Future IoT‐enabled threats and vulnerabilities: State of the art, challenges, and future prospects

• Published in: International journal of communication systems Vol. 33; no. 12
• Main Authors: Srivastava, Astha, Gupta, Shashank, Quamara, Megha, Chaudhary, Pooja, Aski, Vidyadhar Jinnappa
• Format: Journal Article
• Language: English
• Published: Chichester Wiley Subscription Services, Inc 01.08.2020
• Subjects: authentication; Classification; Computer simulation; Cryptography; Cybersecurity; Denial of service attacks; Domains; future Internet of Things (IoT); Internet of Things; intrusion detection system (IDS); Intrusion detection systems; Malware; Protocol (computers); radio frequency identification (RFID); simulators; test beds; Threat models; wireless sensor networks (WSNs)
• ISSN: 1074-5351; 1099-1131
• DOI: 10.1002/dac.4443

Summary In the recent era, the security issues affecting the future Internet‐of‐Things (IoT) standards has fascinated noteworthy consideration from numerous research communities. In this view, numerous assessments in the form of surveys were proposed highlighting several future IoT‐centric subjects together with threat modeling, intrusion detection systems (IDS), and various emergent technologies. In contrast, in this article, we have focused exclusively on the emerging IoT‐related vulnerabilities. This article is a multi‐fold survey that emphasizes on understanding the crucial causes of novel vulnerabilities in IoT paradigms and issues in existing research. Initially, we have emphasized on different layers of IoT architecture and highlight various emerging security challenges associated with each layer along with the key issues of different IoT systems. Secondly, we discuss the exploitation, detection, and defense methodologies of IoT malware‐enabled distributed denial of service (DDoS), Sybil, and collusion attack capabilities. We have also discussed numerous state‐of‐the‐art strategies for intrusion detection and methods for IDS setup in future IoT systems. Third, we have presented a brief classification of existing IoT authentication protocols and a comparative analysis of such protocols based on different IoT‐enabled cyber attacks. For conducting a real‐time future IoT research, we have presented some emerging blockchain solutions. We have also discussed a comparative examination of some of the recently developed simulation tools and IoT test beds that are characterized based on different layers of IoT infrastructure. We have also outlined some of the open issues and future research directions and also facilitate the readers with broad classification of existing surveys in this domain that addresses several scopes related to the IoT paradigm. This survey article focuses in enabling IoT‐related research activities by comparing and merging scattered surveys in this domain. This survey article focuses on enabling IoT‐related research activities by comparing and merging scattered surveys in the domain related to the IoT security. It also anticipates numerous further initiatives including emerging blockchain solutions, IDS defensive methodologies, fog computing solutions exploring different techniques that focuses in sensing malicious IoT sensors/actuators in the large‐scale for quick therapy, and further experiential investigations for exploring and characterizing the inward/outward traffic of malicious IoT devices.