Volume 8, Issue 1, March 2020, Page: 1-7
Security Challenges in IoT Platforms and Possible Solutions
Dagogo Godwin Orifama, Department of Electronics and Electrical Engineering, University of Leeds, Leeds, United Kingdom
Hope Okoro, Department of Electronics and Electrical Engineering, University of Leeds, Leeds, United Kingdom
Received: Jan. 20, 2020;       Accepted: Feb. 11, 2020;       Published: Feb. 18, 2020
DOI: 10.11648/j.iotcc.20200801.11      View  314      Downloads  126
Abstract
There has been an increase in the electronic devices connected to the internet space, with at least 40 billion more devices becoming smart devices via the embedded system in 2020. The internet of things (IoT) is an emerging technology that deals with the interconnection of smart devices via the internet space, hence providing enhanced communication, interaction and service delivery. Communication between IoT devices take place over the internet, placing the internet at the heart of IoT applications, hence, extending the security challenges present in the traditional network into the IoT system. This dissertation describes the various layers of an IoT network, it made mention of the three-layer architecture and describes the functions of each of its component. Also, and more importantly, the security challenges that affects the layers of an IoT network and possible solutions for each layer were discusses. Furthermore, these items were combined in a stack to discuss on IoT platforms, which is a combination of IoT devices and services connected via a communication protocol and ensures applications are send to users in a secure system. This makes it possible for the continuity of security between different stages and data tracking between IoT devices. Issues rising from IoT platforms that make it difficult for integration with other IoT devices concludes this study.
Keywords
IoT Architecture, Security Challenges, IoT Layer Attacks, Countermeasures, IoT Platforms
To cite this article
Dagogo Godwin Orifama, Hope Okoro, Security Challenges in IoT Platforms and Possible Solutions, Internet of Things and Cloud Computing. Vol. 8, No. 1, 2020, pp. 1-7. doi: 10.11648/j.iotcc.20200801.11
Copyright
Copyright © 2020 Authors retain the copyright of this article.
This article is an open access article distributed under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Reference
[1]
C. McClelland, "IoT Explained — How Does an IoT System Actually Work?," Medium, 20 11 2017. [Online]. Available: https://medium.com/iotforall/iot-explained-how-does-an-iot-system-actually-work-e90e2c435fe7. [Accessed 04 05 2018].
[2]
Yassine Chahid, Mohamed Benabdellah, Abdelmalek Azizi, "Internet of things security," 2017 International Conference on Wireless Technologies, Embedded and Intelligent Systems, WITS 2017, 2017.
[3]
K. Ashton, "That 'Internet of Things' Thing," RFI Journal, no. 7, pp. 97-114, 2009.
[4]
"The Internet of Things," The international Telecommunication Union, ITU, 2005.
[5]
M. O'Halloran and M. Glavin, "RFID Patient Tagging and Database System," International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06), pp. 162-162, 2006.
[6]
Dhai eddine, Salhi & Tari, Abdelkamel & Kechadi, Tahar, "Forensics analysis and security challenges on Internet of Things," Research Gate, 2019.
[7]
Vashi, Shivangi & Ram, Jyotsnamayee & Modi, Janit & Verma, Saurav & Prakash, Chetana, "Internet of Things (IoT): A vision, architectural elements, and security issues," Research Gate, 2017.
[8]
L. Li, "Study on security architecture in the Internet of Things," Measurement, Information and Control (MIC), 2012 International Conference on, vol. 1, no. Mic, pp. 374-377, 2012.
[9]
Ioannis Andre, Chrysostomos Chrysostomou, George Hadjichristofi, "Internet of Things: Security vulnerabilities and challenges," Proceedings - IEEE Symposium on Computers and Communications, Vols. 2016-February, pp. 180-187, 2016.
[10]
Miao Wu, Ting-lie Lu, Fei-Yang Ling, ling Sun, Hui-Ying Du, "Research on the architecture of Internet of things," In preceeding of the 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE '10), vol. 5, pp. V5-484-V5-487, IEEE, August 2010.
[11]
Omar Said, Mehedi Masud, "Towards internet of things: Survey and future vision," International Journal of Computer Networks, vol. 5, no. 1, pp. 1-17, 2013.
[12]
Marco Leo, Federica Battisti, Marco Carli, Alessandro Neri, "A federated architecture approach for Internet of Things security," 2014 Euro Med Telco Conference - From Network Infrastructures to Network Fabric: Revolution at the Edges, EMTC 2014, IEEE, 2014.
[13]
Markus Eisenhauer, Peter Rosengren, Pablo Antolin, "A development platform for integrating wireless devices and sensors into Ambient Intelligence systems," 2009 6th IEEE Annual Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks Workshops, SECON Workshops 2009, vol. 00, no. c, pp. 1-3, 2009.
[14]
Jeisa Domingues, Antonio Damaso, Rilter Nascimento, "An energy aware Middleware for integrating wireless sensor network and the internet," International Journal of Distributed Sensor Networks, vol. 2011, pp. 1-19, 2011.
[15]
Jollo Pero Sousa, David Garian, "Aura: an architectural framework for user mobility in ubiquitous computing enviroment," School of Computer Science Carnegie Mellon University, PA, USA, 2002.
[16]
Qi Jing, Athanasios V. Vasilakos, Jiafu Wan, Jingwei Lu, Dechao Qiu, "Security of the Internet of Things: perspectives and challenges," Wireless Networks, vol. 20, no. 8, pp. 2481-2501, 2014.
[17]
Daniel E. Burgner, Luay A. Wahsheh, "Security of Wireless Sensor Networks," 2011 Eighth International Conference on Information Technology: New Generations, pp. 315-320, 2011.
[18]
Hong Li, YongHui Chen, ZhangQuing He, "The survey of RFID attacks and defenses," 2012 International Conference on IEEE Wireless Communications, Networking and Mobile Computing, WiCOM 2012, pp. 0-3, 2012.
[19]
A. Phuphanin, W. Usaha, "Secure Coverage Control in Wireless Sensor Networks with Malicious Nodes Using Multi-agents," 2011 IFIP 9th International Conference on Embedded and Ubiquitous Computing, pp. 390-396, 2011.
[20]
Farah Kandah, Yashaswi Singh, Weiyi Zhang, Chonggang Wang, "Mitigating colluding injected attack using monitoring verification in mobile ad-hoc networks," Security and Communication Network, vol. 6, no. 4, pp. 539-547, 2013.
[21]
Aristides Mpitziopoulos, Damianos Gavalas, "An effective defensive node against jamming attacks in sensor networks," Security and Communication Networks, vol. 2, no. 2, pp. 145-163, 2014.
[22]
Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran, "Optimal Jamming Attack Strategies and Network Defense Policies in Wireless Sensor Networks," IEEE Transactions on Mobile Computing, vol. 9, no. 8, pp. 1119 - 1133, 2010.
[23]
Halim, Tasneem, Islam, Md, "Study on the security issues in WSN," International Journal of Computer Applications, vol. 53, no. 1, pp. 26-32, 2017.
[24]
Thakur Bhupendra Singh, Chaudhary, Sapna, "Content Sniffing Attack Detection in Client and Server Side: A Survey," International Journal of Advanced Computer Research, vol. 3, no. 2, pp. 7-10, 2013.
[25]
Ravi Uttarka, Raj Kulkarni, "Internet of Things: Architecture and Security," International Journal of Computer Application, vol. 3, no. 4, pp. 12-19, 2014.
[26]
Rabi Prasad Padhy, Manas Ranjan Patra, Suresh Chandra Satapathy, "Cloud Computing: Security Issues and Research Challenges," IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), vol. 1, no. 2, pp. 136-146, 2011.
[27]
"Detecting Sybil attacks in Wireless Sensor Networks using neighboring information," Computer Networks, vol. 53, no. 18, pp. 3042-3056, 2009.
[28]
Chanatip Tumrongwittayapak, Ruttikorn Varakulsiripunth, "Detecting Sinkhole attacks in wireless sensor networks," ICROS-SICE International Joint Conference, pp. 1966-1971, 2009.
[29]
Ibrahim Abdullah, Mohammad Muntasir Rahman, Roy Mukul Chandra, "Detecting Sinkhole Attacks in Wireless Sensor Network using Hop Count," International Journal of Computer Network and Information Security, vol. 7, no. 3, pp. 50-56, 2015.
[30]
Djamel Mansouri, Lynda Mokddad, Jalel Ben-othman, Malika Ioualalen, "Preventing Denial of Service attacks in Wireless Sensor Networks," 2015 IEEE International Conference on Communications (ICC), pp. 3014-3019, 2015.
[31]
Abdul Wahid, Pavan Kumar, "A Survey on Security Attacks in Wireless Sensor Network," International Journal for Innovative Research in Science and Technology, vol. 1, no. 8, pp. 1684-1691, 2012.
[32]
D. H. Patil, Rakesh R. Bhavsar, Akshay S. Thorve, "Data Security over Cloud," International Journal of Computer Applications, pp. 11-14, 2012.
[33]
B. R. Kandukuri, R. P. V. and A. Rakshit, "Cloud Security Issue," 2009 IEEE International Conference on Services Computing, Bangalore, pp. 517-520, 2009.
[34]
Ramaswamy Chandramouli, Peter Mell, "State of Security Readiness," Crossroads, vol. 16, no. 3, pp. 23-25, 2010.
[35]
A. K. Jain, B. B. Gupta, "Recent survey of various defense mechanisms against phishing attacks," Journal of Information Privacy and Security, vol. 12, no. 1, pp. 3-13, 2016.
[36]
Y. Tang and S. Chen, "Defending against Internet worms: a signature-based approach," INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings IEEE, vol. 2, pp. 1384-1394, 2015.
[37]
Y. Shin, A. Meneely,, "Evaluating Complexity, Code Churn, and Developer Activity Metrics as Indicators of Software Vulnerabilities," IEEE Transactions on Software Engineering, vol. 37, no. 6, pp. 772-787, 2011.
[38]
Yilin Mo, Tiffany Hyun-Jin Kim, Kenneth Brancik, Dona Dickinson, Heejo Lee, Adrian Perrig, and Bruno Sinopoli, "Cyber-physical security of a smart grid infrastructure," Proceedings of the IEEE, vol. 100, no. 1, pp. 195-09, 2012.
[39]
E. Vasilomanolakis, J. Daubert, M. Luthra, V. Gazis, A. Wiesmaier and P. Kikiras, "On the Security and Privacy of Internet of Things Architectures and Systems," 2015 International Workshop on Secure Internet of Things (SIoT), pp. 49-57, 2015.
[40]
G. Avoine, M. A. Bingöl, X. Carpent and S. B. O. Yalcin, "Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography," in IEEE Transactions on Mobile Computing, vol. 12, no. 10, pp. 2037-2049, 2013.
[41]
M. N. Babu, A. S. N. Chakravarthy and C. Ravindranath, "The design of a secure three factor authentication protocol for wireless sensor networks," 2017 International Conference on Nextgen Electronic Technologies: Silicon to Software (ICNETS2), Chennai, pp. 184-190, 2017.
[42]
Mojtaba Alizaeh, Mazleena Salleh, Mazdak Zamani, Jafar Shayan, Sasan Karamizadeh, "Security and Performance Evaluation of Lightweight Cryptographic Algorithms in RFID," Recent Researches in Communications and Computers, pp. 45-50, 2015.
[43]
Daniel Migault, Daniel Palomares, Emmanuel Herbert, Wei You, Gabriel Ganne, Ghada Arfaoui, Maryline Laurent, " An Optimized IPsec Architecture for Secure and Fast Offload," 2012 Seventh International Conference on Availability, Reliability and Security, Prague, pp. 365-374, 2012.
[44]
F. Baccelli, A. El Gamal and D. N. C. Tse, "Interference Networks With Point-to-Point Codes," in IEEE Transactions on Information Theory, vol. 57, no. 5, pp. 2582-2596, 2011.
[45]
S. Sharmila and G. Umamaheswari, "Detection of Sinkhole Attack in Wireless Sensor Networks Using Message Digest Algorithms," 2011 International Conference on Process Automation, Control and Computing, Coimbatore, pp. 1-6, 2011.
[46]
S. Ahmad Salehi, M. A. Razzaque, P. Naraei and A. Farrokhtala, "Detection of sinkhole attack in wireless sensor networks," 2013 IEEE International Conference on Space Science and Communication (IconSpace), Melaka, pp. 361-365, 2013.
[47]
S. Daneshmand, A. Jafarnia-Jahromi, Broumandan Ali, Lachapelle Gérard, "A Low-Complexity GPS Anti-Spoofing Method Using a Multi-Antenna Array," ResearchGate, pp. 1233-1243, 2012.
[48]
Zhanyang Xu, Yue Yin, and Jin Wang, "A Density-based Energy-efficient Clustering Algorithm for Wireless Sensor Networks," International Journal of Future Generation Communication and Networking, vol. 6, no. 1, pp. 75-86, 2013.
[49]
Zvika Brakerski and Vinod Vaikuntanathan, "Efficient Fully Homomorphic Encryption from (Standard)," SIAM Journal on Computing, vol. 43, no. 2, pp. 831-871, 2014.
[50]
G. Sun, S. Huang, W. Bao, Y. Yang and Z. Wang, "A privacy protection policy combined with privacy homomorphism in the Internet of Things," 2014 23rd International Conference on Computer Communication and Networks (ICCCN), Shanghai, pp. 1-6, 2014.
[51]
Y. Singh, F. Kandah and Weiyi Zhang, "A secured cost-effective multi-cloud storage in cloud computing," 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Shanghai, pp. 619-624, 2011.
[52]
Sarvesh Kumar, Suraj Pal Singh, Ashwanee Kumar Singh, Jahangir Ali, "Virtualization, The Great Thing and Issues in Cloud Computing," International Journal of Current Engineering and Technology, 2013, pp. 338-341, 2013.
[53]
Dongyoung Koo, Junbeom Hur, Hyunsoo Yoon, "Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage," Computers and Electrical Engineering, vol. 39, no. 1, pp. 34-46, 2013.
[54]
C. Liu, Y. Zhang, J. Zeng, L. Peng and R. Chen, "Research on Dynamical Security Risk Assessment for the Internet of Things inspired by immunology," 2012 8th International Conference on Natural Computation, Chongqing, pp. 874-878, 2012.
[55]
Kong Shiao-tong, Application Foreign, Data Priority, "Pin-hole firewall for communicating data packets on a packet network," U.S. Patent and Trademark Office, vol. 2, no. 12, pp. 12-15, 2011.
[56]
Technology Theme, "Differenciating between Platform, Framework and Middleware," Technology Theme, [Online]. Available: http://technologicalthemes.blogspot.co.uk/2009/09/differenciating-between-platform.html. [Accessed 24 04 2018].
[57]
"H2020 – UNIFY-IoT Project: Report on IoT platform activities," [Online]. Available: http://www.iot.gen.tr/2016/12/25/h2020-unify-iot-project-report-on-iot-platform-activities/. [Accessed 23 04 2018].
[58]
Keiko Hashizume, David G Rosado, Eduardo Fernández-Medina, Eduardo B Fernandez, "An analysis of security issues for cloud computing," Journal of Internet Services and Applications, vol. 4, no. 1, pp. 1-13, 2013.
[59]
C. M. Chen, Y. H. Lin, Y. C. Lin and H. M. Sun, "RCDA: Recoverable Concealed Data Aggregation for Data Integrity in Wireless Sensor Networks," in IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 4, pp. 727-734, April, 2012.
Browse journals by subject