چالش های امنیتی در حال ظهور در اینترنت اشیا
Abstract
1- Introduction
2- Ransomware
3- State-of-the-art research on IoT security
4- Taxonomy
5- Case studies on IoT security
6- New requirements for securing IoT
7- Open research challenges
8- Future research directions
9- Conclusion
References
Abstract
With the increasing miniaturization of smartphones, computers, and sensors in the Internet of Things (IoT) paradigm, strengthening the security and preventing ransomware attacks have become key concerns. Traditional security mechanisms are no longer applicable because of the involvement of resource-constrained devices, which require more computation power and resources. This paper presents the ransomware attacks and security concerns in IoT. We initially discuss the rise of ransomware attacks and outline the associated challenges. Then, we investigate, report, and highlight the state-of-the-art research efforts directed at IoT from a security perspective. A taxonomy is devised by classifying and categorizing the literature based on important parameters (e.g., threats, requirements, IEEE standards, deployment level, and technologies). Furthermore, a few credible case studies are outlined to alert people regarding how seriously IoT devices are vulnerable to threats. We enumerate the requirements that need to be met for securing IoT. Several indispensable open research challenges (e.g., data integrity, lightweight security mechanisms, lack of security software’s upgradability and patchability features, physical protection of trillions of devices, privacy, and trust) are identified and discussed. Several prominent future research directions are provided.
Introduction
Immigrating to a promising era of Internet of Things (IoT), ubiquitously small embedded devices are implanted with various sensors to sense data from their surroundings and provide smart controlling decisions. The prolifera-tion of miniaturized sensors and connected IoT devices is expected to reach 26 billion by 2020, most of which are wearable devices [1]. In this modern era of technology, people have started to deploy real-world IoT applications, from connected smart homes [2], connected cars [3], [4], smart parking [5], and health monitoring [6], [7] to smart utility meters [8], as shown in Figure 1. Although IoT can facilitate different aspects of people’s lives, enabling high security, developing ransomware prevention, and establishing solutions are the key remaining concerns, given that IoT devices hold sensitive information [9]. A HP study reveals that 70% of IoT devices are vulnerable to attacks 1 . Hacking of smart cars is also one of the security threats in IoT [10]. According to Markets and Markets, the IoT security market is expected to rise to $28.90 billion by 2020, which indicates that high-security threats are expected to rise substantially in the foreseeable future 2 . On the other hand, ransomware continues to experience record growth in 2017. Therefore, ensuring that each device has the control to maintain data confidentiality and integrity within an organization is necessary.