IoT Network Security: Requirements, Threats, and Countermeasures

Abstract: IoT devices are increasingly utilized in critical infrastructure, enterprises, and households. There are several sophisticated cyber-attacks that have been reported and many networks have proven vulnerable to both active and passive attacks by leaking private information, allowing unauthorized access, and being open to denial of service attacks. This paper aims firstly, to assist network operators to understand the need for an IoT network security solution, and then secondly, to survey IoT network attack vectors, cyber threats, and countermeasures with a focus on improving the robustness of existing security solutions. Our first contribution highlights viewpoints on IoT security from the perspective of stakeholders such as manufacturers, service providers, consumers, and authorities. We discuss the differences between IoT and IT systems, the need for IoT security solutions, and we highlight the key components required for IoT network security system architecture. For our second contribution, we survey the types of IoT attacks by grouping them based on their impact. We discuss various attack techniques, threats, and shortfalls of existing countermeasures with an intention to enable future research into improving IoT network security.