Skip to main content
SpringerLink
Log in

Internet of Things (IoT): Vulnerabilities and Remediation Strategies

  • Conference paper
  • First Online:
Recent Innovations in Computing (ICRIC 2020)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 701))

Included in the following conference series:

Abstract

Iot being a transformative approach for imparting countless services raises consequential security flaws as well. These flaws germinate from the embedded vulnerabilities in IoT devices. The market is flooded with these vulnerable smart devices, which are easy to play with to remotely enter into an IoT system. This becomes more serious as communication protocols and Internet technologies were not devised to support IoT. In this paper, we mainly focus on the evolving vulnerabilities in IoT that can affect its sustenance in the long run. We also elaborated on the remediation strategies to be incorporated to lessen the fertility of the ground to launch numerous attacks. Finally, we conclude with the challenges and recommendations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014). https://doi.org/10.1109/JIOT.2014.2306328

    Article  Google Scholar 

  2. Yosra Ben Saied: Collaborative security for the internet of things Sécurité Collaborative pour l ’ Internet des Objets. Int. J. Comput. Appl. 135(2), 23–29 (2013)

    Google Scholar 

  3. Hypponen, M., Nyman, L.: The Internet of (vulnerable) Things : on hypponen ’ s law, security engineering, and IoT legislation. Technol. Innov. Manag. Rev. 7(4), 5–11 (2017)

    Article  Google Scholar 

  4. Corser, G., Fink, G.A., Aledhari, M.: IEEE Internet Technology Policy Community White Paper INTERNET OF THINGS ( IOT ) SECURITY. IEEE, no. February, pp. 1–13, 2017.

    Google Scholar 

  5. Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and Other Botnets. Computer (Long. Beach. Calif). 79 (2017)

    Google Scholar 

  6. IoT connected teddy bear leaks millions of kids’ conversations, exposed database to blame—TechRepublic. [Online]. Available: https://www.techrepublic.com/article/iot-connected-teddy-bear-leaks-millions-of-kids-conversations-exposed-database-to-blame/. Accessed: 03-Jan-2020.

  7. Stanislav, M., Beardsley, T.: HACKING IoT: a case study on baby monitor exposures and vulnerabilities. September (2015)

    Google Scholar 

  8. Standaert, F.: Introduction to side-channel attacks. Secur. Integr. Circuits Syst. Springer Sci. Media, pp. 27–42 (2010). https://doi.org/10.1007/978-0-387-71829-3.

  9. Neshenko, N., Bou-harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on Internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. PP(c), 1 (2019). https://doi.org/10.1109/COMST.2019.2910750.

  10. Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19. (2016). https://doi.org/10.1109/TETC.2016.2606384.

  11. Makhdoom, I., Abolhasan, M., Lipman, J., Liu, R.P., Ni, W.: Anatomy of threats to the Internet of Things. IEEE Commun. Surv. Tutor. PP(c), 1 (2018). https://doi.org/10.1109/COMST.2018.2874978.

  12. Chen, C., Zhang, Z., Lee, S., Shieh, S.: In the IoT age. Computer (Long. Beach. Calif.) (2018)

    Google Scholar 

  13. Visoottiviseth, V., Akarasiriwong, P., Chaiyasart, S., Chotivatunyu, S.: PENTOS : penetration testing tool for Internet of Thing devices. In: Proceedings 2017 IEEE Region 10 Conference, pp. 2279–2284 (2017)

    Google Scholar 

  14. Linda, M.: Scanning for vulnerable devices in the Internet of Things. 463–467 (2015)

    Google Scholar 

  15. Ko, E., Kim, T., Kim, H.: Management platform of threats information in IoT environment. J. Ambient Intell. Humaniz. Comput. 9, 1167–1176 (2017). https://doi.org/10.1007/s12652-017-0581-6

    Article  Google Scholar 

  16. Sachidananda, V.: POSTER: towards exposing Internet of Things : a roadmap of the Negev. ACM 1, 1820–1822 (2016)

    Google Scholar 

  17. S. Siboni, V. Sachidananda, Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S.: Security testbed for Internet-of-Things devices. IEEE Trans. Reliab., vol. PP, 1–22 (2018). https://doi.org/10.1109/TR.2018.2864536.

  18. Anand, P., Singh, Y., Selwal, A., Alazab, M., Tanwar S., Kumar, N.: IoT vulnerability assessment for sustainable computing: threats, current solutions, and open challenges. In: IEEE Access 8, 168825–168853 (2020) https://doi.org/10.1109/ACCESS.2020.3022842

  19. Sachidananda, V., Toh, J., Siboni, S., Bhairav, S., Shabtai, A., Elovici, Y.: Let the cat out of the bag: a holistic approach towards security analysis of the internet of things. IoTPTS 2017—Proc. 3rd ACM Int. Work. IoT Privacy, Trust. Secur. co-located with ASIA CCS 2017, pp. 3–10 (2017). https://doi.org/10.1145/3055245.3055251.

  20. Trappe, W., Howard, R., Moore, R.S.: Low-energy security: limits and opportunities in the internet of things. IEEE Secur. Priv. 13(1), 14–21 (2015). https://doi.org/10.1109/MSP.2015.7

    Article  Google Scholar 

  21. Ramesh, D., Rao, D.K.: Vampire attacks: draining life from wireless ad hoc sensor communication of networks. IEEE Trans. Mob. Comput. 3(9), 1107–1110 (2014)

    Google Scholar 

  22. Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet Under the Microscope pp. 1–72 (2010)

    Google Scholar 

  23. Rajan, A., Jithish, J., Sankaran, S.: Sybil attack in IoT: Modelling and defenses. In: International Conference on Advances in Computing, Communications and Informatics, ICACCI 2017, vol. 2017-Janua, pp. 2323–2327 (2017). https://doi.org/10.1109/ICACCI.2017.8126193.

  24. Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based internet of things. Int. J. Distrib. Sens. Netw. 2013(10), 1–11 (2013). https://doi.org/10.1155/2013/794326

    Article  Google Scholar 

  25. Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart Nest Thermostat : A Smart Spy in Your Home, pp. 1–8. Black Hat USA, Cisco (2014)

    Google Scholar 

  26. Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6(2), 76–84 (2013). https://doi.org/10.1016/j.ijcip.2013.04.004

    Article  Google Scholar 

  27. Arias, O., Wurm, J., Hoang, K., Jin, Y.: Privacy and security in Internet of Things and wearable devices. IEEE Trans. Multi-Scale Comput. Syst. 1(2), 99–109 (2015). https://doi.org/10.1109/TMSCS.2015.2498605

    Article  Google Scholar 

  28. Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19 (2016).

    Google Scholar 

  29. Bertino, E., Islam, N.: Botnets and Internet. IEEE Comput. Soc. 18, 76–79 (2017)

    Article  Google Scholar 

  30. Alaba, F.A., Othman, M., Abaker, I., Hashem, T., Alotaibi, F.: Internet of Things security: a survey. J. Netw. Comput. Appl. 88(April), 10–28 (2017)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Technology, Central University of Jammu, Samba, Jammu and Kashmir, 181143, India

    Pooja Anand, Yashwant Singh & Arvind Selwal

Authors
  1. Pooja Anand
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yashwant Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arvind Selwal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pooja Anand .

Editor information

Editors and Affiliations

  1. Department of Computer Science & Engineering, ABES Engineering College, Ghaziabad, Uttar Pradesh, India

    Pradeep Kumar Singh

  2. Central University of Jammu, Jammu and Kashmir, India

    Yashwant Singh

  3. Department of Electrical Engineering, Indian Institute of Technology Patna, Patna, Bihar, India

    Maheshkumar H. Kolekar

  4. Department of Management Sciences, Indian Institute of Technology Delhi, New Delhi, Delhi, India

    Arpan Kumar Kar

  5. Department of Computer Engineering, National Institute of Technology Kurukshetra, Kurukshetra, Haryana, India

    Jitender Kumar Chhabra

  6. Department of Computer Science and Information Technology, Kwantlen Polytechnic University, Surrey, BC, Canada

    Abhijit Sen

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Anand, P., Singh, Y., Selwal, A. (2021). Internet of Things (IoT): Vulnerabilities and Remediation Strategies. In: Singh, P.K., Singh, Y., Kolekar, M.H., Kar, A.K., Chhabra, J.K., Sen, A. (eds) Recent Innovations in Computing. ICRIC 2020. Lecture Notes in Electrical Engineering, vol 701. Springer, Singapore. https://doi.org/10.1007/978-981-15-8297-4_22

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-8297-4_22

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-8296-7

  • Online ISBN: 978-981-15-8297-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation