Abstract
The “Internet of things” (IoT) creating a perfect storm in the smart world. Due to the availability of internet and capabilities of devices, sensors-based technologies becoming popular day by day. It now opens the opportunities for overcoming many new challenges. Any device with on/off capability connecting through the internet via sensor can be an IoT device which includes a coffee machine, light, hand watch, headphones, washing machine, mobile phones, car, CCTV camera and so on. Simply we can say connecting things to people via the internet and controlling remotely is the great advantage of IoT. In our daily life, the IoT is widely used which includes transportation, health, education, security and so on. Imagine how IoT can make our life easier, based on your set alarm when you wake up if it can notify your coffee machine to prepare coffee for you that will save you time. Despite those advantages, the IoT based system is not free from vulnerabilities. Different types of attacks make the system vulnerable and tried to exploit the system and creating obstacles from its growth. Here we will explore IoT attacks and the relevant technologies associated along with machine learning strategies that exist to overcome those obstacles.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abdur Razzaq, M., Habib, S., Ali, M., Ullah, S.: Security issues in the Internet of Things (IoT): a comprehensive study. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 8(6), 383–388 (2017)
Ahemd, M.M., Shah, M.A., Wahid, A.: IoT security: a layered approach for attacks & defenses. Paper presented at the 2017 International Conference on Communication Technologies (ComTech), 19–21 April 2017
Ahmed, F., Ko, Y.B.: Mitigation of black hole attacks in routing protocol for low power and lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016)
Ali, B., Awad, A.: Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3), 817 (2018)
Arış, A., Oktuğ, S.F., Voigt, T.: Security of Internet of Things for a reliable Internet of Services. In: Ganchev, I., van der Mei, R.D., van den Berg, H. (eds.) Autonomous Control for a Reliable Internet of Services. LNCS, vol. 10768, pp. 337–370. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-90415-3_13
Be-Nazir, N., Ibn Minar, N., Tarique, M.: Bluetooth security threats and solutions: a survey. Int. J. Distrib. Parallel Syst. 3(1), 127 (2012)
Dowling, S., Schukat, M., Melvin, H.: A ZigBee honeypot to assess IoT cyberattack behaviour. Paper Presented at the 2017 28th Irish Signals and Systems Conference (ISSC), 20–21 June 2017
Dvir, A., Holczer, T., Buttyan, L.: VeRA - version number and rank authentication in RPL. Paper Presented at the 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, 17–22 October 2011
Jang-Jaccard, J., Nepal, S.: A survey of emerging threats in cybersecurity. J. Comput. Syst. Sci. 80(5), 973–993 (2014)
Kamble, A., Malemath, V.S., Patil, D.: Security attacks and secure routing protocols in RPL-based Internet of Things: survey. Paper Presented at the 2017 International Conference on Emerging Trends & Innovation in ICT (ICEI), 3–5 February 2017
Kammüller, F., Nurse, J.R.C., Probst, C.W.: Attack tree analysis for insider threats on the IoT USING Isabelle. In: Tryfonas, T. (ed.) HAS 2016. LNCS, vol. 9750, pp. 234–246. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39381-0_21
Landsmann, M., Wahlisch, M., Schmidt, T.C.: Topology authentication in RPL. Paper Presented at the 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 14–19 April 2013
Li, H., Chen, Y., He, Z.: The Survey of RFID attacks and defenses. Paper Presented at the 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing, 21–23 September 2012
Liang, L., Zheng, K., Sheng, Q., Huang, X.: A denial of service attack method for an IoT system. Paper Presented at the 2016 8th International Conference on Information Technology in Medicine and Education (ITME), 23–25 December 2016
Mangelkar, S., Dhage, S.N., Nimkar, A.V.: A comparative study on RPL attacks and security solutions. Paper Presented at the 2017 International Conference on Intelligent Computing and Control (I2C2), 23–24 June 2017
Meidan, Y., et al.: N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018). https://doi.org/10.1109/MPRV.2018.03367731
Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Front. 12(5), 491–505 (2010). https://doi.org/10.1007/s10796-009-9210-z
Mustapha, H., Alghamdi, A.M.: DDoS attacks on the Internet of Things and their prevention methods. Paper Presented at the Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, Amman, Jordan (2018)
Nawir, M., Amir, A., Yaakob, N., Lynn, O.B.: Internet of Things (IoT): taxonomy of security attacks. Paper Presented at the 2016 3rd International Conference on Electronic Design (ICED), 11–12 August 2016
Nurse, J.R.C., Erola, A., Agrafiotis, I., Goldsmith, M., Creese, S.: Smart insiders: exploring the threat from insiders using the Internet-of-Things. Paper Presented at the 2015 International Workshop on Secure Internet of Things (SIoT), 21–25 September 2015
Ojo, M., Giordano, S., Procissi, G., Seitanidis, I.: A review of low-end, middle-end and high-end IoT devices. IEEE Access 6, 70528–70554 (2018)
Olawumi, O., Haataja, K., Asikainen, M., Vidgren, N., Toivanen, P.: Three practical attacks against ZigBee security: attack scenario definitions, practical experiments, countermeasures, and lessons learned. Paper Presented at the 2014 14th International Conference on Hybrid Intelligent Systems, 14–16 December 2014
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013). https://doi.org/10.1016/j.adhoc.2013.04.014
Stubblefield, A., Ioannidis, J., D. Rubin, A.: Using the Fluhrer, Mantin, and Shamir Attack to break WEP (2002)
Thamilarasu, G., Chawla, S.: Towards deep-learning-driven intrusion detection for the Internet of Things. Sensors 19(9), 1977 (2019). https://doi.org/10.3390/s19091977
Tri-Hai Nguyen, M.Y.: A hybrid prevention method for eavesdropping attack by link spoofing in software-defined Internet of Things controllers. Int. J. Distrib. Sens. Netw. (2017)
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based Internet of Things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013a). https://doi.org/10.1155/2013/794326
Wurzinger, P., Platzer, C., Ludl, C., Kirda, E., Kruegel, C.: SWAP: mitigating XSS attacks using a reverse proxy (2009)
Yair Meidan, M.B., Shabtai, A., Ochoa, M., Tippenhauer, N.O., Guarnizo, J.D., Elovici, Y.: Detection of unauthorized IoT devices using machine learning techniques (2017). https://arxiv.org/abs/1709.04647
Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined Internet of Things framework. IEEE Access 6, 24694–24705 (2018). https://doi.org/10.1109/ACCESS.2018.2831284
Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the Internet of Things. IEEE IoT J. 1(5), 372–383 (2014). https://doi.org/10.1109/JIOT.2014.2344013
Zhou, W., Jia, Y., Peng, A., Zhang, Y., Liu, P.: The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE IoT J. 6(2), 1606–1616 (2019)
Ray, B., Huda, S., Chowdhury, M.U.: Smart RFID reader protocol for malware detection. In: 2011 12th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, Sydney, NSW, 2011, pp. 64–69 (2011)
Ray, B.R., Chowdhury, M., Abawajy, J.: StenoCipher to provide data confidentiality and tampered data recovery for RFID tag. In: Lee, R. (ed.) Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing 2012. Studies in Computational Intelligence, vol. 443, pp. 37–51. Springer, Berlin (2012). https://doi.org/10.1007/978-3-642-32172-6_4
Ray, B., Chowdhury, M., Abawajy, J.: Hybrid approach to ensure data confidentiality and tampered data recovery for RFID tag. Int. J. Netw. Distrib. Comput. 1(2), 79–88 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Chowdhury, M.U., Doss, R., Ray, B., Rajasegarar, S., Chowdhury, S. (2020). IoT Insider Attack - Survey. In: Deng, DJ., Pang, AC., Lin, CC. (eds) Smart Grid and Internet of Things. SGIoT 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 324. Springer, Cham. https://doi.org/10.1007/978-3-030-49610-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-49610-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49609-8
Online ISBN: 978-3-030-49610-4
eBook Packages: Computer ScienceComputer Science (R0)