Skip to main content

Advertisement

Springer Nature Link
Log in

NB-IoT Security: A Survey

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

In the past few years, the term Internet of Things (IoT) has become very prevalent. In IoT, aggregation of data (from sensors) to processing the data (to the cloud) is energy constraint. To address this challenge, Narrowband- Internet of Things (NB-IoT) is becoming a popular choice for smart devices manufacturer due to its characteristics of high energy-efficient and long battery life. Researchers and academia have addressed the problem related to energy constraints, but it opens the door for security issues related to NB-IoT devices. In this paper, we have done a survey closely related to security issues related to NB-IoT technologies like RFID, WSN, WoT, and IoT. IoT is enabled with five-layered architectures, and each layer is prone to different security attacks. In this paper, we have provided a comparative analysis of security issues in a layer-based approach. We propose the different possible security attacks like shared node attack, synchronization attack, node failure attack, source code attack, and battery drainage attack associated with NB-IoT. To do the performance analysis of security attacks, related matrix, and their mathematical formulation is based on Secrecy Rate and Secrecy Outage Probability for the smart home application. This paper also raises security issues related to smart health and smart agriculture applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Source: Statista (2018)

Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

References

  1. Granjal, J., Monteiro, E., & SáSilva, J. (2015). Security for the Internet of Things: A survey of existing protocols and open research issues. IEEE Communications Surveys & Tutorials,17(3), 1294–1312.

    Google Scholar 

  2. Sajid, A., Abbas, H., & Saleem, K. (2016). Cloud-assisted IoT-based SCADA systems security: A review of the state of the art and future challenges. IEEE Access,4, 1375–1384.

    Google Scholar 

  3. Razzaque, M. A., Milojevic-Jevric, M., Palade, A., & Clarke, S. (2016). Middleware for Internet of Things: A Survey. IEEE Internet of Things Journal,3(1), 70–95.

    Google Scholar 

  4. Gozalvez, J. (2016). New 3GPP standard for IoT (mobile radio). IEEE Vehicular Technology Magazine,11(1), 14–20.

    Google Scholar 

  5. Li, S., Xu, L. D., & Zhao, S. (2014). The Internet of Things: A survey (pp. 243–259). New York: Springer.

    Google Scholar 

  6. Frustaci, M., Pace, P., Aloi, G., & Fortino, G. (2017). Evaluating critical security issues of the IoT world: Present and future challenges. IEEE Internet of Things Journal,5(4), 2483–2495.

    Google Scholar 

  7. Atzori, L., Iera, A., & Morabito, G. (2010). The Internet of Things: A survey. Computer Networks,54, 2787–2805.

    MATH  Google Scholar 

  8. Miorandi, D., Sicari, S., Pellegrini, F. D., & Chlamtac, I. (2012). Internet of Things: Vision, applications, and research challenges. Ad Hoc Networks,10(7), 1497–1516.

    Google Scholar 

  9. Singh, S., Sharma, P. K., Moon, S. Y., & Park, J. H. (2017). Advanced lightweight encryption algorithms for IoT devices: Survey, challenges, and solutions. Journal of Ambient Intelligence and Humanized Computing. https://doi.org/10.1007/s12652-017-0494-4.

    Article  Google Scholar 

  10. Cheng, C., Lu, R., Petzoldt, A., & Takagi, T. (2017). Securing the Internet of Things in a quantum world. IEEE Communications Magazine,55(2), 116–120.

    Google Scholar 

  11. Bormann, C., Castellani, A. P., & Shelby, Z. (2012). CoAP: An application protocol for billions of tiny internet nodes. IEEE Internet Computing,1(2), 62–67.

    Google Scholar 

  12. Premnath, S. N., & Haas, Z. J. (2015). Security and privacy in the Internet-of-Things under time-and-budget-limited adversary model. IEEE Wireless Communications Letters,4(3), 277–280.

    Google Scholar 

  13. Liu, J., & Sun, W. (2016). Smart attacks against intelligent wearables in people-centric Internet of Things. IEEE Communications Magazine,54, 44–49.

    Google Scholar 

  14. Sedjelmaci, H., Senouci, S. M., & Taleb, T. (2017). An accurate security game for low-resource IoT devices. IEEE Transactions on Vehicular Technology,66, 9381–9393.

    Google Scholar 

  15. Cheng, S. M., Chen, P. Y., Lin, C. C., & Hsiao, H. C. (2017). Traffic-aware patching for cyber security in mobile IoT. IEEE Communications Magazine,55, 29–35.

    Google Scholar 

  16. Chen, J., Hu, K., Wang, Q., Sun, Y., Shi, Z., & He, S. (2017). Narrowband internet of things: Implementations and applications. IEEE Internet of Things Journal,4(6), 2309–2314.

    Google Scholar 

  17. Elsaadany, M., Ali, A., & Hamouda, W. (2017). Cellular LTE-A technologies for the future Internet-of-Things: Physical layer features and challenges. IEEE Communications Surveys & Tutorials,19(4), 2544–2572.

    Google Scholar 

  18. Yang, W., Wang, M., Zhang, J., Zou, J., Hua, M., Xia, T., et al. (2017). Narrow band wireless access for low-power massive internet of things: A bandwidth perspective. IEEE Wireless Communications,24(3), 138–145.

    Google Scholar 

  19. Finnegan, J., & Brown, S. (2018). A comparative survey of LPWA networking.

  20. Juels, A. (2006). RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications,24(2), 381–394.

    MathSciNet  Google Scholar 

  21. http://www.radio-electronics.com/info/wireless/radio-frequency-identifi-cation-rfid/iso-epcglobal-iec-standards.php.

  22. Bu, K., Xu, M., Liu, X., Luo, J., Zhang, S., & Weng, M. (2015). Deterministic detection of cloning attacks for anonymous RFID systems. IEEE Transactions on Industrial Informatics,11(6), 1255–1266.

    Google Scholar 

  23. Xiao, Q., Gibbons, T., & Lebrun, H. (2008). RFID technology, security vulnerabilities, and countermeasures.

  24. Burmester, M., & De Medeiros, B. (2007). RFID security: Attacks, countermeasures and challenges. In The 5th RFID academic convocation, the RFID journal conference.

  25. Rotter, P. (2008). A framework for assessing RFID system security and privacy risks. IEEE Pervasive Computing,7(2), 70–77.

    Google Scholar 

  26. Bu, K., Weng, M., Zheng, Y., Xiao, B., & Liu, X. (2017). You can clone but you cannot hide: A survey of clone prevention and detection for RFID. IEEE Communications Surveys & Tutorials,19(3), 1682–1700.

    Google Scholar 

  27. Wang, K. H., Chen, C. M., Fang, W., & Wu, T. Y. (2017). On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. The Journal of Supercomputing,74, 65–70.

    Google Scholar 

  28. Fan, K., Jiang, W., Li, H., & Yang, Y. (2018). Lightweight RFID protocol for medical privacy protection in IoT. IEEE Transactions on Industrial Informatics,14(4), 1656–1665.

    Google Scholar 

  29. https://www.silabs.com/documents/public/white-papers/evolution-of-wir-eless-sensor-networks.pdf.

  30. Wang, Q., & Balasingham, I. (2010). Wireless sensor networks—An introduction. In Y. Kheng Tan (Ed.), Application-centric design. ISBN: 978-953-307-321-7.

  31. Jha R. K., Dalal, U. D. & Bholebawa, I. Z. (2012). Performance analysis of black hole attack on WiMAX-WLAN interface network. In Third international conference on computer and communication technology, Allahabad, pp. 303–308.

  32. Liu, Y., Dong, M., Ota, K., & Liu, A. (2016). ActiveTrust: Secure and trustable routing in wireless sensor networks. IEEE Transactions on Information Forensics and Security,11(9), 2013–2027.

    Google Scholar 

  33. Sen, A., & Madria, S. (2017). Risk assessment in a sensor cloud framework using attack graphs. IEEE Transactions on Services Computing,10(6), 942–955.

    Google Scholar 

  34. Yuxing, M., Huiyuan, Z., & Dongmei, Y. (2018). Weak node protection to maximize the lifetime of wireless sensor networks. Journal of Systems Engineering and Electronics,29(4), 693–706.

    Google Scholar 

  35. Gandino, F., Ferrero, R., & Rebaudengo, M. (2017). A key distribution scheme for mobile wireless sensor networks: q-s-composite. IEEE Transactions on Information Forensics and Security,12(1), 34–47.

    Google Scholar 

  36. Guinard, D., Trifa, V., Mattern, F., & Wilde, E. (2011). From the Internet of Things to the Web of Things: Resource oriented architecture and best practices.

  37. Xie, W., Tang, Y., Chen, S., Zhang, Y., & Gao, Y. (2016). Security of Web of Things: A survey (pp. 61–70). Dordrecht: Springer.

    Google Scholar 

  38. Barka, E., Mathew, S. S., & Atif, Y. (2015). Securing the Web of Things with role-based access control (pp. 14–26). Dordrecht: Springer.

    MATH  Google Scholar 

  39. Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the Internet of Things: Perspectives and challenges. Wireless Network,20, 2481–2501. https://doi.org/10.1007/s11276-014-0761-7.

    Article  Google Scholar 

  40. Bandyopadhyay, D., & Sen, J. (2011). Internet of Things: Applications and challenges in technology and standardization. Wireless Personal Communication,58, 49–69.

    Google Scholar 

  41. Xu, L. D., He, W., & Li, S. (2014). Internet of Things in industries: A Survey. IEEE Transactions on Industrial Informatics,10(4), 2233–2243.

    Google Scholar 

  42. Ge, M., Hong, J. B., Guttmann, W., & Kim, D. S. (2017). A framework for automating security analysis of the internet of things. Journal of Network and Computer Applications,83, 12–27.

    Google Scholar 

  43. Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of internet services and applications.,4(1), 5.

    Google Scholar 

  44. Shah, H., Anandane, S. S., & Shrikanth. (2013). Security issues on cloud computing. arXiv:1308.5996.

  45. Aris, A., Oktug, S. F., & Yalcin, S. B. O. (2015). Internet-of-Things security: Denial of service attacks. In Signal processing and communications applications conference (SIU).

  46. Illiano, V. P., & Lupu, E. C. (2015). Detecting malicious data injections in event detection wireless sensor networks. IEEE Transactions on Network and Service Management,12(3), 496–510.

    Google Scholar 

  47. Xu, K., Zhang, X., Song, M., & Song, J. (2009). Mobile Mashup: Architecture, challenges and suggestions. International Conference on Management and Service Science, Wuhan,2009, 1–4.

    Google Scholar 

  48. Feng, Y., Wang, W., Weng, Y., & Zhang, H. (2017). A replay-attack resistant authentication scheme for the Internet of Things. In IEEE international conference on computational science and engineering (CSE) and IEEE international conference on embedded and ubiquitous computing (EUC), Guangzhou, pp. 541–547.

  49. Cyr, B., Horn, W., Miao, D., Specter, M. (2014). Security analysis of wearable fitness devices (Fitbit). Massachusetts Institute of Technology Cambridge, Massachusetts, USA.

  50. Cekerevac, Z., Dvorak, Z., Prigoda, L., & Cekerevac, P. (2017). Internet of Things and the man-in-the-middle attacks-security and economic risks. MEST Journal,5(2), 15–25.

    Google Scholar 

  51. Mohammadi, S., & Jadidoleslamy, H. (2011). A comparison of link layer attacks on wireless sensor networks. International Journal on Applications of Graph Theory in Wireless Ad Hoc Networks and Sensor Networks (GRAPH-HOC),3(1), 35–56.

    Google Scholar 

  52. Zhang, K., Liang, X., Lu, R., & Shen, X. (2014). Sybil attacks and their defenses in the Internet of Things. IEEE Internet of Things Journal,1(5), 372–383.

    Google Scholar 

  53. Campus, N. M., Govindapura, G., & Yelahanka, B. (2018). Denial-of-service or flooding attack in IoT routing. International Journal of Pure and Applied Mathematics.,118(19), 29–42.

    Google Scholar 

  54. Benzarti, S., Triki, B., & Korbaa, O. (2018). Survey on attacks in Internet of Things based networks. In 2017 International conference on engineering & MIS (ICEMIS).

  55. Mosenia, A., & Jha, N. K. (2016). A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing.,5(4), 586–602.

    Google Scholar 

  56. Salehi, A., Razzaque, M. A., Naraei, P., & Farrokhtala, A. (2013). Detection of sinkhole attack in wireless sensor networks. In IEEE international conference on space science and communication (IconSpace), pp. 361–365.

  57. Namvar, N., Saad, W., Bahadori, N., & Kelley, B. (2016). Jamming in the Internet of Things: A game-theoretic perspective. In IEEE global communications conference (GLOBECOM), pp. 1–6.

  58. Jokhio, S. H., Jokhio, I. A., & Kemp, A. H. (2012). Node capture attack detection and defence in wireless sensor networks. IET Wireless Sensor Systems,2(3), 161–169.

    Google Scholar 

  59. Abawajy, J. (2009). Enhancing RFID tag resistance against cloning attack. In 2009 Third international conference on network and system security, Gold Coast, QLD, pp. 18–23.

  60. Ling, Z., Luo, J., Xu, Y., Gao, C., Wu, K., & Fu, X. (2017). Security vulnerabilities of Internet of Things: A case study of the smart plug system. IEEE Internet of Things Journal,4(6), 1899–1909.

    Google Scholar 

  61. Singh, S., Sharma, P. K., Moon, S. Y., & Park, J. H. (2017). Advanced lightweight encryption algorithms for IoT devices: Survey, challenges, and solutions. Berlin: Springer.

    Google Scholar 

  62. Yang, X., Wang, X., Wu, Y., Qian, L. P., Lu, W., & Zhou, H. (2018). Small-cell assisted secure traffic offloading for narrowband Internet of Thing (NB-IoT) systems. IEEE Internet of Things Journal,5(3), 1516–1526.

    Google Scholar 

  63. Safi, A. (2017). Improving the security of Internet of things using encryption algorithms. World Academy of Science, Engineering and Technology, International Journal of Computer and Information Engineering,11(5), 546–549.

    MathSciNet  Google Scholar 

  64. Lee, J., & Lim, D. (2014). Parallel architecture for high-speed block cipher, HIGHT. International Journal of Security and Its Applications,8(2), 59–66.

    Google Scholar 

  65. Shen, S., Huang, L., Zhou, H., Yu, S., Fan, E., & Cao, Q. (2018). Multistage signaling game-based optimal detection strategies for suppressing malware diffusion in fog-cloud-based IoT networks. IEEE Internet of Things Journal,5(2), 1043–1054.

    Google Scholar 

  66. Usman, M., Ahmed, I., Aslam, M. I., Khan, S., & Shah, U. A. (2017). SIT: A lightweight encryption algorithm for secure Internet of Things. International Journal of Advanced Computer Science and Applications,8(1), 2017. https://doi.org/10.14569/IJACSA.2017.080151.

    Article  Google Scholar 

  67. Xiao, G., Guo, J., Xu, L. D., & Gong, Z. (2014). User interoperability with heterogeneous IoT devices through transformation. IEEE Transactions on Industrial Informatics,10(2), 1486–1496.

    Google Scholar 

  68. Kar, S. (2014). Internet of Things will multiply the digital universe data to 44 trillion GBs by 2020 (online document). http://cloudtimes.org/2014/04/17/internet-of-things-will-multiply-thedigital-universe-data-to-44-trillion-gbs-by-2020.

  69. Bandyopadhyay, D., & Sen, J. (2011). Internet of Things: Applications and challenges in technology and standardization. Wireless Personal Communications,58(1), 49–69.

    Google Scholar 

  70. Islam, S. M. R., Kwak, D., Kabir, M. H., Hossain, M., & Kwak, K. S. (2015). The Internet of Things for health care: A comprehensive survey. IEEE Access,3, 678–708.

    Google Scholar 

  71. Boisguene, R., Tseng, S. C., Huang, C. W., & Lin, P. (2017). A survey on NB-IoT downlink scheduling: issues and potential solutions. In International wireless communications and mobile computing conference, pp. 547–551.

  72. Hoymann, C., Astely, D., Stattin, M., Wikström, G., Cheng, J. F., Höglund, A., et al. (2016). LTE release 14 outlook. IEEE Communication Magazine,54, 44–49.

    Google Scholar 

  73. Rico-Alvarino, A., et al. (2016). An overview of 3GPP enhancements on machine to machine communications. IEEE Communications Magazine,54(6), 14–21.

    Google Scholar 

  74. Rajashree, S., Soman, K. S., & Shah, P. G. (2018). Security with IP address assignment and spoofing for smart IOT devices. In 2018 international conference on advances in computing, communications and informatics (ICACCI), Bangalore, pp. 1914–1918.

  75. Gupta, A., Jha, R. K., Gandotra, P., & Jain, S. (2018). Bandwidth spoofing and intrusion detection system for multistage 5G wireless communication network. IEEE Transactions on Vehicular Technology,67(1), 618–632.

    Google Scholar 

  76. Barros, J., & Rodrigues, M. R. D. (2006). Secrecy capacity of wireless channels. In 2006 IEEE international symposium on information theory, Seattle, WA, pp. 356–360.

  77. Rawat, D. B., White, T., Parwez, M. S., Bajracharya, C., & Song, M. (2017). Evaluating secrecy outage of physical layer security in large-scale MIMO wireless communications for cyber-physical systems. IEEE Internet of Things Journal,4(6), 1987–1993.

    Google Scholar 

  78. Zou, Y., Zhu, J., Wang, G., & Shao, H. (2014). Secrecy outage probability analysis of multi-user multi-eavesdropper wireless systems. In 2014 IEEE/CIC international conference on communications in China (ICCC), Shanghai, pp. 309–313.

  79. Chen, G., Coon, J. P., & Di Renzo, M. (2017). Secrecy outage analysis for downlink transmissions in the presence of randomly located eavesdroppers. IEEE Transactions on Information Forensics and Security,12(5), 1195–1206.

    Google Scholar 

  80. Chrysikos, T., Dagiuklas, T., & Kotsopoulos, S. (2010). A closed-form expression for outage secrecy capacity in wireless information: Theoretic security. Wireless Telecommunications Laboratory, pp. 3–12.

  81. PACEMAKER System Specification. (2007). Copyright 2007 Boston Scientific January 3.

  82. Brachmann, M., Keoh, S. L., Morchon, O. G., & Kumar, S. S. (2012). End-to-end transport security in the IP-based Internet of Things. In 2012 21st International conference on computer communications and networks (ICCCN), Munich, pp. 1–5.

  83. Rullo, A., Midi, D., Serra, E., & Bertino, E. (2017). Pareto optimal security resource allocation for Internet of Things. ACM Transactions on Privacy and Security,20(4), 1–30.

    Google Scholar 

  84. Wu, H., & Wang, W. (2018). A game theory based collaborative security detection method for Internet of Things systems. IEEE Transactions on Information Forensics and Security,13(6), 1432–1445.

    Google Scholar 

  85. Meidan, Y., Bohadana, M., Shabtai, A., Ochoa, M., Tippenhauer, N. O., Guarnizo, J. D., & Elovici, Y. (2017). Detection of unauthorized IoT devices using machine learning techniques. arXiv:1709.04647v1.

  86. Chatterjee, B., Das, D., Maity, S., & Sen, S. (2019). RF-PUF: Enhancing IoT security through authentication of wireless nodes using in-situ machine learning. IEEE Internet of Things Journal,6(1), 388–398.

    Google Scholar 

  87. Azmoodeh, A., Dehghantanha, A., & Choo, K. R. (2019). Robust Malware detection for internet of (battlefield) Things devices using deep eigenspace learning. IEEE Transactions on Sustainable Computing,4(1), 88–95.

    Google Scholar 

  88. https://ec.europa.eu/programmes/horizon2020/what-horizon-2020.

Download references

Acknowledgements

The authors thankfully acknowledge the support provided by SMVDU-TBIC and 5G & IoT Laboratory, School of Electronics and Communication Engineering at Sri Mata Vaishno Devi University, Katra.

Author information

Authors and Affiliations

  1. School of Computer Science Engineering, Shri Mata Vaishno Devi University, Katra, J&K, India

    Vinod Kumar

  2. School of Electronics and Communication Engineering, Shri Mata Vaishno Devi University, Katra, J&K, India

    Rakesh Kumar Jha

  3. IIITDM Jabalpur, Jabalpur, Madhya Pradesh, India

    Sanjeev Jain

Authors
  1. Vinod Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rakesh Kumar Jha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sanjeev Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rakesh Kumar Jha.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix

Appendix

1.1 IoT Security Projects

Under various research projects, the most prominent research and innovation programs are funded by the European Union named Horizon 2020. The funding of this program is 80 billion euros and available for the 7-year duration (2014–2020) [88]. Stanford, University of Michigan, and UC Barkley are collaboratively working on a 5-year project named Secure Internet of Things Project (SITP). It was started in September-2016 to research fundamentally new and better ways to secure the IoT and make them easy to use. They are working in this area. Table 6 shown below describes the various projects running currently worldwide. Most of the projects aim to provide end to end secure transmission between devices, implementing security techniques, and working towards the smart city. Various IoT projects running in European countries are working towards smart business, smart country, and removing various security vulnerabilities.

Table 6 Current ongoing NB-IoT/IoT security-related activities
Full size table

1.2 List of abbreviations

See Table 7.

Table 7 List of abbreviations
Full size table

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumar, V., Jha, R.K. & Jain, S. NB-IoT Security: A Survey. Wireless Pers Commun 113, 2661–2708 (2020). https://doi.org/10.1007/s11277-020-07346-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07346-7

Keywords

Search

Navigation