A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 3
Abstract
Internet of Things (IoT) has not yet reached a distinctive definition. A generic understanding of IoT is that it offers numerous services in many domains, utilizing conventional internet infrastructure by enabling different communication patterns such as human-to-object, object-to-objects, and object-to-object. Integrating IoT objects into the standard Internet, however, has unlocked several security challenges, as most internet technologies and connectivity protocols have been specifically designed for unconstrained objects. Moreover, IoT objects have their own limitations in terms of computation power, memory and bandwidth. IoT vision, therefore, has suffered from unprecedented attacks targeting not only individuals but also enterprises, some examples of these attacks are loss of privacy, organized crime, mental suffering, and the probability of jeopardizing human lives. Hence, providing a comprehensive classification of IoT attacks and their available countermeasures is an indispensable requirement. In this paper, we propose a novel four-layered IoT reference model based on building blocks strategy, in which we develop a comprehensive IoT attack model composed of four key phases. First, we have proposed IoT asset-based attack surface, which consists of four main components: 1) physical objects, 2) protocols covering whole IoT stack, 3) data, and 4) software. Second, we describe a set of IoT security goals. Third, we identify IoT attack taxonomy for each asset. Finally, we show the relationship between each attack and its violated security goals, and identify a set of countermeasures to protect each asset as well. To the best of our knowledge, this is the first paper that attempts to provide a comprehensive IoT attacks model based on a building-blocked reference model.
Authors and Affiliations
Hezam Akram Abdul-Ghani, Dimitri Konstantas, Mohammed Mahyoub
Keywords
Related Articles
- EP ID EP278321
- DOI 10.14569/IJACSA.2018.090349
- Views 106
- Downloads 0
Parallel Implementation of Bias Field Correction Fuzzy C-Means Algorithm for Image Segmentation
Image segmentation in the medical field is one of the most important phases to diseases diagnosis. The bias field estimation algorithm is the most interesting techniques to correct the in-homogeneity intensity artifact o...
Stress Detection of the Employees Working in Software Houses using Fuzzy Inference
In the modern era where the use of computer systems in software houses is mandatory and in various organizations has increased, it has given rise to the level of stress of employees working for hours at the system as wel...
Enhanced Analytical Hierarchy Process for U-Learning with Near Field Communication (NFC) Technology
Integration of current Virtual Learning Environment (VLE) system with the Near Field Communication (NFC) technology provides Ubiquitous Learning Environment (ULE) in education. The utilization of NFC technology in U-Lear...
MIMC: Middleware for Identifying & Mitigating Congestion Level in Hybrid Mobile Adhoc Network
Adoption of middleware system to solve the congestion problem in mobile ad-hoc network is few to find in the existing system. Research gap is found as existing congestion control mechanism in MANET doesn’t use middleware...
Pattern Discovery Using Association Rules
The explosive growth of Internet has given rise to many websites which maintain large amount of user information. To utilize this information, identifying usage pattern of users is very important. Web usage mining...