Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model

Author 1: Hezam Akram Abdul-Ghani
Author 2: Dimitri Konstantas
Author 3: Mohammed Mahyoub

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2018.090349

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 9 Issue 3, 2018.

Abstract: Internet of Things (IoT) has not yet reached a distinctive definition. A generic understanding of IoT is that it offers numerous services in many domains, utilizing conventional internet infrastructure by enabling different communication patterns such as human-to-object, object-to-objects, and object-to-object. Integrating IoT objects into the standard Internet, however, has unlocked several security challenges, as most internet technologies and connectivity protocols have been specifically designed for unconstrained objects. Moreover, IoT objects have their own limitations in terms of computation power, memory and bandwidth. IoT vision, therefore, has suffered from unprecedented attacks targeting not only individuals but also enterprises, some examples of these attacks are loss of privacy, organized crime, mental suffering, and the probability of jeopardizing human lives. Hence, providing a comprehensive classification of IoT attacks and their available countermeasures is an indispensable requirement. In this paper, we propose a novel four-layered IoT reference model based on building blocks strategy, in which we develop a comprehensive IoT attack model composed of four key phases. First, we have proposed IoT asset-based attack surface, which consists of four main components: 1) physical objects, 2) protocols covering whole IoT stack, 3) data, and 4) software. Second, we describe a set of IoT security goals. Third, we identify IoT attack taxonomy for each asset. Finally, we show the relationship between each attack and its violated security goals, and identify a set of countermeasures to protect each asset as well. To the best of our knowledge, this is the first paper that attempts to provide a comprehensive IoT attacks model based on a building-blocked reference model.

Keywords: Internet of Things (IoT); building block; security and privacy; reference model

Hezam Akram Abdul-Ghani, Dimitri Konstantas and Mohammed Mahyoub, “A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model” International Journal of Advanced Computer Science and Applications(IJACSA), 9(3), 2018. http://dx.doi.org/10.14569/IJACSA.2018.090349

@article{Abdul-Ghani2018,
title = {A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2018.090349},
url = {http://dx.doi.org/10.14569/IJACSA.2018.090349},
year = {2018},
publisher = {The Science and Information Organization},
volume = {9},
number = {3},
author = {Hezam Akram Abdul-Ghani and Dimitri Konstantas and Mohammed Mahyoub}
}

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022

IntelliSys 2022

1-2 September 2022

Future Technologies Conference (FTC) 2022

20-21 October 2022