Internet of things security vulnerabilities and  recommended solutions

Rashidah F.Olanrewaju; Burhan Ul Islam Khan; Farhat Anwar; Roohie Naaz Mir

doi:10.14419/ijet.v7i4.23147

Article Summary Abstract References Full Article How to cite

Authors
- Rashidah F.Olanrewaju Department of ECE, Kulliyyah of Engineering, IIUM Malaysia
- Burhan Ul Islam Khan Department of ECE, Kulliyyah of Engineering, IIUM Malaysia
- Farhat Anwar Department of ECE, Kulliyyah of Engineering, IIUM Malaysia
- Roohie Naaz Mir Department of CSE, National Institute of Technology, Srinagar, Kashmir
https://doi.org/10.14419/ijet.v7i4.23147

Received date: December 4, 2018

Accepted date: January 13, 2019

Published date: February 26, 2019
Internet of Things (IoT), IoT Security, Authentication, Key Management, Signcryption.
Abstract

The applications based on IoT are ubiquitous in providing passive user involvement on the collective approach of sensor technology, embedded system, networking and communication convergence with analytical computing. The application framework of IoT comprises of devices that are highly heterogeneous and compute migrations from sensor to IoT gateways to edge/fog computing to the cloud and then back to the client along with various alarming components. As observed from the review work, providing security for such networks is in its young stage in the form of an integrated architecture offering perfect security together with network and application possibilities although the shortcomings of IEFT and IEEE contribute more towards the same. Besides, the present researchers have not yet achieved the actual threshold of real-time performance potentials with respect to lesser computational complexity, usage of smaller key size, conformable security, lesser memory overheads, smaller ciphertext size, speedy processing time of algorithms, robust to possible threats and reduced communication/network overhead for ensuring a lighter security mechanism. This paper focusses on the security issues posed by large-scale heterogeneous IoT paradigm and arriving at a secure architectural framework adoptable by a variety of applications that include smart transportation, smart cities, smart healthcare, etc. based on IoT.
References
1. Mukherjee S & Biswas GP (2018), Networking for IoT and applica-tions using existing communication technology. Egyptian Informatics Journal 19(2), 107-127. https://doi.org/10.1016/j.eij.2017.11.002.
2. Dorsemaine B, Gaulier JP, Wary JP, Kheir N & Urien P (2015), In-ternet of things: a definition & taxonomy. In Next Generation Mobile Applications, Services and Technologies, 2015 9th International Conference on, 72-77, IEEE. https://doi.org/10.1109/NGMAST.2015.71.
3. Liu X & Baiocchi O (2016), A comparison of the definitions for smart sensors, smart objects and Things in IoT. In Information Tech-nology, Electronics and Mobile Communication Conference (IEM-CON), 2016 IEEE 7th Annual, 1-4, IEEE. https://doi.org/10.1109/IEMCON.2016.7746311.
4. Voas J, Agresti B & Laplante P (2018), A closer look at IoT 's things. IT Professional 20(3), 11-14. https://doi.org/10.1109/MITP.2018.032501741
5. Al Rabaiei KA & Harous S (2016), Internet of things: Applications and challenges. In Innovations in Information Technology (IIT), 2016 12th International Conference on, 1-6, IEEE. https://doi.org/10.1109/INNOVATIONS.2016.7880054.
6. Miorandi D, Sicari S, De Pellegrini F & Chlamtac I (2012), Internet of things: Vision, applications and research challenges. Ad hoc net-works 10(7), 1497-1516. https://doi.org/10.1016/j.adhoc.2012.02.016.
7. Bandyopadhyay D & Sen J (2011), Internet of things: Applications and challenges in technology and standardization. Wireless Personal Communications 58(1), 49-69. https://doi.org/10.1007/s11277-011-0288-5.
8. Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M & Ayyash M (2015), Internet of things: A survey on enabling technologies, proto-cols, and applications. IEEE Communications Surveys & Tutorials. 17(4), 2347-2376. https://doi.org/10.1109/COMST.2015.2444095.
9. Talavera JM, Tobón LE, Gómez JA, Culman MA, Aranda JM, Parra DT, Quiroz LA, Hoyos A & Garreta LE (2017), Review of IoT ap-plications in agro-industrial and environmental fields. Computers and Electronics in Agriculture 142, 283-297. https://doi.org/10.1016/j.compag.2017.09.015.
10. Weber RH (2010), Internet of Things–New security and privacy challenges. Computer law & security review 26(1), 23-30. https://doi.org/10.1016/j.clsr.2009.11.008.
11. Roman R, Zhou J & Lopez J (2013), On the features and challenges of security and privacy in distributed internet of things. Computer Networks 57(10), 2266-2279. https://doi.org/10.1016/j.comnet.2012.12.018.
12. Jing Q, Vasilakos AV, Wan J, Lu J & Qiu D (2014), Security of the Internet of Things: perspectives and challenges. Wireless Networks 20(8), 2481-2501. https://doi.org/10.1007/s11276-014-0761-7.
13. Khan BUI, Baba AM, Olanrewaju RF, Lone SA & Zulkurnain NF (2015), SSM: Secure-Split-Merge data distribution in cloud infra-structure. In Open Systems (ICOS), 2015 IEEE Conference on, 40-45, IEEE. https://doi.org/10.1109/ICOS.2015.7377275.
14. Khan BUI, Olanrewaju RF, Anwar F, Mir RN & Najeeb AR, A crit-ical insight into the effectiveness of research methods evolved to se-cure IoT ecosystem. International Journal of Information and Com-puter Security, in press.
15. Khan BUI, Olanrewaju RF & Habaebi MH (2013), Malicious be-haviour of node and its significant security techniques in MANET-A review. Australian Journal of Basic and Applied Sciences 7(12), 286-293.
16. Olanrewaju RF, Khan BUI, Mir RN & Shah A (2015), Behaviour visualization for malicious-attacker node collusion in MANET based on probabilistic approach. American Journal of Computer Science and Engineering 2(3), 10-19.
17. Mir MS, Suhaimi B, Adam M, Khan BUI, Mattoo MMUI & Olanrewaju RF (2017), Critical security challenges in cloud compu-ting environment: an appraisal. Journal of Theoretical & Applied In-formation Technology 95(10), 2234-2248.
18. Flauzac O, Gonzalez C & Nolot F (2015), Original secure architec-ture for IoT based on SDN. In Protocol Engineering (ICPE) and In-ternational Conference on New Technologies of Distributed Systems (NTDS), 2015 International Conference on, 1-6, IEEE. https://doi.org/10.1109/NOTERE.2015.7293481.
19. Li L (2012), Study on security architecture in the Internet of Things. In Measurement, Information and Control (MIC), 2012 International Conference on, vol. 1, 374-377, IEEE. https://doi.org/10.1109/MIC.2012.6273274.
20. An Internet of Things Reference Architecture. Symantec. https://www.symantec.com/content/dam/symantec/docs/white-papers/iot-security-reference-architecture-en.pdf. 2016. Accessed Oc-tober 8, 2018.
21. Olanrewaju RF, Khan BUI, Baba A, Mir RN & Lone SA (2016), RFDA: Reliable framework for data administration based on split-merge policy. In SAI Computing Conference (SAI), 545-552, IEEE. https://doi.org/10.1109/SAI.2016.7556033.
22. Olivier F, Carlos G & Florent N (2015), New security architecture for IoT network. Procedia Computer Science 52, 1028-1033. https://doi.org/10.1016/j.procs.2015.05.099.
23. Qian J, Xu H & Li P (2016), A novel secure architecture for the In-ternet of Things. In Intelligent Networking and Collaborative Sys-tems (INCoS), 2016 International Conference on, 398-401, IEEE. https://doi.org/10.1109/INCoS.2016.36.
24. Zhao G, Si X, Wang J, Long X & Hu T (2011), A novel mutual au-thentication scheme for Internet of Things. In Modelling, Identifica-tion and Control (ICMIC), Proceedings of 2011 International Con-ference on, 563-566, IEEE. https://doi.org/10.1109/ICMIC.2011.5973767.
25. Ye N, Zhu Y, Wang RC, Malekian R & Qiao-min L (2014), An ef-ficient authentication and access control scheme for perception layer of internet of things. Applied Mathematics & Information Sciences 8(4), 1617-1624. https://doi.org/10.12785/amis/080416.
26. Hu T, Wang J, Zhao G & Long X (2012), An improved mutual au-thentication and key update scheme for multi-hop relay in Internet of Things. In Industrial Electronics and Applications (ICIEA), 2012 7th IEEE Conference on, 1024-1029, IEEE. https://doi.org/10.1109/ICIEA.2012.6360873.
27. Patel S, Patel DR & Navik AP (2016), Energy efficient integrated authentication and access control mechanisms for Internet of Things. In Internet of Things and Applications (IOTA), International Confer-ence on, 304-309, IEEE. https://doi.org/10.1109/IOTA.2016.7562742.
28. Ma H & Chen B (2016), An authentication protocol based on quan-tum key distribution using decoy-state method for heterogeneous IoT. Wireless Personal Communications 91(3), 1335-1344. https://doi.org/10.1007/s11277-016-3531-2.
29. Barreto PS, Libert B, McCullagh N & Quisquater JJ (2005), Effi-cient and provably-secure identity-based signatures and signcryption from bilinear maps. In International Conference on the Theory and Application of Cryptology and Information Security, 515-532, Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593447_28.
30. Li CK, Yang G, Wong DS, Deng X & Chow SS (2010), An effi-cient signcryption scheme with key privacy and its extension to ring signcryption. Journal of Computer Security 18(3), 451-473. https://doi.org/10.3233/JCS-2009-0374.
31. Sun Y & Li H (2010), Efficient signcryption between TPKC and IDPKC and its multi-receiver construction. Science China Infor-mation Sciences 53(3), 557-566. https://doi.org/10.1007/s11432-010-0061-5.
32. Huang Q, Wong DS & Yang G (2011), Heterogeneous signcryption with key privacy. The Computer Journal 54(4), 525-536. https://doi.org/10.1093/comjnl/bxq095.
33. Li F & Xiong P (2013), Practical secure communication for integrat-ing wireless sensor networks into the internet of things. IEEE Sen-sors Journal 13(10), 3677-3684. https://doi.org/10.1109/JSEN.2013.2262271.
34. Li F, Han Y & Jin C (2016), Practical signcryption for secure com-munication of wireless sensor networks. Wireless Personal Commu-nications 89(4), 1391-1412. https://doi.org/10.1007/s11277-016-3327-4.
35. Rahayu TM, Lee SG & Lee HJ (2014), Security analysis of secure data aggregation protocols in wireless sensor networks. In Advanced Communication Technology (ICACT), 2014 16th International Con-ference on, 471-474, IEEE. https://doi.org/10.1109/ICACT.2014.6779005.
36. George N & Parani TK (2014), Detection of node clones in wireless sensor network using detection protocols. International Journal of Engineering Trends and Technology 8(6), 286-291. https://doi.org/10.14445/22315381/IJETT-V8P253.
37. Sundaram BV, Ramnath M, Prasanth M & Sundaram V (2015), En-cryption and hash based security in internet of things. In Signal Pro-cessing, Communication and Networking (ICSCN), 2015 3rd Inter-national Conference on, 1-6, IEEE. https://doi.org/10.1109/ICSCN.2015.7219926.
38. Bellavista P, Cardone G, Corradi A & Foschini L (2013), Conver-gence of MANET and WSN in IoT urban scenarios. IEEE Sensors Journal 13(10), 3558-3567. https://doi.org/10.1109/JSEN.2013.2272099.
39. Granjal J, Monteiro E & Silva JS (2015), Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys & Tutorials 17(3), 1294-1312. https://doi.org/10.1109/COMST.2015.2388550.
40. Crossman MA & Liu H (2015), Study of authentication with IoT testbed. In Technologies for Homeland Security (HST), 2015 IEEE International Symposium on, 1-7, IEEE. https://doi.org/10.1109/THS.2015.7225303.
41. Sharaf-Dabbagh Y & Saad W (2016), On the authentication of de-vices in the Internet of Things. In 2016 IEEE 17th International Symposium on, 1-3, IEEE. https://doi.org/10.1109/WoWMoM.2016.7523532.
42. Ravindranath M. Why the Internet of Things Needs Different En-cryption. Nextgov.com. https://www.nextgov.com/cybersecurity/2016/08/internet-things-needs-newer-lighter-cryptography/130946/. 2016. Accessed October 8, 2018.
43. Raza S, Seitz L, Sitenkov D & Selander G (2016), S3K: scalable security with symmetric keys—DTLS key establishment for the In-ternet of things. IEEE Transactions on Automation Science and En-gineering 13(3), 1270-1280. http://dx.doi.org/10.1109/TASE.2015.2511301.
44. Nadir I, Zegeye WK, Moazzami F & Astatke Y (2016), Establishing symmetric pairwise-keys using public-key cryptography in Wireless Sensor Networks (WSN). In Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), IEEE Annual, 1-6, IEEE. https://doi.org/10.1109/UEMCON.2016.7777838.
Downloads
How to Cite
F.Olanrewaju, R., Ul Islam Khan, B., Anwar, F., & Naaz Mir, R. (2019). Internet of things security vulnerabilities and recommended solutions. International Journal of Engineering and Technology, 7(4), 4899-4904. https://doi.org/10.14419/ijet.v7i4.23147
ACM

ACS

APA

ABNT

Chicago

Harvard

IEEE

MLA

Turabian

Vancouver

Download Citation

Endnote/Zotero/Mendeley (RIS)

BibTeX

Internet of things security vulnerabilities and recommended solutions

Authors

Abstract

References

Downloads

How to Cite