The Rise of “Internet of Things”: Review and Open Research Issues Related to Detection and Prevention of IoT-Based Security Attacks

Abstract

This paper provides an extensive and complete survey on the process of detecting and preventing various types of IoT-based security attacks. It is designed for software developers, researchers, and practitioners in the Internet of Things field who aim to understand the process of detecting and preventing these attacks. For each entry identified from the list, a brief description is provided along with references where more information can be found. However, We surveyed the current state-of-the-art IoT security solutions and focused on four main aspects: (1) handpicking representative attacks, (2) identifying potential solutions, (3) performing a threat analysis for each attack and solution, and (4) ranking solutions according to the threats they overcome. By adopting this framework, we identified five main categories of defense mechanisms: distributed denial of service detection/prevention, default password protection, encryption mechanisms, intrusion detection/prevention, and anomaly detection. These solutions are relatively mature in terms of utility and usability. However, the security analysis is conducted only concerning specific attacks, which may or may not be relevant to real-world deployment. Appropriate IoT security solutions should incorporate threat modeling while considering other factors such as resource consumption and implementation effort. Overall, evaluation of IoT security solutions is arduous due to the complexity of IoT OSes, heterogeneous IoT devices (e.g., various hardware platforms), limited availability of open-source codebases, and restrictive policies towards intellectual property disclosure. In addition, we note that there remains a lack of studies that perform a systematic evaluation of the state-of-the-art in terms of both frameworks/methodologies and mechanisms proposed.