A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges

Abstract

The Internet of Things (IoT) has set the way for the continuing digitalization of society in various manners during the past decade. The IoT is a vast network of intelligent devices exchanging data online. The security component of IoT is crucial given its rapid expansion as a new technology paradigm since it may entail safety-critical procedures and the online storage of sensitive data. Unfortunately, security is the primary challenge when adopting Internet of Things (IoT) technologies. As a result, manufacturers’ and academics’ top priority now is improving the security of IoT devices. A substantial body of literature on the subject encompasses several issues and potential remedies. However, most existing research fails to offer a comprehensive perspective on attacks inside the IoT. Hence, this survey aims to establish a structure to guide researchers by categorizing attacks in the taxonomy according to various factors such as attack domains, attack threat type, attack executions, software surfaces, IoT protocols, attacks based on device property, attacks based on adversary location and attacks based on information damage level. This is followed by a comprehensive analysis of the countermeasures offered in academic literature. In this discourse, the countermeasures proposed for the most significant security attacks in the IoT are investigated. Following this, a comprehensive classification system for the various domains of security research in the IoT and Industrial Internet of Things (IIoT) is developed, accompanied by their respective remedies. In conclusion, the study has revealed several open research areas pertinent to the subject matter.