Survey on the Emerging Security Challenges in the

Internet of Things
Kaustav Ghosh
Computer Science and Engineering Department
Santa Clara University
CA 95050
Email:kghosh1@scu.edu

Abstract—The Internet of things (IoT) refers to an inter- IoT network to extract personal information of the user and
connection of a huge number of smart components and it thus compromising the privacy of the user. There are various
includes various communications between these components in obstacles which hinder the ideal IoT vision and security is one
the network. Due to the ubiquitous and mobile nature of the
components which form the IoT Network, IoT is often referred of these key obstacles which requires significant attention. Due
to as “anything, anyone, any service”. This very advantage of to the ubiquitous and constrained resource structure of the
the ubiquitous nature of IoT is a severe challenge for a secure components in the IoT network, traditional internet security
IoT. Without a very strong technical and legal framework, the mechanisms are not enough for a secure IoT network. To
vulnerabilities in IoT will be exploited and this problem would create a strong foundation for technical and legal framework of
definitely outweigh the advantages for which IoT was envisioned
in the first place. To tackle this security issue in IoT, we need to a secure IoT, security experts must thoroughly understand the
first analyze the threats and security challenges in a IoT network. rising security and privacy challenges in the IoT framework
This survey paper helps you to understand the vulnerabilities and know how the existing web based security protocols can
and threats in the IoT framework. This paper also gives you an be modified to fit into this ubiquitous framework.
insight on how the present IP based security protocols cannot In this survey paper we first aim to present the various
be used as is in the IoT framework and how researchers are
presently working to modify the IP based security solutions for possible threats and vulnerabilities in the IoT framework.
the IoT framework. Then in the later half of the paper we describe the security
challenges which security experts are presently facing and how
I. I NTRODUCTION they are working towards the goal of a secure IoT.
Internet of things (IoT) can be considered as a network The rest of the survey paper is organized as follows. Section
of two or more things which can be connected and can II gives an overview of the various threats and vulnerabilities
communicate with each other through the internet. It can be as in the IoT framework. In Section III we give a brief overview
simple as a toaster embossing a sunny day or a rainy day on a of the existing IP security protocols and finally in Section
bread depending upon the actual weather outside (by sensing IV we discuss the security challenges in the IoT framework.
the weather outside with the help of a temperature sensor). Section V gives some suggested solutions for safeguarding
The Internet of Things definition can also be extended to the the IoT framework from the security threats. Finally section
area of smart homes and smart cities where all the objects to VI includes some final remarks for the vision of a secure IoT.
which a person communicates with on a daily basis can itself
communicate with each other and make the life of a the person II. T HREATS AND V ULNERABILITIES
much easier. For example your house door communicating This section provides you with the various security threats
with your car (with the help of a GPS on the car) and opening and vulnerabilities in a typical IoT framework. We discuss
itself when the car enters the garage. The concept can also be about the security issues which could compromise the entire
extended to the healthcare domain where the body of a person IoT network and we then classify these threats according to
can be monitored through smart objects connected to a remote the TCP/IP stack layer they belong too. So this will give you
cloud. So IoT can be considered as a network of smart objects a clear understanding as to which layer you need to focus on
to make the world a much more smarter place to live in. for a particular threat.
IoT is a game-changing moment in our relationship with
technology and personal data as we stand on the edge of A. Privacy
a data explosion from interconnected devices. As with all Privacy is one of the most important concerns when it
new technologies, the IoT brings with it new challenges for comes to security related to IoT. The ubiquitous nature of
businesses, regulators, consumers and in fact anyone who the components which form the IoT infrastructure generates
cares about the responsible use of data. With so many devices a tremendous amount of data which can be available to a
connected to each other through a network, there is always hacker if the hacker intrudes into this infrastructure. Majority
several risks involved ranging from physical stealing of these of this data would be generated by a user and if the hacker
sensor elements on the IoT network to eavesdropping on the can gather this data, there would potentially be a breach in the
privacy of the user. This information can thereafter be sold by may be able to communicate with various other components
the hacker to some other company for money. This privacy on the network and thereby compromising the security of the
and data protection security breach can lead to heavy fines communication channel. This security of the communication
which the IoT service providers would have to pay. Hence an channel can also be compromised when two components in
extra attention should always be paid to the security of the the network are communicating and if the channel is not
data center infrastructure that stores the data gathered by the sufficiently protected. To prevent this there needs to be a
IoT components. The additional cost to prevent this kind of continuous renewal/update on the session keys which is used
security breach is much lesser than the cost which the service for communication between the components.
provider would have to pay as penalty if the privacy of the H. Jeon, J. Choi, S. McLaughlin, and J. Ha in [3] provide
users is compromised. an elegant encryption solution to the eavesdropping problem
As mentioned in [1], the the privacy issue can be tackled in a wireless sensor network in which the authors have used
in three different ways. simple and efficient physical layer security concepts to provide
1) Privacy by Design wherein a user would use the tools confidentiality to the data in a wireless sensor network (WSN).
they need to manage their own data. A similar solution can also be adopted for a IoT network to
2) Transparency wherein users know the entities which are prevent it from the eavesdropping threat.
managing their data and how their personal data is being D. Denial Of Service Attack (Dos Attacks)
used. The IoT service providers should also be part of
The components which make up the IoT network typically
this process by having various license agreements to
have constrained resources like limited memory and limited
support this process.
power for its operations. Any activity that reduces, eliminates
3) Data Management wherein there needs to be strict poli-
or disrupts the network’s communication is categorized as a
cies which needs to be followed to manage various kinds
DoS attack. Device availability is one of the key features of
of data. These policies should align with legislation on
the IoT infrastructure. A DoS attack can jam or flood the
data protection.
entire communication channel of the IoT network thus tearing
By following these principles and a strong data-management down the network. This compromises the network availability
framework as mentioned above, policymakers should develop and in turn makes several devices on the network unavailable.
policies that address privacy and security concerns for IoT Attackers can take advantage of these constrained components
while also ensuring that the ultimate vision of IoT is not killed. in the IoT infrastructure by continuously sending requests to
Due to the above mentioned privacy challenges of a user, these components and ultimately exhausting the battery life
the regulators at the US Federal Trade Commission and of the component and thus preventing it from functioning any
various other government organizations of different countries further.
are looking at privacy and security issues related to IoT. Poten- Since IP was considered impractical for low power devices
tial criminal activity must be addressed with this technology like the one’s used in the IoT network, IoT devices typically
boom. This protection of the data in the IoT infrastructure work over low power wireless area networks-6LoWPAN [4]. P.
is everyone’s responsibility, starting from end users to the Kasinathan, C. Pastrone, M. Spirito, and M. Vinkovitsv in [5]
service providers. Industry collaboration and not competition provide a DoS detection architecture for 6LowPAN operating
would help in deciding common standards, be it security and over the IoT devices. The authors integrate an intrusion
privacy standards or network standards. Mutual understanding detection system with a network framework developed within
and collaboration is extremely essential to support a broader EU FP7 project ebbits.
IoT ecosystem and perform secure operations in this insecure
infrastructure. E. Stealing of physical hardware
There are various hardware components like sensors which
B. Substitution of Components are deployed in the environment as a part of the IoT network.
While deploying components in the IoT network there might These components are usually unprotected and can be easily
be a possibility wherein a high quality component may be captured by an intruder. Such an intruder can extract various
replaced by a low quality component without it being detected security parameters from the device . As mentioned in [2], if
for it’s lower level of quality. The reason behind this may be the group key is compromised using these security parameters,
cost savings. This may degrade the performance of the IoT the entire group network is compromised. Compromising a
network as a whole and can be an entry point into the system unique key specific to that device is better than compromising
for further threats. the entire network using a group key. Thus one has to be very
C. Eavesdropping careful while communicating these group keys over a channel
since compromising a group key may result in compromising
As mentioned in [2] eavesdropping during the deployment of the entire group network.
of a component in the IoT network can be a major threat due
to the the exchange of cryptographic keys, security parameters F. Sinkhole attack
and other security configuration settings during the bootstrap The IPv6 Routing Protocol for low power and lossy net-
process. After obtaining certain security parameters the hacker works, commonly known as RPL [4] is a standard routing
 Table I
D ISTRIBUTION OF T HREATS /V ULNERABILITIES ACCORDING TO TCP/IP
LAYERS

TCP/IP Layer Threats/Vulnerabilities.

Application Layer Extraction of Security Parameters,
Firmware Updates.
Transport Layer Eavesdropping and Man-in-the-middle at-
tack.
Network Layer DoS attack, Routing attack, Eavesdropping
and Man-in-the-middle attack .
Physical Layer DoS attack .

protocol for IoT networks and is used in a 6LoWPAN network.

Sinkhole Attack is one of the routing attacks in a 6LoWPAN
network. As mentioned in [6], in a sinkhole attack a malicious
node lures all the traffic around it in the network by advertising
an attractive path. Sinkhole attacks like the one described in Figure 2. Depicts a simple case of Selective Forwarding where the Red Node
is dropping packets which it is receiving from node B
Fig. 1., are difficult to counter because routing information
supplied by a node is difficult to verify.
T. V. Linus Wallgren and Shahid Raza in [7] do an exper- III. IP BASED S ECURITY C HALLENGES
imental study to see if the RPL protocol can counter against
the Sinkhole attack or try reducing its impact. Firstly we need to have a brief overview of the existing
Internet based protocols which we will refer to understand the
security challenges in the IoT framework.

A. IP based Security Solutions

One of the weakest points of the original Internet Protocol
is that is lacks basic security mechanisms like authenticity
and privacy of data of the user in the network. With the
growth of the Internet and millions of people using it, security
mechanisms were needed for IP. To facilitate this need, IP
Security (IPsec) protocol was developed. While a wide range
Figure 1. Depicts a simple Sinkhole attack where the orange node is the
malicious node
of specialized as well as general-purpose key exchange and
security solutions already exist for the Internet domain, we
discuss a number of protocols and procedures that have been
G. Selective Forwarding recently discussed in the context of the above working groups.
As mentioned in [8], in this sort of a routing attack, The considered protocols are IKEv2/IPsec [9], TLS/SSL [10],
malicious nodes try to stop the packets in the network by DTLS [11], HIP [12] [13], PANA [14], and EAP [15] in this
refusing to forward or drop the messages passing through Internet-Draft.
them. There might arise a case in the selective forwarding The Internet Key Exchange (IKEv2)/IPsec and the Host
attack wherein the malicious node selectively drops the packets Identity protocol (HIP) reside at or above the network layer in
coming from a particular node or a group of nodes. This attack the OSI model. IKEv2 or IKE is a part of the IPsec protocol
as we can see from Fig. 2., can prove to be disastrous for suite which helps to set up a security association. HIP on the
the network if coupled with attacks like the sinkhole attack other hand is a host identification technology for use on IP. HIP
discussed in the above section. creates the Host Identity (HI) based on a public key security
The author in [7] provides a solution against the selective infrastructure. Both these above mentioned protocols are able
forwarding attacks wherein the author suggests to create to perform an authenticated key exchange and set up IPsec
disjoint paths between source and destination nodes. Although transformations for secure payload delivery. Currently, there
this solution is very difficult to implement in huge networks are also ongoing efforts to create a HIP variant coined Diet
since creating disjoint paths for the entire network is quite HIP [12] that takes lossy low-power networks into account at
hard but this can be easily implemented in small networks. the authentication and key exchange level.
One elegant solution can also be to not let the attacker know Transport Layer Security (TLS) and its datagram oriented
which type of traffic he/she is receiving which would force variant DTLS secure transport layer communications and pre-
the attacker to either forward all or none of the traffic. vent attacks like eavesdropping and tampering on the network.
TABLE I depicts the threats corresponding to each of the TLS provides security for the TCP layer in a IP network and
layers in TCP/IP stack. requires a reliable transport. TLS uses asymmetric cryptog-
raphy to authenticate the user with another user to exchange functions but uses a CMAC [16] based mechanism, which can
a symmetric key. Although TLS protects the transport layer directly use the AES hardware available in standard sensor
but it is initialized at the session layer and it works at the platforms.
presentation layer of the TCP/IP network model. DTLS on Standard and trusted suite of cryptographic algorithms like
the other hand secures and uses datagram-oriented protocols the AES, RSA and Diffie-Hellman key exchange algorithms
such as UDP. Both protocols are intentionally kept similar and were designed with the assumption that significant system re-
share the same ideology and cipher suites. sources like memory and processor speed would be available.
The Extensible Authentication Protocol (EAP) is an authen- So the use of these standard cryptographic security algorithms
tication framework supporting multiple authentication meth- in these resource constrained devices on the IoT network is
ods. It is widely used in wireless networks like IEEE 802.11 unclear and requires further analysis to make sure that they
(Wifi). The WPA and WPA2 standards have adopted more than don’t drain out the resources of the IoT devices and make it
hundred EAP types as official authentication mechanisms. It unavailable.
is used to transport keying material and parameters generated
by EAP methods [15]. EAP runs directly over the data link B. End to End Security Issue
layer and, thus does not require the deployment of IP.
The Core of the IoT network has to ideally run on a de
IV. S ECURITY C HALLENGES IN THE I NTERNET OF T HINGS facto constrained IP network-6LoWPAN [4]. This is analogous
FRAMEWORK to the IPv6 internet protocol. Similarly analogous to to the
HTTP protocol which works at the application layer, there is
In this section we discuss about the different security
a protocol for the IoT framework which is the Constrained
challenges in the IoT framework and also discuss how the
Application Protocol (CoAP) [17] which runs over UDP and
existing internet security protocols interoperate with this IoT
enables efficient communication of things at the application
framework and what are it’s limitation. Majority of the security
layer.
challenges are created due to the resource constraint features
Both CoAP and 6LoWPAN are steps towards reducing the
of the devices on the IoT network. In the section below we’ll
difference between existing internet protocols and IoT but still
discuss about the security threats which the IoT infrastructure
there are certain major differences between the both due to
is facing due to it’s device’s resource constraints and we’ll
performance reasons. These differences can be bridged easily
also discuss about the rising security challenges related to
at gateways but it can be a major obstacle if there is end-end
cryptography algorithm processing, authentication and also
security measures deployed between the IoT devices and the
identity management which is one of the major challenges
hosts on the Internet since these end-end security measures
in the IoT domain.
don’t allow the gateways to decrypt the messages and modify
A. Security Challenges due to Resource Constraints them according to the network since that would compromise
the end to end security. There are various solutions to tackle
Interoperating resource constrained devices on a network
this solution which are mentioned in detail in [2].
with the Internet is a very big challenge because of the
heterogeneity of both the networks. The IoT infrastructure As mentioned in [18], the implementation of end to end
has resource constrained components as a part of its net- security protocols in resource constrained IoT networks is a
work and these components rely on low bandwidth channel big challenge due to the limited computational power and
and have limited memory, CPU and power resources. These memory of the devices in the IoT network. These constraints
characteristics of the IoT network affects the security protocol make the complicated end to end security protocols not useful
designs and limits the use of the existing Internet based for the IoT infrastructure. The authors in [18] provide a
security protocols. For example, as mentioned in [2], IEEE modification of the end to end security protocols like IPsec
802.15.4 (used in networks having resource constraint devices) and DTLS to make them work efficiently in the IoT network.
supports 127-byte sized packets at the physical layer which
C. Distributed vs Centralized Architecture Security Issues
may result in fragmentation of larger packets of security
protocols. This may open new attack vectors for DoS attacks, Currently most of the IoT architectures are centralized
which is specially dangerous if the fragmentation is caused by for example the ZigBee standard is completely centralized
large key exchange messages of security protocols. and depends on a central server called the trust center. In
Another issue is the usage of public key cryptography in the a centralized architecture there is a central management of
IoT network. Due to the limitations on memory and power re- devices and the cryptographic keys are stored in the a central
sources in the IoT network components, the use of such crypto server too. This provides for a single point of failure which
primitives is not recommended. In view of these limitations, is a severe drawback . Also without a well managed security
there has been attempts to reduce the cost involved in public infrastructure creating ad hoc security domains with certain
key based key exchanges. Diet HIP takes the reduction of this new nodes is not possible. Decentralized architectures instead
cost to a next level by focusing on implementing cryptographic allow to create ad hoc domains of new nodes which do not
functions on IEEE 802.15.4 compliant device’s hardware. As require a well established security infrastructure and can act
mentioned in [2], Diet HIP does not require cryptographic hash in a stand-alone way. This would reduce the single point of
failure issue for the entire network which exists in a centralized would lead to compromising the security of the entire device
architecture. or possibly the entire network. Although there is a secure
connection established, but the device still needs security
D. Identity Management and Key distribution Issue from the run time threats in the network. For example-routing
As we connect various things to the Internet we also attacks like the Sinkhole and the Selective forwarding attacks
need ways of ensuring they are what they claim to be. This can affect the network at anytime during the lifecycle of
creates an interesting challenge, that is how to manage the the network. Olaf Bergmann, Stefanie Gerdes, Silke Schafer,
identities of all these connected devices we are in the process Florian Junge and Carsten Bormann discuss in [20] about
of communicating, in all their scenarios, shapes and sizes. the importance of securely configuring a IoT network and it
Identity management was never easy but it looks set to become provides us with an elegant three phase protocol to securely
even harder because it is estimated that by 2020, over 20 bootstrap the nodes in a Wireless Sensor network based on
billion devices with be connected to the internet (over two IPv6 and CoAP which is very much similar to the IoT network.
times the human population on earth at that time).
During the bootstrapping process, security related infor- B. Resource Control
mation is passed on to the components of the IoT network For different components of a device in the IoT, various
which enables a secure communication channel between these access controls should be applied for accessing resources
devices. How this security related information is passed is dif- of the device. This would ensure that if one component of
ferent in distributed and centralized IoT architectures. If we do a device is compromised, then other resources on which
not consider the resource limitations of things, certificates and the component doesn’t depend wont be compromised. This
certificate chains can be employed to securely communicate decoupling of resources as mentioned in [21] by limiting
capabilities in such a decentralized scenario. As mentioned in system privileges for different components of a device would
the previous section too, Diet HIP doesn’t require a device to be really helpful in a ubiquitous type network like the IoT. The
implement cryptographic hashes to limit energy loss due to authentication and access control issue is dealt in great detail
calculations of hashes. in [21] where the authors analyze the existing access control
As mentioned in [2], in a centralized architecture, precon- methods and then design a novel solution for IoT infrastructure
figured keys or certificates held by a thing can be used for the using the already existing authentication and access control
distribution of operational keys in a given security domain. mechanisms.
A current proposal [19] refers to the use of PANA for the
transport of EAP messages between the PANA client (the C. Firewall Protection
joining thing) and the PANA Authentication Agent (PAA). Just like Intranet, a IoT network would also need a firewall
EAP is thereby used to authenticate the identity of the joining to regulate traffic that is destined to itself and its corresponding
thing. network. As pointed out in [22], this would greatly help in
Considering the limited resources of the IoT devices there filtering messages according to the protocol message header
needs to be a provision for a lightweight Public Key Infras- since each embedded device in a IoT network can use a
tructure where the IoT devices can use the traditional or IoT different protocol for communication. So this helps in reducing
specific symmetric encryption for data exchange. the load on the devices to compute the decision whether
the received message belongs to itself or not. The firewall
V. S ECURITY S OLUTIONS FOR THE I OT FRAMEWORK computes that decision for the components and a device gets
As discussed in the previous sections, there exists a huge messages only directed to itself. All this in turn helps in
array of threats and security challenges which the IoT infras- reducing attacks or spreading of attacks to different types of
tructure presently faces, thus there is no single solution which nodes handling different packets in the network. So if one node
makes the IoT network secure. But after analyzing the threats in the network is affected due to a malicious message/packet
and various security challenges we can narrow down upon some other node handling a different packet type may not be
certain security solutions which can be applied to the IoT affected because of it.
network and we discuss these solutions in this section. This
section takes you through the steps to be taken right from the D. Software Updates
initial design to the deployment phase of a IoT network to Once a device is deployed in the field there needs to be
make the infrastructure secure. regular updates on them. Service providers will roll out the
update patches and the devices need to update their software
A. Booting Securely in a way that does not compromise or expose the device to
When switching on a device in the IoT, the authenticity various threats in the IoT environment. So there needs to
of the device is checked using traditional cryptography tools be a provision in the software updates and patches wherein
or customized low power consuming cryptography algorithms. the security of the device is not at all compromised. Also
As mentioned in [20] authenticating securely during the boot- there needs to be way by which we can optimize the energy
ing process using digital signatures and cryptographic key or resource consumptions for updating these patches on the
exchanges is very essential and compromising this information resource constrained devices in the IoT network. Apurva
Mohan in [23] gives a very interesting use case of Personal [14] E. B. P. H. T. A. Y. D. Forsberg, Y. Ohba, “Protocol for Carrying
Medical Devices (PMD) attached to a patients body for health Authentication for Network Access (PANA),” Internet Requests for
Comments, RFC Editor, RFC 5191, May 2008. [Online]. Available:
monitoring wherein the author describes the importance of http://www.rfc-editor.org/rfc/rfc5191.txt
software updates in a resource constraint device like a PMD [15] V. J. C. J. H. E. Aboba B., Blunk L., “Extensible Authentication Protocol
and how a security breach on a device like that can even kill (EAP),” Internet Requests for Comments, RFC Editor, RFC 3748, May
2008. [Online]. Available: http://www.rfc-editor.org/rfc/rfc3748.txt
a person. [16] M. J. Dworkin, “Sp 800-38b.nist specification publication,” Gaithers-
burg, MD, United States, Tech. Rep., 2005.
VI. C ONCLUSION [17] C. B. Z Shelby, K Hartke, “Constrained Application Protocol (CoAP),”
Working Draft, IETF Secretariat, Internet-Draft draft-ietf-core-coap-18,
2013.
The Internet Of Things is already more than just a thought [18] A. D. Rubertis, L. Mainetti, V. Mighali, L. Patrono, I. Sergi, M. L. Ste-
and has already started to gather momentum making life of it’s fanizzi, and S. Pascali, “Performance evaluation of end-to-end security
users simpler. By complying with the security requirements, protocols in an internet of things,” in 2013 21st International Conference
on Software, Telecommunications and Computer Networks - (SoftCOM
IoT can be considered as a complete paradigm which will 2013), Split-Primosten, Croatia, September 18-20, 2013, 2013, pp. 1–6.
soon be at it’s peak. There are still open problem areas [19] O. C. C. O’Flynn, Sarikaya, “Security Bootstrapping of Resource-
such as cryptographic mechanisms, interoperability of Internet Constrained Devices,” Working Draft, IETF Secretariat, Internet-Draft
draft-oflynn-core-bootstrapping-03, Nov. 2010.
protocols, data, identity management, privacy of the user and [20] O. Bergmann, S. Gerdes, S. Schafer, F. Junge, and C. Bormann, “Secure
de-facto architectures. There needs to be future research work bootstrapping of nodes in a coap network,” in Wireless Communications
which would carefully consider the balance of governance and and Networking Conference Workshops (WCNCW), 2012 IEEE, April
2012, pp. 220–225.
legal framework with innovation. Finally security cannot be [21] J. Liu, Y. Xiao, and C. Chen, “Authentication and access control in
considered just an add on to the IoT device but rather should the internet of things,” in Distributed Computing Systems Workshops
be considered as an integral part of the IoT infrastructure. (ICDCSW), 2012 32nd International Conference on, June 2012, pp. 588–
592.
[22] I. Ishaq, J. Hoebeke, I. Moerman, and P. Demeester, “Internet of things
R EFERENCES virtual networks: Bringing network virtualization to resource-constrained
devices,” in Green Computing and Communications (GreenCom), 2012
[1] R. Roman and J. Najera, Lopez, “Securing the internet of things,” IEEE International Conference on, Nov 2012, pp. 293–300.
Computer, vol. 44, no. 9, pp. 51–58, Sept 2011. [23] A. Mohan, “Cyber security for personal medical devices internet of
[2] S. K. R. H. R. S. Garcia-Morchon, S Kumar, “Security Considerations things,” in Distributed Computing in Sensor Systems (DCOSS), 2014
in the IP-based Internet of Things,” Working Draft, IETF Secretariat, IEEE International Conference on, May 2014, pp. 372–374.
Internet-Draft draft-garcia-core-security-O.txt, Sep. 2011.
[3] H. Jeon, J. Choi, S. McLaughlin, and J. Ha, “Channel aware encryption
and decision fusion for wireless sensor networks,” in Information
Forensics and Security (WIFS), 2011 IEEE International Workshop on,
Nov 2011, pp. 1–6.
[4] A. B. T. Winter, P. Thubert, “RPL: IPv6 routing protocol for
low-power and lossynetworks,” Internet Requests for Comments, RFC
Editor, RFC 4919, March 2012. [Online]. Available: http://www.rfc-
editor.org/rfc/rfc4919.txt
[5] P. Kasinathan, C. Pastrone, M. Spirito, and M. Vinkovits, “Denial-of-
service detection in 6lowpan based internet of things,” in Wireless and
Mobile Computing, Networking and Communications (WiMob), 2013
IEEE 9th International Conference on, Oct 2013, pp. 600–607.
[6] V. C. Vinay Soni, Pratik Modi, “Detecting sinkhole attack in wireless
sensor network,” vol. 2. IJAEIM, February 2013.
[7] T. V. Linus Wallgren, Shahid Raza, “Article: Routing attacks and coun-
termeasures in the rpl-based internet of things,” International Journal
of Distributed Sensor Networks, vol. 2013, no. 794326, p. 11, February
2013.
[8] M. Y. A. Q. A.-I. Wazir Zada Khan, Yang Xiang, “Article: Comprehen-
sive study of selective forwarding attack in wireless sensor networks,”
Computer Network and Information Security, vol. 1, no. 17, pp. 1–10,
February 2011.
[9] E. Kaufman, “Internet Key Exchange (IKEv2) Protocol,” Internet
Requests for Comments, RFC Editor, RFC 4306, Dec 2005. [Online].
Available: http://www.rfc-editor.org/rfc/rfc4306.txt
[10] R. Dierks, “The Transport Layer Security(TLS) Protocol Version 1.2,”
Internet Requests for Comments, RFC Editor, RFC 5246, Aug 2008.
[Online]. Available: http://www.rfc-editor.org/rfc/rfc5246.txt
[11] Phelan, “Datagram Transport Layer Security (DT SLS) over the
Datagram Congestion Control Protocol (DCCP),” Internet Requests for
Comments, RFC Editor, RFC 5238, May 2008. [Online]. Available:
http://www.rfc-editor.org/rfc/rfc5238.txt
[12] J. P. E. Moskowitz R., Nikander P., “Host Identity Protocol,” Internet
Requests for Comments, RFC Editor, RFC 5201, May 2008. [Online].
Available: http://www.rfc-editor.org/rfc/rfc5201.txt
[13] J. H. Moskowitz, Heer, “Host Identity Protocol Version 2,” Working
Draft, IETF Secretariat, Internet-Draft draft-ietf-hip-rfc5201-bis-13, Sep.
2013.