Browse > Article
http://dx.doi.org/10.22937/IJCSNS.2021.21.1.15

Security Threats and Attacks in Internet of Things (IOTs)  

Almtrafi, Sara Mutlaq (College of Computers and Information Technology)
Alkhudadi, Bdour Abduallatif (College of Computers and Information Technology)
Sami, Gofran (Umm Al-Qura University)
Alhakami, Wajdi (College of Computers and Information Technology)
Publication Information
International Journal of Computer Science & Network Security / v.21, no.1, 2021 , pp. 107-118 More about this Journal
Abstract
The term Internet of Things (IoTs) refers to the future where things are known daily through the Internet, whether in one way or another, as it is done by the method of collecting various information from various sensors to form a huge network through which people, things and machines are helped to make a link between them at all time and anywhere. The IoTs is everywhere around us such as connected appliances, smart homes security systems and wearable health monitors. However, the question is what if there is a malfunction or outside interference that affects the work of these IoTs based devises? This is the reason of the spread of security causes great concern with the widespread availability of the Internet and Internet devices that are subject to many attacks. Since there aren't many studies that combines requirements, mechanisms, and the attacks of the IoTs, this paper which explores recent published studies between 2017 and 2020 considering different security approaches of protection related to the authentication, integrity, availability and confidentiality Additionally, the paper addresses the different types of attacks in IoTs. We have also addressed the different approaches aim to prevention mechanisms according to several researchers' conclusions and recommendations.
Keywords
Security; IoTs; Security; Attacks;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Xu, B., Wang, W., Hao, Q., Zhang, Z., Du, P., Xia, T., ... & Wang, X. (2018). A security design for the detecting of buffer overflow attacks in IoT device. IEEE Access, 6, 72862-72869.   DOI
2 Hamidouche, R., Aliouat, Z., Ari, A. A. A., & Gueroui, M. (2019). An efficient clustering strategy avoiding buffer overflow in IoT sensors: a bio-inspired based approach. IEEE Access, 7, 156733-156751.   DOI
3 Kang, J. J., Fahd, K., Venkatraman, S., Trujillo-Rasua, R., & Haskell-Dowland, P. (2019, November). Hybrid Routing for Manin-the-Middle (MITM) Attack Detection in IoT Networks. In 2019 29th International Telecommunication Networks and Applications Conference (ITNAC) (pp. 1-6). IEEE.
4 Mustafa, K. A. R. A., & Furat, M. U. R. A. T. (2018). Client-Server Based Authentication Against MITM Attack via Fast Communication for IIoT Devices. Balkan Journal of Electrical and Computer Engineering, 6(2), 88-93.
5 Zhu, H., Yuan, Y., Chen, Y., Zha, Y., Xi, W., Jia, B., & Xin, Y. (2019). A secure and efficient data integrity verification scheme for cloud-IoT based on short signature. IEEE Access, 7, 90036-90044.   DOI
6 Zhang, Y., He, Q., Chen, G., Zhang, X., & Xiang, Y. (2019). A Low-Overhead, Confidentiality-Assured, and Authenticated Data Acquisition Framework for IoT. IEEE Transactions on Industrial Informatics.
7 Chanal, P. M., & Kakkasageri, M. S. (2019, July). Hybrid Algorithm for Data Confidentiality in Internet of Things. In 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (pp. 1-5). IEEE.
8 Lin, C. H., Hsieh, W. S., Mo, F., & Chang, M. H. (2016, March). A PTC scheme for internet of things: Private-trust-confidentiality. In 2016 30th International Conference on Advanced Information Networking and Applications Workshops (WAINA) (pp. 969-974). IEEE.
9 Purohit, K. C., Bisht, S., Joshi, A., & Bhatt, J. (2017, September). Hybrid approach for securing IoT communication using authentication and data confidentiality. In 2017 3rd International Conference on Advances in Computing, Communication & Automation (ICACCA)(Fall) (pp. 1-6). IEEE.
10 Wei, M., Liang, E., & Nie, Z. (2020, January). A SDN-based IoT Fine-grained Access Control Method. In 2020 International Conference on Information Networking (ICOIN) (pp. 637-642). IEEE.
11 Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, F., Roger, A., & Sirdey, R. (2017, April). Towards better availability and accountability for IoT updates by means of a blockchain. In 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 50-58). IEEE.
12 Cekerevac, Z., Dvorak, Z., Prigoda, L., & Cekerevac, P. (2017). Internet of things and the man-in-the-middle attacks-security and economic risks. MEST Journal, 5(2), 15-25.   DOI
13 Feng, Y., Wang, W., Weng, Y., & Zhang, H. (2017, July). A replay-attack resistant authentication scheme for the internet of things. In 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC) (Vol. 1, pp. 541-547). IEEE.
14 Sicari, S., Rizzardi, A., Miorandi, D., & Coen-Porisini, A. (2018). REATO: REActing TO Denial of Service attacks in the Internet of Things. Computer Networks, 137, 37-48.   DOI
15 Shurman, M. M., Khrais, R. M., & Yateem, A. A. (2019, December). IoT Denial-of-Service Attack Detection and Prevention Using Hybrid IDS. In 2019 International Arab Conference on Information Technology (ACIT)(pp.252-254).IEEE.
16 Rajendran, G., Nivash, R. R., Parthy, P. P., & Balamurugan, S. (2019, October). Modern security threats in the Internet of Things (IoT): Attacks and Countermeasures. In 2019 International Carnahan Conference on Security Technology (ICCST) (pp. 1-6). IEEE.
17 Ghugar, U., & Pradhan, J. (2020). Survey of wormhole attack in wireless sensor networks. Computer Science and Information Technologies, 2(1), 33-42.   DOI
18 Nicula, s., & Zota, R. D. (2019). Exploiting stack-based buffer overflow using modern day techniques. Procedia Computer Science, 160, 9-14.   DOI
19 Deshmukh-Bhosale, S., & Sonavane, S. S. (2019). A real-time intrusion detection system for wormhole attack in the RPL based Internet of Things. Procedia Manufacturing, 32, 840-847.   DOI
20 Lao, L., Dai, X., Xiao, B., & Guo, S. (2020, May). G-PBFT: A Location-based and Scalable Consensus Protocol for IoT-Blockchain Applications. In 2020 IEEE International Parallel and Distributed Processing Symposium (IPDPS) (pp. 664-673). IEEE.
21 Khan, S., Alzahrani, A. I., Alfarraj, O., Alalwan, N., & Al-Bayatti, A. H. (2019). Resource Efficient Authentication and Session Key Establishment Procedure for Low-Resource IoT Devices. IEEE Access, 7, 170615-170628.   DOI
22 Chehida, S., Baouya, A., Bozga, M., & Bensalem, S. (2020, June). Exploration of Impactful Countermeasures on IoT Attacks. In 2020 9th Mediterranean Conference on Embedded Computing (MECO) (pp. 1-4). IEEE.
23 Kajwadkar, S., & Jain, V. K. (2018, October). A Novel Algorithm for DoS and DDoS attack detection in Internet of Things. In 2018 Conference on Information and Communication Technology (CICT) (pp. 1-4). IEEE.
24 Singh, R., Tanwar, S., & Sharma, T. P. (2020). Utilization of blockchain for mitigating the distributed denial of service attacks. Security and Privacy, 3(3), e96.
25 Abbasi, M., Yaghmaee, M. H., & Rahnama, F. (2019, April). Internet of Things in agriculture: a survey. In 2019 3rd International Conference on Internet of Things and Applications (IoT) (pp. 1-12). IEEE.
26 Volochiy, B., Yakovyna, V., & Mulyak, O. (2017, September). Queueing networks for availability and safety assessment of the IoT data service. In 2017 12th International Scientific and Technical Conference on Computer Sciences and Information Technologies (CSIT) (Vol. 1, pp.393-396).IEEE.
27 Chen, Y. W., Sheu, J. P., Kuo, Y. C., & Van Cuong, N. (2020, June). Design and Implementation of IoT DDoS Attacks Detection System based on Machine Learning. In 2020 European Conference on Networks and Communications (EuCNC) (pp. 122-127). IEEE
28 Wang, Y., Chen, C., Chen, Z., & He, J. (2020). Attribute-Based User Revocable Data Integrity Audit for Internet-of-Things Devices in Cloud Storage. Security and Communication Networks, 2020.
29 Bahgat, M. M., Farag, H. H., & Mokhtar, B. (2018, December). IoT-Based Online Access Control System for Vehicles in Truck-Loading Fuels Terminals. In 2018 30th International Conference on Microelectronics (ICM) (pp. 1-4). IEEE.
30 Jaladi, A. R., Khithani, K., Pawar, P., Malvi, K., & Sahoo, G. (2017). Environmental monitoring using wireless sensor networks (WSN) based on IOT. Int. Res. J. Eng. Technol, 4(1), 1371-1378.
31 Haripriya, A. P., & Kulothungan, K. (2019). Secure-MQTT: an efficient fuzzy logic-based approach to detect DoS attack in MQTT protocol for internet of things. EURASIP Journal on Wireless Communications and Networking, 2019(1), 90.   DOI
32 Dammak, M., Boudia, O. R. M., Messous, M. A., Senouci, S. M., & Gransart, C. (2019, January). Token-based lightweight authentication to secure IoT networks. In 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1-4). IEEE.
33 Razzaq, M. A., Gill, S. H., Qureshi, M. A., & Ullah, S. (2017). Security issues in the Internet of Things (IoT): a comprehensive study. International Journal of Advanced Computer Science and Applications, 8(6), 383.
34 Mishra, A. K., Tripathy, A. K., Puthal, D., & Yang, L. T. (2018). Analytical model for sybil attack phases in internet of things. IEEE Internet of Things Journal, 6(1), 379-387.   DOI
35 Almogren, A., Mohiuddin, I., Din, I. U., Al Majed, H., & Guizani, N. (2020). FTM-IoMT: Fuzzy-based Trust Management for Preventing Sybil Attacks in Internet of Medical Things. IEEE Internet of Things Journal.
36 Esfahani, A., Mantas, G., Matischek, R., Saghezchi, F. B., Rodriguez, J., Bicaku, A., ... & Bastos, J. (2017). A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet of Things Journal, 6(1), 288-296.   DOI
37 Kocakulak, M., & Butun, I. (2017, January). An overview of Wireless Sensor Networks towards internet of things. In 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 1-6). IEEE.
38 Loukil, F. (2019). Towards a new data privacy-based approach for IoT (Doctoral dissertation, Universite Jean Moulin Lyon 3)
39 Grammatikis, P. I. R., Sarigiannidis, P. G., & Moscholios, I. D. (2019). Securing the Internet of Things: Challenges, threats and solutions. Internet of Things, 5, 41-70.   DOI
40 Gope, P., & Sikdar, B. (2018). Lightweight and privacy-preserving two-factor authentication scheme for IoT devices. IEEE Internet of Things Journal, 6(1), 580-589.   DOI
41 Jan, M. A., Khan, F., Alam, M., & Usman, M. (2019). A payload-based mutual authentication scheme for Internet of Things. Future Generation Computer Systems, 92, 1028-1039.   DOI
42 Jabangwe, R., & Nguyen-Duc, A. (2020). SIoT Framework: Towards an Approach for Early Identification of Security Requirements for Internet-of-things Applications. e-Informatica Software Engineering Journal, 14(1), 77-95.
43 Tabari, A. Z., & Ou, X. (2020). A First Step Towards Understanding Real-world Attacks on IoT Devices. arXiv preprint arXiv:2003.01218.
44 Lu, X., Pan, Z., & Xian, H. (2020). An integrity verification scheme of cloud storage for internet-of-things mobile terminal devices. Computers &Security,92,101686.   DOI
45 Zhang, G., Kou, L., Zhang, L., Liu, C., Da, Q., & Sun, J. (2017). A new digital watermarking method for data integrity protection in the perception layer of IoT. Security and Communication Networks, 2017.
46 Li, J., Yi, X., & Wei, S. (2020, June). A Study of Network Security Situational Awareness in Internet of Things. In 2020 International Wireless Communications and Mobile Computing (IWCMC) (pp. 1624-1629). IEEE.