Security Issues, Attacks and Countermeasures in Layered IoT Ecosystem

Abstract

Internet of Things (IoT) applications consist mainly of a group of small devices with sensing and/ or actuationcapabilities, working collaboratively to provide a specific functionality. IoT applications are becoming vital part ofour daily lives in various areas such as home automation, industrial automation, energy sector, healthcare sectorand smart transportation. Security is a term that is used to encompass the notions such as integrity, confidentiality,and privacy. A more prominent understanding of the Internet of Things (IoT) is that – it transmits data over theglobal internet and gives many services in many domains. It facilitates the machines and gadgets to communicatewith each other. IoT appliances have been facing several issues, therefore we identify variety of service domainsand their vulnerabilities. The main focus is on protecting the security and privacy. This paper presents anoverview of IoT models, applications in different domains, vulnerabilities, security privacy goals, possible attacks,and their corresponding countermeasures. The objective of this paper is also to provide a survey on categorizedlayer-wise attacks and countermeasures in detail. In the object layer, connectivity link Layer, several attacksare discussed based on RFID, NFC, ZigBee, Bluetooth, and Wi-Fi protocols. In the Transport Network layer,we have classified variety of attacks based on RPL, 6loWPAN, TCP/UDP, and IPv4/IPv6. Similarly, In theSession Communication, Data Aggregation Storage, Business Model, and Application layers, we have discoveredconsiderable number of attacks for each layer.