Security Analysis Threats, Attacks, Mitigations and Its Impact on the Internet of Things (IoT)
Alireza Nik Aein Koupaei,
Moscow Institute of Physics and Technology -MIPT (State University), Moscow region, Dolgoprudny, Russia;
Asia Pacific University (APU), Kuala Lumpur, Malaysia; Staffordshire University (SU), United Kingdom;
University of Applied Science and Technology (UAST), Isfahan, Iran,
anikaeinkoupaei@phystech.edu
Alexey N. Nazarov,
Federal Research Center Computer Science and Control of Russian Academy of Sciences, Moscow, Russia, a.nazarov06@bk.ru
DOI: 10.36724/2664-066X-2020-6-4-36-41
SYNCHROINFO JOURNAL. Volume 6, Number 4 (2020). P. 36-41
Abstract
In the past, only mobiles and computers were connected to the internet but in the new era with the advent of new technologies other things like security cameras, microwaves, cars and industrial equipment’s are now connected to internet. Internet of things (IoT), there are over several billion electronic equipment de- vices already on the internet, and within a decade these number is expected to scale above 20 billion devices. Smartphones and computers have various software security solutions to defend and protect them from most of threats and attacks, although there are indiscernible security solutions to take care of the rest of the IoT [1]. Lately, as a strong example, several thousands of security cameras were breached to proceed DOS and DDOS attacks that caused the Twitter down. Solutions in the IoT are not exclusively software but the entire physical environment of hardware, World Wide Web (WWW), Software, Cloud and mobile interfaces involved. The IoT ecosystem services are young and not very fully developed yet for these reasons there are main primarily concerns fact around IoT adoption due to security threats/attacks. IoT Top Security Concerns: Secure constrained devices, Secure communication, Keeping IoT hardware updated, Distributed Denial of Service (DDoS), Authorize and authenticate devices, Ensure data privacy and integrity. This research reviews the achievements of mitigation IoT security challenges and the key viewpoint is for authors to clearly dene adversary goals, assumptions and dependencies.
Keywords: Internet of Things (IoT), Cybersecurity threats and attacks, DDoS, Authorize and authenticate devices, Secure constrained devices, Ensure data privacy and integrity.
References
[1] S. Naik and V. Maral. 2017. “Cyber security | IoT,” 2nd IEEE International Conference on Recent Trends in Electronics, Information Communication Technology (RTEICT), Bangalore, 2017, pp. 764-767. doi:10.1109/RTEICT.
[2] Pacheco J., Hariri S. 2016. IoT security framework for smart cyber infrastructures. 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W). https://doi.org/10.1109/FAS-W.2016.58.
[3] Z. C. L. V. Sheng Z, Mahapatra C. 2015. Recent advances in industrial wireless sensor networks toward efficient management in IoT, IEEE Access, vol. 3, pp. 622-37.
[4] C. S. Chen, M. 2017. RFID Technologies for Internet of Things. Springer Cham.
[5] J. Hui and P. Thubert. 2011. Compression format for ipv6 datagrams over ieee 802.15.4-based networks,” IETF, Tech. Rep.
[6] C. V. C. S. G. A. H. Y. Baronti P, Pillai P. 2007. Wireless sensor networks: A survey on the state of the art and the 802.15.4 and zigbee standards,” Computer Communications, vol. 30, p. 16551695.
[7] M. M. Hossain, M. Fotouhi, and R. Hasan. 2015. Towards an analysis of security issues, challenges, and open problems in the internet of things,” in Services (SERVICES), 2015 IEEE World Congress on. IEEE, 2015, pp. 21-28.
[8] Ragupathy, Somasundaram Thirugnanam, Mythili. 2017. IoT in Health-care: Breaching Security Issues.
[9] M Antonakakis, T April, Akamai, M Bailey, M Bernhard, A Arbor, E Bursztein, J Cochran, Cloud are, Z Durumeric and J. Alex Halderman, L Invernizzi, M Kallitsis, D Kumar, C Lever, Z Ma and Joshua Mason, D Menscher, C Seaman, Akamai, N Sullivan, K Thomas, Yi Zhou. 2016. “Un- derstanding the Mirai Botnet”, 26th USENIX Security Symposium ,Vancouver, BC, Canada ISBN 978-1-931971-40-9
[10] K. Townsend. 2018. Financial services ddos attacks tied to reaper botnet,” in available at: https://www.securityweek.com/ nancial-servicesddos-attacks-tied-reaper-botnet.
[11] Howard Solomon. 2018. Top 10 IoT vulnerabilities,” in https://www.itworldcanada.com/article/top-10-iot-vulnerabilities-of-2018/413433.
[12] A. N. Nazarov and A. N. A. Koupaei. 2019. “An Architecture Model for Active Cyber Attacks on Intelligence Info-communication Systems:Application Based on Advance System Encryption (AES-512) Using Pre-Encrypted Search Table and Pseudo-Random Functions(PRFs),” 2019 International Conference on Engineering and Telecommunication (EnT), Dolgoprudny, Russia, 2019, pp. 1-5, doi: 10.1109/EnT47717.2019.9030541.
[13] Mahmoud Ammar, Giovanni Russello, Bruno Crispo,, 2018. Internet of Things: A survey on the security of IoT frameworks, Jour- nal of Information Security and Applications. Vol. 38. P. 8-27, ISSN 2214-2126, https://doi.org/10.1016/j.jisa.2017.11.002. (http://www.sciencedirect.com/science/article/pii/S2214212617302934)
[14] A. N. Nazarov and A. Nik Aein Koupaei. 2019. “Models of Risk of Attack of university Infocommunication System,” 2019 Systems of Signals Generating and Processing in the Field of on Board Communications, Moscow, Russia, pp. 1-8, doi: 10.1109/SOSG.2019.8706780.
[15] Angen, Gaute, Hallstensen, Christo er, nekkenes, Einar. 2018. A frame-work for estimating information security risk assessment method completeness,” International Journal of Information Security, vol. 17, no 6, p681-699.
[16] D. X. Z. Xuanxia Yao, Xiaoguang Han,, 2013. A lightweight multicast authentication mechanism for small scale iot applications,” IEEE Sensors, vol. 13, pp. 3693-3701.
[17] Rebecca E. Grinter and D. K. Smetters., 2018. “Three Challenges for Em-bedding Security into Applications”, Palo Alto Research Center (PARC) 3333 Coyote Hill Road Palo Alto, CA 94304 USA.
[18] H. Haddad Pajouh, R. Javidan, R. Khayami, D. Ali, and K. Choo. 2016. A two-layer dimension reduction and two-tier classi cation model for anomaly-based intrusion detection in iot backbone networks,” in IEEE Transactions on Emerging Topics in Computing.
[19] Arbia Riahi, Yacine Challal, Enrico Natalizio, Zied Chtourou,
Abdelmad-jid Bouabdallah. 2013. “A Systemic Approach for IoT
Security.” IEEE. DCOSS, 2013, Boston, United
States,
pp. 351-355.
[20] A. N. Nazarov, A. N. A. Koupaei, A. Dhoot, A. Azlan and S. M. R. Siadat. 2020. “Mathematical Modelling of Infrastructure as a Service,” 2020 Systems of Signals Generating and Processing in the Field of on Board Communications, Moscow, Russia, pp. 1-6, doi: 10.1109/IEEECONF48371.2020.9078629.
[21] M. K. Khan, S.-K. Kim, and K. Alghathbar. 2011. Cryptanalysis and security enhancement of a more efficient secure dynamic id-based remote user authentication scheme,” Computer Communications, vol. 34, no. 3, pp. 305-309.
[22] A. Nazarov, A. Sychev, A. N. A. Koupaei, S. K. Ojha and H. Rai. 2019. “Statistical compaction of a monitoring cloud cluster resource when processing streaming services,” 2019 International Conference on Engineering and Telecommunication (EnT), Dolgoprudny, Russia, pp. 1-5, doi: 10.1109/EnT47717.2019.9030598.
[23] Liu and P. Ning. 2004. Multilevel tesla: Broadcast authentication for distributed sensor networks,” ACM Transactions on Embedded Computing Systems (TECS), vol. 3, no. 4, pp. 800-836.
[24] W. Ben Jaballah, M. Mosbah, and H. Youssef. 2013. Performance
evaluation of key disclosure delay-based schemes in wireless sensor
networks,” in Pervasive Computing
and Communications Workshops (PERCOM Workshops), International Conference on Pervasive
Computing and Communications Workshops, PERCOM. IEEE, 2013,
pp. 566-571.
[25] B. Mbarek, A. Meddeb, W. B. Jaballah and M. Mosbah. 2015. A secure authentication mechanism for resource constrained devices, IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), Marrakech, pp. 1-7. Doi: 10.1109/AICCSA.2015.7507270.
[26] Achado, Caciano. 2018. IoT Data Integrity Verication for Cyber-Physical Systems Using Blockchain. 10.1109/ISORC.2018.00019.17.