Investigation of Security Challenges from the Perspective of Stakeholders in IoT

Main Article Content

Md Sajid Bin Faisal
Ahsan Habib
Md Aolad Hossain Anna
Cynthia Simin Rashid
Dip Nandi

Abstract

Internet of Things (IoT) has become one of the major study concerns and prospects in recent times. The ecosystem that makes the interconnection between person, objects, device in a secured acceptable and useful manner is in the boundary of Internet of Things. One of the major concerns in IoT is its security and the technologies which are working behind. The security measures are taken under a vast amount of studies and applications. The concept of this research is to consider the existing technologies that are working for security assurance and the challenges which are faced by different angles of participants and manufacturers due to make IoT a secure electronic ecosystem. Basically, the focus over the security challenges are on the stakeholders and they are user, manufacturer and service provider.

Article Details

How to Cite
[1]
M. S. B. Faisal, A. Habib, M. A. Hossain, C. S. Rashid, and D. Nandi, “Investigation of Security Challenges from the Perspective of Stakeholders in IoT”, AJSE, vol. 20, no. 2, pp. 8 - 19, May 2021.
Section
Articles
Author Biographies

Md Sajid Bin Faisal, American International University-Bangladesh

Md Sajid Bin Faisal has got his Bachelor of Science (BSc) in Computer Science & Engineering (CSE) at American International University- Bangladesh (AIUB) from the year 2017 to 2020. Currently he is doing his Master of Science degree in Computer Science from American International University-Bangladesh. He is a current general member of AIUB Computer Club (ACC) & got selected twice in the Dean’s List of Honor of Faculty of Science and Technology, AIUB. He has an enthusiasm over the research field of IoT, Network Security & Cryptography, Graph Theory, Algorithms & basic applications of Mathematics in modern world problems.

Ahsan Habib, American International University-Bangladesh

Ahsan Habib was born in Chandpur, Chittagong, Bangladesh in 1997. He received the BSc degrees in Software Engineering from the American International University- Bangladesh (AIUB) in 2020. He was selected two times in the Dean’s List of Honor of Faculty of Science and Technology, AIUB in his BSc. He completed his internship entire title ‘Network Security Aspect Internet’ at National Credit and Commerce Bank Limited (Head Office) department of IT Hardware & Infrastructure Division in 2020. He got President Scout Award in 2013. He was a general member of AIUB Computer Club (ACC). His current research interest in Internet of Things (IoT), Network Security & Cryptography, Graph Theory, Block Chain, Big Data and Software Engineering.

Md Aolad Hossain Anna

Md. Aolad Hossain Anna completed his B.Sc in   Computer Science   & Engineering from American International University-Bangladesh, Dhaka Bangladesh. Currently he is working as a Web Developer in DISABLE WELFARE FOUNDATION. He is a general member of AIUB Computer Club. His current research interest in Internet of Things (IoT), Block Chain, Network Security, Big Data, Human Computer Interaction, Encryption Algorithm and Software Engineering

Cynthia Simin Rashid

Cynthia Rashid Simin Has completed her Bachelor of Science (BSc) in Computer Science & Engineering (CSE) at American International University -Bangladesh (AIUB).Currently preparing for her Master’s degree. She is highly interested in IoT as a research area, Network Security and cryptography, various Algorithms and Data Structures, Software Quality Assurance and Testing.

References

REFERENCES
[1] Ali, Z. H., Ali, H. A., & Badawy, M. M. (2015). Internet of Things (IoT): definitions, challenges and recent research directions. International Journal of Computer Applications, 128(1), 37-47.
[2] Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A review on internet of things
[3] Biswas, A. R., & Giaffreda, R. (2014, March). IoT and cloud convergence: Opportunities and challenges. In 2014 IEEE World Forum on Internet of Things (WF-IoT) (pp. 375-376). IEEE.
[4] Xia, F., Yang, L. T., Wang, L., & Vinel, A. (2012). Internet of things. International journal of communication systems, 25(9), 1101.
[5] Talwana, J. C., & Hua, H. J. (2016, December). Smart world of internet of things (IoT) and its security concerns. In 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) (pp. 240-245). IEEE.
[6] Wang, C., Daneshmand, M., Dohler, M., Mao, X., Hu, R. Q., & Wang, H. (2013). Guest Editorial-Special issue on internet of things (IoT): Architecture, protocols and services. IEEE Sensors Journal, 13(10), 3505-3510.
[7] Kuo, Y. W., Li, C. L., Jhang, J. H., & Lin, S. (2018). Design of a wireless sensor network-based IoT platform for wide area and heterogeneous applications. IEEE Sensors Journal, 18(12), 5187-5197.
[8] Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266-2279.
[9] Zhang, Zhi-Kai, Michael Cheng Yi Cho, Chia-Wei Wang, Chia-Wei Hsu, Chong-Kuan Chen, and Shiuhpyng Shieh. "IoT security: ongoing challenges and research opportunities." In 2014 IEEE 7th international conference on service-oriented computing and applications, pp. 230-234. IEEE, 2014.
[10] Billure, R., Tayur, V. M., & Mahesh, V. (2015, June). Internet of Things-a study on the security challenges. In 2015 IEEE International Advance Computing Conference (IACC) (pp. 247-252). IEEE.
[11] Yaqoob, Ibrar, Ejaz Ahmed, Muhammad Habib ur Rehman, Abdelmuttlib Ibrahim Abdalla Ahmed, Mohammed Ali Al-garadi, Muhammad Imran, and Mohsen Guizani. "The rise of ransomware and emerging security challenges in the Internet of Things." Computer Networks 129 (2017): 444-458.
[12] Rao, T. A., & Haq, E. U. (2018). Security challenges facing IoT layers and its protective measures. International Journal of Computer Applications, 975, 8887.
[13] Sha, Kewei, Wei Wei, T. Andrew Yang, Zhiwei Wang, and Weisong Shi. "On security challenges and open issues in Internet of Things." Future Generation Computer Systems 83 (2018): 326-337
[14] Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities.
[15] Wei, W., Yang, A. T., Shi, W., & Sha, K. (2016, October). Security in internet of things: Opportunities and challenges. In 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI) (pp. 512-518). IEEE.
[16] Juels, A. (2006). RFID security and privacy: A research survey. IEEE journal on selected areas in communications, 24(2), 381- 394.
[17] Lin, I. C., & Liao, T. C. (2017). A survey of blockchain security issues and challenges. IJ Network Security, 19(5), 653-659.
[18] Săndescu, C., Grigorescu, O., Rughiniş, R., Deaconescu, R., & Calin, M. (2018, September). Why IoT security is failing. The Need of a Test Driven Security Approach. In 2018 17th RoEduNet Conference: Networking in Education and Research (RoEduNet) (pp. 1-6). IEEE.
[19] Jia, X., Feng, Q., Fan, T., & Lei, Q. (2012, April). RFID technology and its applications in Internet of Things (IoT). In 2012 2nd international conference on consumer electronics, communications and networks (CECNet) (pp. 1282-1285). IEEE.
[20] Gao, H., Guo, Y., Cui, J., Hao, H., & Shi, H. (2012). A communication protocol of RFID systems in internet of things. International Journal of Security and its Applications, 6(2), 91-102.
[21] Khan, M. A., & Salah, K. (2018). IoT security: Review, blockchain solutions, and open challenges. Future Generation Computer Systems, 82, 395-411.
[22] Nofer, M., Gomber, P., Hinz, O., & Schiereck, D. (2017). Blockchain. Business & Information Systems Engineering, 59(3), 183-187.
[23] Ren, L. (2014). Proof of stake velocity: Building the social currency of the digital age. Self-published white paper.
[24] Benvenuto, C. J. (2012). Galois field in cryptography. University of Washington, 1(1), 1-11.
[25] Rijmen, V., & Daemen, J. (2001). Advanced encryption standard. Proceedings of Federal Information Processing Standards Publications,National Institute of Standards and Technology, 19-22.
[26] Liu, J. J., Huang, Y. L., Leu, F. Y., Pan, X. Y., & Chen, L. R. (2017, October). Generating dynamic box by using an input string. In International Symposium on Mobile Internet Security (pp. 17-29). Springer, Singapore
[27] Bulens, P., Standaert, F. X., Quisquater, J. J., Pellegrin, P., & Rouvroy, G. (2008, June). Implementation of the AES-128 on Virtex-5 FPGAs. In International Conference on Cryptology in Africa (pp. 16-26). Springer, Berlin, Heidelberg.
[28] Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities.
[29] Pawar, A. B., & Ghumbre, S. (2016, December). A survey on IoT applications, security challenges and counter
[30] Kumar, P., Zaidi, N., & Choudhury, T. (2016, November). Fog computing: Common security issues and proposed countermeasures. In 2016 International Conference System Modeling & Advancement in Research Trends (SMART) (pp. 311-315). IEEE.
[31] Svantesson, D. And Clarke, R. (2010). Privacy and consumer risks in cloud computing. Computer Law & Security Review, 26, 391-397. doi:10.1016/j.clsr.2010.05.00
[32] Khorshed, T.M., Ali, A.B.M.S. and Wasimi, S.A. (2012). A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Generation Computer Systems, 28, 833–851. doi:10.1016/j.future.2012.01.006
[33] Teneyuca, D. (2011). Internet cloud security: The illusion of inclusion. Information Security Technical Report, 16, 102-107. doi:10.1016/j.istr.2011.08.005
[34] Joint, A., Baker, E. and Eccles, E. (2009). Hey, you, get off of that cloud? Computer Law & Security Review, 25, 270–274. doi:10.1016/j.clsr.2009.03.001
[35] Ryan, P. and Falvey, S. (2012). Trust in the clouds. Computer Law and Security Reviews, 28, 513- 521. http://dx.doi.org/10.1016/j.clsr.2012.07.002
[36] Lee, K. (2012). Security Threats in Cloud Computing Environments. International Journal of Security and Its Application, 6(4), 25-32.
[37] Kim, J. and Hong, S. (2012). A Consolidated Authentication Model in Cloud Computing Environments. International Journal of Multimedia and Ubiquitous Engineering, 7(3), 151-160.
[38] Chen, D. and Zhao, H. (2012). Data Security and Privacy Protection Issues in Cloud Computing. International Conference on Computer Science and Electronics Engineering, 647-651. doi: 10.1109/ICCSEE.2012.193
[39] Petcu, D., Macariu, G., Panica, S. and Crăciun, C. (2013). Portable Cloud applications—From theory to practice. Future Generation Computer Systems, 29, 1417–1430. doi:10.1016/j.future.2012.01.009
[40] Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J. and Brandic, I. (2009). Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems, 25, 599–616
[41] Serrano, M., Quoc, H. N. M., Hauswirth, M., Wang, W., Barnaghi, P., & Cousin, P. (2013, June). Open services for IoT cloud applications in the future internet. In 2013 IEEE 14th International Symposium on" A World of Wireless, Mobile and Multimedia Networks"(WoWMoM) (pp. 1-6). IEEE.
[42] Mendez Mena, D., Papapanagiotou, I., & Yang, B. (2018). Internet of things: Survey on security. Information Security Journal: A Global Perspective, 27(3), 162-182
[43] Miloslavskaya, N.G., & Tolstoy, A.I. (2018). Internet of Things: information security challenges and solutions. Cluster Computing, 22, 103-119.
[44] Kuo, Y. W., Li, C. L., Jhang, J. H., & Lin, S. (2018). Design of a wireless sensor network-based IoT platform for wide area and heterogeneous applications. IEEE Sensors Journal, 18(12), 5187-5197.
[45] S. Kraijak and P. Tuwanut, "A survey on IoT architectures, protocols, applications, security, privacy, real-world implementation and future trends," 11th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2015), Shanghai, 2015, pp. 1-6, doi: 10.1049/cp.2015.0714
[46] Feng, X., Yang, L. T., Wang, L., & Vinel, A. (2012). Internet of things. International Journal of Communication Systems, 25(9), 1101-1102.
[47] Wei, W., Yang, A. T., Shi, W., & Sha, K. (2016, October). Security in internet of things: Opportunities and challenges. In 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI) (pp. 512-518). IEEE
[48] Karame, G., Androulaki, E., & Capkun, S. (2012). Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin. IACR Cryptol. ePrint Arch., 2012(248).
[49] Yun, J., Goh, Y., & Chung, J. M. (2019, January). Analysis of mining performance based on mathmatical approach of PoW. In 2019 International Conference on Electronics, Information, and Communication (ICEIC) (pp. 1-2). IEEE.
[50] Bentov, I., Gabizon, A., & Mizrahi, A. (2016, February). Cryptocurrencies without proof of work. In International conference on financial cryptography and data security (pp. 142-157). Springer, Berlin, Heidelberg.
[51] Gervais, A., Karame, G. O., Wüst, K., Glykantzis, V., Ritzdorf, H., & Capkun, S. (2016, October). On the security and performance of proof of work blockchains. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security (pp. 3-16).
[52] Lin, I. C., & Liao, T. C. (2017). A survey of blockchain security issues and challenges. IJ Network Security, 19(5), 653-659.
[53] Tsai, K. L., Huang, Y. L., Leu, F. Y., You, I., Huang, Y. L., & Tsai, C. H. (2018). AES-128 based secure low power communication for LoRaWAN IoT environments. IEEE Access, 6, 45325-45334
[54] Shanthi Rekha, S., & Saravanan, P. (2019). Low-Cost AES-128 Implementation for Edge Devices in IoT Applications. Journal of Circuits, Systems and Computers, 28(04), 1950062.
[55] Teneyuca, D. (2011). Internet cloud security: The illusion of inclusion. Information Security Technical Report, 16(3-4), 102-107.
[56] Khorshed, M. T., Ali, A. S., & Wasimi, S. A. (2012). A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Generation computer systems, 28(6), 833-851.
[57] Rai, R., Sahoo, G., & Mehfuz, S. (2013). Securing software as a service model of cloud computing: Issues and solutions. arXiv preprint arXiv:1309.2426.
[58] Casola, V., Cuomo, A., Rak, M., & Villano, U. (2013). The CloudGrid approach: Security analysis and performance evaluation. Future Generation Computer Systems, 29(1), 387-401.
[59] Yun, J., Goh, Y., & Chung, J. M. (2019, January). Analysis of mining performance based on mathmatical approach of PoW. In 2019 International Conference on Electronics, Information, and Communication (ICEIC) (pp. 1-2). IEEE.
[60] Rehana, J. (2009, April). Security of wireless sensor network. In Seminar on Internetworking.
[61] Hu, F., Ziobro, J., Tillett, J., & Sharma, N. K. (2004). Secure wireless sensor networks: Problems and solutions. Rochester Institute of Technology, Rochester, New York, USA.
[62] Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015, December). Internet of things (IoT) security: Current status, challenges and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336-341). IEEE
[63] Duc, A. N., Jabangwe, R., Paul, P., & Abrahamsson, P. (2017, May). Security challenges in IoT development: a software engineering perspective. In Proceedings of the XP2017 Scientific Workshops (pp. 1-5).

DB Error: Unknown column 'Array' in 'where clause'