Skip to main content

IoT Insider Attack - Survey

  • Conference paper
  • First Online:
Smart Grid and Internet of Things (SGIoT 2019)

Abstract

The “Internet of things” (IoT) creating a perfect storm in the smart world. Due to the availability of internet and capabilities of devices, sensors-based technologies becoming popular day by day. It now opens the opportunities for overcoming many new challenges. Any device with on/off capability connecting through the internet via sensor can be an IoT device which includes a coffee machine, light, hand watch, headphones, washing machine, mobile phones, car, CCTV camera and so on. Simply we can say connecting things to people via the internet and controlling remotely is the great advantage of IoT. In our daily life, the IoT is widely used which includes transportation, health, education, security and so on. Imagine how IoT can make our life easier, based on your set alarm when you wake up if it can notify your coffee machine to prepare coffee for you that will save you time. Despite those advantages, the IoT based system is not free from vulnerabilities. Different types of attacks make the system vulnerable and tried to exploit the system and creating obstacles from its growth. Here we will explore IoT attacks and the relevant technologies associated along with machine learning strategies that exist to overcome those obstacles.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  • Abdur Razzaq, M., Habib, S., Ali, M., Ullah, S.: Security issues in the Internet of Things (IoT): a comprehensive study. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 8(6), 383–388 (2017)

    Google Scholar 

  • Ahemd, M.M., Shah, M.A., Wahid, A.: IoT security: a layered approach for attacks & defenses. Paper presented at the 2017 International Conference on Communication Technologies (ComTech), 19–21 April 2017

    Google Scholar 

  • Ahmed, F., Ko, Y.B.: Mitigation of black hole attacks in routing protocol for low power and lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016)

    Article  Google Scholar 

  • Ali, B., Awad, A.: Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3), 817 (2018)

    Article  Google Scholar 

  • Arış, A., Oktuğ, S.F., Voigt, T.: Security of Internet of Things for a reliable Internet of Services. In: Ganchev, I., van der Mei, R.D., van den Berg, H. (eds.) Autonomous Control for a Reliable Internet of Services. LNCS, vol. 10768, pp. 337–370. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-90415-3_13

    Chapter  Google Scholar 

  • Be-Nazir, N., Ibn Minar, N., Tarique, M.: Bluetooth security threats and solutions: a survey. Int. J. Distrib. Parallel Syst. 3(1), 127 (2012)

    Article  Google Scholar 

  • Dowling, S., Schukat, M., Melvin, H.: A ZigBee honeypot to assess IoT cyberattack behaviour. Paper Presented at the 2017 28th Irish Signals and Systems Conference (ISSC), 20–21 June 2017

    Google Scholar 

  • Dvir, A., Holczer, T., Buttyan, L.: VeRA - version number and rank authentication in RPL. Paper Presented at the 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, 17–22 October 2011

    Google Scholar 

  • Jang-Jaccard, J., Nepal, S.: A survey of emerging threats in cybersecurity. J. Comput. Syst. Sci. 80(5), 973–993 (2014)

    Article  MathSciNet  Google Scholar 

  • Kamble, A., Malemath, V.S., Patil, D.: Security attacks and secure routing protocols in RPL-based Internet of Things: survey. Paper Presented at the 2017 International Conference on Emerging Trends & Innovation in ICT (ICEI), 3–5 February 2017

    Google Scholar 

  • Kammüller, F., Nurse, J.R.C., Probst, C.W.: Attack tree analysis for insider threats on the IoT USING Isabelle. In: Tryfonas, T. (ed.) HAS 2016. LNCS, vol. 9750, pp. 234–246. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39381-0_21

    Chapter  Google Scholar 

  • Landsmann, M., Wahlisch, M., Schmidt, T.C.: Topology authentication in RPL. Paper Presented at the 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 14–19 April 2013

    Google Scholar 

  • Li, H., Chen, Y., He, Z.: The Survey of RFID attacks and defenses. Paper Presented at the 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing, 21–23 September 2012

    Google Scholar 

  • Liang, L., Zheng, K., Sheng, Q., Huang, X.: A denial of service attack method for an IoT system. Paper Presented at the 2016 8th International Conference on Information Technology in Medicine and Education (ITME), 23–25 December 2016

    Google Scholar 

  • Mangelkar, S., Dhage, S.N., Nimkar, A.V.: A comparative study on RPL attacks and security solutions. Paper Presented at the 2017 International Conference on Intelligent Computing and Control (I2C2), 23–24 June 2017

    Google Scholar 

  • Meidan, Y., et al.: N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018). https://doi.org/10.1109/MPRV.2018.03367731

    Article  Google Scholar 

  • Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Front. 12(5), 491–505 (2010). https://doi.org/10.1007/s10796-009-9210-z

    Article  Google Scholar 

  • Mustapha, H., Alghamdi, A.M.: DDoS attacks on the Internet of Things and their prevention methods. Paper Presented at the Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, Amman, Jordan (2018)

    Google Scholar 

  • Nawir, M., Amir, A., Yaakob, N., Lynn, O.B.: Internet of Things (IoT): taxonomy of security attacks. Paper Presented at the 2016 3rd International Conference on Electronic Design (ICED), 11–12 August 2016

    Google Scholar 

  • Nurse, J.R.C., Erola, A., Agrafiotis, I., Goldsmith, M., Creese, S.: Smart insiders: exploring the threat from insiders using the Internet-of-Things. Paper Presented at the 2015 International Workshop on Secure Internet of Things (SIoT), 21–25 September 2015

    Google Scholar 

  • Ojo, M., Giordano, S., Procissi, G., Seitanidis, I.: A review of low-end, middle-end and high-end IoT devices. IEEE Access 6, 70528–70554 (2018)

    Article  Google Scholar 

  • Olawumi, O., Haataja, K., Asikainen, M., Vidgren, N., Toivanen, P.: Three practical attacks against ZigBee security: attack scenario definitions, practical experiments, countermeasures, and lessons learned. Paper Presented at the 2014 14th International Conference on Hybrid Intelligent Systems, 14–16 December 2014

    Google Scholar 

  • Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013). https://doi.org/10.1016/j.adhoc.2013.04.014

    Article  Google Scholar 

  • Stubblefield, A., Ioannidis, J., D. Rubin, A.: Using the Fluhrer, Mantin, and Shamir Attack to break WEP (2002)

    Google Scholar 

  • Thamilarasu, G., Chawla, S.: Towards deep-learning-driven intrusion detection for the Internet of Things. Sensors 19(9), 1977 (2019). https://doi.org/10.3390/s19091977

    Article  Google Scholar 

  • Tri-Hai Nguyen, M.Y.: A hybrid prevention method for eavesdropping attack by link spoofing in software-defined Internet of Things controllers. Int. J. Distrib. Sens. Netw. (2017)

    Google Scholar 

  • Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013a). https://doi.org/10.1155/2013/794326

    Article  Google Scholar 

  • Wurzinger, P., Platzer, C., Ludl, C., Kirda, E., Kruegel, C.: SWAP: mitigating XSS attacks using a reverse proxy (2009)

    Google Scholar 

  • Yair Meidan, M.B., Shabtai, A., Ochoa, M., Tippenhauer, N.O., Guarnizo, J.D., Elovici, Y.: Detection of unauthorized IoT devices using machine learning techniques (2017). https://arxiv.org/abs/1709.04647

  • Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined Internet of Things framework. IEEE Access 6, 24694–24705 (2018). https://doi.org/10.1109/ACCESS.2018.2831284

    Article  Google Scholar 

  • Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the Internet of Things. IEEE IoT J. 1(5), 372–383 (2014). https://doi.org/10.1109/JIOT.2014.2344013

    Article  Google Scholar 

  • Zhou, W., Jia, Y., Peng, A., Zhang, Y., Liu, P.: The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE IoT J. 6(2), 1606–1616 (2019)

    Google Scholar 

  • Ray, B., Huda, S., Chowdhury, M.U.: Smart RFID reader protocol for malware detection. In: 2011 12th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, Sydney, NSW, 2011, pp. 64–69 (2011)

    Google Scholar 

  • Ray, B.R., Chowdhury, M., Abawajy, J.: StenoCipher to provide data confidentiality and tampered data recovery for RFID tag. In: Lee, R. (ed.) Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing 2012. Studies in Computational Intelligence, vol. 443, pp. 37–51. Springer, Berlin (2012). https://doi.org/10.1007/978-3-642-32172-6_4

    Chapter  Google Scholar 

  • Ray, B., Chowdhury, M., Abawajy, J.: Hybrid approach to ensure data confidentiality and tampered data recovery for RFID tag. Int. J. Netw. Distrib. Comput. 1(2), 79–88 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Morshed U. Chowdhury .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chowdhury, M.U., Doss, R., Ray, B., Rajasegarar, S., Chowdhury, S. (2020). IoT Insider Attack - Survey. In: Deng, DJ., Pang, AC., Lin, CC. (eds) Smart Grid and Internet of Things. SGIoT 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 324. Springer, Cham. https://doi.org/10.1007/978-3-030-49610-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-49610-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-49609-8

  • Online ISBN: 978-3-030-49610-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics