Service Oriented Computing and Applications (2021) 15:257–271

https://doi.org/10.1007/s11761-021-00327-z

SPECIAL ISSUE PAPER

Security and privacy in the Internet of Things: threats and challenges

Youakim Badr1 · Xiaoyang Zhu2 · Mansour Naser Alraja3

Received: 3 February 2021 / Revised: 20 July 2021 / Accepted: 23 August 2021 / Published online: 1 October 2021
© The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature 2021

Abstract
In the past few years, the Internet of Things (IoT) has emerged, grown and gradually affected the daily lives of human beings in
many new application domains, ranging from wearable devices, smart manufacturing, to smart homes and ambient intelligence
just to mention a few. However, realizing the full potential of IoT while ensuring user security and privacy remains an open
research challenge. Existing security solutions and techniques are mainly conceived for centralized and distributed information
systems and are not directly applicable to IoT-based systems. In fact, IoT systems have unconventional characteristics such as
intermittent connectivity, high scalability, dynamic changes and limited resources and thus require a paradigm shift to develop
innovative security and privacy solutions. In this survey, we firstly give an overview of security and privacy in IoT. After
defining the context of IoT systems, we identify four main characteristics, which imply unprecedented threats and challenges
to existing security solutions and techniques. From the perspective of these characteristics and IoT security requirements,
we identify and elaborate specific threats and challenges related to the radio-frequency identification (RFID), wireless sensor
networks (WSNs) and mobile delay tolerant networks (MDTNs), which are building blocks in many IoT-based systems. In
addition, we discuss potential countermeasures to handle IoT threats and challenges.

Keywords Internet of Things · Wireless sensor networks · Radio-frequency identification · Mobile delay tolerant networks ·
Security · Privacy

1 Introduction new application domains, ranging from wearable devices,

smart manufacturing, to smart homes and ambient intelli-
The Internet of things (IoT) has been considered as a global gence, just to mention a few. According to the International
information infrastructure for the digital society, in which Data Corporation (IDC) report [2], there will be over 40 bil-
connected objects, intelligent systems and software applica- lion connected IoT devices that fall under the rubric of the
tions gather data from the physical world, process them and “Internet of Things” in 2025.
offer various services to end-users [1]. The premise of IoT However, IoT security has not received sufficient atten-
is to allow anyone to access anything from anywhere at any tion proportional to rapid growth of IoT applications. The
time. SANS Institute has initiated a survey about IoT security
In the past fifteen years, the IoT has emerged, grown and where the respondents came from a broad range of indus-
gradually affected the daily lives of human beings in many tries and have different roles in companies of domestic and
international workforce [3]. Figure 1 illustrates the results
B Youakim Badr about respondents’ perceptions of IoT security. Only 17.2%
yzb61@psu.edu of the respondents considered the IoT security as a disas-
Xiaoyang Zhu ter, whereas 48.8% of them agreed that IoT will have the
xiaoyang.zhu@insa-lyon.fr same level of security problems we have today. With the
Mansour Naser Alraja popularity of IoT, billions of devices will be connected and
malraja@du.edu.om they become then subject to attack vectors and unauthorized
accesses to devices. Without appropriate security solutions
1 The Pennsylvania State University, Malvern, USA to threats and vulnerabilities, IoT may inevitably become a
2 INSA Lyon, LIRIS, UMR5205, University Lyon, security disaster. When attacks and threats increasingly arise
Villeurbanne, France from all kinds of IoT systems, cybersecurity requirements
3 Dhofar University, Salalah, Sultanate of Oman

123
258 Service Oriented Computing and Applications (2021) 15:257–271

Lastly, Sect. 4 concludes the survey with research directions

in IoT security and privacy, focusing on identities of things,
cybersecurity under constrained resources, blockchains and
the human in the loop.

2 Characteristics and security requirements

of IoT

The basis of making the IoT a reality relies on its ability

Fig. 1 Perception about IoT security to connect billions of things. As a result, connectivity and
scalability are intrinsic characteristics of IoT-based systems.
In addition, limited resources and device abilities to evolve in
must be considered not only at the design time but also at the dynamic environments are also silent characteristics. These
runtime. Consequently, end-to-end security solutions should characteristics have an impact on designing IoT systems and
be integrated into IoT infrastructures. defining security requirements.
According to the SANS Institute survey [3], nearly half
of the respondents stated that the IoT would have the iden- 2.1 Characteristics of the Internet of Things
tical security threats as of today’s applications and systems
(Fig. 1). Admittedly, IoT has the same security issues with the In this section, we will elaborate on the characteristics of IoT
Internet such as WiFi security, 3/4G security, software and along with their corresponding security challenges that might
Internet security. As a result, some of the existing security threaten IoT-based systems and services. These characteris-
solutions are suitable for IoT-based systems. However, there tics mainly cover connectivity, scalability, dynamic changes
are so many particularities in IoT systems and services that and limited resources.
most of existing security solutions for the Internet cannot be
applied even with substantial modification and updates [4].
2.1.1 Connectivity
The lack of consensus on how to handle cybersecurity of IoT
arises from its unconventional characteristics and require-
In the context of connectivity, devices and services from dif-
ments not found in today information systems. In fact, current
ferent systems and networks can identify and interact with
security solutions in centralized and distributed systems fail
each other through communication protocols. Without the
to address these IoT characteristics to effectively mitigate
connectivity, it would be impossible to build IoT systems.
security threats in IoT systems.
More precisely, connectivity covers interconnectivity and
Many surveys on IoT security and privacy challenges clas-
heterogeneity, which ensure accessibility and compatibility,
sify risks, threats and attacks from confidentiality, authenti-
respectively.
cation, availability and privacy perspectives [5–9]. A few
surveys attempt to discuss security challenges by consider- Interconnectivity means that devices can identify each other
ing different layers such as the application, service, network by, respectively, searching for digital identities to estab-
and device layers [10,11]. lish connections. Interconnectivity presents various security
Unlike these studies, our survey seeks to discuss security threats such as attacks on the reliability of mutual com-
and privacy challenges by identifying the IoT characteristics munications. Firstly, the communication reliability between
that make IoT security a significant challenge. In order to devices must be guaranteed. Nevertheless, a large number
understand security challenges and threats in IoT, we orga- of attacks might influence the reliability of delivering mes-
nize this survey in a way to identify the IoT characteristics and sages. For example, capture attacks [12] are devised to obtain
their security requirements, classify security threats and chal- controls of IoT-based systems and gain access to relevant
lenges as well as identity countermeasures or open research information. Secondly, real-time control is critical in inter-
questions to handle these challenges. connectivity. For example, in smart manufacturing, without
The remaining sections of this survey are organized as the real-time responses of the number of assembly compo-
follows: Section 2 introduces main IoT characteristics and nents, the smart manufacturing assembly line does not know
identifies challenges and threats caused by these character- whether some components are needed from the raw material
istics with respect to different IoT security requirements. warehouse and the manufacturing process and hence will be
Section 3 elaborates on security issues and challenges from suspended. Therefore, attacks that might affect the delivery
the perspective of IoT characteristics and architectures, and of real-time messages like denial-of-service (DoS) attacks
identifies security countermeasures and threat challenges. should be blocked as well.

123
Service Oriented Computing and Applications (2021) 15:257–271 259

Heterogeneity refers to the compatibility between differ- can also evolve, and the environment in which they operate is
ent hardware devices and networks. Usually IoT devices subject to contextual changes. The characteristic of dynamic
are manufactured and deployed by different factories and changes is an intrinsic property of IoT systems. However,
vendors. Without ensuring the interoperability in such het- many threats emerge due to dynamic changes. For instance,
erogeneous environments, it becomes difficult to interoperate rapidly changing network topology and unbounded network
different operating systems, networks, communication proto- size in intelligent transportation systems of connected vehi-
cols. Besides, heterogeneity exists extensively in IoT systems cles make possible for hackers to hijack a moving vehicle
such as the communication between RFID and WSN sys- and take its control remotely [18].
tems, the cross-domain authentication issues and the network
convergence problems among heterogeneous networks (e.g., 2.1.4 Limited resources
ad hoc networks and 3/4G networks). For instance, Table. 1
illustrates communication protocols according to the com- Many IoT devices have constraints in their computation,
munication range from personal area networks (NFC—ULE storage, bandwidths and power resources. For example, an
Alliance), local area networks (WiFi), metropolitan area net- ordinary sensor in wireless sensor networks may have lim-
works (Dash7—WIMAX), to wide area networks (GSM— ited computation and memory resources (e.g., TelosB with
Symphony Link). Consequently, heterogeneity is the key 8 MHz CPU, 10KB RAM, and 250 kbps data rate) [19].
point to make devices and networks interact each other. From On the one hand, these constraints directly affect security
a security perspective, heterogeneity does have an impact considerations when developing new security solutions to
on the protection of IoT infrastructures. Internet security mitigate security threats. For example, securing communi-
solutions should be reconsidered and adapted to breaches of cation channels between resource-constrained devices such
IoT interconnectivity in heterogeneous environments. On the as sensor nodes and more powerful devices like smartphones
other hand, many attacks could arise from breaches of inter- require adequate security solutions and protocols. Although it
connectivity in heterogeneous environments. For instance, is not clear how many resources will be available to such con-
heterogeneity of IoT systems can enable complex upgrad- strained devices once IoT services truly take off, it become
ing and patching processes, which increase the window of crucial to enable security in devices with limited resources
initiating various attacks such as the capture attack [13]. as much as possible to improve their provision [20]. On the
other hand, thousands of IoT devices connecting and sending
2.1.2 Scalability data take a toll on power and CPU consumption in IoT sys-
tems. Consequently, limited resources like communication
IoT tends to interconnect everything in the cyber-physical channels and power are easy to be depleted. Some adversar-
world. Generally, server architectures in IoT should ideally ial applications may exploit these constraints to attack and
be highly scalable to support millions of devices, constantly disable IoT system.
sending, receiving, and acting on devices and exchanging
data. Therefore, scalability is an essential characteristic of 2.2 Ubiquitousness
future IoT-based systems [14]. In vast networks of intercon-
nected objects and devices, issues of digital identity (i.e., Many of IoT devices are ubiquitous, which refers to their
identification of a particular object) and authentication mech- state of being everywhere at once. For example, smart mobile
anisms play a crucial role that affects aspects of IoT-based devices such smart phone and smart watches are ubiquitous;
systems. For example, in smart cities, entities should be iden- users tend to trust them with an unprecedented amount of
tified and have the authentication proof to grant authenticated personal and sensitive information. This raises serious secu-
and a secure access to devices from everywhere at any time. rity and privacy threats such as mobile malware. According
In the context of scalability, key management of authentica- to Agrawal et al. [21], mobile malware is already substantial
tion systems becomes more complex. Besides, IoT devices due to a large number of applications, which are free of cost
at large scale expose them to threats of physical attacks and available to be downloaded and used. In their study, statis-
tampering as well [15,16]. tics revealed that smart phones are particularly vulnerable
to malware. As a major market of IoT devices continues to
2.1.3 Dynamic changes grow, personal information stored on mobile devices is prone
to leakage and cyberattacks.
In the context of IoT, devices’ behaviors could be described
by states and state transition systems. Transitions between 2.3 Security requirements in the context of IoT
states are quite common and frequent, e.g., started and
standby, sleeping and waking up, leaving and joining net- Researchers have already introduced several works related to
works, etc. [17]. Besides, the number of connected devices security requirements in IoT. For instance, Sicari et al. [8] not

123
260 Service Oriented Computing and Applications (2021) 15:257–271

Table 1 Heterogeneous communication protocols in IoT

123
Service Oriented Computing and Applications (2021) 15:257–271 261

only point out the challenges coming from intrinsic IoT char- signaling data [17]. The former is often tied to confidentiality
acteristics such as scalability and heterogeneity, but review protection, while the latter helps to avoid denial-of-service
security and privacy requirements in terms of confidentiality, (DoS) attacks in the network layer. Similarly, the integrity
authentication, access control and trust. Moreover, Mahmoud protection at service and application layers also comes from
et al. [22] have identified security challenges in each layer two aspects: users’ data and programs.
of IoT and potential attacks like replay, DoS, man-in-the- Availability ensures that IoT services and devices are
middle and eavesdropping. Similarly, Vasilomanolakis et al. accessible and resilient to various malicious attacks. It
[23] present security and privacy requirements from the per- emphasizes on the security of IoT systems at runtime since
spective of identity management, network security, privacy only running IoT systems are able to provide services. On
and trust. the contrary, other security requirements are more concerned
From these research works, security requirements in IoT about the correctness of authentication, authorization, con-
should not only cover functional properties of IoT-based fidentiality and privacy mechanisms when designing secure
systems but consider the underlying layers, ranging from IoT systems. Systems with high availability could ensure
devices, networks, and applications layers during design time interconnectivity and accessibility of services while systems
and the runtime. On the one hand, IoT security requirements with low availability could incur security concerns such as
should be under the premise of considering unconventional attacks on the reliability. For instance, attacks targeting the
characteristics to meet basic security properties (i.e., confi- reliability of communications, such as capture attacks and
dentiality, integrity and availability). On the other hand, an impersonate attacks [27], could gain the control of IoT sys-
appropriate analysis of security threats at design time and a tems and retrieve relevant information that might threaten
continuous monitoring of vulnerabilities at runtime should their operations at runtime. The availability in the device
reduce security breaches and evade potential threats. The layer protects devices from physical attacks and DoS attacks.
IoT security should thus be considered from bottom-up so Privacy refers to an individual’s intention to control
that security and privacy protocols protect IoT systems from the access of others to themselves (i.e., physical, behav-
being undermined by security threats. Referring to the IoT ioral, or intellectual). Privacy pertains to people, whereas
reference model and security capabilities illustrated in [17], confidentiality pertains to data; privacy is a right, whereas
we briefly state main security requirements for a secure IoT confidentiality is an agreement to access sensitive data [28].
infrastructure as follows: For example, the target of the RFID tag tracking attack and
Confidentiality means preventing sensitive data from the eavesdropping attack is all about individuals. Attackers
being retrieved and cracked by unauthorized and malicious can make use of hidden RFID readers to track insecure tags
parties. Therefore, it should be built on authentication and of products and retrieve sensitive information like location
authorization mechanisms. The confidentiality at the device information and credit card information used to purchase
layer consists of two parts: data storage confidentiality and them [29]. Privacy preserving aims to protect users’ sensitive
data transmission confidentiality. The former protects data, information such as identity information, location, mobility
including programs in devices, from disclosure and tam- traces, habits from any other parties [30,31]. Hence, privacy
pering. The latter is responsible for data confidentiality in challenges are particularly significant at the application layer.
communications. In the network layer, it is mainly about In order to meet security and privacy requirements,
network packages, including signaling data and user data, authentication and authorization mechanisms designed for
and confidentiality in transmission across complex networks. IoT are indispensable. Authentication stands for validating
The confidentiality in the service layer refers to data man- whether a given digital identity of an IoT entity is genuine
agement, processing and storage. Moreover, data stored at or not. At the device layer, the authentication of devices is
third-party service providers require confidentiality mech- necessary to prevent illegal accesses, tampering and cam-
anisms to prevent from stealing information by malicious ouflage. The authentication at the network layer refers to
attackers. Centralized service providers such as Facebook the signaling data integrity protection to avoid denial-of-
[24] and Equifax [25] are very easy to become the honey pot service (DoS) attacks. Roughly speaking, the service layer
of intruders. Lastly, the confidentiality at the application layer authentication is coupled with a key management system
refers to the confidentiality of application data with respect and access control policies, whereas the application layer
to specific users. authentication is related to identification, authentication and
Integrity protects data and programs from being tam- authorization of user identities. Authorization refers to grant-
pered by unauthorized users. At the device layer, integrity ing the corresponding access to the authenticated users based
not only grantees that data is not altered but ensures that on their identities. After authenticating genuine identities, an
devices and built-in programs are authenticated, trusted, and access is granted with the corresponding rights. Therefore,
not hijacked by malicious attackers [26]. The network layer establishing identity management and authentication mech-
integrity refers to the integrity protection of data usage and anisms are prerequisites for authorization protocols, which

123
262 Service Oriented Computing and Applications (2021) 15:257–271

and filter papers. The search pattern was formed based on

the keywords in the research questions as follows:

(’Security Challenges’
OR ’Countermeasures’
OR ’Threats’
OR ’Security Requirements’
OR ’Privacy’)
AND (’IoT’ OR ’Internet of Things’)
The main purpose of our search strategy is to identify
papers from primary sources and assess their content whether
Fig. 2 Relationship between security requirements and authentica-
they answer the before-mentioned research questions in a
tion/authorization concrete manner. By answering these research questions, we
aim to establish the foundation to a future research roadmap
that should address security and privacy countermeasures
are logically applied at service and application layers, and that need to be resolved by the research community to cope
are enforced at the device layer. with IoT security requirements.
To sum up, authentication and authorization mechanisms
are keystones in IoT cyber-security and support confiden-
tiality, integrity, availability and privacy in IoT systems as 4 Threats and challenges in the IoT security
depicted in Fig. 2. The authentication is responsible for and privacy
verifying legitimate users (i.e., identities), while authoriza-
tion process prescribes rules how authenticated users are Before covering IoT security and privacy challenges, a closer
interacted with each other. In addition, authentication and look at IoT applications and trends might help to better
authorization should be considered when designing IoT understand IoT security and privacy requirements. Vari-
security systems. However, availability refers to security pro- ous companies across industries use IoT-enabled solutions
tection of IoT systems against various malicious attacks at to solve long-standing, industry-specific challenges. IoT-
runtime. enabled solutions connect physical things to collect data and
derive data analytic insights to reduce costs, improve produc-
tivity, increase revenue and satisfy customers needs. Recent
3 Research method developments in IoT application include wearable gadgets,
connected cars, smart home, medical devices and smart cities
Our research method to review the literature on topics related just to mention a few. These real-life examples of applications
to IoT security and privacy is inspired by [32]. We conducted lead researchers and developers to specify key requirements
our review to simultaneously address IoT characteristics and to address IoT security and privacy under constraints in the
IoT security and privacy requirements by performing a deep light of restricted data storage, mobility, different communi-
analysis of the most relevant scientific publications to address cation protocols, and limited power batteries just to mention
the following research questions: a few. Without loss of generality, heterogeneity of IoT appli-
cations and their scales, ranging from small isolated devices
to large networks of cyber-physical devices, increases cyber-
– What are the threats and challenges from the IoT require-
threats, vulnerabilities and adversarial attacks. As a result, it
ments perspective, namely confidentiality, integrity, avail-
becomes important to identify existing countermeasures and
ability and privacy?
recommend specific research directions to reduce the gap as
– How IoT devices handle threats and challenges given
well as find new paradigms to cope with IoT security require-
unique IoT characteristics such as connectivity, scala-
ments.
bility, dynamic changes and limited resources?
Security requirements in IoT from different layers are
– What are the available countermeasures to address these
somehow similar to general security requirements in Internet-
threats and challenges?
based systems. However, the IoT characteristics render these
requirements difficult to implement and thus introduce new
Keywords from these questions are combined in different threats and vulnerabilities.
ways to form patterns and retrieve scientific papers from main Figure 3 assesses these security threats and challenges in
scientific libraries. In addition, our research method includes IoT systems. Without being exhaustive, a typical IoT sys-
a search process to define keywords, form search patterns tem is composed of many heterogeneous subsystems like

123
Service Oriented Computing and Applications (2021) 15:257–271 263

the RFID subsystem and the WSN subsystem. In this sec- – The eavesdropping attack refers to unauthorized user who
tion, we discuss some representative threats and challenges spies the communication between RFID tags and read-
in each subsystem, classify threats and challenges from the ers via antennae since radio frequencies are broadcast
perspective of IoT security requirements and IoT character- everywhere [34].
istics. We also present existing countermeasures and open
research perspectives from IoT characteristics. Countermeasures

4.1 Connectivity security analysis of IoT – Relay attacks: although relay attacks can be defended
against through the communication encryption between
When IoT entities (i.e., devices, actuators, systems, . . . ) are RFID tags and readers or by adding additional authen-
interconnected, security issues and threats arise. In the fol- tication procedures such as passwords, PINs or biomet-
lowing subsections, we identify these threats and challenges ric information, these solutions eliminate inconvenient
in the context of connectivity, namely integrity, availability communication as well [34]. The distance measure-
and privacy. ment, in contrast, can also be a promising scheme to
defend against relay attacks [35,36], where the distance-
4.1.1 Integrity bounding parameter is used to improve authentication
security level.
When IoT entities are interconnected, authentication and – Cloning attacks: approaches such as challenge-response
authorization of diverse devices turn into a bottleneck chal- authentication protocols [37], the physical unclonable
lenge in the Internet of Things. Given many constraints on function [13,38] and audit log data evaluation [39] can
limited resources, authentication and authorization should be applied to prevent cloning attacks.
follow a trade-off to ensure IoT integrity. Any weakness in – Spoofing or impersonation attacks: approaches such as
authentication or authorization between devices leads to vul- authentication protocols could prevent these attacks [34].
nerables and potential attacks. – Eavesdropping attacks: the encryption of the RFID com-
For example, the authentication in RFID systems is often munication channels could improve RFID security [34].
a target of diverse attacks, which could be divided into two
types: misbehaving tags and misbehaving reader attacks. The WSNs authentication is another battlefield of attacks
in IoT systems.
Threats and challenges
Threats and Challenges
– The relay attack can relay verbatim messages from RFID
tags to a well-behaving RFID message reader, i.e., attack- – Sinkhole attacks are based on the idea that adversaries
ers intercept and manipulate communications between can build the sinkhole with compromised nodes to lure
two parties. almost all traffics toward the sinkhole; thus, all routes
– The cloning attack is another misbehaving tags attack in will be directed to a sinkhole established by the attackers
which attackers can replicate information in RFID tags. [40].
All the characteristic features of RFID systems are thus – Wormhole attacks can destabilize or disable WSNs, in
vulnerable to security breaches [33]. If RFID tags do not which attackers could tunnel messages eavesdropped
employ any security measures, the cloning attacks copy from the network of low-latency link to another location
all stored information to the clone tag. Where RFID tags and replay them. Adversaries are thus able to influence
do have some security policies, attackers are able to con- the topology through wormholes [41].
duct complex attacks to bypass readers’ authentication – Node capture attacks mean the adversary could extract
processes [34]. secret information from sensor nodes, modify installed
– The spoofing attack modifies information in RFID tags software and even replace their firmwares with malicious
[34]. When an attacker impersonates a legitimate RFID ones, carrying the original identification to initiate insider
tag, important information could be tampered, such as attacks [42]. Thus, the node capture attacks include
MAC address, IP address and DNS server information attacks such as the node clone attack and the deluge
[33]. (reprogram) attack.
– The impersonation attack is pretty much similar to the
RFID tag cloning attack because of lacking authentica- Countermeasures
tion in communications. Attackers could impersonate a
legitimate reader to deceive tags for gathering sensitive – Sinkhole attacks use advertised information that is pretty
information stored in the tags. hard to verify in order to construct the routing topology.

123
264 Service Oriented Computing and Applications (2021) 15:257–271

Fig. 3 Taxonomy of security threats and challenges

They then use the invisible channel tamper for the sensor overlapped workspace (known as the RFID readers col-
network [41]. As a result, sinkhole and wormhole attacks lision). Adversaries can exploit the collision to create
are difficult to detect. Therefore, detection protocols pre- radio interference attacks and then initiate DoS attacks.
sented in [39] for sinkhole or wormhole attacks remain – RFID tags disabling attacks refer to the unauthorized mis-
inefficient. However, geographic routing protocols [43] using of tag disabling commands. Although schemes that
are designed to combat these attacks since invisible links send killing or sleeping command to RFID tags could
are easily detected. ensure the confidentiality of tags information, unautho-
– Node capture attacks need not only the authentication rized tag disabling could lead to incapacitation of RFID
mechanisms [44], but also nodes clone detection proto- tags.
cols [6,8,45].
Countermeasures
4.1.2 Availability

The availability of IoT systems covers many aspects: the – The radio interference attacks: the noisy radio signal
device availability, the network availability and the ser- could be blocked by choosing the proper antenna and
vice availability. Denial-of-service attacks remain the biggest location of its placement, selecting optimal operating
challenge to ensure the availability in IoT systems. In partic- radio frequency, installing a metal fencing as electromag-
ular, the physical destruction of devices, radio interferences netic shields [46].
and jamming could influence the availability of IoT systems. – The RFID tags collision attacks: the countermeasures
In RFID systems, the protection of availability is critical could be divided into probabilistic and deterministic
to ensure the availability of devices and services. algorithms, many of which are relying on the ALOHA
scheme. Deterministic anti-collision algorithms are those
Threats and Challenges
in which the tag reader sorts through tags based on their
unique identification number [47].
– RFID communication is subject to radio interference
– The RFID tag disabling attacks: the password mechanism
attacks in inherently unstable and noisy environments
could prevent such attacks, as it is prescribed in EPC tag
[34]. Radio interference attacks consist of the RFID tags
data standard [33,34].
collision attack and the RFID reader collision attack. For
example, when two or more RFID tags transmit mes-
sages to a reader simultaneously, it is possible that the DoS attacks are not an issue specific to RFID and could
reader could not get their information correctly [10]. On be found in wireless devices, which incur many attacks from
the contrary, more than one RFID reader can have the the physical aspects and the DoS attacks as well.

123
Service Oriented Computing and Applications (2021) 15:257–271 265

Threats and Challenges – The smurf and misdirection attacks: they could be
resolved to schedule the victim node into a sleep mode
– The Sybil attacks: attackers mislead other nodes and dis- for some time [53].
rupt the information reception from legitimate devices by
creating many pseudonymous identities. Fault-tolerant 4.1.3 Privacy
algorithms and topology maintenance programs are often
subject to Sybil attacks [48]. In the context of connectivity, privacy in IoT systems
– The unfairness attacks: adversaries simply use DoS becomes more vulnerable to attacks. For example, privacy of
attacks to degrade the performance of applications. [49]. RFID tags turns into the focus of attention, especially when
– The radio interference attacks: adversaries produce large tags’ data involves personal information.
amounts of interferences to disturb communications in
Threats and Challenges
WSNs [40]. It comprises many other attacks such as col-
Based on the General Identifier EPC scheme [54], the general
lision attacks.
identifier of RFID tags consists of the following elements:
– The collision attacks: adversaries initiate collision attacks
by transmitting signal using the same frequency, which
can deplete computation, memory or bandwidth resources – The general manager number, which stands for entities
[50]. such as companies, organizations or manufacturers;
– The routing information attacks: adversaries disrupt net- – The object class, which identifies the class of things to
work traffic by manipulating routing information [40]. which the tag is attached;
For example, attackers could alter acknowledgments of – The serial number code, which is a unique number within
overhead packets, which are required by routing algo- the object class.
rithms of sensor networks.
– The smurf attacks: adversaries deliberately forge ICMP Thus, RFID tags raise two main privacy threats: the tags
messages using the IP address of the victim and broadcast content attack and the tags tracking attack.
them to the entire network. If the network’s traffic exceeds
the network capacity, the host will be flooded and cannot
– The general manager number could reveal the manufac-
provide any effective services to legal requests.
turer of the tagged items, while the object class could
– The misdirection attacks: adversaries could deny valid
disclose their inventories. Attackers could take advan-
routed packets and resend the altered packets with
tage of the hidden RFID reader to obtain tags information
unreachable destinations.
[47].
– RFID tags are subject to the tracking attack. For example,
Countermeasures the serial number code could expose location [47]. When
consumers make a purchase with credit cards, shops can
– The Sybil attacks: identity verification is indispensable record the relationship between credit cards and RFID
to detect and mitigate Sybil attacks. The radio resource tag information [50].
testing and key pre-distribution were proposed [51] to
defend against the Sybil attack. Zhang et al. proposed Similarly, the location privacy threats affect wireless
a lightweight identity certificate method used to thwart devices like Bluetooth devices [43].
Sybil attacks [52].
– The unfairness attacks: one effective countermeasure Countermeasures
against the unfairness attack is the adoption of a small Since the issue of tags privacy has appeared, many privacy-
frame to narrow the window of initiating channel capture protecting schemes have been proposed. These solutions
attacks [49]. could be classified into:
– The radio interference attacks: they could be defended
against by selecting an optimal operating radio frequency, – The non-cryptographic schemes include sending killing
as well as by installing a metal fencing as an electro- or sleeping command scheme [47,55], tags relabel-
magnetic shield. As for the collision attack, it could be ing scheme [29,40,51], pseudonyms tags scheme [46],
defended against with error-correcting codes [48]. Faraday cage scheme, tags blocking scheme [49,56], dis-
– The routing information attacks: the most effective tance measurement scheme [19] and proxying scheme
countermeasure against routing information attacks is [20,47,57].
the application of an authentication protocol (e.g., the – The cryptographic schemes consist of tags re-encryption
encryption of sent packets and headers) [48]. scheme [27,48], anonymous-ID scheme [58], challenge-

123
266 Service Oriented Computing and Applications (2021) 15:257–271

response authentication scheme [37], hash-chain scheme – The key management: a global key scheme was pro-
and (randomized) hash lock scheme [55]. posed in [4] by which nodes share an identical key.
However, it cannot prevent malicious nodes from inside
4.2 Scalability security analysis of IoT IoT networks. The centralized key distribution scheme
can be found in [65]. Although the centralized key dis-
IoT is envisioned as a global network of billions of smart tribution with symmetric key algorithms avoids using
devices. Scalability brings many security threats and chal- computationally expensive public key cryptography, it
lenges such as identification and authentication of devices takes the risk of key server failure and increases the
and implies significant DoS attacks. In the following sec- communication between nodes because two nodes need
tions, we introduce these threats and challenges and identify handshakes to negotiate the key through the central key
specific impacts on IoT security from the perspective of scal- server. Many schemes [18,59,61,66,67] are based on key
ability. pre-distribution, in which the establishment of a shared
key with key materials and the distribution of key mate-
4.2.1 Integrity rials are two indispensable steps [68].

In the context of scalability, the identification and authenti-

cation mechanism play a crucial role that affects all aspects 4.2.2 Availability
of IoT systems.
Threats and Challenges In the context of scalability, billions of devices might be
deployed in an extremely hostile and unattended environ-
– The identification usually occurs before the authentica- ment. Therefore, they are more likely to be attacked through
tion. Providing the digital identity is the first step during physical destruction.
the login process. Apart from realizing the connectivity Threats and Challenges
in heterogeneous networks, an elastic and unified iden-
tity management framework is critical for the massive
– The physical removal and destruction of IoT devices like
adoption of IoT services.
sensors, RFID tags or RFID readers could render RFID
– The key management in the large-scale sensor network
systems unavailable because of the IoT scalability.
could be a serious challenge. In recent years, many
– The scalability of IoT devices provides the possibility of
solutions have been presented in the WSNs, which are
reverse engineering against the firmware in these devices.
adapted to the scalability of large sensor networks.

Countermeasures
Countermeasures

– The physical attacks could be mitigated by increasing the

– The identity management: during the past three decades,
number of guards, cameras, gates and fences [46].
identity management systems (IdMS) have evolved from
– The reverse engineering: the corresponding encryption
isolated [59] to centralized [60] and then to federated
techniques should be employed in firmware protection.
models [61]. However, security and privacy have not
been solved perfectly in such models since users have to
trust their identity providers. In fact, identity providers
can intercept activities between every user and their 4.3 Dynamic changes in security analysis of IoT
online service providers. As cyber security threats are
becoming major challenges in IoT, blockchain tech- Dynamic changes refer to the diverse states of things. The
nology is emerging from Bitcoin [62] and Ethereum states of devices include sleeping and waking up, connected
[63] as a prominent perspective to develop IoT secu- and disconnected, location and speed. Obviously, mobility is
rity solutions in decentralized and trustless environments. one part of the dynamic changes, e.g., the high mobility of
For example, self-sovereign blockchain-based identity nodes, rapidly changing network topology and unbounded
management systems do eliminate unnecessary central- network size in intelligent transportation. These characteris-
ized identity providers by developing blockchain-based tics all belong to dynamic changes. The authentication and
identity platforms, in which users, devices and service availability attacks in other characteristics could be aggra-
providers follow the identity consensus and hence could vated in the context of dynamic changes.
verify identities instead of blindly trusting in third-party In the following subsections, we introduce information
identity providers [64]. security from the perspective of mobility to identify what

123
Service Oriented Computing and Applications (2021) 15:257–271 267

kind of influence on IoT security the dynamic changes, espe- k-anonymity have been proposed to protect users’ location
cially mobility, might exert. privacy such as CliqueCloak [72–74].

4.3.1 Confidentiality 4.4 Limited resources security

Mobile delay tolerant network (mobile DTN) is an approach In the context of limited resources in IoT systems, security
to establish information communications in heterogeneous standards, protocols or solutions should take IoT constraints
networks that may lack continuous network connectivity. into consideration at design time. DoS attacks depleting these
Mobile DTNs have many forms like Vehicular Adhoc NET- limited resources like communication channels and power
works (VANET) and pocket switched networks (PSNs) and should be restricted under constant surveillance at runtime.
have been deployed in many scenarios.
4.4.1 Confidentiality
Threats and Challenges
Due to the lacking of intermittent connectivity, the prediction-
The confidentiality of data in IoT systems is always a
based routing protocols are that intermediaries store mes-
trade-off between limited resources. Several techniques and
sages and deliver them to the destination nodes by discov-
schemes are proposed to handle data confidentiality and
ering the routing path of higher probability of encountering
resource constraints. For example, the data aggregation was
its destination. However, in such circumstances, confiden-
designed to solve the energy consumption issues in WSNs.
tiality of messages becomes difficult to achieve [69] where
Moreover, the selection of encryption cryptographic algo-
intermediary nodes need the destination to determine where
rithms is vital in WSNs with the limited computing power,
messages should be delivered.
storage space and battery supply.
Threats and Challenges Threats and Challenges
Threshold pivot scheme (TPS) is proposed in [44] in which To secure the aggregated data, the selection of symmetric key
the secret sharing scheme is used to split the message into cryptographic algorithms is the first priority. Considering the
shares so that the confidentiality of messages is fully pro- limited resources such as the computing power, storage space
tected. and battery supply, however, we have to think about it twice
before we select cryptographic algorithms.
4.3.2 Privacy
Countermeasures
In the context of dynamic changes, the location privacy has Eight symmetric encryption schemes, Skipjack [75], RC5
increasingly got comprehensive attention in the mobile DTNs [76], RC6 [76,77], Rijndael [78], Twofish [79], MISTY1
and location-based service. [80], KASUMI [81] and Camellia [82], are evaluated on
the ultra-low power consumption Texas Instrument plat-
Threats and Challenges form in [83]. Besides, the reasons why other symmetric key
algorithms like DES [84], IDEA, SAFER++ are not in the
– In IoT systems, mobility means the dynamic changes in comparison list are pointed out. CPU, battery and memory
location. Although location-based service brings us a lot consumption are measured for each algorithm. The experi-
of convenience, the location privacy becomes a threat ments turn out block ciphers and conclude that Rijndael [78]
people are concerned about, e.g., privacy preserving in has very good performance in energy-saving for sensor net-
mobile DTNs and location-based service. works, and MISTY1 performs well when considering storage
– People with mobile devices such as smartphones and and energy efficiency. In addition, two hash algorithms, MD5
tablets could use the location-based applications to send [76] and SHA-1 [85], are assessed in [86].
their queries to LBS servers and then acquire what they
want to from nearby. However, the untrusted LBS server 4.4.2 Integrity
may track users, obtain their location information and
even sell their personal data to third parties. In the context of limited resources, the authentication mech-
anism in different IoT subsystems like WSNs is a bottle-neck
challenge.
Countermeasures
In DTNs, many schemes have been proposed to pro- Threats and Challenges
tect location information such as ASR [70], ALAR [71] Although symmetric cryptographic algorithms are widely
and PRISM [72]. Since the k-anonymity was introduced used to encrypt data in WSNs because of its less consumption
to support location privacy [73], many schemes based on of computing, storage and energy resources, the symmetric

123
268 Service Oriented Computing and Applications (2021) 15:257–271

cryptographic algorithms could not solve the key exchange Countermeasures

problem, ensure the confidentiality of key and be used for
digital signatures efficiently. Therefore, public key crypto- – To defend against the jamming attacks, the categorized
graphic algorithms should be introduced to WSNs. Certainly, approaches include detection, proactive, reactive and
the consumption of limited resources should be taken into mobile agent-based countermeasures [95].
consideration in the process of algorithms selection at the – One countermeasure against flooding attacks is asking
very beginning. clients declare commitments before allocating resources
After the experimental research stage of these years, there via solving a puzzle [3]. Another solution is the authen-
are several well-benchmarked asymmetric cryptographic tication for broadcast and flooding.
algorithms like Rabin [87], NtruEncrypt [88], RSA [89]
and elliptic curve cryptography (ECC) [90]. The compari-
son of average execution times and the energy consumption
between RSA and ECC can be found in [91] and [92], respec- 5 Conclusion
tively. Recently, many ECC-based algorithms like TinyECC
[93] are becoming more and more popular in IoT devices due In this survey, we focused on security and privacy threats
the improved performance [94]. in IoT, presented four characteristics of IoT and summarized
the necessary security requirements in IoT. From the perspec-
4.4.3 Availability tive of these characteristics and IoT security requirements,
we elaborated specific threats and challenges along with the
DoS attacks render devices with battery and communication corresponding countermeasures.
channels more vulnerable in the context of limited resources. This survey considers an novel approach to examine IoT
Jamming, flooding and battery exhaustion could drain the security and privacy. Firstly, it presents a research method
limited resources in IoT systems. based on keywords related to IoT characteristics and their
In RFID systems, DoS attacks are serious threats to avail- security requirements. Secondly, the survey covers a wide
ability of RFID systems. These attacks can consume limited range of attacks at different levels and provides specific coun-
resources and compromise IoT systems and can be grouped termeasures.
into two categories: However, security challenges in IoT are not only due to the
IoT’s unconventional characteristics. The IoT vision of view-
Jamming Attacks and DoS Threats ing and managing the identities of “entities (e.g., people,
An attacker could fabricate noisy signals in the same range as services, processes and things) within a single framework is
the reader to deplete the RF channels and block the commu- also a critical issue to develop security solutions that scale up.
nication between tags and readers. This kind of DoS attacks Traditional, people-focused identity and access management
is called jamming attack. systems have been unable to accommodate the propagation
Countermeasures of diverse things (tiny acceleration sensors, wearable devices,
unmanned vehicles). It is unclear how the Internet of Things
– Apart from the placement of the antenna, the optimal will define relationships among entities so new authentication
selection of operating radio frequency and the installing and authorization mechanisms can be built up. The security
of the electromagnetic shield, spread-spectrum tech- in IoT also encounters the proliferation of several different
niques could provide a cryptographically secure spec- IoT standards, which are currently competing with each other
trum range for radio communication. and neglecting to some extent security issues in their stan-
– DoS attacks exist in WSNs as well and include batter dards. Another security challenge relies on the ability of IoT
and communication channel exhaustion, jamming attack, to enable an end-to-end security approach in a seamless and
flooding attack and interrogation attack. fully integrated manner. A more likely trend would be to
investigate how security constraints in devices and software
Jamming and Flooding Attacks Threats can be integrated and enforced at the design time and the
execution time. Using secure multi-party computations in the
– Jamming attack in WSNs is identical to the jamming IoT remains a promising area to develop privacy-preserving
attack in RFID systems. IoT applications.
– The flooding attack: an adversary may exhaust device The blockchain technology also offers unique features to
resources by repeatedly making new connection requests, support high security for IoT devices and enable privacy
broadcasting HELLO messages or sending handshake preserving in distributed and trustless environments [96].
(RTS/CTS) packages so legitimate nodes face up severe The amalgamation of blockchain and IoT leads to a new
resource constraints [40]. paradigm to improve security and privacy and extend IoT

123
Service Oriented Computing and Applications (2021) 15:257–271 269

applications with traceability, immutability and decentral- In: Giusto D, Iera A, Morabito G, Atzori L (Eds.). Springer, pp
ization. Unfortunately, limitations of existing blockchains 389–395
7. Roman R, Zhou J, Lopez J (2013) On the features and challenges
such as Ethereum and Hyperledger in terms of scalability of security and privacy in distributed internet of things. Comput
and interoperability open a venue for new research direc- Netw 57(10):2266–2279
tions to address the design of new blockchain-based security 8. Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A (2015) Security,
architectures and privacy protocols [97]. privacy and trust in internet of things: the road ahead. Comput
Netw 76:146–164
Yet another important research direction to include in 9. Sen J (2010) Privacy preservation technologies in internet of
an IoT research roadmap is the human in the loop (HiTL) things. In: The international conference on emerging trends in
and the role of users to mitigate the security and privacy mathematics. Technology and Management, pp 496–504
concerns[98,99]. Human presence and behavior will be no 10. Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of
the internet of things: perspectives and challenges. Wirel Netw
longer seen as an external entities of IoT applications but
20(8):2481–2501
should be integrated and detected in real time to reduce 11. Vikas BO (2015) Internet of things (IoT): a survey on privacy
cyberthreats and mitigate risks. Considering the human in issues and security (2015)
the loop, secure system designers aspire that end-users per- 12. Covington MJ, Carskadden R (2013) Threat implications of the
internet of things. In: 5th international conference on cyber con-
form security critical tasks. In practice, users often fail in flict (CyCon). IEEE, pp 1–12
their security roles, and many breaches and social engineer- 13. Deng J, Han R, Mishra S (2003) Security support for in-network
ing attacks are often caused to human errors. Since it is not processing in wireless sensor networks. In: Proceedings of the 1st
possible to get humans completely out of the loop, a future ACM workshop on Security of ad hoc and sensor networks. ACM,
pp 83–93
research challenge should focus on building IoT frameworks 14. Fremantle P (2015) A reference architecture for the internet of
for reasoning about the human in the loop to systematically things. https://wso2.com/whitepapers/a-reference-architecture-
identify potential causes for human failures and mitigate for-the-internet-of-things
them [100,101]. 15. Padmavathi DG, Shanmugapriya M (2009) A survey of attacks,
security mechanisms and challenges in wireless sensor networks.
Author Contributions Y.B. initiated the research. X.Z wrote the original arXiv preprint. arXiv:0909.0576
draft preparation. Y.B wrote, reviewed, edited and prepared revised 16. Ren Y, Oleshchuk V, Li FY, Ge X (2011) Security in mobile wire-
versions. Y.B. and X.Z. have contributed equally. M.A. wrote, reviewed less sensor networks a survey. J Commun 6(2):128–142
and prepared the final version. All authors have read and agreed to the 17. ITU-T (2012) ITU-T Recommendation Y. 2060 Overview of the
published version of the manuscript. Internet of Things, Series Y: Global Information Infrastructure,
Internet Protocol Aspects and Next-Generation Networks. http://
Funding This research work is supported by the IndustryXchange seed www.itu.int/ITU-T/recommendations/rec.aspx?rec=11559
Grant, Pennsylvania State University and the Research Council (TRC), 18. Greenemeier L (2015) Recall shows that a hack attack on car
Sultanate of Oman (Block Fund-Research Grant) controls is a credible threat. Scientific American
19. Walters JP, Liang Z, Shi W, Chaudhary V (2007) Wireless sensor
network security: a survey. Security in distributed, grid, mobile,
Declaration and pervasive computing 1(2007):367
20. Roman R, Najera P, Lopez J (2011b) Securing the internet of
things. Computer 44(9):51–58
21. Agrawal P, Trivedi B (2019) A survey on android malware and
Conflict of interest The authors declare no conflict of interest.
their detection techniques. In: 2019 IEEE international confer-
ence on electrical, computer and communication technologies
(ICECCT), pp 1–6
22. Mahmoud R et al (2015) Internet of things (IoT) security: current
References status, challenges and prospective measures. In: Proceedings of
the 2015 10th international conference for internet technology and
1. ITU-T (2012) ITU-T Recommendation Y.2069 Terms and Defi- secured transactions (ICITST). IEEE, pp 336–341
nitions for the Internet of Things, Series Y: Global Information 23. Vasilomanolakis E et al (2015) On the security and privacy of
Infrastructure, Internet Protocol Aspects and Next-Generation internet of things architectures and systems. In: 2015 International
Networks. http://www.itu.int/ITU-T/recommendations/rec. workshop on secure internet of things (SIoT). IEEE 2015, pp 49–
aspx?rec=11700 57
2. IDC (2019) The Growth in Connected IoT Devices Is Expected to 24. Isaac M, Frenkel S (2018) Facebook security breach exposes
Generate 79.4ZB of Data in 2025. (2019). https://www.idc.com/ accounts of 50 million users. The New York Times. https://
getdoc.jsp?containerId=prUS45213219 www.nytimes.com/2018/09/28/technology/facebook-hack-
3. SANS Institute (2014) Securing the Internet of Things Sur- data-breach.html (visited on 01/21/2019)
vey. https://www.sans.org/reading-room/whitepapers/analyst/ 25. CSPAN (2017) Senate Banking Committee Hearing on Equifax
securing-internet-things-survey-34785 Data Breach. https://www.c-span.org/video/?434469-1/equifax-
4. Wind River (2015) Security in the Internet of Things: Lessons ceo-testifies-senate-banking-panel (visited on 04/28/2020)
from the Past for the Connected Future 26. Borgohain T, Kumar U, Sanyal S (2015) Survey of security and
5. Weber Rolf H (2010) Internet of Things new security and privacy privacy issues of internet of things. arXiv:1501.02211 [cs]
challenges. Comput Law Secur Rev 26:23–30 27. Covington MJ, Carskadden R (2013) Threat implications of the
6. Medaglia CM, Serbanati A (2010) An overview of privacy and internet of things. In: 2013 5th international conference on cyber
security issues in the Internet of Things. The Internet of Things. conflict (CyCon). IEEE, pp 1–12

123
270 Service Oriented Computing and Applications (2021) 15:257–271

28. Nada A, Omer R, Charith P (2021) Security and privacy require- 51. Newsome J, Shi E, Song D, Perrig A (2004) The sybil attack
ments for the internet of things: a survey. ACM Trans Internet in sensor networks: analysis & defenses. The 3rd international
Things 2(1):202 symposium on Information processing in sensor networks. ACM,
29. Dimitriou T (2005) A lightweight RFID protocol to protect against pp 259–268
traceability and cloning attacks. In: Security and privacy for 52. Zhang Q, Wang P, Reeves DS, Ning P (2005) Defending against
emerging areas in communications networks, 2005. IEEE, pp 59– sybil attacks in sensor networks. In: 25th IEEE international con-
66 ference on distributed computing systems workshops. IEEE, pp
30. Evans D, Eyers DM (2012) Efficient data tagging for manag- 185–191
ing privacy in the internet of things. In: Proceedings of the 2012 53. Sarma D, Kumar H, Kar A (2006) Security threats in wireless
IEEE international conference on green computing and commu- sensor networks. In: The 40th annual 2006 international carnahan
nications (GreenCom). IEEE, pp 244–248 conference on security technology. IEEE, pp 243– 251
31. Wang Y, Wen Q (2012) A privacy enhanced DNS scheme for the 54. GS1 (2014) EPC Tag Data Standard (2014). http://www.gs1.org/
internet of things. In: Proceedings of the international conference epc/tag-data-standard
on communication technology & application. IET 55. Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and
32. Liao B, Ali Y, Nazir S, He L, Khan HU (2020) Security analysis privacy aspects of low-cost radio frequency identification systems.
of IoT devices by using mobile computing: a systematic literature In: Hutter D, Mller G, Stephan W, Ullmann M (Eds) Security in
review. IEEE Access 8:120331–120350 pervasive computing. Number 2802 in Lecture Notes in Computer
33. Alizadeh M, Zamani M, Shahemabadic AR, Shayan J, Azarnik A Science. Springer, pp 201–212
(2013) A survey on attacks in RFID networks. Open Int J Inf 1:1 56. Juels A, Brainard J (2004) Soft blocking: flexible blocker tags on
34. Mitrokotsa A, Rieback MR, Tanenbaum AS (2010) Classifying the cheap. In: The ACM workshop on privacy in the electronic
RFID attacks and defenses. Inf Syst Front 12(5):491–505 society. ACM, pp 1–7
35. Hancke GP, Kuhn MG (2005) An RFID distance bounding pro- 57. Rieback MR, Crispo B, Tanenbaum AS (2005) RFID guardian:
tocol. In: First international conference on security and privacy a battery-powered mobile device for RFID privacy management.
for emerging areas in communications networks (SecureComm). In: Information security and privacy. Springer, pp 184–194
IEEE, pp 67–73 58. Kinoshita S, Hoshino F, Komuro T, Fujimura A, Ohkubo M (2004)
36. Singelee D, Preneel B (2005) Location verification using secure Low-cost RFID privacy protection scheme. IPS J 45(8):2007–
distance bounding protocols. In: IEEE international conference 2021
on conference mobile adhoc and sensor systems. IEEE, 7 pp 59. Jøsang A, Pope S (2005) User centric identity management. In:
37. Rhee K, Kwak J, Kim S, Won D (2005) Challenge-response based Proceedings of the AusCERT Asia Pacific information technology
RFID authentication protocol for distributed database environ- security conference, Brisbane, Australia, pp 22–26
ment. In: Security in pervasive computing. Springer, pp 70–84 60. Jøsang A, Zomai MA, Suriadi S (2007) Usability and privacy in
38. Tuyls P, Batina L (2006) RFID-tags for anti-counterfeiting. In: identity management architectures. In: Proceedings of the Fifth
Topics in cryptologyCT-RSA. Springer, pp 115–131 Australasian symposium on ACSW frontiers, Ballarat, Australia,
39. Mirowski L, Hartnett J (2007) Deckard: a system to detect change 30 January–2 February 2007
of RFID tag ownership. Int J Comput Sci Netw Secur 7(7):89–98 61. Maler E, Reed D (2008) The venn of identity: options and issues
40. Kavitha T, Sridharan D (2010) Security vulnerabilities in wireless in federated identity management. IEEE Secur Priv 6:16–23
sensor networks: a survey. J Inf Assur Secur 5(1):31–44 62. Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash system.
41. Karlof C, Wagner D (2003) Secure routing in wireless sensor https://bitcoin.org/bitcoin.pdf. Accessed 31 Aug 2018
networks: attacks and counter-measures. Ad hoc Netw 1(2):293– 63. Ethereum—A next-generation smart contract and decentral-
315 ized application platform. https://github.com/Ethereum/wiki/
42. Saxena M (2007) Security in wireless sensor networks-a layer wiki/White-Paper. Accessed 31 Aug 2018
based classification. Department of Computer Science, Purdue 64. Zhu X, Badr Y, Pacheco J, Hariri S (2017) Autonomic iden-
University tity framework for the internet of things. In: Proceedings of the
43. Yu Y, Govindan R, Estrin D (2001) Geographical and energy 2017 international conference on cloud and autonomic computing
aware routing: a recursive data dissemination protocol for wire- (ICCAC), Tucson, AZ, USA, 18–22, pp 69–79
less sensor networks. Technical Report. Technical report ucla/csd- 65. Adrian P, Robert S, Justin DT, Victor W, Culler DE (2002) SPINS:
tr-01-0023, UCLA Computer Science Department security protocols for sensor networks. Wirel Netw 8(5):521–534
44. Raymond DR, Midkiff SF (2008) Denial-of-service in wireless 66. Zhou Y, Fang Y (2006) A scalable key agreement scheme for
sensor networks: attacks and defenses. IEEE Pervasive Comput large scale networks. In: The 2006 IEEE international conference
7(1):74–81 on networking, sensing and control (ICNSC). IEEE, pp 631–636
45. Parno B, Perrig A, Gligor V (2005) Distributed detection of node 67. Zhou Y, Fang Y (2006) Scalable link-layer key agreement in
replication attacks in sensor networks. In: IEEE symposium on sensor networks. In: Military communications conference (MIL-
security and privacy. IEEE, pp 49–63 COM). IEEE, pp 1–6
46. Karygiannis Tom, Eydt Bernard, Barber Greg, Bunn Lynn, 68. Yun Z, Yuguang F, Yanchao Z (2008) Securing wireless sensor
Phillips Ted (2007) Guidelines for securing radio frequency iden- networks: a survey. Commun Surv Tutor 10(3):6–28
tification (RFID) systems. NIST Spec Publ 80(2007):1–154 69. Shi C, Luo X, Traynor P, Ammar MH, Zegura EW (2012) Arden:
47. Sarma S, Weis S, Engels D (2002) RFID systems and security and anonymous networking in delay tolerant networks. Ad Hoc Netw
privacy implications. In: Cryptographic hardware and embedded 10(6):918–930
systems (CHES). Number 2523 in Lecture Notes in Computer 70. Zhu B, Wan Z, Kankanhalli MS, Bao F, Deng RH (2004) Anony-
Science. Springer, Berlin Heidelberg, pp 454–469 mous secure routing in mobile ad-hoc networks. In: The 29th
48. Wang Y, Attebury G, Ramamurthy B (2006) A survey of security Annual IEEE international conference on local computer net-
issues in wireless sensor networks. (2006) works. IEEE, pp 102–108
49. Wood AD, Stankovic J (2002) Denial of service in sensor net- 71. Lu X, Hui P, Towsley D, Pu J, Xiong Z (2010) Anti-localization
works. Computer 35(10):54–62 anonymous routing for delay tolerant network. Comput Netw
50. Sen J (2010) A survey on wireless sensor network security. arXiv 54(11):1899–1910
preprint. arXiv:1011.1529 (2010)

123
Service Oriented Computing and Applications (2021) 15:257–271 271

72. Defrawy K, Tsudik G (2011) Privacy-preserving location-based 90. Miller V (1986) Use of elliptic curves in cryptography. In:
on-demand routing in MANETs. IEEE J Sel Areas Commun Advances in cryptologyCRYPTO85 proceedings. Springer, pp
29(10):1926–1934 417–426
73. Gruteser M, Grunwald D (2003) Anonymous usage of location- 91. Gura N, Patel A, Wander A, Eberle H, Shantz S (2004) Comparing
based services through spatial and temporal cloaking. In: The elliptic curve cryptography and RSA on 8-bit CPUs. In: Crypto-
1st international conference on mobile systems, applications and graphic hardware and embedded systems (CHES). Springer, pp
services. ACM, pp 31–42 119–132
74. BUTLER (2014) uBiquitous, secUre inTernet-of-Things with 92. Wander AS, Gura N, Eberle H, Gupta V, Shantz SC (2005) Energy
Location and contExt-awaReness. https://cordis.europa.eu/ analysis of public-key cryptography for wireless sensor networks.
project/rcn/101349_en.html (visited on 08/19/2018) In: 3rd International conference on pervasive computing and com-
75. NIST (1998) Skipjack and KEA Algorithm Specifications Version munications (PerCom). IEEE, pp 324–328
2.0 93. Ning P, Liu A, Kampanakis P (2007) TinyECC: elliptic curve
76. Ronald R (1992) The MD5 message-digest algorithm. http://tools. cryptography for sensor networks. Online (September, 2005)
ietf.org/html/rfc1321?ref=driverlayer.com 94. Rodrigo R, Cristina A, Javier L, Nicolas S (2011) Key manage-
77. Rivest RL (1995) The RC5 encryption algorithm. In: Fast software ment systems for sensor networks in the context of the internet of
encryption. Springer, pp 86–96 things. Comput Electr Eng 37(2):147–159
78. Daemen J, Rijmen V (2002) The design of Rijndael, AES—The 95. Aristides M, Damianos G, Charalampos K, Grammati P (2009) A
Advanced Encryption Standard. Springer-Verlag (238 pp) survey on jamming attacks and countermeasures in WSNs. Com-
79. Schneier B, Kelsey J, Whiting D, Wagner D, Hall C (1998) mun Surv Tutor 11(4):42–56
Twofish: a 128-bit block cipher. Current 21(1):1–27 96. Stoyanova M, Nikoloudakis Y, Panagiotakis S, Pallis E, Markakis
80. Matsui M (1997) New block encryption algorithm MISTY. In: EK (2020) A survey on the internet of things (IoT) forensics:
Fast software encryption. Springer, pp 54–68 challenges, approaches, and open issues. IEEE Commun Surv
81. 3GPP (1999) Specification of the 3GPP confidentiality and Tutor 22(2):1191–1221
integrity algorithms document 2: KASUMI specification. 97. Mohanta BK, Jena D, Ramasubbareddy S, Daneshmand M, Gan-
ETSI/SAGE Specification Version 1:SAGE domi AH (2021) Addressing security and privacy issues of IoT
82. Aoki K, Ichikawa T, Kanda M, Matsui M, Moriai S, Nakajima using blockchain technology. IEEE Internet Things J 8(2):881–
J, Tokita T (2001) Specification of Camellia – a 128-Bit Block 888
Cipher. http://info.isl.ntt.co.jp/camellia/ 98. Ma M, Lin W, Pan D, Wang P, Zhou Y, Liang X (2017) Data and
83. Yee WL, Jeroen D, Pieter H (2006) Survey and benchmark of decision intelligence for internet of things: putting human in the
block ciphers for wireless sensor networks. ACM Trans Sens Netw loop. In: IEEE international conference on big data security on
2(1):65–93 cloud, IEEE international conference on high performance and
84. Schneier Bruce (1997) Cover and title pages. Appl Cryptogr smart computing (HPSC), and IEEE international conference on
1997:125–147 intelligent data and security (IDS), pp 190–195
85. Eastlake D, Paul J (2001) US Secure Hash Algorithm 1 (SHA1). 99. Garrido-Hidalgo C, Hortelano D, Roda-Sanchez L, Olivares T,
Technical Report. http://www.rfc-editor.org/info/rfc3174 Ruiz MC, Lopez V (2018) IoT heterogeneous mesh network
86. Ganesan P, Venugopalan R, Peddabachagari P, Dean A, Mueller deployment for human-in-the-loop challenges towards a social
F, Sichitiu M (2003) Analyzing and modeling encryption over- and sustainable industry 4.0. IEEE Access 6:28417–28437
head for sensor network nodes. In: The 2nd ACM international 100. Lorrie FC (2008) A framework for reasoning about the human in
conference on Wireless sensor networks and applications. ACM, the loop. UPSEC, 15 p
pp 151–159 101. Salam MA, Koone ME, Thirumuruganathan S, Das G, Roy
87. Rabin MO (1979) Digitalized signatures and public-key functions SB(2019) A human-in-the-loop attribute design framework for
as intractable as factorization. Technical Report, DTIC Document classification. The World Wide Web Conference (WWW). Asso-
88. Hoffstein J, Pipher J, Silverman JH (1998) NTRU: a ring- ciation for Computing Machinery, pp 1612–1622
based public key cryptosystem. In: Algorithmic number theory.
Springer, pp 267–288
89. Rivest RL, Shamir A, Adleman L (1978) A method for obtaining
Publisher’s Note Springer Nature remains neutral with regard to juris-
digital signatures and public-key cryptosystems. Commun ACM
dictional claims in published maps and institutional affiliations.
21(2):120–126

123