DeepAI
Log In Sign Up

A survey of security and privacy issues in the Internet of Things from the layered context

03/03/2019
by   Samundra Deep, et al.
0

Internet of Things (IoT) is a novel paradigm, which not only facilitates a large number of devices to be ubiquitously connected over the Internet but also provides a mechanism to remotely control these devices. The IoT is pervasive and is almost an integral part of our daily life. As devices are becoming increasingly connected, privacy and security issues become more and more critical and these need to be addressed on an urgent basis. IoT implementations and devices are eminently prone to threats that could compromise the security and privacy of the consumers, which, in turn, could influence its practical deployment. In recent past, some research has been carried out to secure IoT devices with an intention to alleviate the security concerns of users. The purpose of this paper is to highlight the security and privacy issues in IoT systems. To this effect, the paper examines the security issues at each layer in the IoT protocol stack, identifies the underlying challenges and key security requirements and provides a brief overview of existing security solutions to safeguard the IoT from the layered context.

READ FULL TEXT VIEW PDF
07/11/2018

Internet of Things: Infrastructure, Architecture, Security and Privacy

Internet of Things (IoT) is one of the emerging technologies of this cen...
09/14/2020

A Detail Study of Security and Privacy issues of Internet of Things

The Internet of Things, or IoT, refers to the billions of physical objec...
03/13/2018

Securing the Internet of Things: New Perspectives and Research Challenges

The Internet of Things (IoT) realizes a vision where billions of interco...
12/11/2017

IDIoT: Securing the Internet of Things like it's 1994

Over 20 billion Internet of Things devices are set to come online by 202...
03/04/2020

Towards a Context-Aware Security and Privacy as a Service in the Internet of Things

Smart city is one of the most known Internet of Things (IoT) application...
08/05/2020

A Survey on Security and Privacy Issues in Edge Computing-Assisted Internet of Things

Internet of Things (IoT) is an innovative paradigm envisioned to provide...
07/29/2022

Effectiveness of Transformer Models on IoT Security Detection in StackOverflow Discussions

The Internet of Things (IoT) is an emerging concept that directly links ...

1 Introduction

The Internet of Things (IoT) has been a noteworthy research topic for more than a decade and was first mentioned by Kevin Ashton in 1998 in a presentation where he used the term to link the idea of RFID to the Internet 1. The general definition for the IoT includes heterogeneous devices and the interconnection of these uniquely identifiable objects. The IoT can be defined as a network of internet-connected physical devices that gather data using embedded sensors and are able to communicate with each other. This would enable any device to communicate with any other device thereby creating a smart ecosystem. It is a noteworthy technological revolution that has refreshed the present Internet foundation to an idea of substantially more propelled computing system in which the physical objects will be pervasively connected and could be addressed uniquely 2.

IoT is a collection of heterogeneous technologies that function together. IoT devices are equipped with various components such as actuators, embedded sensors, processors, RFID and transceivers for acuity, concurrence and connection. The core purpose of the IoT is to enable heterogeneous devices connect to the Internet and exchange information in a reliable manner 3. The security of network and protection of data should meet essential standards and basic principles of integrity, authentication, availability, authorization and confidentiality of user’s information 4. Human life has been enriched with the availability of smart and intelligent IoT devices in hospitals, homes, transportation systems and aged care facilities, etc.5, 6, 7, 8, 9. IoT unquestionably has a huge potential for adaptability and guarantees an extraordinary future. However, it is inherently prone to threats that can compromise the security and privacy of the users, which could in turn influence its practical development 10, 11, 12, 13, 14, 15, 16. Eventually confidentiality, integrity and availability of the data will be diminished and as a result clients will be hesitant to accept this technology 17.

Figure 1: Internet of Things Applications 18

The large number of devices which are being connected to the Internet is rapidly proliferating and this may eventually lead to an all pervasive IoT enabled global Internet architecture. A study by Gartner estimates around 25 billion uniquely addressable objects are likely to be connected to this computing network by 2020

19 with a decent number of these being appliances, therefore there will be an expansive open door for hackers to utilize these gadgets to their own advantage through malicious emails, "denial of service" attacks and by other malicious means such as unsafe worms or Trojans. Therefore, security concerns are noteworthy part that has to be well studied before developing more advanced Internet of Things (IoT) systems.

Our survey paper reviews and analyses the security and privacy issues in IoT. The rest of the paper is as follows: Section 2 contains the background and related work in IoT. In section 3, we describe the general protocol architecture of the IoT. In section 4, we examine the security issues at each layer of the IoT protocol stack and identify corresponding threats and attacks that can manifest at each layer. In section 5, we address the major challenges in securing IoT and discuss the security services requirements in IoT. In section 6, we provide an overview of existing approaches to securing the IoT. We discuss some of the research directions in section 7. Finally, in section 8 we provide some concluding remarks.

2 Background and Related Work

The term Internet of Things (IoT) was first introduced by Kevin Ashton of MIT’s Auto-ID lab in 1998 1. IoT is believed to be the most influential technology of the generation after Internet. The number of interconnected physical devices is significantly increasing and it has already surpassed the human population in 2010. There has been significant work in the development of IoT-enabled devices in the recent time. The advances in the technologies in terms of resources constrained and energy-efficient devices have extended the outreach of internet even to the remote locations also. The number of interconnected physical devices have exceeded all expectations.

Figure 2: Evolution of the Internet of Things

In 1996, the Internet Engineering Task Force (IETF) defined IPv6 addressing and the advancement in this area has propelled the evolution of the IoT devices. The technologies such as IEEE 802.15.4, 6LoWPAN, IPv6 are all defined to support the necessities of the present day internet. The IoT is not only about the smart devices such as computers, smart phones, tablets that are connected to the Internet. IoT is heterogeneous technology in which all the small and simple devices around us can be connected to the network and are able to communicate with each other. Advances in the area of electronics and communications have propelled internet expansion from PCs, smart devices etc to other physical devices. The technologies such as Bluetooth and WiFi have extended the network capabilities of devices. The evolving advancements in the VLSI design technologies with the progress of time have cut down the cost and sizes of the devices. The progress in the technology has made devices and sensors considerably small so that it can be deployed broadly for various purposes and can be managed easily. The improvement over communication systems enable these devices and sensors to communicate with each other in the network and allow to share lot of information. The sensor technology plays an important part in the advancement of the IoT since it is the direct medium of gathering information from individuals.

Figure 3: Background of the Internet of Things

These devices have lower power requirements however they are constrained due to their low memory capacity and processing capabilities. With regard to wireless networking, 6LoWPAN was introduced which is essential for low power networking environments 20. The 6LoWPAN has evolved as an essential part of the IoT system at this point. The issues identified with IoT technologies have attracted many professional and industrial interests in recent years. Several organizations and institutions are engaged in the advancement of the Internet of Things. IEEE is clearly the most important agency that is working for the standardization of IoT. IEEE project P2413 involves the work related to standard architectural framework for IoT 21. The EU Commission officially announced The Alliance for Internet of Things Innovation in 2015 which is engaged in the research for the development of IoT technologies.

3 General Architecture Of IoT

A standard architecture design for IoT is still an open issue 22. In order to realize the full advantages offered by the IoT, a standard model for communication between the participating devices is necessary. Several international organizations such as International Telecommunication Union, IEEE etc are actively engaged for the development and standardization of IoT 23. However, basic ideas are already defined that can act as base for the development of the Internet of Things. The technologies such as IEEE 802.15.4, 6LoWPAN, IPv6 etc. are all defined to support the necessities of the future internet. Currently, TCP/IP protocol stack is widely used in the Internet for data exchange among network hosts 3

. The IoT is a large domain that incorporates an extremely wide range of technologies, from constrained to unconstrained devices and from stateful to stateless devices. Therefore, on which architecture paradigm to use is in place can be used as an outline for all possible implementations. For instance, the IoT architectures based on sensors, actuators or RFID tags are different from each other. A reference model can possibly be recognized however, it is probable that several reference architectures will co-exist in the IoT domain.

There are numerous architecture proposed for IoT by different researchers and most of them focus on middleware layer and network layer that deal with the necessities of IoT. The basic architecture proposed for IoT are as shown in fig. 2 namely, perception layer, network layer, middleware layer and application layer 24. These layers are responsible for information exchange in the network and provide application specified service to the user. The perception layer is responsible for sensing and collection of data through sensor nodes and other hardware. The network layer enables connectivity with other smart devices and the internet. It is used to transmit and process sensor data. The middleware layer is proposed to be between the network layer and the application layer. This layer is responsible for making intelligent decisions based on the processed results. It provides efficient delivery of services assuring scalability and interoperability. Application layer supports business services and is responsible for analysing the received information and making intelligent decisions to meet the requirements of the users, such as when to perform what things 22. The application layer comprises of different applications for the business needs for example, Constrained Application Protocol (CoAP) which is a replacement for the HTTP for resource-constrained devices 25.

Figure 4: General IoT Architecture

4 Security Issues In Layered IoT Architecture

There have been numerous research and achievements in the context of IoT but there are still some challenges that need to be addressed in securing the IoT. Thus, the IoT systems are compromised with the security and privacy issues and are vulnerable to many attacks. In this section, we examine the security issues at each layer of the IoT protocol stack and identify corresponding threats and attacks that can manifest at each layer. Some of the security issues/attacks in the layered IoT architecture are classified in the table 1.


Table 1: list of security challenges, issues/attacks in existing IoT systems
IoT Layers Security Issues/ attacks Security Parameters
Application Layer Data access and security authentication issues, Data Protection and Recovery problems, spear-phishing attack, Software Vulnerabilities, Attacks on Reliability and Clone attack Data privacy, Access Control

Middleware Layer
making intelligent decision processing huge data, malicious-code attacks, multi-party authentication, handling suspicious information
Integrity, Confidentiality

Network Layer
Cluster security problems, DoS attacks, Spoofed, Altered or Replayed routing Information
Authentication, Integrity

Perception Layer
Node capture, Fake node, Mass node authentication, Cryptographic Algorithm and Key Management Mechanism
Integrity,
Authentication, Confidentiality

4.1 Perception Layer

The perception layer comprises of every single physical objects of the IoT that are in charge of information collection and exchange e.g., sensors, meters, Zigbee, RFID frameworks, QR code and GPS systems 22. The security threats are at the node level in the perception layer. Most of the security issues arise from the external entities such as embedded sensors, actuators etc. in the perception layer 26. Since the nodes are comprised of embedded sensors, actuators, transceivers etc., they become the prime targets of the attackers who aim to exploit them and try to substitute their own codes with the device software. Generally IoT devices lack battery power and memory capacity so they are simple, less powerful and light weight and are likely to run out of power or affected by other external environment factors which could harm the functionality of these devices, making it vulnerable to security attacks. Denial of service attack, fake node or malicious data, jamming, tampering, node capture etc. are most common attacks that occur in physical layer 5.

4.2 Middleware Layer

The middleware layer is an advanced layer above the network layer which does the mass data processing and make intelligent decisions. It utilizes the advancements of technologies like cloud computing, big data processing and database. The layer has characteristics of processing massive amount of data hence it become difficult sometimes to manage huge data. The layer is capable of filtering valid and malicious data. However, to recognize valid data and filter out malicious information is a major issue in this layer 27. The problem of handling suspicious information is another issue in this layer. The attacker can replace the data with the malicious information and can obtain lists of valid data and network informations. It can transmit the invalid or malicious information to the network that can lead to the failure or completely shut down of the network. Multi-party authentication for the resource constrained devices and securely data storing in the cloud are some of the prime concerns in this layer.

4.3 Network Layer

Since the network layer carries a large amount of data it is highly susceptible to attacks which can lead to “network congestion” 28. The core security issues in this layer are related to authentication and integrity of the data that are being transmitted in the network. Despite the relatively better security protection in the network layer, it is still vulnerable to counterfeit attack and Man-in-the-Middle attack 27. The most common attacks that occur in the network layer are as follows:

4.3.1 Replay attacks

In replay attacks, an intruder copies a fragment or key of the messages that are being exchanged between the two parties and steals the information. The authenticated information is then re-transmitted maliciously to the receiver for an evil purpose, such as duplicate transactions 29. The authenticated message is sent again and again and the receiver processes the request believing it as a legitimate messages that meets the desire of the intruder.

4.3.2 Denial of Service (DoS) attacks

Denial of Service (DoS) is a kind of attack in which the legitimate user is prevented from accessing the emails, websites, data or network services. It is a situation in which the attackers attempt to flood the network with unwanted traffic, malicious codes and actions that weakens the network’s potential to provide the programmed service 30.

4.3.3 Man-in-the-Middle Attacks

In man-in-the-middle attack, an intruder intervenes in a communication between two parties, either to eavesdrop or to impersonate both parties and gains access to information of the communicating parties. The motive of the attack is to steal personal information, alter the message or data that are believed to be received from the trusted parties 31. For instance, the recorded temperature by a sensor in IoT can be altered intentionally by the attacker to overheat the device, which lead to the failure of the working device.

4.3.4 Malicious Code Injection

In malicious code injection, an attacker captures a working node and injects it with malicious-codes to gain access and control of the network. Sometimes it could also lead to the shutdown of the network 32.

4.3.5 Distributed Denial of Service (DDoS)

A DDoS attack is a DoS attack in which a node is targeted by multiple compromised node by flooding the network with useless messages and malicious codes causing the unavailability of the service for the targeted users. The targeted networks are forced to slow down and often shut down leading to denial of service to the legitimate users.

4.4 Application Layer

The application layer includes smart devices that provide personalized services to the users. These devices are usually simple, low power and lightweight that are vulnerable to the attacks. Malicious attacks can replace the program codes with the bugs that may provoke the application to malfunction. Hence, the applications may compromised, shut down and fail to deliver what is programmed to do and also carry out authenticated services in inappropriate way. Application layer is responsible for data sharing, which can cause the problem of access control, privacy of data and leakage of information 27. Software vulnerabilities, spear-phishing attack, malicious code attacks, inability to receive security patches, hacking into the smart meter/grid are some of the common threats in the application layer 28.

5 Challenges And Security Requirements For IoT

5.1 Challenges in securing IoT

Every new technology probably has some drawbacks and suffers from many challenges before and after they are deployed. Likewise, the Internet of Things also has some major challenges which make the user hesitant to accept this technology. Some of the challenges of IoT are discussed below:

5.1.1 Bandwidth and Power Consumption

Generally IoT devices are designed to be lightweight, less powerful, less memory and small in size and they are not equipped with a large battery. IoT contains many interconnected devices and sensors to execute the programmed functionality with substantial security directions which may consume high bandwidth and drain out the devices. IoT systems should be well prepared with a concrete mechanism when there’s any such unavailability of internet bandwidth. Therefore, the minimization of bandwidth and power consumption remains a major challenges in the IoT.

5.1.2 Complexity

The Internet of Things consist of a network of internet-connected physical devices that have their own hardware/software layers and different system architectures for different purposes. All of these interconnected devices that are equipped with different sensors, actuators, protocols and standards accumulate together to execute the programmed function. Hence, it becomes more complex and hard to deal with this heterogeneous architecture in IoT systems 33.

5.1.3 Sensing

Internet of Things (IoT) consist of several internet-connected physical devices. IoT systems should be able to detect any loss of connectivity among the devices. The IoT system should be equipped with concrete sensing mechanism that could give the information about these devices e.g., if there are any device failure inside the network or if the device has lost connectivity with the network 33. Monitoring of these several smart devices continuously and getting back them to the network again for connectivity after it had suffered from device failure or connectivity problems are also challenges for the Internet of Things.

5.1.4 Lightweight Computing

Since IoT devices normally have less memory capacity, traditional cryptographic-algorithms cannot be applied to the IoT system. Advanced cryptographic algorithms have high computing, storing and processing requirements which cannot be supported by IoT devices as they are resource constrained. Therefore, to find a way to implement required security mechanisms with low cost and minimum overhead is necessary for Internet of Things.

5.2 Security requirements for IoT

Security and privacy issues are the biggest concern for the IoT therefore, a detailed and accurate comprehension of security requirements in the aspect of IoT is crucial. Zhao et al. 5 proposed some security requirements for secure IoT data transmission, which comprise: authentication and access control, appropriate secret key algorithms, physical security design, key management, secure routing protocols and intrusion detection technology. Weber et al. 34 have likewise proposed security requirements for secure IoT that include: access control, client Privacy, data authentication and attack resiliency. Vasilomanolakis et al. 35 proposed security requirements that are categorized as: identity management, network security, resilience, privacy and trust. Earlier technologies like big data and cloud computing are probable to impart security services to the Internet of Things but the anomaly of the IoT acquaints additional problems to security which are not quite as same as the earlier technologies. Big data solutions for example are intended to scale and manage heterogeneity of information sources. The solution was not designed to manage constrained resources and uncontrolled environment 35. Similarly, Cloud computing are designed to scale and meet the requirements of the constrained resources and barely deals with the physical accessibility of sensors and mobility of devices 35. Some of the desired security service that are necessary for safeguarding the Internet of Things are discussed below:

5.2.1 Confidentiality

The confidentiality is a type of security services that prevent the unauthorized users from gaining access of the confidential data and information. It guarantees that the private information will not be diverted to the intruder and can only be gained by legitimate users. Different mechanisms and protocols have been proposed in the context of Internet of things to provide confidential service to the sensitive IoT data. Data Encryption, authentication and authorization process are some good practices to ensure confidentiality 36.

5.2.2 Availability

The aim of the security services is to ensure the availability of data and services to the user, whenever required. Data availability is a security service that enables the user to access the information in the ordinary conditions as well as in the lamentable conditions. One of the serious threat to the data availability is DoS attack, which causes deny of service and make the data unavailable for the user 37.

5.2.3 Integrity

The integrity of the data is one of the important security services in IoT systems because the interconnected devices exchange sensitive information that could be altered or replaced by the attackers. The data integrity service ensures that the information which is being exchanged between the devices are originals and are not fabricated or modified by the hackers. There are different entities that can affect the originality of the data such as crashing of the server, failure of the sensor nodes etc. The data can also be modified by the intruders when it is being transmitted in the network. Read and write protection of data could be the solutions for such issues. Checksum and Cyclic Redundancy Check (CRC) are some basic error detection techniques for a segment of data to check the originality and accuracy of the data 3.

6 Security Solutions For IoT


Table 2: list of security challenges, issues/attacks in existing IoT systems
Security attacks/threats unique ID Security issues/ attacks
C1 Node capture, Fake node, Mass node authentication

C2
threats involving the node security

C3
RFID security problems

C4
confidentiality service, key management

C5
lightweight authentication and key establishment in wireless sensor networks (WSNs)

C6
encryption and data integrity

C7
Distributed Denial of Service (DDoS) attackse

C8
masquerade attack, man-in-the-middle attack and replay attack

C9
Data access and authentication issues, DoS attacks, secured communication session

C10
peer authentication

C11
lightweight cryptographic algorithms, store IoT data securely on the cloud database

C12
data authentication between the cloud and the smart devices

C13
access control and authorization issues in interconnected devices

C14
flexibility issues in authorization framework

C15
inter-device authentication issues and session-key distribution issues
C16 security policy to address the privacy and security challenges

C17
users privacy protection

Usually IoT devices communicate among themselves with negligible human interaction therefore mutual authentication is a critical aspect of the paradigm. The IoT devices are certainly designed for everyday usage and are generally used for gathering, storing and analyzing personal data. Therefore, the devices should have the feature of being able to be controlled remotely and to support regular and automatic updates as well. Authentication and access control schemes should be applied in perception layer to prevent illegal node access and to identify network nodes 25. Data encryption and confidentiality schemes are extremely necessary to protect the collected data from modification and to prevent from malicious code injection. However, adding a strong data encryption and key management scheme would result in consuming resources of the IoT devices considerably. So, lightweight cryptographic algorithms and protocols are necessary to mitigate this problem. Intrusion detection systems can be implemented to detect any malicious behaviours in the network 32. Several methods have been proposed in the past for securing the IoT devices and networks. We have concisely compared and analyzed the existing security solutions proposed in the recent literature which are discussed in the table 3.

Author and References Addressed security solution Layers Issues Addressed Proposed Solutions Pros and Cons of the existing solution
Chen et al. 38 Perception Layer addressed the challenges mentioned in "C1" by identifing the compromised sensors in the wireless sensor networks proposed a detection algorithm in which the sensors can identify their status in the distributed environment as "good" or "faulty"
maximum accuracy and minimum false rate, complexity of the algorithm is low

Li et al. 39
Perception Layer addressed the challenges mentioned in "C2" by detecting threats involving the node security in IoT systems improvement on the PKI-like security mechanism protocol
improved security mechanism

Aggarwal et al. 40
Perception Layer addressed the challenges mentioned in "C3", RFID security proposed an improved protocol for Radio Frequency Identification (RFID) security computationally efficient, prevent disclosure and desynchronization attacks.

Salami et al. 41
Perception Layer addressed the challenges mentioned in "C4" speeding up the encryption operations lightweight encryption scheme more efficiency and reduced communication cost

Porambage et al. 42
Perception Layer addressed the challenges mentioned in "C5", resource constrained wireless sensor networks (WSNs) in distributed IoT application
(PAuthKey) Pervasive authentication protocol and a key establishment scheme end-users can authenticate themselves to the sensor nodes directly and acquire sensed data and services
Table 3: Table of pros and cons of the addressed security challenges,issues/attacks in Perception Layer of existing IoT systems
Author and References Addressed security solution Layers Issues Addressed Proposed Solutions Pros and Cons of the existing solution
Raza et al. 43 Network Layer addressed the challenges mentioned in "C6", to authenticate, encrypt and check the integrity of the messages a mechanism that supports End to End secure communication between the Internet and IP sensor networks
more secure and efficient

Zhang et al. 44
Network Layer addressed the challenges mentioned in "C7", DDoS attacks an algorithm to prevent DDoS attacks Effective for detecting and preventing DDoS

Salman et al.45
Network Layer addressed the challenges mentioned in "C8", identity-based authentication a novel IoT heterogeneous identity-based authentication scheme by applying the idea of Software Defined Networking (SDN) on IoT devices
resistant to man-in-the-middle attack, masquerade attack and replay attack

Santos et al. 46
Network Layer addressed the challenges mentioned in "C9", authentication problem to communicate with resource constrained device architecture for secure communication between constrained IoT devices using Datagram Transport Layer Security (DTLS)
prevents DoS attacks secure communication session

Hummen et al.47
Network Layer addressed the challenges mentioned in "C10", peer authentication in the IoT using certificates and lightweight security solutions
overhead reduction

Table 4: Table of pros and cons of the addressed security challenges, issues/attacks in Network Layer of existing IoT systems

6.1 Security solutions in the Perception Layer

Perception layer comprises of various sensors devices,Radio Frequency IDentification RFID, Wireless Sensor Networks (WSNs), GPS etc. Node capturing, attacks on the embedded sensors, Cryptographic Algorithm & Key Management Mechanism are some prime targets of the attackers in this layer. Chen et al. 38 proposed an algorithm to identify the compromised sensors in the wireless sensor networks. The author proposed the detection algorithm in which the sensors can identify their status in the distributed environment as “good” or “faulty”. The status claimed by these sensors can be verified as accepted or rejected by the neighbouring nodes as they are capable of analysing the node behaviour. The experiment results showed that the proposed system has maximum accuracy and minimum false rate in detecting the faulty sensors in the WSNs. Also, the complexity of the algorithm is low. Li et al. 39 has pointed out the security issues in the perception layer and also some solutions to the issues are deliberated. The author has proposed an improvement on the PKI-like security mechanism protocol for the threats involving the node security in IoT systems. Aggarwal et al. 40 proposed an improved protocol for Radio Frequency Identification (RFID) security. The perception layers comprises of RFID tags in IoT system for gathering data and data communication between the connected devices. The author proposed an improved protocol that is computationally efficient and also prevent disclosure and desynchronization attacks.

Salami et al. 41 discussed confidentiality service, key management and efficiency of computation and communication issues by introducing a lightweight encryption scheme for smart homes. The scheme is effective for resource constrained devices and has flexible public key management. The result shows that the scheme is more efficient in the encryption operations and has reduced communication and computation overhead. Public key algorithm has high scalability and are considered favourable for node authentication without the need of complicated key management protocols 36. Porambage et al. 42 proposed PAuthKey which is a pervasive lightweight authentication and key establishment scheme in distributed IoT application for the resource constrained wireless sensor networks (WSNs). PAuthKey scheme allows the end-users to establish secure connection, gain access to data and services and authenticate themselves directly with the sensor nodes. The security analysis and experimental results showed that the scheme is effective for the resource constrained WSN.

The authors 38 39 have proposed solutions for the threats involving node security in the perception layer. The author 38 have proposed an algorithm to detect the faulty and compromised nodes while the author in 39 have proposed an improvement on the PKI-Like security meachanism. The author 41 proposed an improved protocol for the RFID security that is embedded in the IoT devices. The author 41 have proposed encryption and key management schemes to provide security solutions in the perception layer. The encryption mechanism is fast, efficient, reduced communication and computation overhead. The authors4041 have provided security solutions for resource-constrained device by proposing lightweight encryption techniques along with flexible public key management in 40 and lightweight authentication and key establishment schemes in 41.

6.2 Security solutions in the Network Layer

Network layer is responsible for transmitting and processing the sensors data. Since it carries a large amount of data, it is highly prone to security attacks such as DoS, Man in the middle, DDoS attacks etc. Raza et al. 43 proposed a mechanism that supports End to End secure communication between the Internet and IP sensor networks. The proposed work features IPsec’s Authentication Header (AH) and Encapsulation Security Payload (ESP) that enables the endpoints to authenticate, encrypt and check the integrity of the messages using traditional IPv6 mechanisms. Zhang et al. 44 proposed a lightweight algorithm to prevent against DDoS attacks over IoT network environment. The author has tested the algorithm against different groups of network nodes such as working node, attacker node, monitoring node and legitimate user node. The author also describes that there’s only one chance for an attacker’s request to be served after that the packets will be dropped and the request is sent to the attacking list in the second attempt. The results showed that the proposed algorithm is capable of preventing and detecting Distributed Denial of Service attacks compared to the other existing systems.

Salman et al.45 discussed authentication techniques as one of the feature that would mitigate the security issues in IoT. They proposed identity-based authentication scheme to address the heterogeneity in IoT and to integrate the different protocols in IoT by applying the concept of Software Defined Networking (SDN) on IoT devices. The effectiveness of this scheme was tested using AVISPA tool and the evaluation showed that the scheme is immune to masquerade attack, man-in-the-middle attack, and replay attack. Santos et al. 46 introduced a mutual authentication architecture that allows resource constrained devices to use Datagram Transport Layer Security (DTLS) for secure communication between the internet devices. The author also proposed a device called Internet of Things Security Support Provider (IoTSSP) which manages the certificates of the devices, provide authentication services and also responsible for establishing the session between the devices. The author also introduced two new main mechanisms i.e. Optional Handshaking Delegation and the Transfer of Session that prevents DoS attacks and also provide secured communication session. Similarly, Hummen et al.47 investigated the assumption of using certificates and lightweight security solutions for peer authentication in the IoT. The author also analysed the preliminary overhead reduction and discuss their applicability for the certificate-based DTLS handshake. The author designed three main ideas to reduce the overheads of the DTLS handshake which are based on session resumption, pre-validation and handshake delegation.

The authors 4446 have proposed different solutions against DoS, replay, man-in-the-middle and other attacks in the network layer. The author 44 has tested the algorithm in different group of working nodes and are capable of detecting and preventing Distributed Denial of Service (DDoS) attacks whereas the author 46 make use of mutual authentication architecture that allows resource constrained devices to use Datagram Transport Layer Security (DTLS) to prevent DoS attacks. The authors 4446 make use of DTLS to provide authentication service in the network layer. The author in 45 introduced two new main mechanisms i.e. Optional Handshaking Delegation and the Transfer of Session that prevents DoS attacks whereas the author 47 designed three main ideas to reduce the overheads of the DTLS handshake which are based on session resumption, pre-validation and handshake delegation.

6.3 Security solutions in the Middleware Layer

The middleware layer is responsible for information retrieval and processing and make decisions based on these processed results. Multi-party authentication, securely data storing in the cloud are some of the prime concerns in this layer. Tsai et al. 48 discussed the access control and authentication security concerns and proposed a user authentication technique over multiple servers. The communication and computational time between the multiple cloud service providers and traditional trusted third party service is reduced in the proposed scheme. The proposed scheme enables multiple cloud services from multiple service providers using one key and shows the scheme is efficient and secure. Shafagh et al. 49 introduced an Encrypted Query Processing approach that enable the system to store IoT data securely on the cloud database and allow query processing over the encrypted data. They make use of lightweight cryptographic algorithms for the resource constrained devices and the results showed that the system is efficient in database query processing and effective on low power and resource constrained devices. Horrow et al. 50 proposed an identity management framework to authenticate data that are being transmitted between the cloud and the smart devices by placing an Identity Manager and Service Manager on the devices.

Author and References Addressed security solution Layers Issues Addressed Proposed Solutions Pros and Cons of the existing solution
Tsai et al. 48 Middleware Layer addressed the challenges mentioned in "C11", Access and Authentication Control Proposed a user authentication technique over multiple servers Access multiple cloud services from multiple service providers using one key

Shafagh et al. 49
Middleware Layer addressed the challenges mentioned in "C12", store IoT data securely on the cloud database introduced an Encrypted Query Processing approach to store IoT data securely on the cloud database and allow query processing over the encrypted data efficient in database query processing and effective on low power and resource constrained devices

Horrow et al. 50
Middleware Layer addressed the challenges mentioned in "C13", to authenticate data that are being transmitted between the cloud and the smart devices by placing an Identity Manager and Service Manager on the devices the protocols to develop the method have not yet been implemented
Table 5: Table of pros and cons of the addressed security challenges, issues/attacks in Middleware Layer of existing IoT systems

6.4 Security solutions in the Application Layer

The application layer includes smart devices that provide application specified services to the users. Each of these devices are usually simple, light weight and resource-constrained that are vulnerable to the attacks. Seitz et al.51 discussed access control and authorization in interconnected devices and proposed a framework that supports flexible access control and authorization for devices with low memory and processing power. The proposed framework provides remarkable flexibility for the access control models and minimize the communication cost when processing the exchanged message between the constrained and less constrained servers. Cirani et al. 52 proposed IoT-OAS architecture to provide an authorization framework targeting HTTP/CoAP services, which can be integrated by invoking an external oauth-based authorization service (OAS). The proposed architecture is flexible and easy to integrate with external services and has the benefits in terms of low processing load, scalability and remote access customization.

Park et al. 53 proposed an inter-device authentication techniques and session-key distribution framework for secure communication between the devices. The proposed technique is capable of estimating the session key in prior that prevented attacks such as man-in-the-middle and replay attacks. Neisse et al 54 proposed a security policy to address the privacy and security challenges for the communication between the devices. The proposed policy provided optimal communication between the IoT devices. Tao et al. 55 proposed a mechanism for privacy protection that is preference-based for the IoT. Data and information privacy is one of the major concern in the application layer. The proposed mechanism introduces a trusted third party that evaluate the privacy preference of the users. The evaluated results and feedback are then sent to the service provider of the Internet of Things (SP). SP ensure desirable level of user privacy according to their preference and the third party provide supervision to the SP. The authors 515253 have proposed different frameworks as security solutions in the application layer. The author 5152 have proposed access control models while in 52

authorization framework targeting HTTP/CoAP services is proposed. The security of the network cannot alone guarantee the security attack in the IoT so the devices should also be manufactured with built-in security and patches. The security of IoT Systems can be further enhanced by applying Machine Learning / Artificial Intelligence Techniques and jamming techniques (Jamming the signal of the malicious nodes).

Author and References Addressed security solution Layers Issues Addressed Proposed Solutions Pros and Cons of the existing solution
Seitz et al.51 Application Layer addressed the challenges mentioned in "C14", access control and authorization issues in the resource constrained devices proposed authorization framework, the decisions are based on local data and device’s local conditions
significant flexibility to the access control models

Cirani et al.52
Application Layer addressed the challenges mentioned in "C15", provide an authorization framework an architecture IoT-OAS targeting HTTP/CoAP services flexible, highly configurable, and easy to integrate with existing services, lower processing load

Park et al. 53
Application Layer addressed the challenges mentioned in "C16", to provide secure things-to-things communication suggested an inter-device authentication and session key distribution system Prevented replay attacks, man-inthe-middle attacks, estimated the session key in prior

Neisse et al 54
Application Layer addressed the challenges mentioned in "C17", privacy and security challenges for the communication between the devices an enforcement security policy is suggested for addressing the privacy and security challenges provided optimal communication between the IoT devices

Tao et al. 55
Application Layer addressed the challenges mentioned in "C18", privacy protection of the user proposed a mechanism for privacy protection that is preference-based for the IoT ensure desirable level of user privacy, not clear whether SP could perform supervision

Table 6: Table of pros and cons of the addressed security challenges, issues/attacks in Application Layer of existing IoT systems

7 Future research area

The development in the IoT systems will continue to evolve with more security and privacy challenges and to tackle these problems will always be the primary focus of the research in the advance IoT sytems. It can be seen from table 2 that most of the security solutions for IoT are focused on authentication and authorization techniques. The security concern should not focus only on particular area or IoT layer but for the entire system. The proposed authentication and authorization techniques in the recent literature are still compromised for the resource constrained devices. There are more research to be done on the implementation of authentication techniques for resource constrained IoT devices that would be light-weight, energy-aware, fast and reliable. The investigation on Denial of Service attacks (DoS) that can manifest in IoT networks and a robust model that can quickly detect and eliminate such attacks is still in nascent stage. Generally, IoT devices are interconnected to the unreliable network via protocols like 6LoWPAN and IPv6. Despite of the good encryption and authentication mechanism, the devices might get exposed to the attacks from inside and outside the network. To counter these attacks, an intrusion detection technique could be useful. Abduvaliyev et. al 56 surveyed the recent work done on intrusion detection systems and found most of the work proposed are for wireless sensor networks. The author presented a detailed classification of IDS techniques deployed in recent literatures. The author highlighted the shortcomings of the currently employed intrusion detection systems and defined possible future attacks. The survey also gives an idea of future research directions that are still needed to fill the gaps.

From our study, there are not many intrusion detection systems approach available for IPv6 connected IoT devices. The available IDS approaches are available mainly for WSNs or traditional Internet. Raza et. al 57 have designed an intrusion detection system called SVELTE that mainly target attacks such as sinkhole, selective-forwarding, altered information etc. The system is also capable of detecting malicious nodes and ring alarms during any detection. The design is suitable for the resource constrained devices. Smart phone users are continuously getting threatened by the malicious applications that get inside the device without any knowledge. These are generally termed as malware. The smart devices are highly prone to such malwares. Malwares are serious threats to user privacy and can damage the stored files and devices. Saracino et. al 58 have proposed a novel malware detection system called MADAM for android devices that are designed to detect any malicious behaviours. The system simultaneously analyses and block any malicious behaviours at four levels: kernel, suer, application and package. The author tested MADAM on three large datasets of 2800 apps and the proposed system efficiently blocks nearly 96% of malicious apps with minimal power usage.

Overall, from our study we found security gaps in IoT architecture, lightweight security solutions and managing huge heterogeneous data. Security requirements for IoT are application specific. However, we can design a standard framework that can be customizable according to the application requirements. We can apply some ideas of software engineering in which we can summarize the similarities of these IoT applications and design a common framework that can provide the necessary security solutions to these applications.

Lightweight security solutions will always be the future research direction due to resource constrained nature of IoT. Therefore, lightweight security concerns are noteworthy part that has to be well addressed before deploying advanced Internet of Things (IoT) systems. The security solutions such as key management, authentication, authorization, access control etc. should be energy aware and lightweight. The application computation and security requirements can be divided in different levels. Furthermore, we can add some default solutions to each levels so that it can satisfy the particular necessities of the levels. In this way the algorithm proposed in these levels can be modified to benefit the IoT system. Sometimes, remote authentication server might be required when there’s unavailability of data because of the natural disaster and other factors. This has been a serious concern in the IoT system. Huang et al. 59 proposed two solutions to authenticate users from the remote locations. The first solution is a multi-factor authentication scheme that authenticates users by using passwords, biometrics and smart-cards. The other solution is a stand-alone authentication protocol which supports the authentication of the users even if the remote server is down. The proposed techniques have shown are efficient and reduced communication overhead compared to other solutions.Similarly, IoT devices used in smart homes are vulnerable to many attacks. The devices are preloaded with secret keys which the users usually do not update while installing at homes. Therefore, it become easy for the attackers to hijack the wireless communications. The users might not be aware of this situation hence suffers from privacy issues. To address these problems Zhang et. al 60 have proposed a matrix based cross-layer key establishment protocol. The protocol enables smart home appliances to establish a secret session key among themselves without the use of preloaded secret keys. The protocol is promising in achieving secret session key with minimal energy consumption and without the need of pre-shared keys. Similarly some efficient authentication protocols 61, 62, 63 and abuse-free contract signing protocol with low-storage cost 64 are proposed for various applications of IoT. Eventually, we may be ready to give a general unique IoT security system.

IoT system produces huge amount of heterogeneous data each second. The efficient approach to manage these huge data produced by IoT systems is also focus of our research in future. We can apply technologies such as big data, cloud and fog computing for the massive information exchange in the network. The technologies are efficient in managing heterogeneous huge data securely and efficiently. Fog computing is a novel paradigm that work closely to the edge of the network. The concept of fog computing is quite similar to the cloud computing that provides services such as data storage, massive data computing, application services etc. It has really re-defined the concept of cloud computing. Stojmenovic et al. 65 have discussed the authentication and authorization techniques that can be implemented in Fog computing. A recent work of 10 explains what could be the security issues in the fog computing communications and lists some possible research directions to address these issues. A security scenario of fragile connection between the cloud and fog computing is also addressed by the author with an example of authentication techniques. Therefore, it would be a good idea to apply big data, cloud and fog computing solutions on IoT systems to get comprehensive security solutions for the applications.

Another interest research direction to look at is to combine formal methods with machine learning to detect possible security vulenrabilies in different layers of IoT applications. Formal method is able to provide a rigorous mathematical and logical guarantees for the safety and security properties of a given IoT application 66, 67, 68. Though there are many restrictions in the approach (e.g., state space explosion, high cost of maintenance, and require non-trivial learning curve) perceptions, recent work in the formal methods have improved to a practical level to address security issues both at development and runtime 69, 70, 71, 72, 73, 74. Also machine learning has been increasingly used by both professionals and academics for various aspects in IoT 75, 6 and they can be used in combination with formal methods to provide rigorous yet scalable security guarantee for mission-critical IoT applications.

8 Conclusion

The capacity and intelligence of IoT devices is wide open, like their exploitation.There is lack of standardization in the IoT market therefore every single connection could make the network vulnerable. A standard architecture design for IoT is still an open issue. In this survey, we have higlighted the security and privacy issues in IoT systems. We have also reviewed the general architecture of IoT and examined the security issues at each layer in the IoT protocol stack i.e. perception layer, network layer and application layer. The paper also addressed the major challenges in securing IoT and discussed the security services requirements in IoT. Also, we have concisely presented an overview of existing approaches for securing the IoT systems. There’s no consensus on the mechanism to implement security on resource constrained IoT devices. The traditional network protocols and security mechanisms in IoT need to be upgraded to meet the security requirements of this technology. Therefore, security and privacy concerns are noteworthy part that has to be well studied before developing more advanced Internet of Things (IoT) systems.

References

  • 1 Weber Rolf H. Internet of things–Need for a new legal environment?. Computer law & security review. 2009;25(6):522–527.
  • 2 Singh Dhananjay, Tripathi Gaurav, Jara Antonio J. A survey of Internet-of-Things: Future vision, architecture, challenges and services. In: :287–292IEEE; 2014.
  • 3 Khan Rafiullah, Khan Sarmad Ullah, Zaheer Rifaqat, Khan Shahid. Future internet: the internet of things architecture, possible applications and key challenges. In: :257–260IEEE; 2012.
  • 4 Atzori Luigi, Iera Antonio, Morabito Giacomo. The internet of things: A survey. Computer networks. 2010;54(15):2787–2805.
  • 5 Zhao Kai, Ge Lina. A survey on the internet of things security. In: :663–667IEEE; 2013.
  • 6 Zhang Chao, Wu Xiaopei, Zheng Xi, Yu Shui. Driver Drowsiness Detection using Multi-Channel Second Order Blind Identifications. IEEE Access. 2019;.
  • 7 Bhandari Babin, Lu JianChao, Zheng Xi, Rajasegarar Sutharshan, Karmakar Chandan. Non-invasive sensor based automated smoking activity detection. In: :845–848IEEE; 2017.
  • 8 Abkenar Amin B, Loke Seng W, Zheng James Xi, Zaslavsky Arkady. Service-Mediated On-Road Situation-Awareness for Group Activity Safety. In: :478–481ACM; 2017.
  • 9 Lu Jianchao, Wang Jiaxing, Zheng Xi, Karmakar Chandan, Rajasegarar Sutharshan. Detection of Smoking Events from Confounding Activities of Daily Living. In: :39ACM; 2019.
  • 10 Yu Dongjin, Jin Yike, Zhang Yuqun, Zheng Xi. A survey on security issues in services communication of Microservices-enabled fog applications. Concurrency and Computation: Practice and Experience. 2018;:e4436.
  • 11 Pan Lei, Zheng Xi, Chen HX, Luan T, Bootwala Huzefa, Batten Lynn. Cyber security attacks to modern vehicular systems. Journal of information security and applications. 2017;36:90–100.
  • 12 Zheng Xi, Pan Lei, Yilmaz Erdem. Security analysis of modern mission critical android mobile applications. In: :2ACM; 2017.
  • 13 Radhappa Harish, Pan Lei, Xi Zheng James, Wen Sheng. Practical overview of security issues in wireless sensor network applications. International journal of computers and applications. 2018;40(4):202–213.
  • 14 Zheng Xi, Pan Lei, Chen Hongxu, Di Pietro Rick, Batten Lynn. A testbed for security analysis of modern vehicle systems. In: :1090–1095IEEE; 2017.
  • 15 Zhang Ning, Xu Guangquan, Meng Guozhu, Zheng Xi. SoProtector: Securing Native C/C++ Libraries for Mobile Applications. In: :417–431Springer; 2018.
  • 16 Zheng Xi, Pan Lei, Chen Hongxu, Wang Peiyin. Investigating security vulnerabilities in modern vehicle systems. In: :29–40Springer; 2016.
  • 17 Kanuparthi Arun, Karri Ramesh, Addepalli Sateesh. Hardware and embedded security in the context of internet of things. In: :61–64ACM; 2013.
  • 18 Scientech IoT Builder. ;.
  • 19 Gartner Press Release. ;.
  • 20 Montenegro Gabriel, Kushalnagar Nandakishore, Hui Jonathan, Culler David. Transmission of IPv6 packets over IEEE 802.15. 4 networks. : ; 2007.
  • 21 Association IEEE Standards, others . P2413–Standard for an Architectural Framework for the Internet of Things (IoT). Institute of Electrical and Electronics Engineers, New York. 2016;.
  • 22 Jing Qi, Vasilakos Athanasios V, Wan Jiafu, Lu Jingwei, Qiu Dechao. Security of the internet of things: Perspectives and challenges. Wireless Networks. 2014;20(8):2481–2501.
  • 23 Things Global Standards Initiative Internet, others . International Telecommunication Union. Retrieved Feb. 2016;17.
  • 24 Adat Vipindev, Gupta BB. Security in Internet of Things: issues, challenges, taxonomy, and architecture. Telecommunication Systems. 2017;:1–19.
  • 25 Saadeh Maha, Sleit Azzam, Qatawneh Mohammed, Almobaideen Wesam. Authentication techniques for the internet of things: A survey. In: :28–34IEEE; 2016.
  • 26 Suo Hui, Wan Jiafu, Zou Caifeng, Liu Jianqi. Security in the internet of things: a review. In: :648–651IEEE; 2012.
  • 27 Kraijak Surapon, Tuwanut Panwit. A survey on internet of things architecture, protocols, possible applications, security, privacy, real-world implementation and future trends. In: :26–31IEEE; 2015.
  • 28 Kumar Sathish Alampalayam, Vealey Tyler, Srivastava Harshit. Security in internet of things: Challenges, solutions and future directions. In: :5772–5781IEEE; 2016.
  • 29 Turkanović Muhamed, Brumen Boštjan, Hölbl Marko. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks. 2014;20:96–112.
  • 30 Padmavathi Dr G, Shanmugapriya Mrs, others . A survey of attacks, security mechanisms and challenges in wireless sensor networks. arXiv preprint arXiv:0909.0576. 2009;.
  • 31 Padhy Rabi Prasad, Patra Manas Ranjan, Satapathy Suresh Chandra. Cloud computing: security issues and research challenges. International Journal of Computer Science and Information Technology & Security (IJCSITS). 2011;1(2):136–146.
  • 32 Fulare Priyanka S, Chavhan Nikita. False data detection in wireless sensor network with secure communication. International Journal of Smart Sensors and AdHoc Networks (IJSSAN). 2011;1.
  • 33 Talwana Jonathan Charity, Hua Huang Jian. Smart World of Internet of Things (IoT) and Its Security Concerns. In: :240–245IEEE; 2016.
  • 34 Weber Rolf H. Internet of things: Privacy issues revisited. Computer Law & Security Review. 2015;31(5):618–627.
  • 35 Vasilomanolakis Emmanouil, Daubert Jörg, Luthra Manisha, Gazis Vangelis, Wiesmaier Alex, Kikiras Panayotis. On the Security and Privacy of Internet of Things Architectures and Systems. In: :49–57IEEE; 2015.
  • 36 Miorandi Daniele, Sicari Sabrina, De Pellegrini Francesco, Chlamtac Imrich. Internet of things: Vision, applications and research challenges. Ad Hoc Networks. 2012;10(7):1497–1516.
  • 37 Bhabad Mayuri A, Bagade Sudhir T. Internet of things: architecture, security issues and countermeasures. International Journal of Computer Applications. 2015;125(14).
  • 38 Chen Jinran, Kher Shubha, Somani Arun. Distributed fault detection of wireless sensor networks. In: :65–72ACM; 2006.
  • 39 Li Zhihua, Yin Xi, Geng Zhenmin, et al. Research on PKI-like Protocol for the Internet of Things. In: :915–918IEEE; 2013.
  • 40 Aggarwal Renu, Das Manik Lal. RFID security in the context of internet of things. In: :51–56ACM; 2012.
  • 41 Al Salami Sanaah, Baek Joonsang, Salah Khaled, Damiani Ernesto. Lightweight encryption for smart home. In: :382–388IEEE; 2016.
  • 42 Porambage Pawani, Schmitt Corinna, Kumar Pardeep, Gurtov Andrei, Ylianttila Mika. PAuthKey: A pervasive authentication protocol and key establishment scheme for wireless sensor networks in distributed IoT applications. International Journal of Distributed Sensor Networks. 2014;10(7):357430.
  • 43 Raza Shahid, Duquennoy Simon, Chung Tony, Yazar Dogan, Voigt Thiemo, Roedig Utz. Securing communication in 6LoWPAN with compressed IPsec. In: :1–8IEEE; 2011.
  • 44 Zhang Congyingzi, Green Robert. Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network. In: :8–15Society for Computer Simulation International; 2015.
  • 45 Salman Ola, Abdallah Sarah, Elhajj Imad H, Chehab Ali, Kayssi Ayman. Identity-based authentication scheme for the internet of things. In: :1109–1111IEEE; 2016.
  • 46 Santos Giederson Lessa, Guimaraes Vinicius Tavares, Cunha Rodrigues Guilherme, Granville Lisandro Zambenedetti, Tarouco Liane Margarida Rockenbach. A DTLS-based security architecture for the Internet of Things. In: :809–815IEEE; 2015.
  • 47 Hummen René, Ziegeldorf Jan H, Shafagh Hossein, Raza Shahid, Wehrle Klaus. Towards viable certificate-based authentication for the internet of things. In: :37–42ACM; 2013.
  • 48 Tsai Jia-Lun, Lo Nai-Wei. A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE systems journal. 2015;9(3):805–815.
  • 49 Shafagh Hossein, Hithnawi Anwar, Dröscher Andreas, Duquennoy Simon, Hu Wen. Poster: Towards encrypted query processing for the Internet of Things. In: :251–253ACM; 2015.
  • 50 Horrow Susmita, Sardana Anjali. Identity management framework for cloud based internet of things. In: :200–203ACM; 2012.
  • 51 Seitz Ludwig, Selander Göran, Gehrmann Christian. Authorization framework for the internet-of-things. In: :1–6IEEE; 2013.
  • 52 Cirani Simone, Picone Marco, Gonizzi Pietro, Veltri Luca, Ferrari Gianluigi. Iot-oas: An oauth-based authorization service architecture for secure services in iot scenarios. IEEE sensors journal. 2015;15(2):1224–1234.
  • 53 Park Namje, Kang Namhi. Mutual authentication scheme in secure internet of things technology for comfortable lifestyle. Sensors. 2015;16(1):20.
  • 54 Neisse Ricardo, Steri Gary, Baldini Gianmarco. Enforcement of security policy rules for the internet of things. In: :165–172IEEE; 2014.
  • 55 Tao Hu, Peiran Wang. Preference-based privacy protection mechanism for the internet of things. In: :531–534IEEE; 2010.
  • 56 Abduvaliyev Abror, Pathan Al-Sakib Khan, Zhou Jianying, Roman Rodrigo, Wong Wai-Choong. On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials. 2013;15(3):1223–1237.
  • 57 Raza Shahid, Wallgren Linus, Voigt Thiemo. SVELTE: Real-time intrusion detection in the Internet of Things. Ad hoc networks. 2013;11(8):2661–2674.
  • 58 Saracino Andrea, Sgandurra Daniele, Dini Gianluca, Martinelli Fabio. Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Transactions on Dependable and Secure Computing. 2016;.
  • 59 Huang Xinyi, Xiang Yang, Bertino Elisa, Zhou Jianying, Xu Li. Robust multi-factor authentication for fragile communications. IEEE Transactions on Dependable and Secure Computing. 2014;11(6):568–581.
  • 60 Zhang Yuexin, Xiang Yang, Huang Xinyi, Chen Xiaofeng, Alelaiwi Abdulhameed. A matrix-based cross-layer key establishment protocol for smart homes. Information Sciences. 2018;429:390–405.
  • 61 Zeng Xianjiao, Xu Guangquan, Zheng Xi, Xiang Yang, Zhou Wanlei. E-AUA: An Efficient Anonymous User Authentication Protocol for Mobile IoT. IEEE Internet of Things Journal. 2018;.
  • 62 Xu Guangquan, Liu Jia, Lu Yanrong, Zeng Xianjiao, Zhang Yao, Li Xiaoming. A novel efficient MAKA protocol with desynchronization for anonymous roaming service in Global Mobility Networks. Journal of Network and Computer Applications. 2018;107:83–92.
  • 63 Xu Guangquan, Li Weisheng, Xu Rui, et al. An algorithm on fairness verification of mobile sink routing in wireless sensor network. Personal and ubiquitous computing. 2013;17(5):851–864.
  • 64 Xu Guangquan, Zhang Yao, Sangaiah Arun Kumar, Li Xiaohong, Castiglione Aniello, Zheng Xi. CSP-E2: An abuse-free contract signing protocol with low-storage TTP for energy-efficient electronic transaction ecosystems. Information Sciences. 2019;476:505–515.
  • 65 Stojmenovic Ivan, Wen Sheng, Huang Xinyi, Luan Hao. An overview of fog computing and its security issues. Concurrency and Computation: Practice and Experience. 2016;28(10):2991–3005.
  • 66 Zheng Xi, Julien Christine, Kim Miryung, Khurshid Sarfraz. On the state of the art in verification and validation in cyber physical systems. The University of Texas at Austin, The Center for Advanced Research in Software Engineering, Tech. Rep. TR-ARiSE-2014-001. 2014;1485.
  • 67 Zheng Xi, Julien Christine. Verification and validation in cyber physical systems: research challenges and a way forward. In: :15–18IEEE; 2015.
  • 68 Zheng Xi, Julien Christine, Kim Miryung, Khurshid Sarfraz. Perceptions on the state of the art in verification and validation in cyber-physical systems. IEEE Systems Journal. 2017;11(4):2614–2627.
  • 69 Zheng Xi, Julien Christine, Podorozhny Rodion, Cassez Franck, Rakotoarivelo Thierry. Efficient and scalable runtime monitoring for cyber–physical system. IEEE Systems Journal. 2018;12(2):1667–1678.
  • 70 Zheng Xi, Julien Christine, Podorozhny Rodion, Cassez Franck. Braceassertion: Runtime verification of cyber-physical systems. In: :298–306IEEE; 2015.
  • 71 Zheng Xi. Physically informed assertions for cyber physical systems development and debugging. In: :181–183IEEE; 2014.
  • 72 Zheng Xi, Julien Christine, Chen Hongxu, Podorozhny Rodion, Cassez Franck. Real-time simulation support for runtime verification of cyber-physical systems. ACM Transactions on Embedded Computing Systems (TECS). 2017;16(4):106.
  • 73 Zheng Xi, Julien Christine, Podorozhny Rodion, Cassez Franck. Braceassertion: Behavior-driven development for cps application. 2014.
  • 74 Zheng Xi, Fok Chien-Liang, Julien Christine, Khurshid Sarfraz, Kim Miryung. Brace: Assertion-driven development of cyber-physical systems applications. Tech. Report TR-ARiSE-2013-001, University of Texas at Austin. 2013;.
  • 75 Xie Haiming, Tian Guangyu, Du Guangqian, et al. A Hybrid Method Combining Markov Prediction and Fuzzy Classification for Driving Condition Recognition. IEEE Transactions on Vehicular Technology. 2018;67(11):10411–10424.