A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 3
Abstract
Internet of Things (IoT) has not yet reached a distinctive definition. A generic understanding of IoT is that it offers numerous services in many domains, utilizing conventional internet infrastructure by enabling different communication patterns such as human-to-object, object-to-objects, and object-to-object. Integrating IoT objects into the standard Internet, however, has unlocked several security challenges, as most internet technologies and connectivity protocols have been specifically designed for unconstrained objects. Moreover, IoT objects have their own limitations in terms of computation power, memory and bandwidth. IoT vision, therefore, has suffered from unprecedented attacks targeting not only individuals but also enterprises, some examples of these attacks are loss of privacy, organized crime, mental suffering, and the probability of jeopardizing human lives. Hence, providing a comprehensive classification of IoT attacks and their available countermeasures is an indispensable requirement. In this paper, we propose a novel four-layered IoT reference model based on building blocks strategy, in which we develop a comprehensive IoT attack model composed of four key phases. First, we have proposed IoT asset-based attack surface, which consists of four main components: 1) physical objects, 2) protocols covering whole IoT stack, 3) data, and 4) software. Second, we describe a set of IoT security goals. Third, we identify IoT attack taxonomy for each asset. Finally, we show the relationship between each attack and its violated security goals, and identify a set of countermeasures to protect each asset as well. To the best of our knowledge, this is the first paper that attempts to provide a comprehensive IoT attacks model based on a building-blocked reference model.
Authors and Affiliations
Hezam Akram Abdul-Ghani, Dimitri Konstantas, Mohammed Mahyoub
Keywords
Related Articles
- EP ID EP278321
- DOI 10.14569/IJACSA.2018.090349
- Views 91
- Downloads 0
A DISTRIBUTED KEY BASED SECURITY FRAMEWORK FOR PRIVATE CLOUDS
Cloud computing in its various forms continues to grow in popularity as organizations of all sizes seek to capitalize on the cloud’s scalability, externalization of infrastructure and administration and generally reduced...
An Unsupervised Local Outlier Detection Method for Wireless Sensor Networks
Recently, wireless sensor networks (WSNs) have provided many applications, which need precise sensing data analysis, in many areas. However, sensing datasets contain outliers sometimes. Although outliers rarely occur, th...
GSM based Android Application: Appliances Automation and Security Control System using Arduino
Now-a-days, automation is playing significant role using android phone in human life, particularly, handicapped and senior citizens. Appliances automation allows users to control different appliances such as light, fan,...
New design of Robotics Remote lab
The Robotic Remote Laboratory (RRL) controls the Robot labs via the Internet and applies the Robot experiment in easy and advanced way. If we want to enhance the RRL system, we must study requirements of the Robot...
An Adaptive parameter free data mining approach for healthcare application
In today’s world, healthcare is the most important factor affecting human life. Due to heavy work load it is not possible for personal healthcare. The proposed system acts as a preventive measure for determining w...