A Survey on Layer-Wise Security Attacks in IoT: Attacks, Countermeasures, and Open-Issues

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).Security is a mandatory issue in any network, where sensitive data are transferred safely in the required direction. Wireless sensor networks (WSNs) are the networks formed in hostile areas for different applications. Whatever the application, the WSNs must gather a large amount of sensitive data and send them to an authorized body, generally a sink. WSN has integrated with Internet-of-Things (IoT) via internet access in sensor nodes along with internet-connected devices. The data gathered with IoT are enormous, which are eventually collected by WSN over the Internet. Due to several resource constraints, it is challenging to design a secure sensor network, and for a secure IoT it is essential to have a secure WSN. Most of the traditional security techniques do not work well for WSN. The merger of IoT and WSN has opened new challenges in designing a secure network. In this paper, we have discussed the challenges of creating a secure WSN. This research reviews the layer-wise security protocols for WSN and IoT in the literature. There are several issues and challenges for a secure WSN and IoT, which we have addressed in this research. This research pinpoints the new research opportunities in the security issues of both WSN and IoT. This survey climaxes in abstruse psychoanalysis of the network layer attacks. Finally, various attacks on the network using Cooja, a simulator of ContikiOS, are simulated.Peer reviewe

Adaptation of the human nervous system for self-aware secure mobile and IoT systems

IT systems have been deployed across several domains, such as hospitals and industries, for the management of information and operations. These systems will soon be ubiquitous in every field due to the transition towards the Internet of Things (IoT). The IoT brings devices with sensory functions into IT systems through the process of internetworking. The sensory functions of IoT enable them to generate and process information automatically, either without human contribution or having the least human interaction possible aside from the information and operations management tasks. Security is crucial as it prevents system exploitation. Security has been employed after system implementation, and has rarely been considered as a part of the system. In this dissertation, a novel solution based on a biological approach is presented to embed security as an inalienable part of the system. The proposed solution, in the form of a prototype of the system, is based on the functions of the human nervous system (HNS) in protecting its host from the impacts caused by external or internal changes. The contributions of this work are the derivation of a new system architecture from HNS functionalities and experiments that prove the implementation feasibility and efficiency of the proposed HNS-based architecture through prototype development and evaluation. The first contribution of this work is the adaptation of human nervous system functions to propose a new architecture for IT systems security. The major organs and functions of the HNS are investigated and critical areas are identified for the adaptation process. Several individual system components with similar functions to the HNS are created and grouped to form individual subsystems. The relationship between these components is established in a similar way as in the HNS, resulting in a new system architecture that includes security as a core component. The adapted HNS-based system architecture is employed in two the experiments prove its implementation capability, enhancement of security, and overall system operations. The second contribution is the implementation of the proposed HNS-based security solution in the IoT test-bed. A temperature-monitoring application with an intrusion detection system (IDS) based on the proposed HNS architecture is implemented as part of the test-bed experiment. Contiki OS is used for implementation, and the 6LoWPAN stack is modified during the development process. The application, together with the IDS, has a brain subsystem (BrSS), a spinal cord subsystem (SCSS), and other functions similar to the HNS whose names are changed. The HNS functions are shared between an edge router and resource-constrained devices (RCDs) during implementation. The experiment is evaluated in both test-bed and simulation environments. Zolertia Z1 nodes are used to form a 6LoWPAN network, and an edge router is created by combining Pandaboard and Z1 node for a test-bed setup. Two networks with different numbers of sensor nodes are used as simulation environments in the Cooja simulator. The third contribution of this dissertation is the implementation of the proposed HNS-based architecture in the mobile platform. In this phase, the Android operating system (OS) is selected for experimentation, and the proposed HNS-based architecture is specifically tailored for Android. A context-based dynamically reconfigurable access control system (CoDRA) is developed based on the principles of the refined HNS architecture. CoDRA is implemented through customization of Android OS and evaluated under real-time usage conditions in test-bed environments. During the evaluation, the implemented prototype mimicked the nature of the HNS in securing the application under threat with negligible resource requirements and solved the problems in existing approaches by embedding security within the system. Furthermore, the results of the experiments highlighted the retention of HNS functions after refinement for different IT application areas, especially the IoT, due to its resource-constrained nature, and the implementable capability of our proposed HNS architecture.--- IT-järjestelmiä hyödynnetään tiedon ja toimintojen hallinnassa useilla aloilla, kuten sairaaloissa ja teollisuudessa. Siirtyminen kohti esineiden Internetiä (Internet of Things, IoT) tuo tällaiset laitteet yhä kiinteämmäksi osaksi jokapäiväistä elämää. IT-järjestelmiin liitettyjen IoT-laitteiden sensoritoiminnot mahdollistavat tiedon automaattisen havainnoinnin ja käsittelyn osana suurempaa järjestelmää jopa täysin ilman ihmisen myötävaikutusta, poislukien mahdolliset ylläpito- ja hallintatoimenpiteet. Turvallisuus on ratkaisevan tärkeää IT-järjestelmien luvattoman käytön estämiseksi. Valitettavan usein järjestelmäsuunnittelussa turvallisuus ei ole osana ydinsuunnitteluprosessia, vaan otetaan huomioon vasta käyttöönoton jälkeen. Tässä väitöskirjassa esitellään uudenlainen biologiseen lähestymistapaan perustuva ratkaisu, jolla turvallisuus voidaan sisällyttää erottamattomaksi osaksi järjestelmää. Ehdotettu prototyyppiratkaisu perustuu ihmisen hermoston toimintaan tilanteessa, jossa se suojelee isäntäänsä ulkoisten tai sisäisten muutosten vaikutuksilta. Tämän työn keskeiset tulokset ovat uuden järjestelmäarkkitehtuurin johtaminen ihmisen hermoston toimintaperiaatteesta sekä tällaisen järjestelmän toteutettavuuden ja tehokkuuden arviointi kokeellisen prototyypin kehittämisen ja toiminnan arvioinnin avulla. Tämän väitöskirjan ensimmäinen kontribuutio on ihmisen hermoston toimintoihin perustuva IT-järjestelmäarkkitehtuuri. Tutkimuksessa arvioidaan ihmisen hermoston toimintaa ja tunnistetaan keskeiset toiminnot ja toiminnallisuudet, jotka mall-innetaan osaksi kehitettävää järjestelmää luomalla näitä vastaavat järjestelmäkomponentit. Nä-istä kootaan toiminnallisuudeltaan hermostoa vastaavat osajärjestelmät, joiden keskinäinen toiminta mallintaa ihmisen hermoston toimintaa. Näin luodaan arkkitehtuuri, jonka keskeisenä komponenttina on turvallisuus. Tämän pohjalta toteutetaan kaksi prototyyppijärjestelmää, joiden avulla arvioidaan arkkitehtuurin toteutuskelpoisuutta, turvallisuutta sekä toimintakykyä. Toinen kontribuutio on esitetyn hermostopohjaisen turvallisuusratkaisun toteuttaminen IoT-testialustalla. Kehitettyyn arkkitehtuuriin perustuva ja tunkeutumisen estojärjestelmän (intrusion detection system, IDS) sisältävä lämpötilan seurantasovellus toteutetaan käyttäen Contiki OS -käytöjärjestelmää. 6LoWPAN protokollapinoa muokataan tarpeen mukaan kehitysprosessin aikana. IDS:n lisäksi sovellukseen kuuluu aivo-osajärjestelmä (Brain subsystem, BrSS), selkäydinosajärjestelmä (Spinal cord subsystem, SCSS), sekä muita hermoston kaltaisia toimintoja. Nämä toiminnot jaetaan reunareitittimen ja resurssirajoitteisten laitteiden kesken. Tuloksia arvioidaan sekä simulaatioiden että testialustan tulosten perusteella. Testialustaa varten 6LoWPAN verkon toteutukseen valittiin Zolertia Z1 ja reunareititin on toteutettu Pandaboardin ja Z1:n yhdistelmällä. Cooja-simulaattorissa käytettiin mallinnukseen ymp-äristönä kahta erillistä ja erikokoisuta sensoriverkkoa. Kolmas tämän väitöskirjan kontribuutio on kehitetyn hermostopohjaisen arkkitehtuurin toteuttaminen mobiilialustassa. Toteutuksen alustaksi valitaan Android-käyttöjärjestelmä, ja kehitetty arkkitehtuuri räätälöidään Androidille. Tuloksena on kontekstipohjainen dynaamisesti uudelleen konfiguroitava pääsynvalvontajärjestelmä (context-based dynamically reconfigurable access control system, CoDRA). CoDRA toteutetaan mukauttamalla Androidin käyttöjärjestelmää ja toteutuksen toimivuutta arvioidaan reaaliaikaisissa käyttöolosuhteissa testialustaympäristöissä. Toteutusta arvioitaessa havaittiin, että kehitetty prototyyppi jäljitteli ihmishermoston toimintaa kohdesovelluksen suojaamisessa, suoriutui tehtävästään vähäisillä resurssivaatimuksilla ja onnistui sisällyttämään turvallisuuden järjestelmän ydintoimintoihin. Tulokset osoittivat, että tämän tyyppinen järjestelmä on toteutettavissa sekä sen, että järjestelmän hermostonkaltainen toiminnallisuus säilyy siirryttäessä sovellusalueelta toiselle, erityisesti resursseiltaan rajoittuneissa IoT-järjestelmissä

On reliable and secure RPL (routing protocol low-power and lossy networks) based monitoring and surveillance in oil and gas fields

Different efforts have been made to specify protocols and algorithms for the successful operation of the Internet of things Networks including, for instance, the Low Power and Lossy Networks (LLNs) and Linear Sensor Networks (LSNs). Into such efforts, IETF, the Internet Engineering Task Force, created a working group named, ROLL, to investigate the requirement of such networks and devising more efficient solutions. The effort of this group has resulted in the specification of the IPv6 Routing Protocol for LLNs (RPL), which was standardized in 2012. However, since the introduction of RPL, several studies have reported that it suffers from various limitations and weaknesses including scalability, slow convergence, unfairness of load distribution, inefficiency of bidirectional communication and security, among many others. For instance, a serious problem is RPL’s under-specification of DAO messages which may result in conflict and inefficient implementations leading to a poor performance and scalability issues. Furthermore, RPL has been found to suffer from several security issues including, for instance, the DAO flooding attack, in which the attacker floods the network with control messages aiming to exhaust network resources. Another fundamental issue is related to the scarcity of the studies that investigate RPL suitability for Linear Sensor Networks (LSN) and devising solution in the lieu of that.Motivated by these observations, the publications within this thesis aim to tackle some of the key gaps of the RPL by introducing more efficient and secure routing solutions in consideration of the specific requirements of LLNs in general and LSNs as a special case. To this end, the first publication proposes an enhanced version of RPL called Enhanced-RPL aimed at mitigating the memory overflow and the under-specification of the of DAOs messages. Enhanced-RPL has shown significant reduction in control messages overhead by up to 64% while maintaining comparable reliability to RPL. The second publication introduces a new technique to address the DAO attack of RPL which has been shown to be effective in mitigating the attack reducing the DAO overhead and latency by up to 205% and 181% respectively as well as increasing the PDR by up to 6% latency. The third and fourth publications focus on analysing the optimal placement of nodes and sink movement pattern (fixed or mobile) that RPL should adopt in LSNs. It was concluded based on the results obtained that RPL should opt for fixed sinks with 10 m distance between deployed nodes

A critical review of intrusion detection systems in the internet of things : techniques, deployment strategy, validation strategy, attacks, public datasets and challenges

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack on the end nodes. To this end, Numerous IoT intrusion detection Systems (IDS) have been proposed in the literature to tackle attacks on the IoT ecosystem, which can be broadly classified based on detection technique, validation strategy, and deployment strategy. This survey paper presents a comprehensive review of contemporary IoT IDS and an overview of techniques, deployment Strategy, validation strategy and datasets that are commonly applied for building IDS. We also review how existing IoT IDS detect intrusive attacks and secure communications on the IoT. It also presents the classification of IoT attacks and discusses future research challenges to counter such IoT attacks to make IoT more secure. These purposes help IoT security researchers by uniting, contrasting, and compiling scattered research efforts. Consequently, we provide a unique IoT IDS taxonomy, which sheds light on IoT IDS techniques, their advantages and disadvantages, IoT attacks that exploit IoT communication systems, corresponding advanced IDS and detection capabilities to detect IoT attacks. © 2021, The Author(s)

IoT Crawler with Behavior Analyzer at Fog layer for Detecting Malicious Nodes

The limitations in terms of power and processing in IoT (Internet of Things) nodes make nodes an easy prey for malicious attacks, thus threatening business and industry. Detecting malicious nodes before they trigger an attack is highly recommended. The paper introduces a special purpose IoT crawler that works as an inspector to catch malicious nodes. This crawler is deployed in the Fog layer to inherit its capabilities, and to be an intermediate connection between the things and the cloud computing nodes. The crawler collects data streams from IoT nodes, upon a priority criterion. A behavior analyzer, with a machine learning core, detects malicious nodes according to the extracted node behavior from the crawler collected data streams. The performance of the behavior analyzer was investigated using three machine learning algorithms: Adaboost, Random forest and Extra tree. The behavior analyzer produces better testing accuracy, for the tested data, when using Extra tree compared to Adaboost and Random forest; it achieved 98.3% testing accuracy with Extra tree

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks

IoT trust and reputation: a survey and taxonomy

IoT is one of the fastest-growing technologies and it is estimated that more than a billion devices would be utilized across the globe by the end of 2030. To maximize the capability of these connected entities, trust and reputation among IoT entities is essential. Several trust management models have been proposed in the IoT environment; however, these schemes have not fully addressed the IoT devices features, such as devices role, device type and its dynamic behavior in a smart environment. As a result, traditional trust and reputation models are insufficient to tackle these characteristics and uncertainty risks while connecting nodes to the network. Whilst continuous study has been carried out and various articles suggest promising solutions in constrained environments, research on trust and reputation is still at its infancy. In this paper, we carry out a comprehensive literature review on state-of-the-art research on the trust and reputation of IoT devices and systems. Specifically, we first propose a new structure, namely a new taxonomy, to organize the trust and reputation models based on the ways trust is managed. The proposed taxonomy comprises of traditional trust management-based systems and artificial intelligence-based systems, and combine both the classes which encourage the existing schemes to adapt these emerging concepts. This collaboration between the conventional mathematical and the advanced ML models result in design schemes that are more robust and efficient. Then we drill down to compare and analyse the methods and applications of these systems based on community-accepted performance metrics, e.g. scalability, delay, cooperativeness and efficiency. Finally, built upon the findings of the analysis, we identify and discuss open research issues and challenges, and further speculate and point out future research directions.Comment: 20 pages, 5 Figures, 3 tables, Journal of cloud computin

IoT trust and reputation: a survey and taxonomy

IoT is one of the fastest-growing technologies and it is estimated that more than a billion devices would be utilized across the globe by the end of 2030. To maximize the capability of these connected entities, trust and reputation among IoT entities is essential. Several trust management models have been proposed in the IoT environment; however, these schemes have not fully addressed the IoT devices features, such as devices role, device type and its dynamic behavior in a smart environment. As a result, traditional trust and reputation models are insufficient to tackle these characteristics and uncertainty risks while connecting nodes to the network. Whilst continuous study has been carried out and various articles suggest promising solutions in constrained environments, research on trust and reputation is still at its infancy. In this paper, we carry out a comprehensive literature review on state-of-the-art research on the trust and reputation of IoT devices and systems. Specifically, we first propose a new structure, namely a new taxonomy, to organize the trust and reputation models based on the ways trust is managed. The proposed taxonomy comprises of traditional trust management-based systems and artificial intelligence-based systems, and combine both the classes which encourage the existing schemes to adapt these emerging concepts. This collaboration between the conventional mathematical and the advanced ML models result in design schemes that are more robust and efficient. Then we drill down to compare and analyse the methods and applications of these systems based on community-accepted performance metrics, e.g. scalability, delay, cooperativeness and efficiency. Finally, built upon the findings of the analysis, we identify and discuss open research issues and challenges, and further speculate and point out future research directions.Comment: 20 pages, 5 Figures, 3 tables, Journal of cloud computin