Abstract
In Internet of things there are many things connected through network which can be sensors, actuators or devices meant for collecting data and transmitting data. These collected data is used for optimizing the network performance, improving performance of products and services. In future it is predicted billions of devices will be connected in network for the working of IoT. Hence securing network and increasing its flexibility along with scalability will be mandatory requirement for the working of IoT. This paper is an attempt to do a broad survey of security issues in IoT and resolving it by exploring latest techniques like Software Defined Network, Blockchain and Machine Learning.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Frustaci, M., Pace, P., Aloi, G.: Securing the IoT world: issues and perspectives. In: IEEE Conference on Standards for Communications and Networking (CSCN) (2017)
Chahid, Y., Benabdellah, M., Azizi, A.: Traffic-aware firewall optimization strategies (2010)
Deogirikar, J., Vidhate, A.: Security attacks inIoT: a survey. In: International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC 2017)
Lin, J., Yuy, W., Zhangz, N., Yang, X., Zhangx, H., Zhao, W.: A survey on internet of things: architecture, enabling technologies, security and privacy, and applications. In: 2016 IEEE
Mendez, D., Papapanagiotou, I., Yang, B.: Internet of Things: survey on security and privacy. In: IEEE J. July 2017
Varga, P., Plosz, S., Soos, G.: Security threats and issues in automation IoT. IEEE (2017)
Kumar, S.A., Vealey, T., Srivastava, H.: Security in Internet of Things: challenges, solutions and future directions. In: 49th Hawaii International Conference on System Sciences (2016)
Kuusijarvi, J., Savola, R., Savolainen, P., Evesti, A.: Mitigating loT security threats with a trusted network element. In: The 11th International Conference for Internet Technology and Secured Transactions (ICITST-2016)
Dorsemaine, B., Gaulier, J-P., Wary, J-P., Kheir, N.: A new approach to investigate IoT threats based on a four layer model. In: 13th International Conference on New Technologies for Distributed Systems (NOTERE 2016)
The Internet of Things reference model. 4CISCO (2014). http://cdn.iotwf.com/resources/71/IoTReferenceModelWhitePaperJune42014.pdf
Emmerson, B.: Unleashing the Internet of Things. http://www.iotevolutionworld.com/m2m/articles/208798-unleashing-internet-things.htm
Zhang, M., Raghunathan, A., Jha, N.K.: Trustworthiness of medical devices and body area networks. Proc. IEEE 102(8), 1174–1188 (2014)
Li, C., Raghunathan, A., Jha, N.K.: Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. In: Proceedings of the IEEE 13th International Conference on e-Health Networking Applications and Services, pp. 150–156 (2011)
Halperin, D., et al.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zeropower defenses. In: Proceedings of the IEEE Symposium Security and Privacy, pp. 129–142 (2008)
Bhunia, S., Hsiao, M.S., Banga, M., Narasimhan, S.: Hardware trojan attacks: threat analysis and countermeasures. Proc. IEEE 102(8), 1229–1247 (2014)
Brandt, A., Buron, J.: Home automation routing requirements in low-power and lossy networks. https://tools.ietf.org/html/rfc5826
Martin, T., Hsiao, M., Ha, D., Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. In: Proceedings of the IEEE 2nd Conference on Pervasive Computing and Communications, pp. 309–318 (2004)
Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet under the microscope, ESET LLC, Technical report (2011)
Walters, J.P., Liang, Z., Shi, W., Chaudhary, V.: Wireless sensor network security: a survey. Secur. Distrib. Grid Mobile Pervasive Comput. 1, 367 (2007)
Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_24
Karakehayov, Z.: Using reward to detect team black-hole attacks in wireless sensor networks. In: Proceedings of the Workshop on Real-World Wireless Sensor Networks, pp. 20–21 (2005)
Garcia-Morchon, O., Kumar, S., Struik, R., Keoh, S., Hummen, R.: Security considerations in the IP-based Internet of Things. https://tools.ietf.org/html/draft-garcia-core-security-04
Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart nest thermostat: a smart spy in your home. In: Proceedings of the Black Hat USA (2014)
Lehtonen, M., Ostojic, D., Ilic, A., Michahelles, F.: Securing RFID systems by detecting tag cloning. In: Tokuda, H., Beigl, M., Friday, A., Brush, A.J.B., Tobe, Y. (eds.) Pervasive 2009. LNCS, vol. 5538, pp. 291–308. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01516-8_20
Parno, B., Perrig, A., Gligor, V.: Distributed detection of node replication attacks in sensor networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 49–63 (2005)
Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 197–213 (2003)
Msgna, M., Markantonakis, K., Mayes, K.: The B-Side of side channel leakage: control flow security in embedded systems. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 288–304. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-04283-1_18
Carluccio, D., Lemke, K., Paar, C.: Electromagnetic side channel analysis of a contactless smart card: First results. http://www.iaik.tu-graz.ac.at/research/krypto/events/index.php
Zhang, M., Jha, N.K.: FinFET-based power management for improved DPA resistance with low overhead. ACM J. Emerg. Technol. Comput. Syst. 7(3), 10 (2011)
Sundaresan, V., Rammohan, S., Vemuri, R.: Defense against side-channel power analysis attacks on microelectronic systems. In: Proceedings of the IEEE National Conference on Aerospace and Electronics, pp. 144–150 (2008)
Rieback, M.R., Crispo, B., Tanenbaum, A.S.: RFID guardian: a battery-powered mobile device for RFID privacy management. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 184–194. Springer, Heidelberg (2005). https://doi.org/10.1007/11506157_16
Kinoshita, S., Hoshino, F., Komuro, T., Fujimura, A., Ohkubo, M.: Low-cost RFID privacy protection scheme. IPS J. 45(8), 2007–2021 (2004)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006). https://doi.org/10.1007/11833529_93
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad-hoc Netw. 11(8), 2661–2674 (2013)
Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74619-5_12
Bogdanov, A., et al.: PRESENT: An Ultra-lightweight Block Cipher. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31
Son, S., McKinley, K.S., Shmatikov, V.: Diglossia: detecting code injection attacks with precision and efficiency. In: Proceedings of the ACM SIGSAC Conference Computer Communications Security, pp. 1181–1192 (2013)
Salman, O.: Identity-based authentication scheme for the Internet of Things. In: Proceedings of the IEEE 21st Symposium on Computers and Communication (ISCC), Italy, pp. 1109–1111 (2016)
Nobakht, M., Sivaraman, V., Boreli, R.: A host-based intrusion detection and mitigation framework for smart home IoT using OpenFlow. In: Proceedings of the IEEE 11th International Conference on Availability, Reliability and Security (ARES), pp. 147–156 (2016)
Chakrabarty, S., Engels, D.W., Thathapudi, S.: Black SDN for the Internet of Things. In: Proceedings of the IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Dallas, USA, pp. 190–198 (2015)
Bull, P.: Flow based security for IoT devices using an SDN gateway. In: Proceedings of the IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Austria, pp. 157–163 (2016)
Flauzac, O.: SDN based architecture for IoT and improvement of the security. In: Proceedings of the IEEE 29th International Conference on Advanced Information Networking and Applications Workshops (WAINA), South Korea, pp. 688–693 (2015)
Gonzalez, C.: A novel distributed SDN-secured architecture for the IoT. In: Proceedings of the IEEE International Conference on Distributed Computing in Sensor systems (DCOSS), Washington, USA, pp. 244–249 (2016)
Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 27th International Telecommunication Networks and Applications Conference (ITNAC). IEEE (2017)
Satasiya, D., Raviya, R., Kumar, H.: Enhanced SDN security using firewall in a distributed scenario. In: 2016 International Conference on Advanced Communication Control and Computing Technologies (ICACCCT). ISBN No. 978-1-4673-9545-8
Tselios, C., Politis, I., Kotsopoulos, S.: Enhancing SDN security for IoT-related deployments through Blockchain. In: IEEE NFV-SDN 2017 - Third International Workshop on Security in NFV-SDN,978-1-5386-3285-7/17. IEEE (2017)
IBM Corp.: Blockchain benefits for electronics - White Paper. https://public.dhe.ibm.com/common/ssi/ecm/gb/en/gbe03809usen/GBE03809USEN.PDF
Microsoft Corp.: Blockchain as a Service. https://azure.microsoft.com/en-us/solutions/blockchain/
The Linux Foundation: Hyperledger project. https://www.hyperledger.org/
Ericsson, Data-centric security. http://cloudpages.ericsson.com/data-centric-security-ebook
Citrix Systems Inc., Netscaler: Secure Event Delivery Controller
Sharma, P.K., Chen, M-Y., Park, J.H.: A software defined fog node based distributed blockchain cloud architecture for IoT. IEEE Access. https://doi.org/10.1109/ACCESS.2017.2757955
Duong, T., Fan, L., Zhou, H.S.: 2-hop blockchain: combining proof-of-work and proof-of-stake securely. In: IACR 2016, pp. 1–40 (2016)
Somasundaram, T.S., Kannan, G.: CLOUDRB: a framework for scheduling and managing high-performance computing (HPC) applications in science cloud. Future Gener. Comput. Syst. 34, 47–65 (2014)
Sharma, P.K., Singh, S., Jeong, Y.-S., Park, J.H.: DistBlockNet: a distributed blockchains-based secure SDN architecture for IoT networks. IEEE Commun. Mag. 55(9), 78–85 (2017)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Cherian, M., Chatterjee, M. (2019). Survey of Security Threats in IoT and Emerging Countermeasures. In: Thampi, S., Madria, S., Wang, G., Rawat, D., Alcaraz Calero, J. (eds) Security in Computing and Communications. SSCC 2018. Communications in Computer and Information Science, vol 969. Springer, Singapore. https://doi.org/10.1007/978-981-13-5826-5_46
Download citation
DOI: https://doi.org/10.1007/978-981-13-5826-5_46
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5825-8
Online ISBN: 978-981-13-5826-5
eBook Packages: Computer ScienceComputer Science (R0)