Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Internet of Things: information security challenges and solutions
Miloslavskaya N., Tolstoy A. Cluster Computing22 (1):103-119,2019.Type:Article
Date Reviewed: Jan 9 2020

The Internet of Things (IoT) has gained tremendous popularity over the years, allowing objects to be connected without intervention from humans. While this has opened up many opportunities for developing services and applications, it has many information security challenges. The main challenge is that IoT devices have a large attack surface due to their exposure to the Internet. This makes these devices highly vulnerable to information security attacks.

This paper discusses various security attacks and vulnerabilities encountered by IoT, such as distributed denial-of-service (DDoS), man-in-the-middle (MITM) attacks, identity spoofing, malicious data spoofing, stack buffer overflow, brute-force cracking of passwords, vulnerable encryption keys, and malicious updates. The authors discuss possible solutions to confront these attacks. They present an IoT topology layer (that can vary based on the applications) and categorize attacks based on the layers targeted.

After discussing the vulnerabilities and attacks, the authors present solutions to implement in the application, network, and device layers, such as data/signaling confidentiality and integrity protection, information security audit, and access control, to make IoT devices secure. There is a reference to the 2017 National Institute of Standards and Technology (NIST) list of IoT vulnerabilities and their severity. The paper also proposes a security intelligence approach based on the real-time collection and analysis of the data generated by the IoT infrastructure. This helps in the constant monitoring of external and internal threats and preparing proactive/predictive defense mechanisms.

This paper will definitely prove useful for people working in IoT network security and developing secure IoT devices. It contains a lot of information about IoT vulnerabilities and corresponding attacks. At times I felt lost, and thus wish the information was better structured (however, this could entirely be due to my own limitations or inability to sync with the flow of the paper). In all papers, and survey papers in particular, I find the references to be the most important section, and that holds true for this paper, too.

Reviewer:  Rinki Sharma Review #: CR146833 (2004-0084)
Bookmark and Share
  Reviewer Selected
 
 
Security, Integrity, And Protection (H.2.0 ... )
 
 
Real-Time And Embedded Systems (C.3 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security, Integrity, And Protection": Date
Views for multilevel database security
Denning D., Akl S., Heckman M., Lunt T., Morgenstern M., Neumann P., Schell R. IEEE Transactions on Software Engineering SE-13(2): 129-140, 1987. Type: Article
Feb 1 1988
Computer security: a comprehensive controls checklist
Wood C., Banks W., Guarro S., Garcia A., Hampel V., Sartorio H., Wiley-Interscience, New York, NY, 1987. Type: Book (9789780471847953)
Feb 1 1988
Incorporating access control in forms systems
Yeo G. Computers and Security 4(2): 109-122, 1985. Type: Article
Feb 1 1986
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy