Security Issues and Challenges in loT

INTRODUCTION

Internet of Things (IoT) is a term that describes a network of sensors, objects, and intelligent nodes and technologies, which can communicate with each other and do business with their neighbors to achieve some common goals without human intervention. IoT is based on wireless sensor networks (WSNs), where sensor nodes are connected and communicate with each other with minimal or no human interactions. In certain cases, such entities are heterogeneous, such as individuals, machines, books, cars, and other devices that could be installed, addressed, and read on the internet. IoT can be summed up as “a global network of linked entities.” They are able to connect with all of the other network organizations, and receive and provide services at anytime, anywhere [1].

The entities in IoT can be remotely controlled for the desired functionality. The sharing of information between devices takes place via the network with standard communication protocols. The intelligent connected bodies or “things” range from simple, small, and wearable accessories to large machines with sensor chips.

According to [2], the IoTs are like real-time systems, which collect data through sensors and interact in the network to give users the ability to share, find, and take action. IoTs have identified their application area as a home automation system as a smart home where they can control household devices with their laptops and mobile phones, intelligent transportation system for traffic monitoring and reporting traffic jams, traffic violations and accidents, weather forecasting and natural disaster prediction with continuous monitoring of temperature change, toxic gases and material contamination for pollution, healthcare by monitoring activities of patients, medicine intake, and their various health parameters, and surveillance of objects, animals, and people with alarming systems. Many more applications and facilities are possible [3]. In addition to the rapid growth of IoT applications and devices, major challenges, such as security and privacy issues with vulnerabilities and other threats, have also improved more than ever. Several manufacturers of IoT products, such as cloud providers and researchers, are working on the design of safety systems and emerging vulnerabilities. While IT security and privacy continue to be tackled in research, most studies are not applicable and are only in their early stages. There are still many issues available.

THE OPEN ISSUES AND CHALLENGES

Despite the immense promise of IoT in a range of fields and applications, researchers now face a number of obstacles and concerns related to IoT. If we consider data, the collection of data from sensors and other IoT system appliances may be large enough to handle. Sometimes the data needs to be processed in real time in IoT, and then the sensor takes its own decision without sufficient storage to keep all the data collected. Many researchers addressed even more open topics and challenges.

IoT Issues as per Different Perspective

In accordance with C. W. Tsai et al. [3, 4], IoT issues can be viewed as perspectives on infrastructure, data management, and computational intelligence. IoT, with characteristics such as heterogeneity and decentralization, encompasses different standardizations, communication between interfaces, the provision of a number of IP addresses, and the management of decentralization issues under the infrastructure perspective. The collection of data from appliances and extraction of useful information from collected data when the number of appliances increases, along with common issues of data presentation between devices and appliances, are issues of data management perspective. Once IoT is sufficiently efficient in data management, another challenge is to make smart appliances and make useful decisions. Computational intelligence technologies such as data mining are still at an early stage of growth. Advanced computational technologies are expected to be used for better IoT services. Some future IoT issues have also been discussed as cloud computing and social network perspectives. When cloud computing is part of the internet, the integration of cloud and IoT and the transmission of data between these two different environments leads to considerable problems. Improving IoT performance through the use of digital social behavior is a challenge from the perspective of the social network.

Challenges and Open IoT Issues in Domain of Privacy

As per S. Hameed etal. [3, 5], preserving privacy in IoT is a major security concern. Profiling and monitoring, localization, monitoring, and safe data transmission are some of the challenges to maintain privacy in IoT. An identification linked to another individual is a hazard in profiling and monitoring. A major challenge still lies in using some preventive measures to avoid such activities. In localization and monitoring, a program attempts to keep track of an entity’s position across space and time. The task is to design, describe, and enforce IoT interaction protocols. To avoid unauthorized access to information about people and objects in secure data transmission, a protected transmission channel is necessary to ensure that data is transmitted in a safe manner. There are several open problems in the IoT privacy domain as per author, such as a comprehensive system for privacy protection, which guarantees IoT privacy for different applications. A generic, lightweight cryptographic privacy algorithm can be implemented as a solution. Context away privacy policies, as well as innovations, such as privacy policies that concentrate on users and remote environments, context-centered and self-adaptive policies, as well as intelligent data protection protocols, have been proposed. Data access management and data management systems are also needed. Privacy-preservation of game theory rewards where game theory was used to examine the privacy of the venue. A significant challenge for open research is how to use game theory to enable the IoT-architecture to safeguard its privacy protocols. Virtualization network and SDNsAdaptation for Network Virtualization for privacy security has evolved as a possible approach to a large number of data processed in IoT and cloud management. The Network Defined Software (SDN) was recently introduced as a virtualization model for the network. SDN also controls the network by centralizing Routing and Transmission functions at a key point known as the controller. According to [6]. the network operator and administrator will thus enforce confidentiality in the network with ease of network management by enabling SDN in some advance programmable networks.

Challenges and Open IoT Issues in Secure Routing and Forwarding

7.2.3.1 Significant Problems in Secure Routing and Forwarding Secure route establishment: One of the most important problems is to securely create the routing protocol to transmit data in IoT. This protocol would set up a secure route and safe route between the nodes. Based on routing data, the calculations should be lightweight and serve the IoT networks w'ith low power capacity. K. T. Nguyen et al. [7] gave a new classification of existing protocols, based on their main method of setting up a secure communication channel.

Malicious nodes isolation: Another task is to detect nodes and design strategies isolated from IoT networks easily and robustly. In order to reduce or remove inconsistencies in the routing process, the solution protocol should be able to insulate malicious and misbehaving network nodes. Current IoT routing protocols are unsafe, as most IoT networks organize themselves and do not interact with people. Malicious nodes can therefore be added fairly quickly to the IoT network, meaning that an IoT network requires a protocol to identify malicious nodes in the network, using techniques and mechanisms, until malicious activities begin or stop them from being linked. The earlier techniques of detection primarily identify system anomalies based on system logs or events, while the latter focus on network threat detection through traffic assessment of filtering and sampling [8].

Security protocol self-stabilization: The self-stabilization protocol means that it is naturally possible to recover in a period without human interaction from unintended events and problems.

Preservation of location privacy: The privacy of location of IoT devices in the IoT network should be preserved. It should thus be able to preserve the privacy of location for a secure routing protocol. The new Dummy Location privacy algorithm (DLP) is introduced by Sun Gang et al. [9] and takes into account the balance of cost (i.e., time complicated) and the privacy requirements of the user.

Open Issues in Secure Routing and Forwarding

Routing protocol design of iot network with focus on performance: Although numerous research has addressed the issues of secure routing and forwarding, the efficiency of the IoT network has not been found for such research. The identification of attacks on the network is complex, for example with IDS. The resource limitation of IoT devices is not considered in these frameworks. Lightweight IDS, however, will help us detect malpractice in the IoT network and attempt to mitigate routing attacks within the IoT network. Lightweight IDS is proposed by C. Ioannou and V. Vassiliou [Ю] to detect the presence of an attack locally at every restricted node, based on the Binary Logistic Regression (BLR). Network researchers are expected to develop a new lightweight IDS architecture.

Efficient and comprehensive routing operation management: Controlling routing operations efficiently and thoroughly. Besides lightweight IDS for IoT, the IoT network can be centrally managed and helpful in the overall network monitoring. Researchers do need high-level IoT network grassroots security and fast-response routing control policies for security threats. A mechanism such as SDN, which centralizes the controller and lets researchers securely route data through the IoT network, is appropriate. As per [l l] SDN may play an important role with the blocks or rate of limiting suspicious flows in dynamical flow control and attack mitigation. Advanced security solutions are therefore essential with SDN, allowing IoT network data to be transmitted while protecting its integrity.

Key Challenges to Maintaining Robustness and Resilience

Attack tolerance: IoT networks require sophisticated, stable network architectures that are basically tolerant of malicious attacks and other intrusions.

Early attack detection: The IoT network must provide early attack detection features and protocols to prevent damage and contamination across the network.

Quick failure recovery: Time failure recovery in the IoT network is important. Long-term IoT services disorders can be life-threatening, especially for healthcare services and applications in disaster management. The resource management middleware for IoT network must therefore identify faults and fix the situation in time. Middleware can use event-based, service-focused, tuple-space, VM-based, database-oriented, and application-specific approaches, according to their design approaches [12]. To solve IoT system problems, a number of other potential solutions remain. One potential solution calls for a duplication of resources that make it costly.

Key Challenges in Denial of Service (DoS) and Insider Attacks

Effective resource identification of attack: DoS attacks are difficult to recognize, therefore efficient DoS detection mechanisms are needed before the attack is started. Various proposals are available to deal with DoS. IoT DDoS detection is a tough task because IoT network and traffic features differ considerably from the conventional network. In terms of power, storing, anddata collection and processing, resource- efficient DDoS detection and mitigation techniques, there are some limits to IoT devices. For example, [13] exploiting vulnerability in DoS or DDoS and hiding true IP addresses affects IoT creation integrity. These strategies should be standardized so that traffic monitoring can take place centrally w'ithin the IoT network. In the event of DDoS attacks, certain probabilistic approaches are useful. Such methods, on the other hand, can be spread when the probability of a DDoS attack on IoT network is deduced cooperatively by many IoT tools.

Resource efficient countermeasures: Effective countermeasures of resources. To mitigate this attack, countermeasures are required if a DoS attack is detected. The resource-restricting of IoT networks requires lightweight and energy-efficient counter measurement strategies.

Efficient resource detection for insiders: Only authorized IoT nodes should be part of the IoT network to protect them from insider attacks. Malicious insider detection techniques within the IoT network must be effective and must react in real time. These malicious persons may also leak sensitive data across a network, compromising nodes or distorting the functioning of an IoT network through attacks like a DDoS attack. Another highly destructive scenario can arise.