Security of the Internet of Things: Vulnerabilities, Attacks and Countermeasures

TL;DR

This paper reviews security vulnerabilities, attacks, and countermeasures in Wireless Sensor Networks and the Internet of Things, emphasizing the importance of understanding threats for secure IoT deployment.

Contribution

It provides a comprehensive categorization and analysis of security attacks and defense techniques specific to WSNs and IoT, highlighting recent challenges and solutions.

Findings

Attacks are categorized into passive and active types.

Various prevention, detection, and mitigation techniques are discussed.

Understanding attacks aids in developing secure IoT systems.

Abstract

Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have a wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. However, owing to the absence of a physical line-of-defense, i.e. there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: "Passive Attacks" and "Active Attacks". Understanding these attacks and their associated defense mechanisms will help to pave a secure path towards the proliferation and public acceptance of IoT technology.