Review
BibTex RIS Cite
Year 2023, Volume: 1 Issue: 1, 22 - 43, 02.02.2024

Abstract

References

  • J. Jamali, B. Bahrami, A. Heidari, P. Allahverdizadeh, and F. Norouzi, Towards the internet of things. Springer, 2020.
  • B. Russell and D. Van Duren, Practical internet of things security. Packt Publishing Ltd, 2016.
  • V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, "A survey on IoT security: application areas, security threats, and solution architectures," IEEE Access, vol. 7, pp. 82721-82743, 2019.
  • G. Mustafa, R. Ashraf, M. A. Mirza, and A. Jamil, "A review of data security and cryptographic techniques in IoT based devices," in Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, 2018, pp. 1-9.
  • J. M. Carracedo et al., "Cryptography for security in IoT," in 2018 Fifth International Conference on Internet of Things: Systems, Management and Security, 2018: IEEE, pp. 23-30.
  • R. Doshi, N. Apthorpe, and N. Feamster, "Machine Learning DDoS Detection for Consumer Internet of Things Devices," in 2018 IEEE Security and Privacy Workshops (SPW), 24-24 May 2018 2018, pp. 29-35, doi: 10.1109/SPW.2018.00013.
  • H. Damghani, H. Hosseinian, and L. Damghani, "Cryptography review in IoT," in 2019 4th Conference on Technology In Electrical and Computer Engineering (ETECH2019), 2019.
  • M. U. Farooq, M. Waseem, A. Khairi, and S. Mazhar, "A Critical Analysis on the Security Concerns of Internet of Things (IoT)," International Journal of Computer Applications, vol. 111, pp. 1-6, 2015.
  • R. Roman, P. Najera, and J. Lopez, "Securing the Internet of Things," Computer, vol. 44, no. 9, pp. 51-58, 2011, doi: 10.1109/MC.2011.291. T. N. Minh, "Confidentiality and integrity for IoT/mobile networks," Recent Trends in Communication Networks, p. 25, 2019. R. Roman, J. Zhou, and J. Lopez, "On the features and challenges of security and privacy in distributed internet of things," Computer Networks, vol. 57, no. 10, pp. 2266-2279, 2013/07/05/ 2013, doi: \url{https://doi.org/10.1016/j.comnet.2012.12.018}.
  • H. Suo, J. Wan, C. Zou, and J. Liu, "Security in the Internet of Things: A Review," in 2012 International Conference on Computer Science and Electronics Engineering, 23-25 March 2012 2012, vol. 3, pp. 648-651, doi: 10.1109/ICCSEE.2012.373.
  • K. T. Nguyen, M. Laurent, and N. Oualha, "Survey on secure communication protocols for the Internet of Things," Ad Hoc Networks, vol. 32, pp. 17-31, 2015/09/01/ 2015, doi: \url{https://doi.org/10.1016/j.adhoc.2015.01.006}.
  • X. Huang, P. Craig, H. Lin, and Z. Yan, "SecIoT: a security framework for the Internet of Things," Security and Communication Networks, vol. 9, no. 16, pp. 3083-3094, 2016, doi: \url{https://doi.org/10.1002/sec.1259}.
  • A. Gharaibeh et al., "Smart Cities: A Survey on Data Management, Security, and Enabling Technologies," IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2456-2501, 2017, doi: 10.1109/COMST.2017.2736886.
  • D. Eckhoff and I. Wagner, "Privacy in the Smart City—Applications, Technologies, Challenges, and Solutions," IEEE Communications Surveys & Tutorials, vol. 20, no. 1, pp. 489-516, 2018, doi: 10.1109/COMST.2017.2748998.
  • S. L. Ullo and G. R. Sinha, "Advances in smart environment monitoring systems using IoT and sensors," Sensors, vol. 20, no. 11, p. 3113, 2020.
  • N. M. Karie, N. M. Sahri, W. Yang, C. Valli, and V. R. Kebande, "A review of security standards and frameworks for IoT-based smart environments," IEEE Access, vol. 9, pp. 121975-121995, 2021.
  • X. Xia, Y. Xiao, and W. Liang, "ABSI: An Adaptive Binary Splitting Algorithm for Malicious Meter Inspection in Smart Grid," IEEE Transactions on Information Forensics and Security, vol. 14, no. 2, pp. 445-458, 2019, doi: 10.1109/TIFS.2018.2854703.
  • S. I. Gerasopoulos, N. M. Manousakis, and C. S. Psomopoulos, "Smart metering in EU and the energy theft problem," Energy Efficiency, vol. 15, no. 1, p. 12, 2022/01/28 2022, doi: 10.1007/s12053-021-10011-y.
  • D. G. Costa et al., "A Survey of Emergencies Management Systems in Smart Cities," IEEE Access, vol. 10, pp. 61843-61872, 2022, doi: 10.1109/ACCESS.2022.3180033.
  • A. Rajbanshi, D. Das, V. Udutalapally, and R. Mahapatra, "dLeak: An IoT-Based Gas Leak Detection Framework for Smart Factory," SN Computer Science, vol. 3, no. 4, p. 273, 2022/05/05 2022, doi: 10.1007/s42979-022-01181-2.
  • M. Saifullah, I. S. Bajwa, M. Ibrahim, and M. Asghar, "IoT-Enabled Intelligent System for the Radiation Monitoring and Warning Approach," Mobile Information Systems, vol. 2022, p. 2769958, 2022/12/20 2022, doi: 10.1155/2022/2769958.
  • V. Tran-Quang and H. Dao-Viet, "An internet of radiation sensor system (IoRSS) to detect radioactive sources out of regulatory control," Scientific Reports, vol. 12, no. 1, p. 7195, 2022/05/03 2022, doi: 10.1038/s41598-022-11264-y.
  • C.-Y. Lin, "Understanding consumer perceptions and attitudes toward smart retail services," Journal of Services Marketing, vol. 36, no. 8, pp. 1015-1030, 2022.
  • M. G. Khan, N. U. Huda, and U. K. U. Zaman, "Smart warehouse management system: Architecture, real-time implementation and prototype design," Machines, vol. 10, no. 2, p. 150, 2022.
  • N. N. Dlamini and K. Johnston, "The use, benefits and challenges of using the Internet of Things (IoT) in retail businesses: A literature review," in 2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), 28-29 Nov. 2016 2016, pp. 430-436, doi: 10.1109/ICACCE.2016.8073787.
  • B. B. Sinha and R. Dhanalakshmi, "Recent advancements and challenges of Internet of Things in smart agriculture: A survey," Future Generation Computer Systems, vol. 126, pp. 169-184, 2022/01/01/ 2022, doi: \url{https://doi.org/10.1016/j.future.2021.08.006}. V. K. Quy et al., "IoT-Enabled Smart Agriculture: Architecture, Applications, and Challenges," Applied Sciences, vol. 12, no. 7, p. 3396, 2022. [Online]. Available: \url{https://www.mdpi.com/2076-3417/12/7/3396}. \bibitem{r30} T. Vigneswari and N. Vijaya, "Smart livestock management using cloud IoT," Cloud IoT Syst. Smart Agric. Eng, vol. 1, pp. 55-74, 2022.
  • N. Satheeskanth, S. D. Marasinghe, R. M. L. M. P. Rathnayaka, A. Kunaraj, and J. Joy Mathavan, "IoT-Based Integrated Smart Home Automation System," in Ubiquitous Intelligent Systems, Singapore, P. Karuppusamy, I. Perikos, and F. P. García Márquez, Eds., 2022// 2022: Springer Singapore, pp. 341-355.
  • A. C. Jose and R. Malekian, "Improving Smart Home Security: Integrating Logical Sensing Into Smart Home," IEEE Sensors Journal, vol. 17, no. 13, pp. 4269-4286, 2017, doi: 10.1109/JSEN.2017.2705045.
  • Bridgera. \url{https://bridgera.com/sensors-and-actuators-in-iot/} (accessed).
  • Smarthomeblog. \url{https://smarthomeblog.net/smart-smoke-detector/} (accessed.
  • K. S. K, S. Sahoo, A. Mahapatra, A. K. Swain, and K. K. Mahapatra, "Security Enhancements to System on Chip Devices for IoT Perception Layer," in 2017 IEEE International Symposium on Nanoelectronic and Information Systems (iNIS), 18-20 Dec. 2017 2017, pp. 151-156, doi: 10.1109/iNIS.2017.39.
  • B. Yong, X. Liu, Q. Yu, L. Huang, and Q. Zhou, "Malicious Web traffic detection for Internet of Things environments," Computers & Electrical Engineering, vol. 77, pp. 260-272, 2019/07/01/ 2019, doi: \url{https://doi.org/10.1016/j.compeleceng.2019.06.008}. J. Giraldo, M. E. Hariri, and M. Parvania, "Decentralized Moving Target Defense for Microgrid Protection Against False-Data Injection Attacks," IEEE Transactions on Smart Grid, vol. 13, no. 5, pp. 3700-3710, 2022, doi: 10.1109/TSG.2022.3176246.
  • C. Liptak, S. Mal-Sarkar, and S. A. Kumar, "Power Analysis Side Channel Attacks and Countermeasures for the Internet of Things," in 2022 IEEE Physical Assurance and Inspection of Electronics (PAINE), 2022: IEEE, pp. 1-7.
  • A. N. Alahmadi, S. U. Rehman, H. S. Alhazmi, D. G. Glynn, H. Shoaib, and P. Solé, "Cyber-Security Threats and Side-Channel Attacks for Digital Agriculture," Sensors, vol. 22, no. 9, p. 3520, 2022. [Online]. Available: \url{https://www.mdpi.com/1424-8220/22/9/3520}.
  • C. H. Liao, H. H. Shuai, and L. C. Wang, "Eavesdropping prevention for heterogeneous Internet of Things systems," in 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), 12-15 Jan. 2018 2018, pp. 1-2, doi: 10.1109/CCNC.2018.8319297.
  • Y. Alotaibi and M. Ilyas, "Security risks in internet of things (IoT): a brief survey," in Proceedings of the 26th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI 2022), 2022, pp. 1-5.
  • R. Wang and Y. Yan, "A Survey of Secure Boot Schemes for Embedded Devices," in 2022 24th International Conference on Advanced Communication Technology (ICACT), 13-16 Feb. 2022 2022, pp. 224-227, doi: 10.23919/ICACT53585.2022.9728840.
  • APWG. \url{https://apwg.org/trendsreports/} (accessed).
  • C. Li and C. Chen, "A multi-stage control method application in the fight against phishing attacks," Proceeding of the 26th computer security academic communication across the country, p. 145, 2011.
  • M. Mittal, K. Kumar, and S. Behal, "Deep learning approaches for detecting DDoS attacks: A systematic review," Soft Computing, pp. 1-37, 2022.
  • C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, "DDoS in the IoT: Mirai and other botnets," Computer, vol. 50, no. 7, pp. 80-84, 2017. C. Silpa, G. Niranjana, and K. Ramani, "Securing Data from Active Attacks in IoT: An Extensive Study," in Proceedings of International Conference on Deep Learning, Computing and Intelligence: ICDCI 2021, 2022: Springer, pp. 51-64.
  • A. Bilal, S. M. N. Hasany, and A. H. Pitafi, "Effective modelling of sinkhole detection algorithm for edge‐based Internet of Things (IoT) sensing devices," IET Communications, vol. 16, no. 8, pp. 845-855, 2022.
  • S. A. Bhosale and S. S. Sonavane, "Wormhole Attack Detection System for IoT Network: A Hybrid Approach," Wireless Personal Communications, vol. 124, no. 2, pp. 1081-1108, 2022/05/01 2022, doi: 10.1007/s11277-021-09395-y.
  • S. Bandyopadhyay, M. Sengupta, S. Maiti, and S. Dutta, "A survey of middleware for internet of things," in Recent trends in wireless and mobile networks: Springer, 2011, pp. 288-296.
  • K. S, V. S, A. Singh, R. A, H. Saxena, and S. S. S, "Detection and Mitigation of Man-in-the-Middle Attack in IoT through Alternate Routing," in 2022 6th International Conference on Computing Methodologies and Communication (ICCMC), 29-31 March 2022 2022, pp. 341-345, doi: 10.1109/ICCMC53470.2022.9753832.
  • Q. Zhang and X. Wang, "SQL injections through back-end of RFID system," in 2009 International symposium on computer network and multimedia technology, 2009: IEEE, pp. 1-4.
  • R. Dorai and V. Kannan, "SQL injection-database attack revolution and prevention," J. Int'l Com. L. & Tech., vol. 6, p. 224, 2011. M. A. Razzaque, M. Milojevic-Jevric, A. Palade, and S. Clarke, "Middleware for internet of things: a survey," IEEE Internet of things journal, vol. 3, no. 1, pp. 70-95, 2015.
  • Acunetix. \url{https://www.acunetix.com/vulnerabilities/web/tag/insecure-deserialization/} (accessed).
  • J. Kumar, B. Rajendran, B. Bindhumadhava, and N. S. C. Babu, "XML wrapping attack mitigation using positional token," in 2017 International conference on public key infrastructure and its applications (PKIA), 2017: IEEE, pp. 36-42.
  • WS-Attacks. \url {https://www.ws-attacks.org/XML_Signature_Wrapping} (accessed).
  • I. H. Sarker, A. I. Khan, Y. B. Abushark, and F. Alsolami, "Internet of Things (IoT) Security Intelligence: A Comprehensive Overview, Machine Learning Solutions and Research Directions," Mobile Networks and Applications, 2022/03/14 2022, doi: 10.1007/s11036-022-01937-3. B. Gupta, P. Chaudhary, X. Chang, and N. Nedjah, "Smart defense against distributed Denial of service attack in IoT networks using supervised learning classifiers," Computers & Electrical Engineering, vol. 98, p. 107726, 2022.
  • citrix. \url{https://www.citrix.com/blogs/2015/07/24/securing-the-IoT-gateway/}"(accessed)
  • F. Kohnhäuser, S. Grüner, and J. Heuschkel, "Secure Onboarding of IIoT Devices using OPC UA," in 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA), 2022: IEEE, pp. 1-4.
  • A. Stanciu, T.-C. Balan, C. Gerigan, and S. Zamfir, "Securing the IoT gateway based on the hardware implementation of a multi pattern search algorithm," in 2017 International Conference on Optimization of Electrical and Electronic Equipment (OPTIM) & 2017 Intl Aegean Conference on Electrical Machines and Power Electronics (ACEMP), 2017: IEEE, pp. 1001-1006.
  • S.-C. Cha, J.-F. Chen, C. Su, and K.-H. Yeh, "A blockchain connected gateway for BLE-based devices in the internet of things," ieee access, vol. 6, pp. 24639-24649, 2018.
  • W.-J. Tsaur, J.-C. Chang, and C.-L. Chen, "A Highly Secure IoT Firmware Update Mechanism Using Blockchain," Sensors, vol. 22, no. 2, p. 530, 2022. [Online]. Available: \url{https://www.mdpi.com/1424-8220/22/2/530}.
  • W. Bekri, T. Layeb, J. Rihab, and L. C. Fourati, "Intelligent IoT Systems: security issues, attacks, and countermeasures," in 2022 International Wireless Communications and Mobile Computing (IWCMC), 2022: IEEE, pp. 231-236.
  • P. Yang, N. Xiong, and J. Ren, "Data security and privacy protection for cloud storage: A survey," IEEE Access, vol. 8, pp. 131723-131740, 2020.
  • S. A. Chaudhry, K. Yahya, F. Al-Turjman, and M. H. Yang, "A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems," IEEE Access, vol. 8, pp. 139244-139254, 2020, doi: 10.1109/ACCESS.2020.3012121.
  • S. B. B. Priyadarshini, S. K. Dash, A. Sahani, B. K. Mishra, and M. P. Nath, "An Introduction to Security in Internet of Things (IoT) and Big Data," A Roadmap for Enabling Industry 4.0 by Artificial Intelligence, pp. 169-200, 2022.
  • P. Chaudhary, B. B. Gupta, and A. K. Singh, "Securing heterogeneous embedded devices against XSS attack in intelligent IoT system," Computers & Security, vol. 118, p. 102710, 2022/07/01/ 2022, doi: \url{https://doi.org/10.1016/j.cose.2022.102710}.
  • S. N. Swamy, D. Jadhav, and N. Kulkarni, "Security threats in the application layer in IOT applications," in 2017 International conference on i-SMAC (iot in social, mobile, analytics and cloud)(i-SMAC), 2017: IEEE, pp. 477-480.
  • H. A. Abdul-Ghani, D. Konstantas, and M. Mahyoub, "A comprehensive IoT attacks survey based on a building-blocked reference model," International Journal of Advanced Computer Science and Applications, vol. 9, no. 3, 2018.
  • S. Ali, "Using Firewalls," in Computer Network Security: Wiley, 2020, pp. 79-100.
  • H. Abie, "An overview of firewall technologies," Telektronikk, vol. 96, no. 3, pp. 47-52, 2000.
  • M. S. Desai, T. C. Richards, and T. von der Embse, "System insecurity–firewalls," Information management & computer security, 2002. B. S. Rawal, G. Manogaran, and A. Peter, "Firewalls," in Cybersecurity and Identity Access Management: Springer, 2022, pp. 117-128.
  • J. Liang and Y. Kim, "Evolution of Firewalls: Toward Securer Network Using Next Generation Firewall," in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC), 26-29 Jan. 2022 2022, pp. 0752-0759, doi: 10.1109/CCWC54503.2022.9720435. P. C. van Oorschot and P. C. van Oorschot, "Firewalls and Tunnels," Computer Security and the Internet: Tools and Jewels from Malware to Bitcoin, pp. 281-308, 2021.
  • M. Pudelko, P. Emmerich, S. Gallenmüller, and G. Carle, "Performance analysis of VPN gateways," in 2020 IFIP Networking Conference (Networking), 2020: IEEE, pp. 325-333.
  • M. M. Ghonge, S. Pramanik, R. Mangrulkar, and D. N. Le, Cyber Security and Digital Forensics: Challenges and Future Trends. Wiley, 2022. A. Voronkov, L. H. Iwaya, L. A. Martucci, and S. Lindskog, "Systematic literature review on usability of firewall configuration," ACM Computing Surveys (CSUR), vol. 50, no. 6, pp. 1-35, 2017.
  • B. Komar, R. Beekelaar, and J. Wettern, Firewalls for dummies. John Wiley & Sons, 2003.
  • A. X. Liu, "Formal Verification of Firewall Policies," in 2008 IEEE International Conference on Communications, 19-23 May 2008 2008, pp. 1494-1498, doi: 10.1109/ICC.2008.289.
  • F. N. Nife and Z. Kotulski, "Application-Aware Firewall Mechanism for Software Defined Networks," Journal of Network and Systems Management, vol. 28, no. 3, pp. 605-626, 2020/07/01 2020, doi: 10.1007/s10922-020-09518-z.
  • P. André, "Firewalls," in Network Security: Wiley, 2014, pp. 215-235.
  • R. W. Anwar, T. Abdullah, and F. Pastore, "Firewall Best Practices for Securing Smart Healthcare Environment: A Review," Applied Sciences, vol. 11, no. 19, p. 9183, 2021.
  • P. Francis, "Network address translation (nat)," ACM SIGCOMM Computer Communication Review, vol. 45, no. 2, pp. 50-50, 2015. C. Scott, P. Wolfe, and M. Erwin, Virtual private networks. " O'Reilly Media, Inc.", 1999.
  • R. Lund, A. Fenzl, and C. Villanueva, "Distributed Firewall for IoT," 2020.
  • A. Herzog and N. Shahmehri, "Usability and Security of Personal Firewalls," in New Approaches for Security, Privacy and Trust in Complex Environments, Boston, MA, H. Venter, M. Eloff, L. Labuschagne, J. Eloff, and R. von Solms, Eds., 2007// 2007: Springer US, pp. 37-48. PCmag. \url{https://www.pcmag.com/reviews/luma-home-wifi-system} (accessed}.
  • J. Bugeja, A. Jacobsson, and P. Davidsson, "On privacy and security challenges in smart connected homes," in 2016 European Intelligence and Security Informatics Conference (EISIC), 2016: IEEE, pp. 172-175.
  • D. K. Madhugundu, F. Ahmed, and B. Roy, "A survey on security issues and challenges in IoT based smart home," in Proceedings of 3rd International Conference on Internet of Things and Connected Technologies (ICIoTCT), 2018, pp. 26-27.

FIREWALLS AND INTERNET OF THINGS SECURITY: A SURVEY

Year 2023, Volume: 1 Issue: 1, 22 - 43, 02.02.2024

Abstract

One way to define the Internet of Things is as a network of objects, data, and the internet. Things can be referred to as objects, whether an appliance, a car, a human, an animal, or a plant. Connected devices, manufacturers, and operators can exchange data over the Internet of Things to monitor and control their functions. According to analysts, thousands of things are predicted to be connected to the Internet of Things. Consequently, these devices generate a great deal of data. This enormous amount of data is described as Big Data. In addition to its volume and velocity, this data is diverse and varied. This data is at risk of being compromised. Firewalls are security devices that monitor, and control network traffic flow based on a set of predefined rules. More proactive firewalls are needed to block current and emerging threats such as botnets and targeted attacks. This paper provides a comprehensive overview of the information security issues and demonstrates how firewalls can mitigate these challenges in IoT applications.

References

  • J. Jamali, B. Bahrami, A. Heidari, P. Allahverdizadeh, and F. Norouzi, Towards the internet of things. Springer, 2020.
  • B. Russell and D. Van Duren, Practical internet of things security. Packt Publishing Ltd, 2016.
  • V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, "A survey on IoT security: application areas, security threats, and solution architectures," IEEE Access, vol. 7, pp. 82721-82743, 2019.
  • G. Mustafa, R. Ashraf, M. A. Mirza, and A. Jamil, "A review of data security and cryptographic techniques in IoT based devices," in Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, 2018, pp. 1-9.
  • J. M. Carracedo et al., "Cryptography for security in IoT," in 2018 Fifth International Conference on Internet of Things: Systems, Management and Security, 2018: IEEE, pp. 23-30.
  • R. Doshi, N. Apthorpe, and N. Feamster, "Machine Learning DDoS Detection for Consumer Internet of Things Devices," in 2018 IEEE Security and Privacy Workshops (SPW), 24-24 May 2018 2018, pp. 29-35, doi: 10.1109/SPW.2018.00013.
  • H. Damghani, H. Hosseinian, and L. Damghani, "Cryptography review in IoT," in 2019 4th Conference on Technology In Electrical and Computer Engineering (ETECH2019), 2019.
  • M. U. Farooq, M. Waseem, A. Khairi, and S. Mazhar, "A Critical Analysis on the Security Concerns of Internet of Things (IoT)," International Journal of Computer Applications, vol. 111, pp. 1-6, 2015.
  • R. Roman, P. Najera, and J. Lopez, "Securing the Internet of Things," Computer, vol. 44, no. 9, pp. 51-58, 2011, doi: 10.1109/MC.2011.291. T. N. Minh, "Confidentiality and integrity for IoT/mobile networks," Recent Trends in Communication Networks, p. 25, 2019. R. Roman, J. Zhou, and J. Lopez, "On the features and challenges of security and privacy in distributed internet of things," Computer Networks, vol. 57, no. 10, pp. 2266-2279, 2013/07/05/ 2013, doi: \url{https://doi.org/10.1016/j.comnet.2012.12.018}.
  • H. Suo, J. Wan, C. Zou, and J. Liu, "Security in the Internet of Things: A Review," in 2012 International Conference on Computer Science and Electronics Engineering, 23-25 March 2012 2012, vol. 3, pp. 648-651, doi: 10.1109/ICCSEE.2012.373.
  • K. T. Nguyen, M. Laurent, and N. Oualha, "Survey on secure communication protocols for the Internet of Things," Ad Hoc Networks, vol. 32, pp. 17-31, 2015/09/01/ 2015, doi: \url{https://doi.org/10.1016/j.adhoc.2015.01.006}.
  • X. Huang, P. Craig, H. Lin, and Z. Yan, "SecIoT: a security framework for the Internet of Things," Security and Communication Networks, vol. 9, no. 16, pp. 3083-3094, 2016, doi: \url{https://doi.org/10.1002/sec.1259}.
  • A. Gharaibeh et al., "Smart Cities: A Survey on Data Management, Security, and Enabling Technologies," IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2456-2501, 2017, doi: 10.1109/COMST.2017.2736886.
  • D. Eckhoff and I. Wagner, "Privacy in the Smart City—Applications, Technologies, Challenges, and Solutions," IEEE Communications Surveys & Tutorials, vol. 20, no. 1, pp. 489-516, 2018, doi: 10.1109/COMST.2017.2748998.
  • S. L. Ullo and G. R. Sinha, "Advances in smart environment monitoring systems using IoT and sensors," Sensors, vol. 20, no. 11, p. 3113, 2020.
  • N. M. Karie, N. M. Sahri, W. Yang, C. Valli, and V. R. Kebande, "A review of security standards and frameworks for IoT-based smart environments," IEEE Access, vol. 9, pp. 121975-121995, 2021.
  • X. Xia, Y. Xiao, and W. Liang, "ABSI: An Adaptive Binary Splitting Algorithm for Malicious Meter Inspection in Smart Grid," IEEE Transactions on Information Forensics and Security, vol. 14, no. 2, pp. 445-458, 2019, doi: 10.1109/TIFS.2018.2854703.
  • S. I. Gerasopoulos, N. M. Manousakis, and C. S. Psomopoulos, "Smart metering in EU and the energy theft problem," Energy Efficiency, vol. 15, no. 1, p. 12, 2022/01/28 2022, doi: 10.1007/s12053-021-10011-y.
  • D. G. Costa et al., "A Survey of Emergencies Management Systems in Smart Cities," IEEE Access, vol. 10, pp. 61843-61872, 2022, doi: 10.1109/ACCESS.2022.3180033.
  • A. Rajbanshi, D. Das, V. Udutalapally, and R. Mahapatra, "dLeak: An IoT-Based Gas Leak Detection Framework for Smart Factory," SN Computer Science, vol. 3, no. 4, p. 273, 2022/05/05 2022, doi: 10.1007/s42979-022-01181-2.
  • M. Saifullah, I. S. Bajwa, M. Ibrahim, and M. Asghar, "IoT-Enabled Intelligent System for the Radiation Monitoring and Warning Approach," Mobile Information Systems, vol. 2022, p. 2769958, 2022/12/20 2022, doi: 10.1155/2022/2769958.
  • V. Tran-Quang and H. Dao-Viet, "An internet of radiation sensor system (IoRSS) to detect radioactive sources out of regulatory control," Scientific Reports, vol. 12, no. 1, p. 7195, 2022/05/03 2022, doi: 10.1038/s41598-022-11264-y.
  • C.-Y. Lin, "Understanding consumer perceptions and attitudes toward smart retail services," Journal of Services Marketing, vol. 36, no. 8, pp. 1015-1030, 2022.
  • M. G. Khan, N. U. Huda, and U. K. U. Zaman, "Smart warehouse management system: Architecture, real-time implementation and prototype design," Machines, vol. 10, no. 2, p. 150, 2022.
  • N. N. Dlamini and K. Johnston, "The use, benefits and challenges of using the Internet of Things (IoT) in retail businesses: A literature review," in 2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), 28-29 Nov. 2016 2016, pp. 430-436, doi: 10.1109/ICACCE.2016.8073787.
  • B. B. Sinha and R. Dhanalakshmi, "Recent advancements and challenges of Internet of Things in smart agriculture: A survey," Future Generation Computer Systems, vol. 126, pp. 169-184, 2022/01/01/ 2022, doi: \url{https://doi.org/10.1016/j.future.2021.08.006}. V. K. Quy et al., "IoT-Enabled Smart Agriculture: Architecture, Applications, and Challenges," Applied Sciences, vol. 12, no. 7, p. 3396, 2022. [Online]. Available: \url{https://www.mdpi.com/2076-3417/12/7/3396}. \bibitem{r30} T. Vigneswari and N. Vijaya, "Smart livestock management using cloud IoT," Cloud IoT Syst. Smart Agric. Eng, vol. 1, pp. 55-74, 2022.
  • N. Satheeskanth, S. D. Marasinghe, R. M. L. M. P. Rathnayaka, A. Kunaraj, and J. Joy Mathavan, "IoT-Based Integrated Smart Home Automation System," in Ubiquitous Intelligent Systems, Singapore, P. Karuppusamy, I. Perikos, and F. P. García Márquez, Eds., 2022// 2022: Springer Singapore, pp. 341-355.
  • A. C. Jose and R. Malekian, "Improving Smart Home Security: Integrating Logical Sensing Into Smart Home," IEEE Sensors Journal, vol. 17, no. 13, pp. 4269-4286, 2017, doi: 10.1109/JSEN.2017.2705045.
  • Bridgera. \url{https://bridgera.com/sensors-and-actuators-in-iot/} (accessed).
  • Smarthomeblog. \url{https://smarthomeblog.net/smart-smoke-detector/} (accessed.
  • K. S. K, S. Sahoo, A. Mahapatra, A. K. Swain, and K. K. Mahapatra, "Security Enhancements to System on Chip Devices for IoT Perception Layer," in 2017 IEEE International Symposium on Nanoelectronic and Information Systems (iNIS), 18-20 Dec. 2017 2017, pp. 151-156, doi: 10.1109/iNIS.2017.39.
  • B. Yong, X. Liu, Q. Yu, L. Huang, and Q. Zhou, "Malicious Web traffic detection for Internet of Things environments," Computers & Electrical Engineering, vol. 77, pp. 260-272, 2019/07/01/ 2019, doi: \url{https://doi.org/10.1016/j.compeleceng.2019.06.008}. J. Giraldo, M. E. Hariri, and M. Parvania, "Decentralized Moving Target Defense for Microgrid Protection Against False-Data Injection Attacks," IEEE Transactions on Smart Grid, vol. 13, no. 5, pp. 3700-3710, 2022, doi: 10.1109/TSG.2022.3176246.
  • C. Liptak, S. Mal-Sarkar, and S. A. Kumar, "Power Analysis Side Channel Attacks and Countermeasures for the Internet of Things," in 2022 IEEE Physical Assurance and Inspection of Electronics (PAINE), 2022: IEEE, pp. 1-7.
  • A. N. Alahmadi, S. U. Rehman, H. S. Alhazmi, D. G. Glynn, H. Shoaib, and P. Solé, "Cyber-Security Threats and Side-Channel Attacks for Digital Agriculture," Sensors, vol. 22, no. 9, p. 3520, 2022. [Online]. Available: \url{https://www.mdpi.com/1424-8220/22/9/3520}.
  • C. H. Liao, H. H. Shuai, and L. C. Wang, "Eavesdropping prevention for heterogeneous Internet of Things systems," in 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), 12-15 Jan. 2018 2018, pp. 1-2, doi: 10.1109/CCNC.2018.8319297.
  • Y. Alotaibi and M. Ilyas, "Security risks in internet of things (IoT): a brief survey," in Proceedings of the 26th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI 2022), 2022, pp. 1-5.
  • R. Wang and Y. Yan, "A Survey of Secure Boot Schemes for Embedded Devices," in 2022 24th International Conference on Advanced Communication Technology (ICACT), 13-16 Feb. 2022 2022, pp. 224-227, doi: 10.23919/ICACT53585.2022.9728840.
  • APWG. \url{https://apwg.org/trendsreports/} (accessed).
  • C. Li and C. Chen, "A multi-stage control method application in the fight against phishing attacks," Proceeding of the 26th computer security academic communication across the country, p. 145, 2011.
  • M. Mittal, K. Kumar, and S. Behal, "Deep learning approaches for detecting DDoS attacks: A systematic review," Soft Computing, pp. 1-37, 2022.
  • C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, "DDoS in the IoT: Mirai and other botnets," Computer, vol. 50, no. 7, pp. 80-84, 2017. C. Silpa, G. Niranjana, and K. Ramani, "Securing Data from Active Attacks in IoT: An Extensive Study," in Proceedings of International Conference on Deep Learning, Computing and Intelligence: ICDCI 2021, 2022: Springer, pp. 51-64.
  • A. Bilal, S. M. N. Hasany, and A. H. Pitafi, "Effective modelling of sinkhole detection algorithm for edge‐based Internet of Things (IoT) sensing devices," IET Communications, vol. 16, no. 8, pp. 845-855, 2022.
  • S. A. Bhosale and S. S. Sonavane, "Wormhole Attack Detection System for IoT Network: A Hybrid Approach," Wireless Personal Communications, vol. 124, no. 2, pp. 1081-1108, 2022/05/01 2022, doi: 10.1007/s11277-021-09395-y.
  • S. Bandyopadhyay, M. Sengupta, S. Maiti, and S. Dutta, "A survey of middleware for internet of things," in Recent trends in wireless and mobile networks: Springer, 2011, pp. 288-296.
  • K. S, V. S, A. Singh, R. A, H. Saxena, and S. S. S, "Detection and Mitigation of Man-in-the-Middle Attack in IoT through Alternate Routing," in 2022 6th International Conference on Computing Methodologies and Communication (ICCMC), 29-31 March 2022 2022, pp. 341-345, doi: 10.1109/ICCMC53470.2022.9753832.
  • Q. Zhang and X. Wang, "SQL injections through back-end of RFID system," in 2009 International symposium on computer network and multimedia technology, 2009: IEEE, pp. 1-4.
  • R. Dorai and V. Kannan, "SQL injection-database attack revolution and prevention," J. Int'l Com. L. & Tech., vol. 6, p. 224, 2011. M. A. Razzaque, M. Milojevic-Jevric, A. Palade, and S. Clarke, "Middleware for internet of things: a survey," IEEE Internet of things journal, vol. 3, no. 1, pp. 70-95, 2015.
  • Acunetix. \url{https://www.acunetix.com/vulnerabilities/web/tag/insecure-deserialization/} (accessed).
  • J. Kumar, B. Rajendran, B. Bindhumadhava, and N. S. C. Babu, "XML wrapping attack mitigation using positional token," in 2017 International conference on public key infrastructure and its applications (PKIA), 2017: IEEE, pp. 36-42.
  • WS-Attacks. \url {https://www.ws-attacks.org/XML_Signature_Wrapping} (accessed).
  • I. H. Sarker, A. I. Khan, Y. B. Abushark, and F. Alsolami, "Internet of Things (IoT) Security Intelligence: A Comprehensive Overview, Machine Learning Solutions and Research Directions," Mobile Networks and Applications, 2022/03/14 2022, doi: 10.1007/s11036-022-01937-3. B. Gupta, P. Chaudhary, X. Chang, and N. Nedjah, "Smart defense against distributed Denial of service attack in IoT networks using supervised learning classifiers," Computers & Electrical Engineering, vol. 98, p. 107726, 2022.
  • citrix. \url{https://www.citrix.com/blogs/2015/07/24/securing-the-IoT-gateway/}"(accessed)
  • F. Kohnhäuser, S. Grüner, and J. Heuschkel, "Secure Onboarding of IIoT Devices using OPC UA," in 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA), 2022: IEEE, pp. 1-4.
  • A. Stanciu, T.-C. Balan, C. Gerigan, and S. Zamfir, "Securing the IoT gateway based on the hardware implementation of a multi pattern search algorithm," in 2017 International Conference on Optimization of Electrical and Electronic Equipment (OPTIM) & 2017 Intl Aegean Conference on Electrical Machines and Power Electronics (ACEMP), 2017: IEEE, pp. 1001-1006.
  • S.-C. Cha, J.-F. Chen, C. Su, and K.-H. Yeh, "A blockchain connected gateway for BLE-based devices in the internet of things," ieee access, vol. 6, pp. 24639-24649, 2018.
  • W.-J. Tsaur, J.-C. Chang, and C.-L. Chen, "A Highly Secure IoT Firmware Update Mechanism Using Blockchain," Sensors, vol. 22, no. 2, p. 530, 2022. [Online]. Available: \url{https://www.mdpi.com/1424-8220/22/2/530}.
  • W. Bekri, T. Layeb, J. Rihab, and L. C. Fourati, "Intelligent IoT Systems: security issues, attacks, and countermeasures," in 2022 International Wireless Communications and Mobile Computing (IWCMC), 2022: IEEE, pp. 231-236.
  • P. Yang, N. Xiong, and J. Ren, "Data security and privacy protection for cloud storage: A survey," IEEE Access, vol. 8, pp. 131723-131740, 2020.
  • S. A. Chaudhry, K. Yahya, F. Al-Turjman, and M. H. Yang, "A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems," IEEE Access, vol. 8, pp. 139244-139254, 2020, doi: 10.1109/ACCESS.2020.3012121.
  • S. B. B. Priyadarshini, S. K. Dash, A. Sahani, B. K. Mishra, and M. P. Nath, "An Introduction to Security in Internet of Things (IoT) and Big Data," A Roadmap for Enabling Industry 4.0 by Artificial Intelligence, pp. 169-200, 2022.
  • P. Chaudhary, B. B. Gupta, and A. K. Singh, "Securing heterogeneous embedded devices against XSS attack in intelligent IoT system," Computers & Security, vol. 118, p. 102710, 2022/07/01/ 2022, doi: \url{https://doi.org/10.1016/j.cose.2022.102710}.
  • S. N. Swamy, D. Jadhav, and N. Kulkarni, "Security threats in the application layer in IOT applications," in 2017 International conference on i-SMAC (iot in social, mobile, analytics and cloud)(i-SMAC), 2017: IEEE, pp. 477-480.
  • H. A. Abdul-Ghani, D. Konstantas, and M. Mahyoub, "A comprehensive IoT attacks survey based on a building-blocked reference model," International Journal of Advanced Computer Science and Applications, vol. 9, no. 3, 2018.
  • S. Ali, "Using Firewalls," in Computer Network Security: Wiley, 2020, pp. 79-100.
  • H. Abie, "An overview of firewall technologies," Telektronikk, vol. 96, no. 3, pp. 47-52, 2000.
  • M. S. Desai, T. C. Richards, and T. von der Embse, "System insecurity–firewalls," Information management & computer security, 2002. B. S. Rawal, G. Manogaran, and A. Peter, "Firewalls," in Cybersecurity and Identity Access Management: Springer, 2022, pp. 117-128.
  • J. Liang and Y. Kim, "Evolution of Firewalls: Toward Securer Network Using Next Generation Firewall," in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC), 26-29 Jan. 2022 2022, pp. 0752-0759, doi: 10.1109/CCWC54503.2022.9720435. P. C. van Oorschot and P. C. van Oorschot, "Firewalls and Tunnels," Computer Security and the Internet: Tools and Jewels from Malware to Bitcoin, pp. 281-308, 2021.
  • M. Pudelko, P. Emmerich, S. Gallenmüller, and G. Carle, "Performance analysis of VPN gateways," in 2020 IFIP Networking Conference (Networking), 2020: IEEE, pp. 325-333.
  • M. M. Ghonge, S. Pramanik, R. Mangrulkar, and D. N. Le, Cyber Security and Digital Forensics: Challenges and Future Trends. Wiley, 2022. A. Voronkov, L. H. Iwaya, L. A. Martucci, and S. Lindskog, "Systematic literature review on usability of firewall configuration," ACM Computing Surveys (CSUR), vol. 50, no. 6, pp. 1-35, 2017.
  • B. Komar, R. Beekelaar, and J. Wettern, Firewalls for dummies. John Wiley & Sons, 2003.
  • A. X. Liu, "Formal Verification of Firewall Policies," in 2008 IEEE International Conference on Communications, 19-23 May 2008 2008, pp. 1494-1498, doi: 10.1109/ICC.2008.289.
  • F. N. Nife and Z. Kotulski, "Application-Aware Firewall Mechanism for Software Defined Networks," Journal of Network and Systems Management, vol. 28, no. 3, pp. 605-626, 2020/07/01 2020, doi: 10.1007/s10922-020-09518-z.
  • P. André, "Firewalls," in Network Security: Wiley, 2014, pp. 215-235.
  • R. W. Anwar, T. Abdullah, and F. Pastore, "Firewall Best Practices for Securing Smart Healthcare Environment: A Review," Applied Sciences, vol. 11, no. 19, p. 9183, 2021.
  • P. Francis, "Network address translation (nat)," ACM SIGCOMM Computer Communication Review, vol. 45, no. 2, pp. 50-50, 2015. C. Scott, P. Wolfe, and M. Erwin, Virtual private networks. " O'Reilly Media, Inc.", 1999.
  • R. Lund, A. Fenzl, and C. Villanueva, "Distributed Firewall for IoT," 2020.
  • A. Herzog and N. Shahmehri, "Usability and Security of Personal Firewalls," in New Approaches for Security, Privacy and Trust in Complex Environments, Boston, MA, H. Venter, M. Eloff, L. Labuschagne, J. Eloff, and R. von Solms, Eds., 2007// 2007: Springer US, pp. 37-48. PCmag. \url{https://www.pcmag.com/reviews/luma-home-wifi-system} (accessed}.
  • J. Bugeja, A. Jacobsson, and P. Davidsson, "On privacy and security challenges in smart connected homes," in 2016 European Intelligence and Security Informatics Conference (EISIC), 2016: IEEE, pp. 172-175.
  • D. K. Madhugundu, F. Ahmed, and B. Roy, "A survey on security issues and challenges in IoT based smart home," in Proceedings of 3rd International Conference on Internet of Things and Connected Technologies (ICIoTCT), 2018, pp. 26-27.
There are 79 citations in total.

Details

Primary Language English
Subjects Dependable Systems, Cyberphysical Systems and Internet of Things
Journal Section Review Article
Authors

Mostafa Raeisi Varzaneh This is me

Adib Habbal 0000-0002-3939-2609

Omar Dakkak 0000-0001-9767-5685

Publication Date February 2, 2024
Published in Issue Year 2023 Volume: 1 Issue: 1

Cite