Journal of Cyber Security and Risk Auditing

ISSN: 3079-5354 (Online)

Publishing model:

: Open access

Towards Trustworthy IoT Systems: Cybersecurity Threats, Frameworks, and Future Directions

by 

Thanaa Alsalem ;

Mohammed Amin

PDF logoPDF

Published: 2023/02/10

Abstract

The Internet of Things (IoT) is becoming increasingly integrated into our daily lives. However, this rapid expansion raises significant concerns about future cybersecurity risks and the trustworthiness of this promising technology. This study aims to consolidate existing knowledge on the various cyberattacks and challenges facing IoT security, as well as to review the frameworks and solutions that have been proposed to address them. Additionally, it explores emerging trends and identifies gaps in the current IoT cybersecurity landscape. The literature review revealed that privacy breaches and cybercrimes remain the most pressing concerns. Artificial intelligence has emerged as a promising approach to enhancing cybersecurity in IoT environments. Nevertheless, several threats such as those targeting confidentiality, authentication, and server connectivity remain insufficiently addressed. This highlights the need for broader research and the application of real-world case studies to evaluate the effectiveness of proposed security measures.

Keywords

Internet of Things (IoT)IoT securityCyberattacksConfidentialityAuthentication

Doi Link

https://doi.org/10.63180/jcsra.thestap.2023.1.2

How to Cite the Article

Alsalem, T., & Amin, M. (2023). Towards Trustworthy IoT Systems: Cybersecurity Threats, Frameworks, and Future Directions. Journal of Cyber Security and Risk Auditing, 2023(1), 3–18. https://doi.org/10.63180/jcsra.thestap.2023.1.2

Towards Trustworthy IoT Systems: Cybersecurity Threats, Frameworks, and Future Directions is licensed under CC BY 4.0CCBY

References

  1. Ullah, F., et al. (2019). Cyber security threats detection in Internet of Things using deep learning approach. IEEE Access, 7, 124379–124389.
  2. Zahra, B. F., & Abdelhamid, B. (2017). Risk analysis in Internet of Things using EBIOS. In 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 1–7). IEEE.
  3. Nurse, J. R., Creese, S., & De Roure, D. J. (2017). Security risk assessment in Internet of Things systems. IT Professional, 19(5), 20–26.
  4. Kuzlu, M., Fair, C., & Guler, O. (2021). Role of artificial intelligence in the Internet of Things (IoT) cybersecurity. Discover Internet of Things, 1(1), 1–14.
  5. Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015). Internet of Things (IoT) security: Current status, challenges and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336–341). IEEE.
  6. Tweneboah-Koduah, S., Skouby, K. E., & Tadayoni, R. J. (2017). Cyber security threats to IoT applications and service domains. Wireless Personal Communications, 95(1), 169–185.
  7. González, L., & Ruggia, R. (2018). Policy-based compliance control within inter-organizational service integration platforms. In 2018 IEEE 11th Conference on Service-Oriented Computing and Applications (SOCA) (pp. 202–209). IEEE.
  8. Andrade, R. O., Yoo, S. G., Tello-Oquendo, L., & Ortiz-Garcés, I. A. (2020). A comprehensive study of the IoT cybersecurity in smart cities. IEEE Access, 8, 228922–228941.
  9. Kulik, T., Tran-Jørgensen, P. W., Boudjadar, J., & Schultz, C. (2018). A framework for threat-driven cyber security verification of IoT systems. In 2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW) (pp. 89–97). IEEE.
  10. Boudko, S., & Abie, H. (2019). Adaptive cybersecurity framework for healthcare Internet of Things. In 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT) (pp. 1–6). IEEE.
  11. Li, S., Bi, F., Chen, W., Miao, X., Liu, J., & Tang, C. J. (2018). An improved information security risk assessments method for cyber-physical-social computing and networking. IEEE Access, 6, 10311–10319.
  12. Ryoo, J., Tjoa, S., & Ryoo, H. (2018). An IoT risk analysis approach for smart homes (work-in-progress). In 2018 International Conference on Software Security and Assurance (ICSSA) (pp. 49–52). IEEE.
  13. Gurunath, R., Agarwal, M., Nandi, A., & Samanta, D. (2018). An overview: Security issue in IoT network. In 2018 2nd International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (pp. 104–107). IEEE.
  14. Zhao, S., Li, S., Qi, L., & Da Xu, L. J. (2020). Computational intelligence enabled cybersecurity for the Internet of Things. IEEE Transactions on Emerging Topics in Computational Intelligence, 4(5), 666–674.
  15. Abdullah, A., Hamad, R., Abdulrahman, M., Moala, H., & Elkhediri, S. (2019). Cybersecurity: A review of Internet of Things (IoT) security issues, challenges and techniques. In 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS) (pp. 1–6). IEEE.
  16. Strielkina, A., Illiashenko, O., Zhydenko, M., & Uzun, D. (2018). Cybersecurity of healthcare IoT-based systems: Regulation and case-oriented assessment. In 2018 IEEE 9th International Conference on Dependable Systems, Services and Technologies (DESSERT) (pp. 67–73). IEEE.
  17. Augusto-Gonzalez, J., et al. (2019). From Internet of threats to Internet of Things: A cyber security architecture for smart homes. In 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD) (pp. 1–6). IEEE.
  18. Radanliev, P., et al. (2018). Integration of cyber security frameworks, models and approaches for building design principles for the Internet-of-Things in Industry 4.0. In Living in the Internet of Things: Cybersecurity of the IoT (pp. 1–6). IET.
  19. Rizvi, S., Kurtz, A., Pfeffer, J., & Rizvi, M. (2018). Securing the Internet of Things (IoT): A security taxonomy for IoT. In 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE) (pp. 163–168). IEEE.
  20. Wurm, J., Hoang, K., Arias, O., Sadeghi, A.-R., & Jin, Y. (2016). Security analysis on consumer and industrial IoT devices. In 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC) (pp. 519–524). IEEE.
  21. Furfaro, A., Argento, L., Parise, A., & Piccolo, M. P. (2017). Using virtual environments for the assessment of cybersecurity issues in IoT scenarios. Simulation Modelling Practice and Theory, 73, 43–54.
  22. Radanliev, P., et al. (2018). Future developments in cyber risk assessment for the Internet of Things. Computers in Industry, 102, 14–22.
  23. Liao, B., Ali, Y., Nazir, S., He, L., & Khan, H. U. (2020). Security analysis of IoT devices by using mobile computing: A systematic literature review. IEEE Access, 8, 120331–120350.
  24. Mozzaquatro, B. A., Agostinho, C., Goncalves, D., Martins, J., & Jardim-Goncalves, R. J. (2018). An ontology-based cybersecurity framework for the Internet of Things. Sensors, 18(9), 3053.
  25. Ali, B., & Awad, A. I. (2018). Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors, 18(3), 817.
  26. Nieto, A., Rios, R. J. H.-C., & Sciences, I. (2019). Cybersecurity profiles based on human-centric IoT devices. Human-centric Computing and Information Sciences, 9(1), 1–23.
  27. Radanliev, P., et al. (2019). Cyber risk impact assessment—assessing the risk from the IoT to the digital economy. Proceedings of the Living in the Internet of Things: Cybersecurity of the IoT 2019, IET.
  28. Radanliev, P., De Roure, D. C., Maple, C., Nurse, J. R., Nicolescu, R., & Ani, U. (2019). Cyber risk in IoT systems. Living in the Internet of Things 2019. IET.
  29. Boeckl, K., et al. (2019). Considerations for managing Internet of Things (IoT) cybersecurity and privacy risks. U.S. Department of Commerce, National Institute of Standards and Technology (NIST).
  30. Abomhara, M., & Køien, G. M. J. (2015). Cyber security and the Internet of Things: Vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 65–88.
  31. Islam, M. R., & Aktheruzzaman, K. J. (2020). An analysis of cybersecurity attacks against Internet of Things and security solutions. Journal of Communications and Computer, 8(4), 11–25.
  32. Lee, I. J. F. I. (2020). Internet of Things (IoT) cybersecurity: Literature review and IoT cyber risk management. Future Internet, 12(9), 157.
  33. Djenna, A., Harous, S., & Saidouni, D. E. J. A. S. (2021). Internet of Things meets Internet of threats: New concern cybersecurity issues of critical cyber infrastructure. Applied Sciences, 11(10), 4580.
  34. Echeverría, A., Cevallos, C., Ortiz-Garces, I., & Andrade, R. O. J. A. S. (2021). Cybersecurity model based on hardening for secure Internet of Things implementation. Applied Sciences, 11(7), 3260.
  35. Tawalbeh, L. A., Muheidat, F., Tawalbeh, M., & Quwaider, M. J. A. S. (2020). IoT privacy and security: Challenges and solutions. Applied Sciences, 10(12), 4102.
  36. Atlam, H. F., & Wills, G. B. J. I. o. T. (2019). An efficient security risk estimation technique for risk-based access control model for IoT. Internet of Things, 6, 100052.
  37. Scarfò, A. (2018). The cybersecurity challenges in the IoT era. In Security and Resilience in Intelligent Data-Centric Systems and Communication Networks (pp. 53–76). Elsevier.
  38. Radanliev, P., et al. (2020). Future developments in standardisation of cyber risk in the Internet of Things (IoT). Internet of Things, 2(2), 1–16.
  39. Ahmed, A. W., Ahmed, M. M., Khan, O. A., Shah, M. A. J. I. J. o. A. C. S., & Applications. (2017). A comprehensive analysis on the security threats and their countermeasures of IoT. International Journal of Advanced Computer Science and Applications, 8(7), 489–501.
  40. Radanliev, P., De Roure, D., Cannady, S., Montalvo, R. M., Nicolescu, R., & Huth, M. (2018). Economic impact of IoT cyber risk—analysing past and present to predict the future developments in IoT risk analysis and IoT cyber insurance. Living in the Internet of Things 2018, IET.
  41. Strecker, S., Van Haaften, W., & Dave, R. (2021). An analysis of IoT cyber security driven by machine learning. In Proceedings of International Conference on Communication and Computational Technologies (pp. 725–753). Springer.