Security Threats in Iot: Vision, Technologies & Research Challenges
Security Threats in Iot: Vision, Technologies & Research Challenges
Security Threats in Iot: Vision, Technologies & Research Challenges
Challenges
Anu Raj Shiva Prakash
Department of Information Tech. & Computer Application Department of Information Tech. & Computer Application
Madan Mohan Malaviya University of Technology Madan Mohan Malaviya University of Technology
Gorakhpur, India Gorakhpur, India
anu.raj10@yahoo.com shiva.plko@gmail.com
Abstract
Internet of things is group of numerous types of objects “things” that are embedded with sensors,
software, and different technologies in order to communicate and share data with other devices over the
internet. It supports a wide variety of applications which include smart home, smart TV, smart car,
smart city, smart agriculture system, smart health monitoring system, emergency services, digital
fingerprint system etc. It is a gigantic technology that enable us to connect with anything, anyone at any
time and at any network. Now a day, the IoT networks are susceptible to various security and privacy
threats due to heavy usage of IoT objects. There is excessively need of deploying efficient security &
privacy solution to ensure integrity, confidentiality, access control, and authenticity in IoT devices. This
paper mainly focusses on security threats in IoT along with its vision, technologies and research
challenges. Various emerging technologies such as fog computing, edge computing, blockchain and
machine learning to increase the strength of security in IoT are also discussed. The paper also provides
a comparative analysis of various IoT security techniques on the basis of their benefits and IoT
solutions. This framework will be useful to new researchers in uncovering the other security threat as
well as finding efficient the IoT security solutions.
I. INTRODUCTION
Internet of Things is a collection of various kind of physical objects or devices that are normally
connected over internet which enable them to communicate with each other. Basically, it connects user
to user interaction so that they could communicate with each other while sitting at any corner of the
world. In this new era of technology devices have become an imperative part of our life. The objective
of IoT is to make devices able to take decisions or automatic system with a various type of latest
technologies [1]. With the advancement of IoT technologies in the world foresees various advances in
smart homes, smart irrigation system, smart health care system and other areas [2]. IoT lift up the
connectivity and raise the popularity of devices. It supports a wide variety of applications which include
smart home, smart TV, smart car, smart city, smart agriculture system, smart health monitoring system,
emergency services, digital fingerprint system etc. Expert System, machine learning and data mining
are the main components of IoT applications. In the recent years, billions of IoT devices have rapidly
increases, with a prediction of over 50 billion physical devices connected to the Internet by 2020. It is
a big revolution in term of technology that represents the future of computation and data sharing
technologies.
The very first vision of the Internet of Thing was to tag physical thing that uniquely identify the things
using RFID readers. This technique was adopted within diverse business areas which was economically
feasible. In todays’ world, the new concept has emerged to acquire the perception of identifying a
worldwide framework of interconnected networks. The recent progresses in field of technologies have
extended the vision of the IoT by incorporating other technologies such as wireless sensor networks,
machine learning, cloud computing. In current scenario, IoT is providing a real-time intelligent platform
for the collaboration of various type of smart devices via Internet. This progress is aspired not only by
the success of RFID tag reader, but also by the accomplishment of wireless networks, such as 5G,
WiMAX, LTE and its wide area connection capabilities. It is axiomatic with the worldwide adoption
of smart devices like smart TVs, smart phones, and smart fridges, smart cities etc. Additionally, earlier
form of IoT mainly emphasize on information services which provide same through centralized
interface having remote access capabilities. Now recent service providers provide smart phone based
or a server based centralized system to access sensor information all over the world. The development
of IoT mainly based on dynamic technical innovation in various fields which extends from wireless
sensors to nanotechnology [3]. But due to continuously increasing large number of devices it may be
possible to various security threats to networks as well as devices. IoT devices needs to be fully secured
and better quality of services for various IoT applications. There are many research challenges covering
all the domain which includes various issues of data collection & processing, designing, management
and using a multi-national, multi-industry, multi-technology framework, the business-related issues like
developing new IoT models, and the organizational, political and social issues of innovative technology
which promises to change the vision of our live-in a new direction over worldwide. There are a plenty
of technical challenges, to overcome it requires thoroughly evaluation of IoT solutions. The objective
of this paper is to identify various security issues and research challenges for the future IoT which may
help to future researches in this field. This survey will be helpful to researchers as a relevant source for
security enhancement for upcoming IoT applications.
The paper is organized in this way: section II of the paper discusses about the literature review of the
IoT. Section III is about various security issues and threats in IoT at all four layers of IoT application.
Section IV is about IoT security using various Technologies such as fog computing, edge computing,
blockchain, and machine learning. Section V of this survey paper provides a brief comparative study
and discussion about the techniques which is previously mentioned in section IV. Section VI is
described the various research challenges and issues. The last section of this paper is section VII which
contains conclusion.
The integration of smart devices over Internet emerges several privacy, security and various challenges
because most of the Internet related technologies were not supported IoT. This section gives an
introduction to the venerability and survey on various security issues in IoT.
Nia, A. M. et al. [4] explained various security issues which can be foremost to destroy the IoT devices.
The author introduced two new security issues in devices which can be exploited by the intruder which
exponentially increases the number of vulnerabilities and unpredicted uses of information in IoT
environment. Anne et al. [5] surveyed mainly on the security issues and various research challenges
related to IoT middleware and explained various aspect of existing protocols and their security issues
in IoT devices. Bonetto et al. [6] surveyed on cases related to secure connection that record the
convention stack design. The author proposed a lightweight methodology to make one to one secure
communication channel which require negligible embracement of artificial IoT gadgets. M. Guizani et
al. [7] explained various trust management technologies for IoT devices based on their merits and
demerits. The author surveyed about what are the techniques used to secure the various IoT devices and
networks. Sicari et al. [8] explained various solutions to privacy and security related threats in IoT
which are confidentiality, authorisation, privacy, and integrity etc. The author summarized that most of
the privacy & security threats in IoT are open problems that should be identify and disclose in order to
protect the IoT devices from these privacy & security issues. Harris et al. [9] explored Lamina, a
flexible framework that setup protection for client gadget in-cooperation with IoT spaces. Lamina
furthermore ensure everyone in IoT space can accumulate sufficient information with respect to clients
navigating the space to give Targeted information and organizations while at this point getting the
clients identities. Chiang et al. [10] surveyed on the research challenges in of fog computing, focused
on communication of IoT devices and its networking issues. Now a days, fog computing covers both
wireless as well as wired network scenarios, data processing and sharing is done across both hardware
and software, stays not only on edge network but also among end users. O'Leary et al. [11] studied on
how the devices or object in IoT creates data, how it is utilized to produce semantic signs and dissect
the significance of utilizing 'Big Data', and the 'Internet of Things'. Riggins et al. [12] proposed how
joining of medical heath monitoring system and versatile application with tele-medication can improve
the production and patient's experience. Dimitrov et al. [13] explored the behavioural, managerial and
business challenges of IoT that are essential for each person in the organization, MNC companies and
society. Wang et al. [14] investigated two ideas of verification in IoT initial one is Attribute-Based
Encryption and other is Cipher content Policy Attribute-Based Encryption. Attribute-Based Encryption
provides a public key encryption algorithm which allow a grained get to control, a flexible key
management, and information allocation. Table 1 describe the contributions of the past related works on
IoT security. Though a lot of research works have been done in this field but there are some limitations
in every aspect of IoT. This table shows the previous related work their corresponding author and their
year of publication and what are security threats were emerging in IoT applications.
SENSING
SENSING LAYER
LAYER NETWORK LAYER MIDDLEWARE APPLICATION
LAYER LAYER
It is concluded that there is a requirement of proper security solution in Internet of Thing because there
is huge amount of IOT objects which only focus on software security threats and do not consider about
hardware security issues.
IOT
Figure.2. shows various IoT security solution using various techniques [28]. All four techniques are
described below:
1. Blockchain – Blockchain and IoT are significant advancements that will profoundly affect the
IT business. These two innovations target to improve the general straightforwardness,
perceivability, level of solace and trust for the end clients. The internet of thing give continuous
information from sensors as well as blockchain gives security to board to the handled
information utilizing a conveyed, decentralized and shared record.
2. Fog Computing-It is a system that takes straightforward choices with respect to the information
that is gathered by the sensors though, the intricate choices are taken on cloud. Fog and
distributed computing are two free advances which includes numerous applications. Internet of
thing has furnished clients with various kind of brilliant gadgets and its applications.
Additionally, a cloud gives an extremely viable answer for store and oversee information which
can be gotten to from anyplace and is broadly utilized by numerous associations. IoT is creating
a remarkable measure of information, which puts a great deal of strain on the Internet
organisation. The incorporation of fog computing and IoT presents a time of new freedoms of
devices and difficulties for handling, putting away, overseeing and getting information all the
more successfully.
3. Machine learning-The areas of AI has pulled us in critical conditions over past years. A large
number of areas uses AI for their turn of events, and it is being utilized for IoT security issues
as well. This technique has capability to provide a solution for IoT objects against digital threats
by developing an alternating way to handle these threats and protect devices from it.
4. Edge Computing- Fog and edge computing both are expansions of distributed computing which
is mainly used by different associations. Fog, cloud, and edge all are comparable, however they
build up different layers of IoT applications. The cloud is sent at a lot bigger scope that
necessities to deal with enormous measure of information and is arranged at similarly more
separation from its clients. To deal with the issues looked by distributed and edge computing is
used as a solution where a little edge server is set between the client and the fog.
This section is representing comparative study of various IoT security techniques based on their benefits
and solutions as shown in Table 2. Various research issues and threats also discussed corresponding to
the IoT security techniques and their specific solutions arrangements on which the analysts are working
upon and further investigations are going in the associated field. The given table shows the comparisons
between various techniques on the basis of their security issues in IoT, advantages and possible
solutions.
Above table summarises the critical analysis of the different IoT security Techniques which includes
blockchain, machine learning, fog computing and Edge Computing. From the above table we concluded
that every IoT security techniques has its own method of securing data. More effective and reliable
methodologies need to develop that can reach to all the devices as well as prevent abandoned utilization
of computation power. Various kind of Machine Learning & blockchain based methods should be
intended to verify the information in the devices to protect from threats.
Internet of Thing provide a new dimension to the Internet and can add to broad monetary benefits but
it also faces some difficulties. This section discusses some of the general research challenges in IoT.
• Security & Privacy: Authentication., authorisation, integrity, and encryption & decryption are
considered open challenges in IoT, as a large part of the information being procured and
conveyed contain individual data [29]. All the communication between clients in blockchain
are public, so it may be possible that private data of clients can be disclosed which can leads to
dangerous threat.
• Data Storage & Management: data storage & management is an open exploration challenge to
discover balance, which will be ideal for IoT objects. The accomplishment of an AI machines
relies upon these elements just as variety in selecting information. IoT applications are making
a tremendous measure of information, and it is an important issue for spotless and pre-measure
that information precisely.
• Latency challenges: Based on the situation, an IoT organization may create a lot of information
needs more opportunity for preparing and calculation that possibly expand the general
exhibition and leads to data latency issues in the organization.
• Scalability: Devices are collaborated inside an open environment. Essential features for
example, connection and service request/response etc require to work equal efficient in both
environment, small large-scale framework [30]. The Internet of thing need a new feature and
methodology to acquire effective strategy for scalability.
• Vulnerability. A large number of dangers which include malware and malignant code, builds
the test of recognizing, verifying, and forestalling them continuously IoT organizations.
• Resilience and Reliability: In industrial surrounding or in emergency use cases temporary cases
cannot be acknowledged. Consequently, versatility and unwavering quality issues in IoT
should be explored from a general framework see and also contain angles like accessibility,
strength and adaptability of the correspondence and equipment.
The privacy & security using blockchain technology relies upon its methodology of implementation
and the utilization of software and hardware in it. These are various kind of research problems that
should be identify in near future for better of IoT implementation in this world.
REFERENCES
1 M. Mohammadi, A. Al-Fuqaha, M. Guizani, and J. S. Oh, “Semi supervised deep reinforcement
learning in support of IoT and smart city services”, IEEE IoT J., Vol. 5, No. 2, pp. 624-635,
2017.
2 Parul Datta, “A Survey on IoT Architectures, Protocols, Security and Smart City based
Applications” IEEE – 40222, 8th ICCCNT 2017 July 3-5, IIT Delhi., 2017.
3 Somayya Madakam, Internet of Things (IoT): A Literature Review, Journal of Computer and
Communications, vol 3, 164-173, 2015.
4 Nia, A. M., & Jha, N. K. “A Comprehensive Study of Security of Internet-of- Things”. IEEE
Transactions on Emerging Topics in Computing. (pp. 20-23). 2014 December.
6 Bonetto, Riccardo, Nicola Bui, Vishwas Lakkundi, Alexis Olivereau, Alexandru Serbanati,
and Michele Rossi. "Secure communication for smart IoT objects: Protocol stacks, use cases
and practical examples." In World of Wireless, Mobile and Multimedia Networks
(WoWMoM), 2012 IEEE International Symposium on a, pp. 1-7. IEEE, 2012.
7 I. U. Din, M. Guizani, B.-S. Kim, S. Hassan, and M. K. Khan, “Trust management techniques
for the internet of things: A survey,” IEEE Access, vol. 7, pp. 29 763–29 787, 2019.
8 Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A., “Security, privacy and trust in
Internet of Things: The road ahead”, Computer networks, 76, pp. 146-164, 2015.
9 Harris, Albert F., Hari Sundaram, and Robin Kravets. "Security and Privacy in Public IoT
Spaces." In Computer Communication and Networks (ICCCN), 2016 25th International
Conference on, pp. 1-8. IEEE, 2016.
10 Chiang, M. and Zhang, T., Fog and IoT: An overview of research opportunities. IEEE Internet
of Things Journal, 3(6), pp.854- 864, 2016.
11 O'Leary, D.E., 2013. BIG DATA’, The Internet of Things and Internet of Signs: Intelligent
Systems in Accounting, Finance and Management, 20(1), Wiley Online Library, pp.53-65.
12 Riggins, F.J. and Wamba, S.F., “January. Research directions on the adoption, usage, and
impact of the internet of things through the use of big data analytics” ,48th Hawaii International
Conference on System Sciences (pp. 1531-1540). IEEE., 2015.
13 Dimitrov, D.V. “Medical internet of things and big data in healthcare”, Healthcare informatics
research, 22(3), pp.156-163, 2016.
14 Wang, Xinlei, Jianqing Zhang, Eve M. Schooler, and Mihaela Ion. "Performance evaluation of
attribute-based encryption: Toward data privacy in the IoT." In 2014 47 IEEE International
Conference on Communications (ICC), pp. 725-730. IEEE, 2014.
16 W. Yu, F. Liang, X. He, W. G. Hatcher, C. Lu, J. Lin, and X. Yang, “A survey on the edge
computing for the internet of things,” IEEE access, vol. 6, pp. 6900–6919, 2018
17 Anu Raj and Shiva Prakash, “Internet of Everything: A Survey based on Architecture, Issues
and Challenges”, 5th IEEE Uttar Pradesh Section International Conference on Electrical,
Electronics and Computer Engineering (UPCON-2018), MMMUT Gorakhpur, pp. 857-862,
November. 2 -4 , 2018.
18 Y. Yang, L. Wu, G. Yin, L. Li, and H. Zhao, “A survey on security and privacy issues in
internet-of-things,” IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1250–1258, Oct 2017.
20 I. Farris, T. Taleb, Y. Khettab, and J. Song, “A survey on emerging SDN and NFV security
mechanisms for IoT systems,” IEEE Communications Surveys & Tutorials, vol. 21, no. 1, pp.
812–837, 2018
21 Vikas Hassajia, Vinay Chamola, Vikas Saxsena, Divyansh Jain, Pranay Goyal and Biplab
Sikdar. “A Survey on IoT Security: Application Areas, Security Threats, and Solution
Architectures” IEEE Access VOLUME x, 2019.
22 Francesca Meneghello, Matteo Calore, Daniel Zucchetto, Michele Polese, Andrea Zanella
“IoT: Internet of Threats? A survey of practical security vulnerabilities in real IoT devices”,
IEEE Internet of Things Journal, 2019.
23 Ranjana Sikarwar, Pradeep Yadav, Aditya Dubey “A Survey on IOT enabled cloud platforms”
9th IEEE International Conference on Communication Systems and Network Technologies,
2020
24 Sharaf-Dabbagh, Y., & Saad, W. (2016, June). On the authentication of devices in the Internet
of Things. In 2016 IEEE17th International Symposium on A World of Wireless, Mobile and
Multimedia Networks (WoWMoM), pp. 1-3, 2016.
26 G. Verma and S. Prakash, “Internet of Things for Healthcare: Research Challenges and Future
Prospects”, researchgate.net, 14 Sept, 2020.
27 Saijshree Srivastava, Shiva Prakash, “Review on Enhanced Energy Efficient Routing Protocol
of WSN and Use of IoT”, International Conference on Recent Trends in Science & Technology-
2020, ATME College of Engineering, Mysuru, INDIA, 2020.
28 K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts for the internet of things,”
Ieee Access, vol. 4, pp. 2292–2303, 2016.
29 G. Verma and S. Prakash, "A Study Towards Current Trends, Issues and Challenges in Internet
of Things (IoT) based System for Intelligent Energy Management," 2019 4th International
Conference on Information Systems and Computer Networks (ISCON), Mathura, India, pp.
358-365, 2019.
31 J. Lin, W. Yu, N. Zhang, X. Yang, H. Zhang, and W. Zhao, “A survey on internet of things:
Architecture, enabling technologies, security and privacy, and applications,” IEEE Internet of
Things Journal, vol. 4, no. 5, pp. 1125–1142, 2017.
32 Garima Verma, S Prakash, “Design and Implementation of Modified Unicode Strategy for Data
Security in IoT”, International Journal of Advanced Science and Technology (IJAST), Vol. 29,
Issue 06, ISSN: 2005-4238, May 20, 2020, pp. 6271 – 6294.