Harmancı, A.E.: ITUbee: a software oriented lightweight block cipher. In: Proceeding of Lightweight Cryptography for Security and Privacy—LightSec2013, pp. 16–27. Springer (2013)Google Scholar
  62. 62.
    Beaulieu, R., Treatman-Clark, S., Shors, D., Weeks, B., Smith, J., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: Proceeding of 52nd ACM/EDAC/IEEE, Design Automation Conference (DAC), pp. 1–6. IEEE (2013)Google Scholar
  63. 63.
    Zhang, W., Bao, Z., Lin, D., Rijmen, V., Yang, B., Verbauwhede, I.: RECTANGLE: a bit-slice ultra-lightweight block cipher suitable for multiple platform. Sci. China Inf. Sci. 58(12), 1–15 (2014)Google Scholar
  64. 64.
    Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: A Block Cipher for Low Energy, pp. 411–436. Springer, Berlin, Germany (2015)zbMATHGoogle Scholar
  65. 65.
    Li, L., Liu, B., Wang, H.: QTL: a new ultra-lightweight block cipher. Microprocess. Microsyst. 45, 45–55 (2016)CrossRefGoogle Scholar
  66. 66.
    Sadeghi, S., Bagheri, N., Abdelraheem, M.A.: Cryptanalysis of QTL cipher. Microprocess. Microsyst. 52, 34–48 (2017)CrossRefGoogle Scholar
  67. 67.
    Boesgaard, M., Vesterager, M., Pedersen, T., Christiansenm, J., Scavenius, O.: Rabbit: a new high-performance stream cipher. FSE 2003, LNCS, vol. 2887, pp. 307–329. Springer, Lund, Sweden (2003)Google Scholar
  68. 68.
    Hell, M., Johansson, T., Meier, W.: Grain—a stream cipher for constrained environments. In: Workshop on RFID and Light-Weight Crypto: Workshop Record, Graz, Austria, Jul 2005Google Scholar
  69. 69.
    De Cannière, C., Preneel, B.: Trivium—A Stream Cipher Construction Inspired by Block Cipher Design Principles. ECRYPT Stream Cipher (2006). Available at:
  70. 70.
    Bernstein, D.J.: The Salsa20 stream cipher, slides of talk. In: ECRYPT STVL Workshop on Symmetric Key Encryption (2005).
  71. 71.
    Hell, M., Johansson, T., Maximov, A.: A stream cipher proposal, Grain-128. In: IEEE International Symposium on Information Theory, Seattle, WA, pp. 1614–1618 (2006)Google Scholar
  72. 72.
    Babbage, S., Dodd, M.: The MICKEY stream ciphers. Proceeding of New Stream Cipher Designs, pp. 191–209. Springer, Berlin (2008)CrossRefGoogle Scholar
  73. 73.
    Bernstein, D.J.: ChaCha, a variant of Salsa20 (2008). Accessed 28 Jan 2008. Supersedes: (PDF)2008.01.20
  74. 74.
    Orhanou, Ghizlane, Hajji, Said E.L., Bentalab, Youssef: SNOW 3G stream cipher operation and complexity study. Contemp. Eng. Sci. 3(3), 97–111 (2010)Google Scholar
  75. 75.
    Tian, Yun, Chen, Gongliang, Li, Jianhua: Quavium—a new stream cipher inspired by trivium. J. Comput. 7(5), 1278–1284 (2012)CrossRefGoogle Scholar
  76. 76.
    Fan, X., Mandal, K., Gong, G.: Wg-8: a lightweight stream cipher for resource-constrained smart devices. In: International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness, pp 617–632. Springer, Berlin, Heidelberg (2013)Google Scholar
  77. 77.
    Armknecht, F., Mikhalev, V.: On lightweight stream ciphers with shorter internal states. In: Leander, G. (ed.) Fast Software Encryption: 22nd International Workshop, FSE 2015, Istanbul, Turkey, Revised Selected Papers, pp. 451–470. Springer, Berlin (2015).
  78. 78.
    Ghafari, V.A., Hu, H., Xie, C.: Fruit V2: ultra-lightweight stream cipher with shorter internal state. Cryptology ePrint Archive Report 2016/355 (2016).
  79. 79.
    Hamann, M., Krause, M., Meier, W.: LIZARD—a lightweight stream cipher for power-constrained devices. IACR Trans. Symmetric Cryptol. 2017(1), 45–79 (2017).
  80. 80.
    Aumasson, J.-P., Henzen, L., Meier, W., Naya-Plasencia, M.: Quark: a lightweight hash. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 1–15. Springer (2010)Google Scholar
  81. 81.
    Hirose, S., Ideguchi, K., Kuwakado, H., Owada, T., Preneel, B., Yoshida, H.: A lightweight 256-bit hash function for hardware and low-end devices: lesamnta-LW. In: Proceeding of International Conference on Information Security and Cryptology, pp. 151–168. Springer, Berlin (2010)Google Scholar
  82. 82.
    Kavun, E.B., Yalcin, T.: A lightweight implementation of Keccak hash function for radio-frequency identification applications. In: International Workshop on Radio Frequency Identification: Security and Privacy Issues, pp. 258–269. Springer (2010)Google Scholar
  83. 83.
    Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. International Association for Cryptologic Research (2011)Google Scholar
  84. 84.
    Bogdanov, A., Kneževíc, M., Leander, G., Toz1, D., Varıcı, K., Verbauwhede, I.: SPONGENT: a lightweight hash function. In: CHES 2011, LNCS, vol. 6917, pp. 312–325. International Association for Cryptologic Research (2011)Google Scholar
  85. 85.
    Berger, T.P., D’Hayer, J., Marquet, K., Minier, M., Thomas, G.: The GLUON family: a lightweight hash function family based on FCSRs. In: Mitrokotsa, A., Vaudenay, S. (eds.) Progress in Cryptology—AFRICACRYPT 2012. Lecture Notes in Computer Science, vol. 7374. Springer, Berlin, Heidelberg (2012)Google Scholar
  86. 86.
    Wu, W., Wu, S., Zhang, L., Zou, J., Dong, L.: LHash: A Lightweight Hash Function (Full Version) (2013).
  87. 87.
    Mukundan, P.M., Manayankath, S., Srinivasan, C., Sethumadhavan, M.: Hash-One: a lightweight cryptographic hash function. IET Inf. Secur. 10(5), 225–231 (2016)Google Scholar
  88. 88.
    Bussi, K., Dey, D., Kumar, M., Dass, B.K.: Neeva: A Lightweight Hash Function. IACR Cryptology ePrint Archive (042) (2016). Available at:
  89. 89.
    Szczechowiak, P., Oliveira, L.B., Scott, M., Collier, M., Dahab, R.: NanoECC: testing the limits of elliptic curve cryptography in sensor networks. In: Wireless Sensor Networks—EWSN 2008. Lecture Notes in Computer Science, vol. 4913, pp. 305–320. Springer (2008)Google Scholar
  90. 90.
    Varchola, M., Guneysu, T., Mischke, O.: MicroECC: a lightweight reconfigurable elliptic curve crypto-processor. In: Proceedings of International Conference on Reconfigurable Computing and FPGAs, Cancun, Mexico, 30 Nov–2 Dec 2011.
  91. 91.
    Liu, A., Ning, P.: TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of the 7th International Conference on Information Processing in Sensor Networks (IPSN 2008), pp. 245–256. IEEE Computer Society Press (2008)Google Scholar
  92. 92.
    Wang, H., Li, Q.: Efficient implementation of public key cryptosystems on mote sensors. In: Information and Communications Security—ICICS 2006. Lecture Notes in Computer Science, vol. 4307, pp. 519–528 (2006)Google Scholar
  93. 93.
    Liu, Z., Wenger, E., Großschädl, J.: MoTE-ECC: energy-scalable elliptic curve cryptography for wireless sensor networks. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) Applied Cryptography and Network Security. ACNS 2014. Lecture Notes in Computer Science, vol. 8479. Springer, Cham (2014)Google Scholar
  94. 94.
    He, D., Wang, H., Khan, M.K., Wang, L.: Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography. IET Commun. 10(14), 1795–1802 (2016)CrossRefGoogle Scholar
  95. 95.
    Liu, Z., Huang, X., Zhi, H., Khan, M.K., Seo, H., Zhou, L.: On emerging family of elliptic curves to secure Internet of Things: ECC comes of age. IEEE Trans. Depend. Secure Comput. 14(3), 237–248 (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Sumit Singh Dhanda
    • 1
    Email author
  • Brahmjit Singh
    • 1
  • Poonam Jindal
    • 1
  1. 1.Department of Electronics & Communication EngineeringNational Institute of TechnologyKurukshetraIndia

Personalised recommendations