DOI: 10.14569/IJACSA.2018.090349

A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model

Author 1: Hezam Akram Abdul-Ghani
Author 2: Dimitri Konstantas
Author 3: Mohammed Mahyoub

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 9 Issue 3, 2018.

Abstract: Internet of Things (IoT) has not yet reached a distinctive definition. A generic understanding of IoT is that it offers numerous services in many domains, utilizing conventional internet infrastructure by enabling different communication patterns such as human-to-object, object-to-objects, and object-to-object. Integrating IoT objects into the standard Internet, however, has unlocked several security challenges, as most internet technologies and connectivity protocols have been specifically designed for unconstrained objects. Moreover, IoT objects have their own limitations in terms of computation power, memory and bandwidth. IoT vision, therefore, has suffered from unprecedented attacks targeting not only individuals but also enterprises, some examples of these attacks are loss of privacy, organized crime, mental suffering, and the probability of jeopardizing human lives. Hence, providing a comprehensive classification of IoT attacks and their available countermeasures is an indispensable requirement. In this paper, we propose a novel four-layered IoT reference model based on building blocks strategy, in which we develop a comprehensive IoT attack model composed of four key phases. First, we have proposed IoT asset-based attack surface, which consists of four main components: 1) physical objects, 2) protocols covering whole IoT stack, 3) data, and 4) software. Second, we describe a set of IoT security goals. Third, we identify IoT attack taxonomy for each asset. Finally, we show the relationship between each attack and its violated security goals, and identify a set of countermeasures to protect each asset as well. To the best of our knowledge, this is the first paper that attempts to provide a comprehensive IoT attacks model based on a building-blocked reference model.

Keywords: Internet of Things (IoT); building block; security and privacy; reference model

Hezam Akram Abdul-Ghani, Dimitri Konstantas and Mohammed Mahyoub, “A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model” International Journal of Advanced Computer Science and Applications(IJACSA), 9(3), 2018. http://dx.doi.org/10.14569/IJACSA.2018.090349

@article{Abdul-Ghani2018,
title = {A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2018.090349},
url = {http://dx.doi.org/10.14569/IJACSA.2018.090349},
year = {2018},
publisher = {The Science and Information Organization},
volume = {9},
number = {3},
author = {Hezam Akram Abdul-Ghani and Dimitri Konstantas and Mohammed Mahyoub}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

IntelliSys 2025

28-29 August 2025

Future Technologies Conference 2025

6-7 November 2025

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

IntelliSys 2026

3-4 September 2026

Computer Vision Conference 2026

15-16 October 2026