A Survey on Security and Privacy Issues in Edge-Computing-Assisted Internet of Things

Alwarafy, Abdulmalik; Al-Thelaya, Khaled A.; Abdallah, Mohamed; Schneider, Jens; Hamdi, Mounir

doi:10.1109/jiot.2020.3015432

Cited by 219 publications

(112 citation statements)

References 94 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…-All other attacks, especially attacks that targets IOT nodes (edges and things) as being constrained devices must be solved. [35] Any layer of IOT paradigm such as cloud or edge. [36] Architecture Added as a new layer between physical and network layer [37] The same as fog [37] A digital ledger that can be used to maintain continuously growing data in a secure way [38].…”

Section: Discussionmentioning

confidence: 99%

دراسة عن إنترنت الأشیاء من حبث البروتوکولات ، والبنى التحتیة وآلیات الأمان

البدوي¹,

بلال²

2021

النشرة المعلوماتیة فی الحاسبات والمعلومات

View full text Add to dashboard Cite

Nowadays, IOT presents a lot of benefits to people and countries in many fields which in turn makes it one of the most important fields on both research and industry. Recently, NO of IOT connected things has been increased due to rapid network and communication development which in turn leads to increase amount of data exchanged especially critical data. Critical data can be military, industrial, agricultural, health and even personal data which makes IOT networks a main goal for many attacks in order to leak this critical data or even use it in order to cause catastrophic destroy for data owners.A lot of security mechanisms tried to provide a protection for both devices and things but due to devices constrained nature and IOT used protocols, a lot of them failed to provide required protection. In this paper, an introduction to IOT field, its importance and a review for IOT protocols, architectures, a lot of security and privacy challenges and a lot of solutions to that are presented.

show abstract

Section: Discussionmentioning

confidence: 99%

دراسة عن إنترنت الأشیاء من حبث البروتوکولات ، والبنى التحتیة وآلیات الأمان

البدوي¹,

بلال²

2021

النشرة المعلوماتیة فی الحاسبات والمعلومات

View full text Add to dashboard Cite

show abstract

“…Orchestrator / Hypervisor hosts more vDNS to accommodate the requests that cause service disruption [69] VM Escape Attack Occurs due to the isolation failure of the hypervisor and the VNFs where the attack propagates from single VNF to the hypervisor management APIs and finally to the hypervisor. Attacker gains access to infrastructure resources while sabotaging virtual firewall functionality [69] VNF Location Shift Attack Using the migration capability of NFVI from one legal boundary to another, an attacker shifts the corresponding resources to an illegal location that bans the service, exert financial penalties while violating privacy [69] Security log troubleshooting failure Compromised VNFs generate massive amount of logs on the hypervisor and deleting the initial log entries, which makes analysis of logs an arduous task while privacy leakage risks exists Softwarized Threats [113] Software Vulnerabilities Executing arbitrary code that exploit the flaws such as buffer overflow and weak firewall policies [69] Data exfiltration / destruction Data of an infected entity or a system would be transferred or destroyed without approval [156]…”

Section: Dns Amplification Attackmentioning

confidence: 99%

Survey on Multi-Access Edge Computing Security and Privacy

Ranaweera

Jurcut

Liyanage

2021

IEEE Commun. Surv. Tutorials

206

View full text Add to dashboard Cite

The European Telecommunications Standards Institute (ETSI) has introduced the paradigm of Multi-Access Edge Computing (MEC) to enable efficient and fast data processing in mobile networks. Among other technological requirements, security and privacy are significant factors in the realization of MEC deployments. In this paper, we analyse the security and privacy of the MEC system. We introduce a thorough investigation of the identification and the analysis of threat vectors in the ETSI standardized MEC architecture. Furthermore, we analyse the vulnerabilities leading to the identified threat vectors and propose potential security solutions to overcome these vulnerabilities. The privacy issues of MEC are also highlighted, and clear objectives for preserving privacy are defined. Finally, we present future directives to enhance the security and privacy of MEC services.

show abstract

“…As discussed in the previous sections, the threats and attacks analysis in IoT is scattered and none of the surveys so far, to the best knowledge of the authors, covers the threats and attacks taxonomy covering architecture, protocols, and standards of IoT with possible countermeasures using rapidly evolving ubiquitous technologies, such as BC, FC, EC, and ML, simultaneously. The threats and attacks were discussed in general without focusing on architecture and protocols [38][39][40]. Security concerns were addressed in [38] using EC and in [40] using BC.…”

Section: Scope Of the Present Survey And Contributionsmentioning

confidence: 99%

“…The threats and attacks were discussed in general without focusing on architecture and protocols [38][39][40]. Security concerns were addressed in [38] using EC and in [40] using BC. The research gaps were identified, and some open research problems were proposed in [38,40].…”

Section: Scope Of the Present Survey And Contributionsmentioning

confidence: 99%

See 1 more Smart Citation

State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions

et al. 2021

View full text Add to dashboard Cite

The Internet of Things (IoT) plays a vital role in interconnecting physical and virtual objects that are embedded with sensors, software, and other technologies intending to connect and exchange data with devices and systems around the globe over the Internet. With a multitude of features to offer, IoT is a boon to mankind, but just as two sides of a coin, the technology, with its lack of securing information, may result in a big bane. It is estimated that by the year 2030, there will be nearly 25.44 billion IoT devices connected worldwide. Due to the unprecedented growth, IoT is endangered by numerous attacks, impairments, and misuses due to challenges such as resource limitations, heterogeneity, lack of standardization, architecture, etc. It is known that almost 98% of IoT traffic is not encrypted, exposing confidential and personal information on the network. To implement such a technology in the near future, a comprehensive implementation of security, privacy, authentication, and recovery is required. Therefore, in this paper, the comprehensive taxonomy of security and threats within the IoT paradigm is discussed. We also provide insightful findings, presumptions, and outcomes of the challenges to assist IoT developers to address risks and security flaws for better protection. A five-layer and a seven-layer IoT architecture are presented in addition to the existing three-layer architecture. The communication standards and the protocols, along with the threats and attacks corresponding to these three architectures, are discussed. In addition, the impact of different threats and attacks along with their detection, mitigation, and prevention are comprehensively presented. The state-of-the-art solutions to enhance security features in IoT devices are proposed based on Blockchain (BC) technology, Fog Computing (FC), Edge Computing (EC), and Machine Learning (ML), along with some open research problems.

show abstract

A Survey on Security and Privacy Issues in Edge-Computing-Assisted Internet of Things

Cited by 219 publications

References 94 publications

دراسة عن إنترنت الأشیاء من حبث البروتوکولات ، والبنى التحتیة وآلیات الأمان

دراسة عن إنترنت الأشیاء من حبث البروتوکولات ، والبنى التحتیة وآلیات الأمان

Survey on Multi-Access Edge Computing Security and Privacy

State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions

Contact Info

Product

Resources

About