Risk and Threat Mitigation Techniques in Internet of Things (IoT) Environments: A Survey

TL;DR

This survey reviews current risk and threat mitigation techniques in IoT environments, emphasizing a life-cycle approach and defense-in-depth strategies to enhance security against evolving threats.

Contribution

It provides an updated, comprehensive overview focusing on mitigation strategies and challenges, filling gaps left by previous surveys on IoT security.

Findings

Highlights novel mitigation perspectives

Emphasizes life-cycle and defense-in-depth strategies

Connects mitigation steps to security principles

Abstract

Security in the Internet of Things (IoT) remains a predominant area of concern. This survey updates the state of the art covered in previous surveys and focuses on defending against threats rather than on the threats alone. This area is less extensively covered by other surveys and warrants particular attention. A life-cycle approach is adopted, articulated to form a "defence in depth" strategy against malicious actors compromising an IoT network laterally within it and from it. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement.