Advertisement

Survey of Security Threats in IoT and Emerging Countermeasures

  • Mimi CherianEmail author
  • Madhumita ChatterjeeEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 969)

Abstract

In Internet of things there are many things connected through network which can be sensors, actuators or devices meant for collecting data and transmitting data. These collected data is used for optimizing the network performance, improving performance of products and services. In future it is predicted billions of devices will be connected in network for the working of IoT. Hence securing network and increasing its flexibility along with scalability will be mandatory requirement for the working of IoT. This paper is an attempt to do a broad survey of security issues in IoT and resolving it by exploring latest techniques like Software Defined Network, Blockchain and Machine Learning.

Keywords

Software Defined Network Blockchain Internet of Things Security 

References

  1. 1.
    Frustaci, M., Pace, P., Aloi, G.: Securing the IoT world: issues and perspectives. In: IEEE Conference on Standards for Communications and Networking (CSCN) (2017)Google Scholar
  2. 2.
    Chahid, Y., Benabdellah, M., Azizi, A.: Traffic-aware firewall optimization strategies (2010)Google Scholar
  3. 3.
    Deogirikar, J., Vidhate, A.: Security attacks inIoT: a survey. In: International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC 2017)Google Scholar
  4. 4.
    Lin, J., Yuy, W., Zhangz, N., Yang, X., Zhangx, H., Zhao, W.: A survey on internet of things: architecture, enabling technologies, security and privacy, and applications. In: 2016 IEEEGoogle Scholar
  5. 5.
    Mendez, D., Papapanagiotou, I., Yang, B.: Internet of Things: survey on security and privacy. In: IEEE J. July 2017Google Scholar
  6. 6.
    Varga, P., Plosz, S., Soos, G.: Security threats and issues in automation IoT. IEEE (2017)Google Scholar
  7. 7.
    Kumar, S.A., Vealey, T., Srivastava, H.: Security in Internet of Things: challenges, solutions and future directions. In: 49th Hawaii International Conference on System Sciences (2016)Google Scholar
  8. 8.
    Kuusijarvi, J., Savola, R., Savolainen, P., Evesti, A.: Mitigating loT security threats with a trusted network element. In: The 11th International Conference for Internet Technology and Secured Transactions (ICITST-2016)Google Scholar
  9. 9.
    Dorsemaine, B., Gaulier, J-P., Wary, J-P., Kheir, N.: A new approach to investigate IoT threats based on a four layer model. In: 13th International Conference on New Technologies for Distributed Systems (NOTERE 2016)Google Scholar
  10. 10.
    The Internet of Things reference model. 4CISCO (2014). http://cdn.iotwf.com/resources/71/IoTReferenceModelWhitePaperJune42014.pdf
  11. 11.
  12. 12.
    Zhang, M., Raghunathan, A., Jha, N.K.: Trustworthiness of medical devices and body area networks. Proc. IEEE 102(8), 1174–1188 (2014)CrossRefGoogle Scholar
  13. 13.
    Li, C., Raghunathan, A., Jha, N.K.: Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. In: Proceedings of the IEEE 13th International Conference on e-Health Networking Applications and Services, pp. 150–156 (2011)Google Scholar
  14. 14.
    Halperin, D., et al.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zeropower defenses. In: Proceedings of the IEEE Symposium Security and Privacy, pp. 129–142 (2008)Google Scholar
  15. 15.
    Bhunia, S., Hsiao, M.S., Banga, M., Narasimhan, S.: Hardware trojan attacks: threat analysis and countermeasures. Proc. IEEE 102(8), 1229–1247 (2014)CrossRefGoogle Scholar
  16. 16.
    Brandt, A., Buron, J.: Home automation routing requirements in low-power and lossy networks. https://tools.ietf.org/html/rfc5826
  17. 17.
    Martin, T., Hsiao, M., Ha, D., Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. In: Proceedings of the IEEE 2nd Conference on Pervasive Computing and Communications, pp. 309–318 (2004)Google Scholar
  18. 18.
    Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet under the microscope, ESET LLC, Technical report (2011)Google Scholar
  19. 19.
    Walters, J.P., Liang, Z., Shi, W., Chaudhary, V.: Wireless sensor network security: a survey. Secur. Distrib. Grid Mobile Pervasive Comput. 1, 367 (2007)Google Scholar
  20. 20.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45748-8_24CrossRefGoogle Scholar
  21. 21.
    Karakehayov, Z.: Using reward to detect team black-hole attacks in wireless sensor networks. In: Proceedings of the Workshop on Real-World Wireless Sensor Networks, pp. 20–21 (2005)Google Scholar
  22. 22.
    Garcia-Morchon, O., Kumar, S., Struik, R., Keoh, S., Hummen, R.: Security considerations in the IP-based Internet of Things. https://tools.ietf.org/html/draft-garcia-core-security-04
  23. 23.
    Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart nest thermostat: a smart spy in your home. In: Proceedings of the Black Hat USA (2014)Google Scholar
  24. 24.
    Lehtonen, M., Ostojic, D., Ilic, A., Michahelles, F.: Securing RFID systems by detecting tag cloning. In: Tokuda, H., Beigl, M., Friday, A., Brush, A.J.B., Tobe, Y. (eds.) Pervasive 2009. LNCS, vol. 5538, pp. 291–308. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01516-8_20CrossRefGoogle Scholar
  25. 25.
    Parno, B., Perrig, A., Gligor, V.: Distributed detection of node replication attacks in sensor networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 49–63 (2005)Google Scholar
  26. 26.
    Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 197–213 (2003)Google Scholar
  27. 27.
    Msgna, M., Markantonakis, K., Mayes, K.: The B-Side of side channel leakage: control flow security in embedded systems. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 288–304. Springer, Cham (2013).  https://doi.org/10.1007/978-3-319-04283-1_18CrossRefGoogle Scholar
  28. 28.
    Carluccio, D., Lemke, K., Paar, C.: Electromagnetic side channel analysis of a contactless smart card: First results. http://www.iaik.tu-graz.ac.at/research/krypto/events/index.php
  29. 29.
    Zhang, M., Jha, N.K.: FinFET-based power management for improved DPA resistance with low overhead. ACM J. Emerg. Technol. Comput. Syst. 7(3), 10 (2011)CrossRefGoogle Scholar
  30. 30.
    Sundaresan, V., Rammohan, S., Vemuri, R.: Defense against side-channel power analysis attacks on microelectronic systems. In: Proceedings of the IEEE National Conference on Aerospace and Electronics, pp. 144–150 (2008)Google Scholar
  31. 31.
    Rieback, M.R., Crispo, B., Tanenbaum, A.S.: RFID guardian: a battery-powered mobile device for RFID privacy management. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 184–194. Springer, Heidelberg (2005).  https://doi.org/10.1007/11506157_16CrossRefzbMATHGoogle Scholar
  32. 32.
    Kinoshita, S., Hoshino, F., Komuro, T., Fujimura, A., Ohkubo, M.: Low-cost RFID privacy protection scheme. IPS J. 45(8), 2007–2021 (2004)Google Scholar
  33. 33.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006).  https://doi.org/10.1007/11833529_93CrossRefGoogle Scholar
  34. 34.
    Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad-hoc Netw. 11(8), 2661–2674 (2013)CrossRefGoogle Scholar
  35. 35.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74619-5_12CrossRefGoogle Scholar
  36. 36.
    Bogdanov, A., et al.: PRESENT: An Ultra-lightweight Block Cipher. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74735-2_31CrossRefzbMATHGoogle Scholar
  37. 37.
    Son, S., McKinley, K.S., Shmatikov, V.: Diglossia: detecting code injection attacks with precision and efficiency. In: Proceedings of the ACM SIGSAC Conference Computer Communications Security, pp. 1181–1192 (2013)Google Scholar
  38. 38.
    Salman, O.: Identity-based authentication scheme for the Internet of Things. In: Proceedings of the IEEE 21st Symposium on Computers and Communication (ISCC), Italy, pp. 1109–1111 (2016)Google Scholar
  39. 39.
    Nobakht, M., Sivaraman, V., Boreli, R.: A host-based intrusion detection and mitigation framework for smart home IoT using OpenFlow. In: Proceedings of the IEEE 11th International Conference on Availability, Reliability and Security (ARES), pp. 147–156 (2016)Google Scholar
  40. 40.
    Chakrabarty, S., Engels, D.W., Thathapudi, S.: Black SDN for the Internet of Things. In: Proceedings of the IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Dallas, USA, pp. 190–198 (2015)Google Scholar
  41. 41.
    Bull, P.: Flow based security for IoT devices using an SDN gateway. In: Proceedings of the IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Austria, pp. 157–163 (2016)Google Scholar
  42. 42.
    Flauzac, O.: SDN based architecture for IoT and improvement of the security. In: Proceedings of the IEEE 29th International Conference on Advanced Information Networking and Applications Workshops (WAINA), South Korea, pp. 688–693 (2015)Google Scholar
  43. 43.
    Gonzalez, C.: A novel distributed SDN-secured architecture for the IoT. In: Proceedings of the IEEE International Conference on Distributed Computing in Sensor systems (DCOSS), Washington, USA, pp. 244–249 (2016)Google Scholar
  44. 44.
    Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 27th International Telecommunication Networks and Applications Conference (ITNAC). IEEE (2017)Google Scholar
  45. 45.
    Satasiya, D., Raviya, R., Kumar, H.: Enhanced SDN security using firewall in a distributed scenario. In: 2016 International Conference on Advanced Communication Control and Computing Technologies (ICACCCT). ISBN No. 978-1-4673-9545-8Google Scholar
  46. 46.
    Tselios, C., Politis, I., Kotsopoulos, S.: Enhancing SDN security for IoT-related deployments through Blockchain. In: IEEE NFV-SDN 2017 - Third International Workshop on Security in NFV-SDN,978-1-5386-3285-7/17. IEEE (2017)Google Scholar
  47. 47.
    IBM Corp.: Blockchain benefits for electronics - White Paper. https://public.dhe.ibm.com/common/ssi/ecm/gb/en/gbe03809usen/GBE03809USEN.PDF
  48. 48.
    Microsoft Corp.: Blockchain as a Service. https://azure.microsoft.com/en-us/solutions/blockchain/
  49. 49.
    The Linux Foundation: Hyperledger project. https://www.hyperledger.org/
  50. 50.
  51. 51.
    Citrix Systems Inc., Netscaler: Secure Event Delivery ControllerGoogle Scholar
  52. 52.
    Sharma, P.K., Chen, M-Y., Park, J.H.: A software defined fog node based distributed blockchain cloud architecture for IoT. IEEE Access.  https://doi.org/10.1109/ACCESS.2017.2757955CrossRefGoogle Scholar
  53. 53.
    Duong, T., Fan, L., Zhou, H.S.: 2-hop blockchain: combining proof-of-work and proof-of-stake securely. In: IACR 2016, pp. 1–40 (2016)Google Scholar
  54. 54.
    Somasundaram, T.S., Kannan, G.: CLOUDRB: a framework for scheduling and managing high-performance computing (HPC) applications in science cloud. Future Gener. Comput. Syst. 34, 47–65 (2014)CrossRefGoogle Scholar
  55. 55.
    Sharma, P.K., Singh, S., Jeong, Y.-S., Park, J.H.: DistBlockNet: a distributed blockchains-based secure SDN architecture for IoT networks. IEEE Commun. Mag. 55(9), 78–85 (2017)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Pillai College of EngineeringMumbai UniversityNavi MumbaiIndia

Personalised recommendations