research-article

Emerging Security Threats and Countermeasures in IoT

Authors:

Michael Cheng Yi Cho,

Shiuhpyng ShiehAuthors Info & Claims

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Pages 1 - 6

https://doi.org/10.1145/2714576.2737091

Published: 14 April 2015 Publication History

Abstract

IoT (Internet of Things) diversifies the future Internet, and has drawn much attention. As more and more gadgets (i.e. Things) connected to the Internet, the huge amount of data exchanged has reached an unprecedented level. As sensitive and private information exchanged between things, privacy becomes a major concern. Among many important issues, scalability, transparency, and reliability are considered as new challenges that differentiate IoT from the conventional Internet. In this paper, we enumerate the IoT communication scenarios and investigate the threats to the large-scale, unreliable, pervasive computing environment. To cope with these new challenges, the conventional security architecture will be revisited. In particular, various authentication schemes will be evaluated to ensure the confidentiality and integrity of the exchanged data.

References

[1]

M. Ravindranath, (8 Jan 2014), Cisco CEO at CES 2014: Internet of Things is a $19 trillion opportunity {Online}. Available: http://www.washingtonpost.com/business/on-it/cisco-ceo-at-ces-2014-internet-of-things-is-a-19-trillion-opportunity/2014/01/08/8d456fba-789b-11e3-8963-b4b654bcc9b2_story.html.

[2]

K. Aston, (22 Jun 2009), That 'Internet of Things' Thing {Online}. Available: http://www.rfidjournal.com/articles/view?4986.

[3]

Z. K. Zhang, et al., "IoT Security: Ongoing Challenges and Research Opportunities," in IEEE 7th International Conference on Service-Oriented Computing and Applications (SOCA 2014), Nov 2014, pp. 230--234.

Digital Library

[4]

R. H. Weber, "Internet of Things - New Security and Privacy Challenges," in Computer Law & Security Review, vol. 26, issue 1, Jan 2010, pp. 23--30.

[5]

C. M. Medaglia, and A. Serbanati, "An Overview of Privacy and Security Issues in the Internet of Things," in the Internet of Things, Jan 2010, pp. 389--395.

[6]

R. Minerva, and A. Biru, "Towards a Definition of the Internet of Things," in IEEE IoT Initiative White Paper.

[7]

R. Metz, (6 Jan 2015), CES 2015: The Internet of Just About Everything {Online}. Available: http://www.technologyreview.com/news/533941/ces-2015-the-internet-of-just-about-everything.

[8]

J. S. Lee, Y. W. Su, and C. C. Shen, "A Comparative Study of Wireless Protocols: Bluetooth, UWB, ZigBee, and Wi-Fi," in 33rd Annual Conference of the IEEE Industrial Electronics Society (IECON 2007), Nov 2007, pp. 46--51.

[9]

H. Chen, X. Jiao, and H. Li, "A Brief Introduction to IoT Gateway," in IET International Conference on Communication Technology and Application (ICCTA 2011), Oct 2011, pp. 610--613.

[10]

GS1, "GS1 Object Name Service (ONS) Version 2.0.1," in Ratified Standard 2, 2013.

[11]

GS1, (5 Aug 2014), EPCglobal Standards {Online}. Available: http://www.gs1.org/gsmp/kc/epcglobal.

[12]

National Science Foundation, (21 Sep 2014), NSF Future Internet Architectures Project {Online}. Available: http://www.nets-fia.net.

[13]

L. Zhang, et al., "Named Data Networking," in ACM SIGCOMM Computer Communication Review, July 2014.

[14]

R. Bonetto, et al., "Secure Communication for Smart IoT Objects: Protocol Stacks, Use Cases and Practical Examples," in IEEE Int. Symp. on World of Wireless, Mobile, and Multimedia Networks (WoWMoM 2012), Jun 2012, pp. 1--7.

[15]

E. Rescorla, and N. Modadugu, "Datagram Transport Layer Security Version 1.2" in IETF RFC6347, Jan 2012.

[16]

Z. Shelby, K. Hartke, and C. Bormann, "The Constrained Application Protocol," in IETF RFC7252, Jun 2014.

[17]

R. Hummen, et al., "Delegation-based authentication and authorization for the IP-based Internet of Things," in 11th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON 2014), Jun 2014, pp. 284--292.

[18]

R. Arends, et al., "DNS Security Introduction and Requirements," in IETF RFC4033, Mar 2005.

[19]

M. C. Y. Cho, P. Chen, and S. Shieh, "Dmail: a Globally Authenticated Email Service," in IEEE Computer, vol. 47, issue 5, May 2014, pp. 88--91.

Digital Library

[20]

R. H. Weber, and R. Weber, "Security and Privacy" in Internet of Things Legal Perspectives. Springer, 2010, pp. 41--67.

[21]

S. Evdokimov, B. Fabian, and O. Günther, "Multipolarity for the Object Naming Service," in The Internet of Things Lecture Notes in Computer Science, Vol. 4952, 2008, pp. 1--18.

Digital Library

Cited By

Mansoor KAfzal MIqbal WAbbas Y(2024)Securing the future: exploring post-quantum cryptography for authentication and user privacy in IoT devicesCluster Computing10.1007/s10586-024-04799-428:2Online publication date: 26-Nov-2024
https://doi.org/10.1007/s10586-024-04799-4
Igulu KJohnson BStephen ABhatia T(2024)Security Challenges in IOTCommunication Technologies and Security Challenges in IoT10.1007/978-981-97-0052-3_4(51-79)Online publication date: 26-Mar-2024
https://doi.org/10.1007/978-981-97-0052-3_4
Balaji SRao SRanganathan P(2023)Cybersecurity Challenges and Solutions in IoT-based Precision Farming Systems2023 IEEE 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)10.1109/UEMCON59035.2023.10316154(237-246)Online publication date: 12-Oct-2023
https://doi.org/10.1109/UEMCON59035.2023.10316154
Show More Cited By

Index Terms

Emerging Security Threats and Countermeasures in IoT
1. Information systems

Recommendations

Security Threats and Possible Countermeasures in IoT Applications Covering Different Industry Domains
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

The world is witnessing the emerging role of Internet of Things (IoT) as a technology that is transforming different industries, global community and its economy. Currently a plethora of interconnected smart devices have been deployed for diverse ...
Taxonomy and analysis of security protocols for Internet of Things
Abstract
The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights
- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Cyberentity Security in the Internet of Things

A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

April 2015

698 pages

ISBN:9781450332453

DOI:10.1145/2714576

General Chairs:
Feng Bao
Huawei Technologies Pte Ltd, Singapore
,
Steven Miller
Singapore Management University, Singapore
,
Program Chairs:
Jianying Zhou
Institute for Infocomm Research, Singapore
,
Gail-Joon Ahn
Arizona State University, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Ministry of Science and Technology
Taiwan Information Security Center
iCAST
ITRI
Trend Micro Inc.
Promise Inc.
D-Link
Chungshan Institute of Science and Technology
Chunghwa Telecom
Ministry of Education of Taiwan
Telecom Technology Center
Bureau of Investigation
III
HTC

Conference

ASIA CCS '15

Sponsor:

SIGSAC

ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security

April 14 - March 17, 2015

Singapore, Republic of Singapore

Acceptance Rates

ASIA CCS '15 Paper Acceptance Rate 48 of 269 submissions, 18%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

65
Total Citations
View Citations
3,690
Total Downloads

Downloads (Last 12 months)91
Downloads (Last 6 weeks)4

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mansoor KAfzal MIqbal WAbbas Y(2024)Securing the future: exploring post-quantum cryptography for authentication and user privacy in IoT devicesCluster Computing10.1007/s10586-024-04799-428:2Online publication date: 26-Nov-2024
https://doi.org/10.1007/s10586-024-04799-4
Igulu KJohnson BStephen ABhatia T(2024)Security Challenges in IOTCommunication Technologies and Security Challenges in IoT10.1007/978-981-97-0052-3_4(51-79)Online publication date: 26-Mar-2024
https://doi.org/10.1007/978-981-97-0052-3_4
Balaji SRao SRanganathan P(2023)Cybersecurity Challenges and Solutions in IoT-based Precision Farming Systems2023 IEEE 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)10.1109/UEMCON59035.2023.10316154(237-246)Online publication date: 12-Oct-2023
https://doi.org/10.1109/UEMCON59035.2023.10316154
Carrillo-Mondéjar JTurtiainen HCostin AMartínez JSuarez-Tangil G(2023) HALE-IoT : Hardening Legacy Internet of Things Devices by Retrofitting Defensive Firmware Modifications and Implants IEEE Internet of Things Journal10.1109/JIOT.2022.322464910:10(8371-8394)Online publication date: 15-May-2023
https://doi.org/10.1109/JIOT.2022.3224649
Jaigirdar FTan BRudolph CBain C(2023)Security-Aware Provenance for Transparency in IoT Data PropagationIEEE Access10.1109/ACCESS.2023.328092811(55677-55691)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3280928
Gofwen MIdoko BIdoko J(2023)Application of Zero-Trust Networks in e-Health Internet of Things (IoT) DeploymentsMachine Learning and the Internet of Things in Education10.1007/978-3-031-42924-8_14(209-233)Online publication date: 1-Oct-2023
https://doi.org/10.1007/978-3-031-42924-8_14
Mutunhu BChipangura BTwinomurinzi H(2022)Internet of Things in the Monitoring of DiabetesInternational Journal of Health Systems and Translational Medicine10.4018/IJHSTM.3003362:1(1-20)Online publication date: 1-Jan-2022
https://doi.org/10.4018/IJHSTM.300336
Amin AKiwanuka FAbdelmajid NAlKaabi SKhalid Abdulqader Rashed Ahli S(2022)Composite Identity of Things (CIDoT) on Permissioned Blockchain Network for Identity Management of IoT DevicesResearch Anthology on Convergence of Blockchain, Internet of Things, and Security10.4018/978-1-6684-7132-6.ch023(382-401)Online publication date: 8-Jul-2022
https://doi.org/10.4018/978-1-6684-7132-6.ch023
Berbecaru DSisinni S(2022)Counteracting software integrity attacks on IoT devices with remote attestation: a prototype2022 26th International Conference on System Theory, Control and Computing (ICSTCC)10.1109/ICSTCC55426.2022.9931765(380-385)Online publication date: 19-Oct-2022
https://doi.org/10.1109/ICSTCC55426.2022.9931765
Amin AKiwanuka FAbdelmajid NAlKaabi SKhalid Abdulqader Rashed Ahli S(2021)Composite Identity of Things (CIDoT) on Permissioned Blockchain Network for Identity Management of IoT DevicesRole of IoT in Green Energy Systems10.4018/978-1-7998-6709-8.ch003(59-80)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-6709-8.ch003
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents