The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved

  title={The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved},
  author={Wei Zhou and Yan Jia and Anni Peng and Yuqing Zhang and Peng Liu},
  journal={IEEE Internet of Things Journal},
Internet of Things (IoT) is an increasingly popular technology that enables physical devices, vehicles, home appliances, etc., to communicate and even inter operate with one another. It has been widely used in industrial production and social applications including smart home, healthcare, and industrial automation. While bringing unprecedented convenience, accessibility, and efficiency, IoT has caused acute security and privacy threats in recent years. There are increasing research works to… 

Figures and Tables from this paper

IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices

A reasoned comparison of the considered IoT technologies with respect to a set of qualifying security attributes, namely integrity, anonymity, confidentiality, privacy, access control, authentication, authorization, resilience, self organization is concluded.

A survey of IoT security threats and defenses

Different security challenges, threats, and defenses in the layers of IoT systems are addressed in order to be comprehensive and to facilitate comparative methods.

A Comprehensive and Systematic Survey on the Internet of Things: Security and Privacy Challenges, Security Frameworks, Enabling Technologies, Threats, Vulnerabilities and Countermeasures

A comprehensive taxonomy of attacks on IoT based on the three-layer architecture model; perception, network, and application layers, as well as a suggestion of the impact of these attacks on CIA objectives in representative devices, are presented.

Securing the Internet of Things: Current and Future State of the Art

This paper aims to address security issues, requirements and various secure mechanisms that can be adopted to provide a secure healthcare system.

Vulnerabilities, Attacks and their Mitigation: An Implementation on Internet of Things (IoT)

The study on existing attacks and mitigation in IoT Services which enables for finding and patching security vulnerabilities is presented.

Home Automation and RFID-Based Internet of Things Security: Challenges and Issues

A systematic literature review that analyzes the security problems associated with commercial and educational applications of home automation and details the technical possibilities of IoT with respect to the network layer, and describes cross-layer heterogeneous integration as a domain of IoT.

Security risk management in IoT environment

The research work deals with the identification and mitigation of security vulnerabilities by an intelligent and smart software vendor, which enumerates common vulnerabilities in its database and provides the possible solution for mitigating the same.

IIoT: Traffic Data Flow Analysis and Modeling Experiment for Smart IoT Devices

The authors identified sensitive data flows inside the IIoT devices to determine privacy risks at the application level and explored the device exchanges at the physical level, which lead to insecure ecosystems.

Open Challenges in Internet of Things Security

IoT security challenges was explored collected and categorized, for the purpose of having big picture for the situation and giving a clear idea about the importance of IoT security.



Safety, Security, and Privacy Threats Posed by Accelerating Trends in the Internet of Things

It is argued that issues related to security, physical safety, privacy, and usability are tightly interconnected and solutions that address all four simultaneously are needed and tight safety and security standards for individual devices based on existing technology are needed.

A Survey on Security and Privacy Issues in Internet-of-Things

This survey will explore the most relevant limitations of IoT devices and their solutions, and present the classification of IoT attacks, and analyze the security issues in different layers.

A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications

The relationship between cyber-physical systems and IoT, both of which play important roles in realizing an intelligent cyber- physical world, are explored and existing architectures, enabling technologies, and security and privacy issues in IoT are presented to enhance the understanding of the state of the art IoT development.

Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network

In this paper, a lightweight defensive algorithm for DDoS attack over IoT network environment is proposed and tested against several scenarios to dissect the interactive communication among different types of network nodes.

Smart Solution, Poor Protection: An Empirical Study of Security and Privacy Issues in Developing and Deploying Smart Home Devices

It is argued that if the security and privacy issues are not considered, devices using the solution are inevitably vulnerable and thus the privacy and security of smart home are seriously threatened.

DEMO: An IDS framework for internet of things empowered by 6LoWPAN

An Intrusion Detection System (IDS) framework for IoT empowered by IPv6 over low-power personal area network (6LoWPAN) devices which includes a monitoring system and a detection engine has been integrated into the network framework developed within the EU FP7 project `ebbits'.

ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms

ContexIoT is proposed, a context-based permission system for appified IoT platforms that provides contextual integrity by supporting fine-grained context identification for sensitive actions, and runtime prompts with rich context information to help users perform effective access control.

A multi-cloud based privacy-preserving data publishing scheme for the internet of things

This paper proposes two multi-cloud-based outsourced-ABE schemes, namely the parallel-cloud ABE and the chain- cloud ABE, which enable the receivers to partially outsource the computationally expensive decryption operations to the clouds, while preventing user attributes from being disclosed.

A Secure Mechanism for Big Data Collection in Large Scale Internet of Vehicle

A secure mechanism for big data collection in large scale IoV is proposed for improved security performance and efficiency and two different secure protocols are proposed for business data and confidential data collection.