A Survey of IoT Security Threats and Solutions

Radovici, Alexandru; Rusu, Cristián; Serban, Razvan

doi:10.1109/roedunet.2018.8514146

Cited by 12 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One unique aspect of CryptID is the use of structured public keys that can contain arbitrary metadata, allowing for a wide range of domain-specific use cases. In [80], a comprehensive review of recent malware and security threats related to IoT systems is provided. This review proposes a solution that allows secure applications to run on IoT devices in a secure execution framework by using verified bytecode in an isolated environment.…”

Section: Secure Executionmentioning

confidence: 99%

An Overview of WebAssembly for IoT: Background, Tools, State-of-the-Art, Challenges, and Future Directions

Ray

2023

Future Internet

View full text Add to dashboard Cite

This paper explores the relationship between two emerging technologies, WebAssembly (Wasm) and the Internet of Things (IoT). It examines the complementary roles of these technologies and their impact on modern web applications. First, it delves into the capabilities of Wasm as a high-performance binary format that allows developers to leverage low-level languages for computationally intensive tasks. Second, it seeks to explain why integration of IoT and Wasm is important. Third, it discusses the strengths and limitations of various tools and tool chains that are crucial for Wasm development and implementation, with a special focus on IoT. Fourth, it presents the state-of-the-art with regard to advances that combine both technologies. Fifth, it discusses key challenges and provides future directions. Lastly, it provides an in-depth elaboration of the future aspects of Wasm, with a strong focus on IoT, concluding that IoT and Wasm can provide developers with a versatile toolkit that enables them to balance productivity and performance in both web and non-web development scenarios. The collaborative use of these technologies opens up new possibilities for pushing the boundaries of web application development in terms of interactivity, security, portability, scalability, and efficient computational capabilities. As web and non-web embeddings continue to evolve, the integration of IoT and Wasm will play a crucial role in shaping the future of innovative application development. The key findings of this extensive review work suggest that existing tool sets can be easily conglomerated together to form a new era in WebAssembly–IoT infrastructure for low-power, energy-efficient, and secure edge–IoT ecosystems with near-native execution speed. Furthermore, the expansion of edge–IoT ecosystems can be augmented with prospective cloud-side deployments. However, there remains a strong need to more cohesively advance the amalgamation of Wasm and IoT technologies in the near future.

show abstract

Section: Secure Executionmentioning

confidence: 99%

An Overview of WebAssembly for IoT: Background, Tools, State-of-the-Art, Challenges, and Future Directions

Ray

2023

Future Internet

View full text Add to dashboard Cite

show abstract

“…In recent years, many works have been published in the security analysis of IoT devices. Radovici et al (2018) identified the security issues regarding secure IoT software execution and proposed a secure code execution framework. Also, Gurunath et al (2018) described significant security problems of IoT devices.…”

Section: Related Workmentioning

confidence: 99%

Source code protection against unauthorised copying and analysis in IoT devices

Hyla,

Byczyk

2023

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

One problem for manufacturers of IoT devices is protecting intellectual rights to the software. Unprotected software can easily be copied or analysed and used on other devices. Proving another party that the source code has been illegally copied is difficult. One of the solutions is code obfuscation, i.e., modifying the code, so it works the same way, but its structure is complicated to understand and analyse. The paper presents a solution dedicated to IoT devices that combines code obfuscation techniques and uses the trusted platform module to decrypt part of the data during execution. A dedicated obfuscation method is described. Experiments show that the method increases the time needed to change the code at least several times, and some junior programmers cannot understand an obfuscated code. Test results show almost no similarity between the code in clear form and obfuscated form. The obfuscated code is more complicated but takes slightly longer to execute.

show abstract

“…Beside the aforementioned areas, several works proposed security solutions specially designed for the IoT or D2D context with regard to confidentiality, data reliability, privacy, access control, and authentication, which are mostly surveyed in previous studies. [22][23][24][25][26][27][28][29][30][31] More related to our paper, some other survey papers review existing works focusing especially on trust models in the IoT 6,9,10,[32][33][34] or D2D 11,35,36 context. In the following, we review these works, regardless of whether they use or not social-related information.…”

Section: Related Workmentioning

confidence: 99%

T‐D2D: A trust model for service offloading in device‐to‐device communication

Movahedi

Hosseini

2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

With the advances in pervasive computing, Internet of things (IoT) has gained considerable attention from both research and industrial communities. While IoT devices are able to provide computational services to other devices via device‐to‐device (D2D) communications, they are not guaranteed to be honest and collaborative. In such a context, the trust model can help to detect malicious service providers. However, malicious nodes may perform trust‐distortion attacks to mislead the trust model. They may perform on‐off attacks to remain undetected or bad‐mouth about others to make it difficult to infer if a contradictory recommendation comes from the on‐off nature of the evaluated node or dishonesty of the recommender. To address these issues, we propose T‐D2D, a lightweight trust model capable to face simultaneous trust‐distortion attacks. T‐D2D evaluates a node's nature using both short‐term and long‐term evaluation intervals to detect different types of on‐off attacks. Moreover, it keeps track of marginal misbehaving over several successive intervals to recognize the nature of suspicious on‐off nodes with light misbehaving attitude. To face bad‐mouthing attackers, T‐D2D limits its dependence on recommendations to when the direct trust is not decisive. Moreover, it evaluates the honesty of a recommender based on the correctness of its recommendations over time. Simulation results prove that T‐D2D exhibits significantly better performance than other counterparts in terms of trust level, correctness of calculated trust, percentage of selected malicious providers, total wasted execution time, and energy consumption in presence of simultaneous trust‐distortion attacks.

show abstract

A Survey of IoT Security Threats and Solutions

Cited by 12 publications

References 16 publications

An Overview of WebAssembly for IoT: Background, Tools, State-of-the-Art, Challenges, and Future Directions

An Overview of WebAssembly for IoT: Background, Tools, State-of-the-Art, Challenges, and Future Directions

Source code protection against unauthorised copying and analysis in IoT devices

T‐D2D: A trust model for service offloading in device‐to‐device communication

Contact Info

Product

Resources

About