Abstract
Iot being a transformative approach for imparting countless services raises consequential security flaws as well. These flaws germinate from the embedded vulnerabilities in IoT devices. The market is flooded with these vulnerable smart devices, which are easy to play with to remotely enter into an IoT system. This becomes more serious as communication protocols and Internet technologies were not devised to support IoT. In this paper, we mainly focus on the evolving vulnerabilities in IoT that can affect its sustenance in the long run. We also elaborated on the remediation strategies to be incorporated to lessen the fertility of the ground to launch numerous attacks. Finally, we conclude with the challenges and recommendations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014). https://doi.org/10.1109/JIOT.2014.2306328
Yosra Ben Saied: Collaborative security for the internet of things Sécurité Collaborative pour l ’ Internet des Objets. Int. J. Comput. Appl. 135(2), 23–29 (2013)
Hypponen, M., Nyman, L.: The Internet of (vulnerable) Things : on hypponen ’ s law, security engineering, and IoT legislation. Technol. Innov. Manag. Rev. 7(4), 5–11 (2017)
Corser, G., Fink, G.A., Aledhari, M.: IEEE Internet Technology Policy Community White Paper INTERNET OF THINGS ( IOT ) SECURITY. IEEE, no. February, pp. 1–13, 2017.
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and Other Botnets. Computer (Long. Beach. Calif). 79 (2017)
IoT connected teddy bear leaks millions of kids’ conversations, exposed database to blame—TechRepublic. [Online]. Available: https://www.techrepublic.com/article/iot-connected-teddy-bear-leaks-millions-of-kids-conversations-exposed-database-to-blame/. Accessed: 03-Jan-2020.
Stanislav, M., Beardsley, T.: HACKING IoT: a case study on baby monitor exposures and vulnerabilities. September (2015)
Standaert, F.: Introduction to side-channel attacks. Secur. Integr. Circuits Syst. Springer Sci. Media, pp. 27–42 (2010). https://doi.org/10.1007/978-0-387-71829-3.
Neshenko, N., Bou-harb, E., Crichigno, J., Kaddoum, G., Ghani, N.: Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on Internet-scale IoT exploitations. IEEE Commun. Surv. Tutor. PP(c), 1 (2019). https://doi.org/10.1109/COMST.2019.2910750.
Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19. (2016). https://doi.org/10.1109/TETC.2016.2606384.
Makhdoom, I., Abolhasan, M., Lipman, J., Liu, R.P., Ni, W.: Anatomy of threats to the Internet of Things. IEEE Commun. Surv. Tutor. PP(c), 1 (2018). https://doi.org/10.1109/COMST.2018.2874978.
Chen, C., Zhang, Z., Lee, S., Shieh, S.: In the IoT age. Computer (Long. Beach. Calif.) (2018)
Visoottiviseth, V., Akarasiriwong, P., Chaiyasart, S., Chotivatunyu, S.: PENTOS : penetration testing tool for Internet of Thing devices. In: Proceedings 2017 IEEE Region 10 Conference, pp. 2279–2284 (2017)
Linda, M.: Scanning for vulnerable devices in the Internet of Things. 463–467 (2015)
Ko, E., Kim, T., Kim, H.: Management platform of threats information in IoT environment. J. Ambient Intell. Humaniz. Comput. 9, 1167–1176 (2017). https://doi.org/10.1007/s12652-017-0581-6
Sachidananda, V.: POSTER: towards exposing Internet of Things : a roadmap of the Negev. ACM 1, 1820–1822 (2016)
S. Siboni, V. Sachidananda, Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S.: Security testbed for Internet-of-Things devices. IEEE Trans. Reliab., vol. PP, 1–22 (2018). https://doi.org/10.1109/TR.2018.2864536.
Anand, P., Singh, Y., Selwal, A., Alazab, M., Tanwar S., Kumar, N.: IoT vulnerability assessment for sustainable computing: threats, current solutions, and open challenges. In: IEEE Access 8, 168825–168853 (2020) https://doi.org/10.1109/ACCESS.2020.3022842
Sachidananda, V., Toh, J., Siboni, S., Bhairav, S., Shabtai, A., Elovici, Y.: Let the cat out of the bag: a holistic approach towards security analysis of the internet of things. IoTPTS 2017—Proc. 3rd ACM Int. Work. IoT Privacy, Trust. Secur. co-located with ASIA CCS 2017, pp. 3–10 (2017). https://doi.org/10.1145/3055245.3055251.
Trappe, W., Howard, R., Moore, R.S.: Low-energy security: limits and opportunities in the internet of things. IEEE Secur. Priv. 13(1), 14–21 (2015). https://doi.org/10.1109/MSP.2015.7
Ramesh, D., Rao, D.K.: Vampire attacks: draining life from wireless ad hoc sensor communication of networks. IEEE Trans. Mob. Comput. 3(9), 1107–1110 (2014)
Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet Under the Microscope pp. 1–72 (2010)
Rajan, A., Jithish, J., Sankaran, S.: Sybil attack in IoT: Modelling and defenses. In: International Conference on Advances in Computing, Communications and Informatics, ICACCI 2017, vol. 2017-Janua, pp. 2323–2327 (2017). https://doi.org/10.1109/ICACCI.2017.8126193.
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based internet of things. Int. J. Distrib. Sens. Netw. 2013(10), 1–11 (2013). https://doi.org/10.1155/2013/794326
Hernandez, G., Arias, O., Buentello, D., Jin, Y.: Smart Nest Thermostat : A Smart Spy in Your Home, pp. 1–8. Black Hat USA, Cisco (2014)
Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6(2), 76–84 (2013). https://doi.org/10.1016/j.ijcip.2013.04.004
Arias, O., Wurm, J., Hoang, K., Jin, Y.: Privacy and security in Internet of Things and wearable devices. IEEE Trans. Multi-Scale Comput. Syst. 1(2), 99–109 (2015). https://doi.org/10.1109/TMSCS.2015.2498605
Nia, A.M., Member, S., Jha, N.K.: A comprehensive study of security of. IEEE Trans. Emerg. Top. Comput. 6750(c), 1–19 (2016).
Bertino, E., Islam, N.: Botnets and Internet. IEEE Comput. Soc. 18, 76–79 (2017)
Alaba, F.A., Othman, M., Abaker, I., Hashem, T., Alotaibi, F.: Internet of Things security: a survey. J. Netw. Comput. Appl. 88(April), 10–28 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Anand, P., Singh, Y., Selwal, A. (2021). Internet of Things (IoT): Vulnerabilities and Remediation Strategies. In: Singh, P.K., Singh, Y., Kolekar, M.H., Kar, A.K., Chhabra, J.K., Sen, A. (eds) Recent Innovations in Computing. ICRIC 2020. Lecture Notes in Electrical Engineering, vol 701. Springer, Singapore. https://doi.org/10.1007/978-981-15-8297-4_22
Download citation
DOI: https://doi.org/10.1007/978-981-15-8297-4_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-8296-7
Online ISBN: 978-981-15-8297-4
eBook Packages: Computer ScienceComputer Science (R0)