research-article

Security Threats and Possible Countermeasures in IoT Applications Covering Different Industry Domains

Authors:

Musa G. Samaila,

João B. F. Sequeiros,

Mário M. Freire,

Pedro R. M. InácioAuthors Info & Claims

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

Article No.: 16, Pages 1 - 9

https://doi.org/10.1145/3230833.3232800

Published: 27 August 2018 Publication History

Abstract

The world is witnessing the emerging role of Internet of Things (IoT) as a technology that is transforming different industries, global community and its economy. Currently a plethora of interconnected smart devices have been deployed for diverse pervasive applications and services, and billions more are expected to be connected to the Internet in the near future. The potential benefits of IoT include improved quality of life, convenience, enhanced energy efficiency, and more productivity. Alongside these potential benefits, however, come increased security risks and potential for abuse. Arguably, this is partly because many IoT start-ups and electronics hobbyists lack security expertise, and some established companies do not make security a priority in their designs, and hence they produce IoT devices that are often ill-equipped in terms of security. In this paper, we discuss different IoT application areas, and identify security threats in IoT architecture. We consider security requirements and present typical security threats for each of the application domains. Finally, we present several possible security countermeasures, and introduce the IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework, which is still under development. IoT-HarPSecA is aimed at facilitating the design and prototyping of secure IoT devices.

References

[1]

D. Borio, C. O'Driscoll, and J. Fortuny. 2012. GNSS Jammers: Effects and countermeasures. In 6th ESA Workshop on Satellite Navigation Technologies (Navitec 2012) European Workshop on GNSS Signals and Signal Processing. 1--7.

[2]

P. Boughton. 2018. World's Smallest Seismic Sensor for the Internet of Things. (2018). http://www.engineerlive.com/content/world-s-smallest-seismic-sensor-internet-things

[3]

C. Cervantes, D. Poplade, M. Nogueira, and A. Santos. 2015. Detection of Sinkhole Attacks for Supporting Secure Routing on 6LoWPAN for Internet of Things. In IFIP/IEEE International Symposium on Integrated Network Management (IM). 606--611.

[4]

H. Chan, A. Perrig, and D. Song. 2003. Random Key Predistribution Schemes for Sensor Networks. In Symposium on Security and Privacy, 2003. 197--213.

Digital Library

[5]

A. Das, Rishikesh, and P. N. Astya. 2017. A Relative Survey of Various LEACH based Routing Protocols in Wireless Sensor Networks. In International Conference on Computing, Communication and Automation (ICCCA). 630--636.

[6]

S. N. Firdous, Z. Baig, C. Valli, and A. Ibrahim. 2017. Modelling and Evaluation of Malicious Attacks against the IoT MQTT Protocol. In IEEE International Conference on Internet of Things (iThings). 748--755.

[7]

D. Fraunholz, D. Krohmer, S. D. Anton, and H. Dieter Schotten. 2017. Investigation of Cyber Crime Conducted by Abusing Weak or Default Passwords with a Medium Interaction Honeypot. In International Conference on Cyber Security And Protection Of Digital Services (Cyber Security). 1--7.

[8]

C. C. Grant, A. Jones, A. Hamins, and N. Bryner. Jan., 2015. Realizing the Vision of Smart Fire Fighting. IEEE Potentials 34, 1 (Jan., 2015), 35--40.

[9]

R. Hoque, S. Hassan, M. A. Sadaf, A. Galib, and T. F. Karim. 2015. Earthquake Monitoring and Warning System. In International Conference on Advances in Electrical Engineering (ICAEE). 109--112.

[10]

M. Ibrahim, A. Elgamri, S. Babiker, and A. Mohamed. 2015. Internet of Things based Smart Environmental Monitoring using the Raspberry-Pi Computer. In 5th International Conference on Digital Information Processing and Communications (ICDIPC). 159--164.

[11]

G. Kambourakis, C. Kolias, and A. Stavrou. 2017. The Mirai Botnet and the IoT Zombie Armies. In IEEE Military Communications Conference (MILCOM). 267--272.

[12]

S. Kapoor, H. Pahuja, and B. Singh. 2016. Real Time Monitoring Alert System for Landslide. In 2nd International Conference on Contemporary Computing and Informatics (IC3I). 584--589.

[13]

G. Kecskemeti, G. Casale, D. N Jha, J. Lyon, and R. Ranjan. 2017. Modelling and Simulation Challenges in Internet of Things. IEEE Cloud Computing 4, 1 (Jan 2017), 62--69.

[14]

M. Ma, P. Wang, and C. H. Chu. 2018. Redundant Reader Elimination in Large-Scale Distributed RFID Networks. IEEE Internet of Things Journal PP, 99 (2018), 1--1.

[15]

M. Marjani, F. Nasaruddin, A. Gani, A. Karim, I. A. T. Hashem, A. Siddiqa, and I. Yaqoob. 2017. Big IoT Data Analytics: Architecture, Opportunities, and Open Research Challenges. IEEE Access 5 (2017), 5247--5261.

[16]

S. Nastic, H. L. Truong, and S. Dustdar. 2017. Data and Control Points: A Programming Model for Resource-constrained IoT Cloud Edge Devices. In IEEE International Conference on Systems, Man, and Cybernetics (SMC). 3535--3540.

[17]

D. Niewolny. 2014. How the Internet of Things Is Revolutionizing Healthcare. (2014). http://cache.freescale.com/files/corporate/doc/white_paper/IOTREVH\EALCARWP.pdf (accessed 20.02.15).

[18]

NIST. May, 2015. Research Roadmap for Smart Fire Fighting. Technical Report. 1--223 pages.

[19]

S. R. Oh and Y. G. Kim. 2017. Security Requirements Analysis for the IoT. In International Conference on Platform Technology and Service (PlatCon). 1--6.

[20]

A. A. Osuwa, E. B. Ekhoragbon, and L. T. Fat. 2017. Application of Artificial Intelligence in Internet of Things. In 9th International Conference on Computational Intelligence and Communication Networks (CICN). 169--173.

[21]

S. M. A. Oteafy and H. S. Hassanein. 2018. IoT in the Fog: A Roadmap for Data-Centric IoT Development. IEEE Communications Magazine 56, 3 (MARCH 2018), 157--163.

Digital Library

[22]

J. Pacheco, D. Ibarra, A. Vijay, and S. Hariri. 2017. IoT Security Framework for Smart Water System. In IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA). 1285--1292.

[23]

B. D. Patel and A. D. Patel. 2016. A Trust Based Solution for Detection of Network Layer Attacks in Sensor Networks. In International Conference on Micro-Electronics and Telecommunication Engineering (ICMETE). 121--126.

[24]

Q. Qi and F. Tao. 2018. Digital Twin and Big Data Towards Smart Manufacturing and Industry 4.0: 360 Degree Comparison. IEEE Access PP, 99 (2018), 1--1.

[25]

Y. Qiu and M. Ma. 2016. APMIPv6-Based Secured Mobility Scheme for 6LoWPAN. In IEEE Global Communications Conference (GLOBECOM). 1--6.

[26]

M. G. Samaila, M. Neto, D. A. B. Fernandes, M. M. Freire, and P. R. M. Inácio. May, 2018. Challenges of securing Internet of Things devices: A survey. Security and Privacy 1, 2 (May, 2018), e20. arXiv:https://onlinelibrary.wiley.com/doi/pdf/10.1002/spy2.20

[27]

M. G. Samaila, J. B. F. Sequeiros, A. F. P. P. Correia, M. M. Freire, and P. R. M. Inácio. 2018. Networks of the Future. CRC Press, Chapter A Quick Perspective on the Current State of IoT Security: A Survey, 431--464.

[28]

A. Shifa, M. N. Asghar, and M. Fleury. 2016. Multimedia Security Perspectives in IoT. In Sixth International Conference on Innovative Computing Technology (INTECH). 550--555.

[29]

S. Singh and N. Singh. 2015. Internet of Things (IoT): Security Challenges, Business Opportunities Reference Architecture for E-commerce. In International Conference on Green Computing and Internet of Things (ICGCIoT). 1577--1581.

Digital Library

[30]

Y. SivaKrishna, P. Rajalakshmi, J. Bandaru, A. Kumar, M. P. R. S. Kiran, M. A. Zubair, and U. B. Desai. 2015. Performance Analysis of Hybrid Multiple Radio IoT Architecture for Ubiquitous Connectivity. In IEEE 2nd World Forum on Internet of Things (WF-IoT). 198--203.

Digital Library

[31]

E. Smith and L. Fuller. 2017. Control Systems and the Internet of Things -Shrinking the Factory. In 56th FITCE Congress. 68--73.

[32]

S. W. Soliman, M. A. Sobh, and A. M. Bahaa-Eldin. 2017. Taxonomy of Malware Analysis in the IoT. In 12th International Conference on Computer Engineering and Systems (ICCES). 519--529.

[33]

W. Sun, J. Liu, and H. Zhang. 2017. When Smart Wearables Meet Intelligent Vehicles: Challenges and Future Directions. IEEE Wireless Communications 24, 3 (Jun. 2017), 58--65.

[34]

N. Tuptuk and S. Hailes. 2018. Security of smart manufacturing systems. Journal of Manufacturing Systems 47 (2018), 93--106.

[35]

P. Varga, S. Plosz, G. Soos, and C. Hegedus. May, 2017. Security Threats and Issues in Automation IoT,. In 13th IEEE International Workshop on Factory Communication Systems (WFCS). 1--6.

[36]

J. Voas. 2016. Demystifying the Internet of Things. Computer 49, 6 (June 2016), 80--83.

Digital Library

[37]

wiseGEEK. 2015. What is a Barbie Doll? (2015). http://www.wisegeek.com/what-is-a-barbie-doll.htm (accessed 19.02.15).

[38]

T. Yalçin. 2016. Compact ECDSA Engine for IoT Applications. Electronics Letters 52, 15 (2016), 1310--1312.

Cited By

Madanian SChinbat TSubasinghage MAirehrour DHassandoust FYongchareon S(2024)Health IoT Threats: Survey of Risks and VulnerabilitiesFuture Internet10.3390/fi1611038916:11(389)Online publication date: 23-Oct-2024
https://doi.org/10.3390/fi16110389
Mahadik SPawar PMuthalagu R(2023)Heterogeneous IoT (HetIoT) security: techniques, challenges and open issuesMultimedia Tools and Applications10.1007/s11042-023-16715-w83:12(35371-35412)Online publication date: 29-Sep-2023
https://doi.org/10.1007/s11042-023-16715-w
Al-Amiedy TAnbar MBelaton BKabla AHasbullah IAlashhab Z(2022)A Systematic Literature Review on Machine and Deep Learning Approaches for Detecting Attacks in RPL-Based 6LoWPAN of Internet of ThingsSensors10.3390/s2209340022:9(3400)Online publication date: 29-Apr-2022
https://doi.org/10.3390/s22093400
Show More Cited By

Recommendations

Emerging Security Threats and Countermeasures in IoT
ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

IoT (Internet of Things) diversifies the future Internet, and has drawn much attention. As more and more gadgets (i.e. Things) connected to the Internet, the huge amount of data exchanged has reached an unprecedented level. As sensitive and private ...
Performance evaluation of the SRE and SBPG components of the IoT hardware platform security advisor framework
Abstract
The applications of Internet of Things (IoT) and associated technologies have been spreading rapidly across a wide range of domains, including environmental monitoring, home automation, and supply chain, having a significant bearing on ...
IoT-HarPSecA: A Framework for Facilitating the Design and Development of Secure IoT Devices
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

The exponential growth in the number of Internet of Things (IoT) devices and applications in recent years can be attributed partly to the emergence of several new IoT startup companies and potential applications. While many of these startups offer ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

August 2018

603 pages

ISBN:9781450364485

DOI:10.1145/3230833

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Universität Hamburg: Universität Hamburg

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ARES 2018

ARES 2018: International Conference on Availability, Reliability and Security

August 27 - 30, 2018

Hamburg, Germany

Acceptance Rates

ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
765
Total Downloads

Downloads (Last 12 months)47
Downloads (Last 6 weeks)5

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Madanian SChinbat TSubasinghage MAirehrour DHassandoust FYongchareon S(2024)Health IoT Threats: Survey of Risks and VulnerabilitiesFuture Internet10.3390/fi1611038916:11(389)Online publication date: 23-Oct-2024
https://doi.org/10.3390/fi16110389
Mahadik SPawar PMuthalagu R(2023)Heterogeneous IoT (HetIoT) security: techniques, challenges and open issuesMultimedia Tools and Applications10.1007/s11042-023-16715-w83:12(35371-35412)Online publication date: 29-Sep-2023
https://doi.org/10.1007/s11042-023-16715-w
Al-Amiedy TAnbar MBelaton BKabla AHasbullah IAlashhab Z(2022)A Systematic Literature Review on Machine and Deep Learning Approaches for Detecting Attacks in RPL-Based 6LoWPAN of Internet of ThingsSensors10.3390/s2209340022:9(3400)Online publication date: 29-Apr-2022
https://doi.org/10.3390/s22093400
Adil MJan MLiu YAbulkasim HFarouk ASong H(2022)A Systematic Survey: Security Threats to UAV-Aided IoT Applications, Taxonomy, Current Challenges and Requirements With Future Research DirectionsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2022.3220043(1-19)Online publication date: 2022
https://doi.org/10.1109/TITS.2022.3220043
Nguyen TMin DChoi ELee J(2021)Dependability and Security Quantification of an Internet of Medical Things Infrastructure Based on Cloud-Fog-Edge Continuum for Healthcare Monitoring Using Hierarchical ModelsIEEE Internet of Things Journal10.1109/JIOT.2021.30814208:21(15704-15748)Online publication date: 1-Nov-2021
https://doi.org/10.1109/JIOT.2021.3081420
Mishra DSharma K(2021)A Trust-Based Framework to Reduce Message Dissemination Latency Using CFC Model for Internet of VehicleSoft Computing for Problem Solving10.1007/978-981-16-2712-5_38(461-479)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-981-16-2712-5_38
Samaila MJosé MSequeiros JFreire MInácio P(2019)IoT-HarPSecAProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340514(1-7)Online publication date: 26-Aug-2019
https://dl.acm.org/doi/10.1145/3339252.3340514
Yoon J(2019)Using a Deep-Learning Approach for Smart IoT Network Packet Analysis2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW.2019.00039(291-299)Online publication date: Jun-2019
https://doi.org/10.1109/EuroSPW.2019.00039

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents