Security Threats and Research Challenges of IoT-A Review (2101.03022v1)

Abstract: Internet of things (IoT) is the epitome of sustainable development. It has facilitated the development of smart systems, industrialization, and the state-of-the-art quality of life. IoT architecture is one of the essential baselines of understanding the widespread adoption. Security issues are very crucial for any technical infrastructure. Since IoT comprises heterogeneous devices, its security issues are diverse too. Various security attacks can be responsible for compromising confidentiality, integrity, and availability. In this paper, at first, the IoT architecture is described briefly. After that, the components of IoT are explained with perspective to various IoT based applications and services. Finally, various security issues, including recommended solutions, are elaborately described and the potential research challenges and future research directions.

• The paper provides a comprehensive review of IoT architecture, detailing security vulnerabilities across the perception, network, and application layers.
• The paper highlights innovative countermeasures, including machine learning, blockchain, and secure middleware, to mitigate diverse security threats.
• The paper outlines future research directions, emphasizing practical solutions for IIoT, smart cities, and mobile crowdsensing environments.

This paper provides a comprehensive review of Internet of Things (IoT) security, covering its architecture, components, prevalent threats, proposed solutions, and future research directions. It emphasizes the critical need for robust security measures due to the heterogeneity and resource constraints inherent in IoT systems.

IoT Architecture and Components

The paper first outlines the common three-layer IoT architecture:

1. Perception/Edge Layer: Consists of sensors, actuators, and edge devices that interact with the physical environment, collecting data. Security concerns here often relate to physical tampering, insecure device boot-up, and attacks like jamming or sleep deprivation. Solutions mentioned include anti-malware, multi-factor authentication, and machine learning for anomaly detection.
2. Network Layer: Responsible for data transmission using various protocols (e.g., WiFi, Bluetooth, LTE, 6LoWPAN) and network infrastructure. Security challenges involve routing attacks, spoofing, and ensuring data integrity during transit. Key management, intrusion detection, and blockchain are noted as potential security frameworks.
3. Application Layer: Delivers specific services to the user (e.g., smart homes, healthcare, industrial automation). Security varies based on the application but often involves secure APIs, middleware protection, and application-specific protocols like CoAP (Constrained Application Protocol).

Key IoT components discussed include:

• Identification: Assigning unique identities (e.g., EPC, uCode) and addresses (IPv4/IPv6, 6LoWPAN) to devices.
• Sensing: Collecting data using sensors embedded in devices (e.g., Raspberry Pi, Arduino).
• Communication: Utilizing technologies like RFID, NFC, UWB, WiFi, Bluetooth, and protocols such as IEEE 802.15.4 and LTE/LTE-A for data exchange.
• Computation: Processing data using embedded hardware (MCUs, SoCs) and software (RTOS like Contiki, TinyOS, RIOT OS), often leveraging cloud platforms for analysis and storage.
• Services: Providing functionalities like object identification, information aggregation, and collaborative awareness across various applications.

IoT Security Threats

Threats are categorized based on the architectural layers:

• Low-level (Perception/Network Interface):
  • Sybil/Spoofing: Malicious nodes impersonating legitimate devices using fake identities (e.g., MAC addresses).
  • Jamming: Intentional radio interference disrupting wireless communication.
  • Sleep Deprivation: Forcing energy-constrained devices to stay active, draining their batteries.
  • Insecure Start-up: Lack of secure configuration during device initialization.
  • Unreliable Physical Interface: Vulnerabilities from exposed physical ports (debugging/testing interfaces).
• Intermediate-level (Network/Transport):
  • Sybil Attacks: Using false identities to disrupt routing or spread malware.
  • RPL Attacks: Exploiting vulnerabilities in the IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) to cause resource depletion or traffic redirection.
  • Fragmentation/Replication Attacks: Abusing packet fragmentation mechanisms in 6LoWPAN to deplete resources or disrupt packet reassembly.
  • Sinkhole/Wormhole Attacks: Manipulating routing paths to intercept or drop traffic.
  • End-to-end Transport Security Issues: Weaknesses in protocols like DTLS, potential for session hijacking, and risks associated with malicious cloud providers in Delay-Tolerant Networking (DTN).
• High-level (Application/Middleware):
  • Unsafe Interfaces: Vulnerabilities in web, mobile, or cloud interfaces used to interact with IoT systems.
  • Middleware Security: Lack of security in the software layer that connects heterogeneous devices and applications.
  • CoAP Security Issues: Vulnerabilities in the Constrained Application Protocol, including lack of robust authentication and key management for multicast.
  • Uncertain Software/Firmware: Exploits related to insecure code (SQLi, XSS) or lack of secure firmware update mechanisms.

Recommended Solutions

The paper outlines various countermeasures corresponding to the threat levels:

• Low-level:
  • Anti-jamming: Techniques like channel surfing (frequency hopping) and spatial retreat (physical node relocation).
  • Secure Physical Layer Communication: Using artificial noise injection or low transmission speeds to hinder eavesdropping.
  • Sybil/Spoofing Detection: Using Received Signal Strength Indicator (RSSI) analysis, channel characteristics, or location tracking to identify fake nodes.
  • Physical Protection: Following OWASP guidelines (removing debug ports, using hardware security modules like TPMs).
  • Sleep Deprivation Defense: Implementing cluster-based intrusion detection systems for WSNs.
• Intermediate-level:
  • Secure Routing/Authentication: Using Elliptic Curve Cryptography (ECC) for neighbor discovery, implementing authentication mechanisms like VeRA for RPL based on version numbers and node ranks.
  • Cloud/DTN Security: Employing secure packet forwarding authentication, using platforms like SMARTIE for data protection, implementing distributed log authentication to detect malicious activities. Research projects like RERUM, BUTLER, and ARMOUR focus on trust, context-aware security, and large-scale security testing using lightweight cryptography and authentication.
• High-level:
  • CoAP Security: Integrating TLS/DTLS for end-to-end security, using filtering mechanisms like 6LBR, implementing public-key authentication schemes optimized for low power.
  • Interface Security: Adhering to OWASP recommendations (input validation against XSS/SQLi, using HTTPS, firewalls, strong passwords).
  • Middleware Security: Utilizing secure middleware like VIRTUS (based on XMPP, TLS/SASL), Otsopack (semantic middleware), or architectures employing key hierarchies and authorization/authentication mechanisms.

Recent Literature and Future Directions

The review highlights a significant trend in recent research: the integration of Blockchain and AI / Machine Learning (ML) to address IoT security challenges.

• Blockchain: Explored for providing data immutability, decentralized trust, and enhanced privacy in various IoT applications (smart cities, supply chains, smart homes). Challenges include scalability, interoperability, and smart contract security.
• AI/ML: Used for intelligent threat detection (e.g., intrusion detection, anomaly detection) and secure authentication management.

Future research directions emphasize addressing the privacy and security challenges of applying blockchain in specific domains:

• Industrial IoT (IIoT): Protecting sensitive data in decentralized manufacturing environments.
• IoT in Farming: Securing smart contracts and preventing data leakage in agricultural supply chains.
• Smart Cities: Balancing transparency and citizen privacy, potentially using differential privacy techniques.
• Mobile Crowdsensing: Ensuring user anonymity and managing the privacy-utility trade-off using techniques like anonymization or differential privacy.

The paper concludes by stressing the ongoing need for innovative security solutions tailored to the resource-constrained nature of IoT devices and the evolving technological landscape.