ejo4r2021 Roviow_on_Security_of Intemel_of_Things pa IEEE Access Received August 26,2019, acepted Oclaber 4, 2018 Date of publication ax 00, 0000, date of eurent version max 00, 0000 ga pe dtr wy nS. 2019291723 Review on Security of Internet of Thi Authentication Mechanism ‘TARAK NANDY®", (Member, IEEE), MOHD YAMANI IDNA BIN IDRIS®!2,, RAFIDAH MD NOOR®'2, MISS LAIHA MAT KIAH!, (Senior Member, IEEE), LAU SIAN LUN®S, NOR BADRUL ANNUAR JUMAAT™!, (Senior Member, IEEE), ISMAIL AHMEDY®", NORJIHAN ABDUL GHANI®", ‘AND SANANDA BHATTACHARYYA‘ CComespnding utr: Tak Nandy (arak@iee em) and Raidah Bd Noor (Fidah@um.eduny) This work was suppor in RU Grants (Under Faculties) GPO09D-2018 in pat by the Malaysia Research University Network (MRUN) Lang Tern Resear Grant Scheme (LRGS)(LROOS 2019 and LRGS MRUNTF201/2019401) and partnership grant between he Univenity of Malaya and Sunway University unser Gram RKOO-2017, ings E ABSTRACT Interne of things (loT is consired as a collection of heterogencaus devices, such as sensor, Radiofrequency Mentiieation (RFID) and actuators, which form a huge network, enabling non-infeme, components inthe network io produce a beter wor of services, Ik smart home, smart ety, smart transportation, and smart industries. On the oer hand, secusty and pivacy are the most important aspects ofthe [oT network, which includes authentication, authorization, data protection, network secur, and coe contol. Addiionally, traditional network security eannot be dry used inl networks du ols Fimtations on computational capabilites and storage capacities. Furthermore, authentication ithe mainstay ofthe ToT network as ll componcls undergo tn atcaicaton proces befor extbising cormmmceton, ‘Therefore, securing authentication is essential nts paper, we have focused on ToT security patculrly ntheirathetication mechanisms. Consequerly we highliged enormous alacks and iechreal meds tn he ToT aubentcaion mechanism, Ad&itonally, we dlcussed existing sccurly verBation treba tnd evaluation schemes of 1T authentication, Furthermore analysis agaist current existing protocols have toca discussed in ll parts and provided some recommendation. Finally, te aim of our sal isto elp the fire researcher by providing sur Issues, open challenges and fue copes in lo authentention, EINDEX TERMS Authentication, authentication protocols, Inmet of Things, network ack, security, irleareenicia 1. INTRODUCTION ‘organization and so on. IoT is envisaged to be able to pro- ‘thas been anticipated that all the things in the world are going to be internetworked [1]. At present, interet-based services, Which isa global network, are connections of computers and computing devices. The idea behind the Intemet of Things is toexpand the internet by not only connecting intemetworking devices bat also the non-IP components. like television light, fan, refrigerator, and air-conditioner. IoT is not based on ony at home but also in businesses like manufacturing orgs tions, vehicular networks, industries, grid companies, health “The associate eitor cooing the review of his manasrit and nproving it for pubiation was Lis Javier Garcia Villa vide an advanced level of services to society and businesses ‘Therefore, all the things around the world will be fitted with, ‘embedded electronics and information technology so that it ‘can produce valuable information based on the requirements ‘and can work like important nodes of the network. Addi- tionally, with the help of embedded electronics, embedded systems, embedded processors and embedded communica tion systems such small elements of environments can be ‘connected to the network, depending on the applications and business requirements, to produce a huge intemetworking environment, which is incomparable to the current network size, ILs stated that more than 2055 billion ToT devices will, “Ths nr aed ur Crete Commons bon 0 kara, or rene rman se hp/rerconmons/eeey/ 40 1 chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts xzle7 cloucont.nei60982778Review_on_Securty_ofInternet_of_. 1136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism be connected by 2020 and over three trillion US dollars will be spent on only hardware of [oT [2]. loT is one of the building blocks behind the concept of smart home [3] and smart cities [4 In the colossal of loT network, which is connected with huge numbers of sensors and other devices, identifying one component raises a fundamental challenge, because that ean cause privacy issues, governance of the system, access con- trol, and overall architecture. Security and privacy arc the ‘most important factors in. an IoP network (5]-(7]. On the other hand, there are three security requirements: conf tility, integrity, and availability. loT needs to achieve these thee requirements in order to Fulfill security aspects. More Cover, the environment of IoT may differ from a centralized nework to a de-centralized nework, cloud to fog network. ‘Therefore, security can be more tighten by enforcing dewe- tion techniques of unusual behavior or pattern of the network. This can be achieved in various ways, like a comparison hneader analyzer intrusion detection system (IDS) [8], based oon a vector space representation using a Multilayer Percep- tron (MLP) [9] oF machine learning [10/12], deep learn- ing [13]. Besides, authentication in the IoT network takes place mostly by three components, which re the sensor, user, and Gateway Nodes (GWN) or Authentication Server (AS). ‘A user authenticates himself by sending messages among sensors and GWN whereas, sensors also authenticates itsel? by communicating with GWN. Furthermore, authentication takes place in both secure and insecure networks so they are prone to different attacks. Most of the authentication proto- cols maintain three phases: identification, authentication, and authorization. Before authenticating itself, users oF sensors need to register in the network and during the login procedure authentication takes place. As during registration, login, and athe: ' happen among com- ponents so data privacy must be considered. To foeus on these issues, several protocols have chosen different mechanisms to authenticate users. FIGURE 1 provides the flow of the authentication process, where, in most cases, users are not available to GWN to send its information for authentica- tion, Therefore, remotely deployed sensor node helps them to authenticate in the ToT network. Additionally, different tion protocols use different techniques like REID, biometric or alphanumeric password for authenticating a user [14], In addition, the designing phase of authentica- tion protocols always considers the lightweight manner with respect to computation and storage because sensor nodes are computationally challenged and have minimum storage capacities ‘Authentication is one of the major parts of the security of oT networks. As per the loT network design is 2 concer, components ean communicate with each other and ean share data among themselves. If there is no filter, then important credentials can be stolen by network attacks and that can cause harm to the system or users. Authentication works on this situation to validate the identity of legitimate users and devices ina network. A myriad of authentication protocols are ion, several communica 2 designed over the last few decades but none of these provides complete protection to the networks. Protocol designers are Sometimes unaware of new threats in I6T networks. This, ‘motivates the authors of this paper to review on authentica- tion, which is very important for future authentication proto- ccol developer. Moreover, the authentication mechanism needs, to be improved by comparing the existing authentication protocols. Therefore, the contributors to this paper include all the aspects of authentication protocols of IoT. ‘A. CONTRIBUTION OF RESEARCH ‘The main contribution of this work is to produce a eom- prehensive idea © the researcher about 1oT authentication security and its peripherals. To formulate the idea, this research presented a well-developed taxonomy of attacks and ‘a classification of technical methods used in ToT authentica- tion systems. Additionally, network attacks have conversed against current OT authentication protocols that can mit gate Various threats. In addition, this paper elaborates on important evaluation techniques needed for authentication and compares it with existing protocols. Furthermore, this rescarch extended to consider enormous security verification techniques, which are most important for the authentica- tion mechanism, Additionally, this research produces impor- tant challenges and open issues that need to consider for future research proposals on designing an authentication mechanism, ‘The rest ofthe paper is formatted in the following manner (See FIGURE 2). In section I, this paper shows the classi ation of attacks and existing protocols to protect the IoT network from several attacks. Different technical methods of chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts txzle7 cloueont.neti60982778Review_on_Securty_ of Internet_of_. 2136ejo4r2021 Roviow_on_Security_of Intomel Nandy al: Review on Secu of oT Authentication Mechanism of Things pat IEEE Access: Poor Taxonomy of poy eed Peel FIGURE 2. Organization ofthe document TABLE 1. Descriptio of authentication model fit network, een ee low of message 1 2 3 7 Description FIGURE 1 reference @ User 0 GWN te Seimor to GWN to Users sed the autenticaton aguas to gateway node then GWN sends wer GWN sensor WN user_——_—infrmaton othe nee! sensor ofthe user, Afer that sensor acknowledges the wer’ information and ten GWN aunts the ust Cc) User © GWN Ww GWN w Sensors Uso send dhe autbencation agus tothe gateway nods thea GWN sends the GWN user sensor user GWWN authentication key othe utr and send user information tothe nearest Sensor tothe user. Aer ha the sensor authenticate nse © User © GWN 10 Sensor to GWN to Usomsond the athontcaton request to he gat’ node then GWN aon the GWN user GWN sensor GWWN authenteaton ey the user and sed user infomation to the neat Sensor tothe use, After tha, sensor responses tothe GWN with sensor and user nada to sore © User © GWN to Sensor Jo Sensorto Users send the autercton agus to eatoway node hen GWN sends war GWN sensor WN user__——_inrmation othe nearest sensor ofthe wr. Then, the sons, rsponsss back to GWN with keys and acknowledge the user simultaneously. © User to Sensorto GWN 10 Sensorto Users send te authentication request to he nears available sensor, The, tbe sensor GWN sensor user_———_—Sensr request back to GWN, GWN sends an acknowiedgmen! to the soso. Afr that, he sensor acolo the usr. 0 User © Somorig GWN Ww GWN 1 User send the authentication rgusst to the nears avalale sensor The, the sensor GWN sensor user__——_sensorrequest back to GWWN, GWN sends an acknowledgment othe sensor and utente the wer smoot) the loT authentication mechanism is provided in section IIL After that in section IV, security verification techniques have been discussed followed by ToT authentication evaluation techniques in section V. Furthermore, open challenges and future directions based on ToT authentication are discussed in section VI. Lastly, this discussion has been concluded by pointing out important issues in the current phenomenon in section VIL. I, TAXONOMY OF ATTACK ON AUTHENTICATION IN Io NETWORK ‘Attackers target network to gain access over it and get ‘valuable information t sell over a black market [15] or fulfil their requirements. Among all the network attacks, this paper will concentrate on a range of attacks related to ToT authentications, FIGURE 3 illustrates the well formulated taxonomy of attacks on ToT authentications. 3 chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts txzle7 cloueont.neti60982778Review_on_Securty_ of Internet_of_. 3136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism = aaa canon 3 om or a ——— == FIGURE 5. Taxonomy of attacks on oT authentication. Furthermore, TABLE 3 demonstrates the description of every ‘major attack as per as authentication is a concern in ToT. networks. As per the document, the classification of all the attacks is clustered in seven major categories, whi (querade attack, man-in-the-middle attack, DoS attack, fong- ing attack, guessing attack, physical attack, routing attack. Firsily, the masquerade attack distinguishes itself from other attacks on fake identity aspects; on which attacker counter- {eit identification of legitimate users. Forging attacks can be differentiated by its nature, where an attacker tries 10 imitate the existing component or system. Man-in-the- Middle (Mit), on the other hand, snoop network traffic between ‘two communicators. Ina DoS attack, the adversary floods the network with packets to jam communication and penetrate the network. Instead of imitating the existing components or flooding the network, adversaries prediet and try 10 explore the possibilities of getting confidential authentication exe- dentials of legal users in guessing attacks. Guessing attack hhas shown to be dangerous, but further exploitation on the network happens when an attacker ties to get access to the ToT network through physical components. This exploitation is typically called a physical attack. Lastly, a routing attack. is 10 create a fake route (© send or receive packets in an ToT network. Moreover, all the above categories of attacks in ToT authentications are elaboratcly described in the follow- ing sections using the counterpart of the existing protection ‘mechanism, ‘A. MASQUERADE ATTACK ToT authentication is based on identity and if the identity is compromised, then the network can be vulnerable. In the ‘maxquerade attack, the adversary uses fake identification to authorize himself as a genuine user in the network. If the Io network is not properly protected, it can be attacked by masquerade attacks, which can be prepared using stolen identification like a user id or password or detecting user's behavior tracking. This type of attack in the IO network is, very common but it depends on the level of authorization a network has managed to attain. As such, masquerade attack- crs can have a full smorgasbord of cybercrime opportunities if they have gained the highest access authority to a business ‘organization. FIGURE 3 elaborates a full range of possible masquerade attacks in ToT network based on authentication seourity. Impersonation aac kin ToT, where the adversary intercepts the authentication request of the previous session of another user and uses that information chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts txzle7 cloueont.neti60982778Review_on_Securty_ of Internet_of_. 4136ejo4r2021 Roviow_on_Security_of Intemel_of_Things pa Nandy et al: Review on Secu of oT Authentication Mechanism IEEE Access: TABLE2. Acronyms and ts definition. en Dtan ‘comm tn 7S Ana npn San nae AON in ds i Da or Ip a i AS An ee LIN Lv prorat bana ansra Mua hii of Tae Sty LE Leta BAKE Biometric Authenticated Key Exchange iM. Maorinthemiddle tay Bao Nh lef Wei lasrsrs 35 Tw MP Win Ps Crh Chopin on DE Dites MIC Yew amma Ons Dia oS Ort Owetnepomon DNS Bee KPa ine Des Df AD Raia ion fan _tabofa ey ROM Tana ni EOS Elcanecopoats ROR Rati ECDSA Hs Ce il Sn Ai psa Rt hic Gn Gamay se Smead ED Heit a ss Ser HMAC tbs Me: uaa Gl 25 Symtoms 159 tn se * Teo 15 hn dan ta a {ot bn er is : tS rr 16k barf rine VANE Wheat ies tv WSN Wirhsiow tot ass tis ROK Fain tov fii ‘anu, oan of ant ate ra Dacia Mess A ‘hist ahy sae nip i gira gs asc Maire AGE wisn eps pent eee Gr a eat Das Terai ein fd} orig iy el gn SS ‘pate uo Tk 1 Sse gahay sabia spa sodaaiac nga elem Csi tc Thr snk pt le pe of tig ngs tt cla TE Physical Attack In this attack, network enemies try to get access to the physical components. In addition, they may penctrate the ti hte bs ce seat ae Tinga I vstek wis cai m bung hee o seth pelce ns to authenticate itself. In contrast, Tu, et al. [16] proposed a User impersonation allows an attacker to steal the informa- novel techniques to handle the impersonation aitack in fog tion of an actual user to get into the system for unusual activi- ‘computing using Q-learning algorithm. FIGURE 4 shows the ties. Auser impersonation attack can be done in several ways. before and after impersonation attack in the loT network. Itis practical that an actual user may be leaked server's private voumes, 2018 5 _chrome-extensionilloemmndebldbolebtnladdacocfmadacminits:la watts xzle7 cloudont.nel80882776'Review_on_Securty_of Intemet_of_... 5136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism TABLE 4. Description of different types of masquerade attacks. ‘Masquerade Attacks Description Impersonation Aas In his aac, an adversary sueesflly assumes te ident ofa egimate wer. Anonymity Attack i this allack, sn adversary hides dsr deny and poor attack cnonymoly, User Tracking Attack Jn this attack an atacker wack uses fouteps and scl information. Cloning Atak In this ack an adversary creates a instance of legal use. enity The Attack inthis attack on adversary tas the defifction of «genuine se fo perfor the wapicions sk Insider Atack In this attack, an autorized user ofthe nctwork performs a malicious task fom inside the network, ‘Composition Anack Tn this aac, tacks oF overlap the same Kind of dataset roma diferent bw ‘Solen-erifer Atk In this stack, an ituder steals venicaton data of current or past authentication sessions oem the autheteation server and then uy ogo ino the server wing the compromis das, Activ Tracking n hip alae, atackers monitor the acvity ofa genuine wer By Pasing ack Tn this alae, an atacker captures «packet fom the user and responds tthe wis a genuine rseving node ety. ee, 2, ® o Point MU: Mobile user. information to the attacker. The legal user also can act like an attacker. Amin etal. [17] explained in their protocol on how to protcet the IoT network from user impersonation attack during authentication, Furthermore, a plethora of protocols have been designed to protect oT networks from attackers ‘during authentication, but many of them are designed to pro- tect specific kinds of attacks. Therefore, all ofthese protocols are open for many other attacks; sensor impersonation is one ‘of them, During the process of authentication, users, sensors, GWNS or servers, exchange messages among themselves to ‘come on a mutual goal. In this situation, an attacker can sense the network, get information sent by the sensor and modify the data to act as a legal sensor. Hence, the improved scheme like Jiang er al. er al. (18) protocol, can resist sensor node impersonation attack. In such cases, [oT users deserve to be anonymized as their activities ccan be tracked and the pattern of the user's behavior can be predicted. An attacker can predict users” position and their network using capabilites if the authentication protocols are ‘weak. In the same way, a central problem in sensor network security is that sensors are susceptible to physical capture attacks. Once a sensor is compromised, the adversary can eas- ily launch clone attacks by replicating the compromised node, distributing the clones throughout the network, and starting a variety of insider attacks. Attackers ean clone to the smatt card, tags 10 get more opportunities to explore the network Authentication protocols sulfer from the challenges to protect cloning attack from either a high computation or storage ‘overhead or poor detection accuracy. Wallrabenstein [19] pro- posed Io? Device Authentication using Physical Un-clone- able Functions. On the other hand, an identity theft attack is ‘one ofthe tricky methods to get the identity of an authorized user in various unauthorized ways, such as data breaches, unsecured websites, social networks, phishing, public com- puters, and skimming. Authentication protocols are vietim- od by identity theft attacks in almost all the Io sectors, including foV, HoT, and MIoT, Researchers have introduced several different techniques (20), [50] to counterpart the attack. In addition, In a network, a genuine user can behave san attacker. An authorized user can also aet like another legal user by using his/her credentials. Therefore, an internal scr who has authorized access to the system and the network launches an insider attack. Therefore, data protection by using anonymization techniques to hide personal information from the published dataset is essential However, atackers can use a composition artack vo merge fr overlap the same kind of dataset from a different body. Ganta eral. [51] discussed composition artack in auxil ry information and Buig eta. [52] show how to prevent composition attack in non-interactive data publishing set ‘ing by combining sampling and generation. Furthermore, an intruder can steal verification data form the authentica- tion server in the current or past authentication sessions ‘Then the adversary tries to get into the server using the compromised data. An advanced three-way authentication technique for loT is designed by Cui, et al. [53] to pre- vent various attacks, among them solen-verifier attack is fone of the most challenging. Additionally, the proliferation of software and technology growth allows uscrs to provide the specific function of their activities, household device management or personal assistance. ‘That third-party sott- ware can be hacked and user’s activity can be monitored and used agains! them. Besides, JoT infrastructures are more prone to weleome these threats. Viana. er al. [54] introduced chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts xzle7 cloucont.nei60982778Review_on_Securty_ofInternet_of_. 8136ejo4r2021 Nandy al: Review on Secu of oT Authentication Mechanism Roviow_on_Security_of Intemel_of_Things pa IEEE Access: conflict management in Systems of Systems (SoSs), The paper presented a framework for managing unpredictability in the system. In addition, many authentication protocols use the session key to protect from network attcks like a replay attack, but this session key can be compromis ‘and used against the system to be a masquerade. However, a the authentication process needs many communication and _message passing among nodes, the attacker ean get a message ‘and process among themselves and pass it back to the sender bypassing the actual node. This type of attack is called a node by-passing aitack. ToT authentication schemes are in jeop- ardy of node by-passing attacks by GWN by-passing attacks, base station by-passing attack or sensor by-passing. attack, Sarvabhatla and Vorugunti [21] designed a secure biometric: based user authentication scheme, which provides base sta ton by-passing attack protection. Chang etal. (22] proposed two-factor authentication that can protect GWN by-passing ‘attack whereas, authentication protocol for an ToT-cnabled LTE network by Saxena et al. [25}, gives protection towards secret key by-passing attack. The details about the loT authen- tication protocols to protect against masquerade attacks are tabulated in TABLE S. B. MAN-IN-THE-MIDDLE ATTACK In Man in the middle attack, an attacker secretly taps a net- ‘work and absorbs communication data between two pattics ‘who trust that they are directly connected and com ing with cach other. In this scenario, the attacker can drop, ss, and alters the communication data as well as can predict network and security patterns. Additionally, they use legitimate users’ data to establish new communication in the system, FIGURE 3 shows the classification and FIGURE, 5 illustrates the man-in-the-middle attack in the ToT authen- fication scenario. In addition, TABLE 6 shows a description ofall MitM attacks. Ina MiiM attack, cavesdroppers try to steal authentication data by unauthorized way, while communication takes place between nodes, over an ToT network. Attackers try to find and establish a weak network connection between sensors fand server and transfer network signal itself. Not only that bbutalso, they install network monitoring software [49], which, helps to snoop all transmitted authenticated data. However, -avesdropping is difficult to identify because of abnormality during transmission, Li etal. [55] proposed an interesting anti-cavesdropping scheme by friendly jammers to an indus- trial crowd-sensing network. Alternatively, message modifi- cation is @ type of active attack, where an attacker sniffs actual data from the network and pass the modified data, to the receiver. Asaduzzaman et al. [56] designed a protocol to offer better security over message modification attack near NFC architecture. Zhang, et al. [57] describes different abnormalities in VANETs, including massage suppression attacks. In massage suppression attacks, attacker multicast prevalent spoofed message over the network to prevent actual rhodes to get original messages and foree them to refresh cache every time. Pu and Zhou [58] shown a heuristic-based unica detection scheme (HED) to analyze and defend the message suppression attack in low power and lossy networks (LLNS) Likewise, a false message attack adversary sends inappro- priate data to the victim to mixguide the user. Moreover, data ean be transferred to the server as well as the end-user. Nevertheless, several protocols are designed to sense and prevent false messaging attacks [57], [59], [60]. Similarly, in & data manipulation attack, the attacker does not delete the data after retrieving from the actual source. Instead of doleting or tampering the data, they alter the actual content Of the information and sends in to the targeted location, ‘Tocmphasis, Khan et al [61] designed a distributed intrusion doteetion system (IDS) to detect and proteet network form data manipulation attacks. On the other hand, a substitu- tion attackoccurs when an attacker deliberately replaces the authentication or authorization algorithm by a forgery code to validate fraud user or gain access to the system. AS in the technique the actual encryption method is superseded, is Vulnerable to diferent attacks, However, during the past few years, hackers compromised several IoT networks to harvest user information includ- ing user id and hashed password even in worst-case plain text password. This compromised account is often offered in the black market [15] or leaked publicly. In addition, intruders often intercept data during the transaction in a network and can change the password of a legitimate user. As ToT is a collection of heterogeneous devices with inter- networking systems and most of the peripherals are con- nected in WSN, devices always populate data and send over networks. Therefore, attackers can use powerful devices to sniff those packets, disseminate information, and use for their purpose. Moreover, a network can be accessed through a wired or wireless medium, Ferrag and Abmim [62] and Yao et al [63] designed different protocols to prevent packet tracking attacks. Similarly, after getting the raw packets from the targeted network, hackers try to extract information from the pool of [28] data. Therefore, they use strong tools to disseminate data [65] and to produce powerful information that they can use to intercept the user or network. Packet ‘analysis artacks are. prevented by several mechanisms in ToT [62], [63]. Furthermore, adversaries intend to capture sensors in WSN to get information about network pattems and users’ details. They try to hack the sensor by penetrating the network ifthe security of the network is weak. However, researchers have noticed those attacks and designed IoT authentication protocols to protect them against this type of attack [28], [69]. For the same reason, authent cation protocols use session keys to prevent several attacks to ‘occur in the network. However, this session keys can be eom- promised to design anew type of attack. Ian attacker can get the session key of a particular session, then they can redesign the user's data and can ereate fake users and sessions to attack a network, Wu ef a [28] authentication and key agreement scheme ensure to protect against session key leakage attack. Similarly, after gettin the session key and user details by net- work tapping, an eavesdropper can ereate a valid login request 7 chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts xzle7 cloucont.nei60982778Review_on_Securty_ofInternet_of_. 1136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism TABLES. loT authentication protocols against masquerade attack me oP - s UEP ep pea £ a2 a | 2 32 a Protocols i & 5 i 3 : ze Eg ‘and start a new session with a sensor by masquerading a valid user. This type of attack is known as a parallel session and reflection attacks. Roy etal. [34] designed an authentication scheme with user biometrics and fuzzy extractor that protect, against parallel sessions and reflection attacks. In general, ToT devices collect data and transmit them over the network in order to connect. During this process, devices emit signals, which is called “side-channet™, These signals indicate the level of power consumption, electronic and aquatic emissions al any given time, At the same time, an intruder can ov take the encryption credentials by trespassing an loT des using the side-channel attack, Moon et al. [77] proposed a chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts txzle7 cloueont.neti60982778Review_on_Securty_ of Internet_of_. 8136ejo4r2021 Nandy al: Review on Secu of oT Authentication Mechanism Roviow_on_Security_of Intemel_of_Things pa IEEE Access TABLE 6. Desctiption of different types of man-in-the MiMi Awacks Description Eavesdropping Amack Tn this atc, an atcker wis to ind and establish a weak stwerk connection between sensors and Serves and teases network signal ‘Message Mosdiction In this attack, an adversary medics he actual mestage afer eeeiving i Rom a wer ‘Message Suppression Ak Tn thea, an atacke drops orginal packers afr rseving Hm aust False Messge Ack this tack, an adversary wis to send a inappropriate mesage to the use ‘ata Manipulation Arak this aac, an adversary manipulates and changes the ecived data ‘Substton Ata To this aac, an atacker dll roplacos the authentication or authorization algo by a forgry code to ‘ain acess othe sem Passed Updating Changin In this attach, an alent changes or updates the eal passwd acces the nwo Packet Tracing Aack thie attic, an atacker wack user anid packets sing powerfl software He Wize 9) Packet Analysis Anack thi tac, a attache perfoas an analysis of wars paket to get valuable infomation, ‘Sensor Capture Atak In this atic an avery captures senor node and manipulate hei fant Session Key Leak In this ttc, an altace tes o get the previous sesion hey 1 authetits themselves in the current sion, Parle Session and REAscton Atak sim def. Tn this ata, an adver clones another session Rey and perfor ask concur in a nctwork sing the sane SideChannel Attack this ack, nace oveakesthe ene on ered by espsing a device, x New connection oe User . a * > a Ha » FIGURE 5, Marvin the-middle attack in loT network during authentication. (2) User and sensor scenario and (b) Sensor and GWN scenario, protocols, whi against man in the ‘middle attack. Though the MitM attack is a serious issue in JoT authentication techniques, protocols are less attentive in different types of attacks in MitM. Among all most of the authentication protocols concentrated on eavesdropping ‘attack and sensor capture attack ©. Dos artack During denial of service (DoS), attack an advisory denies a service from a server, network to an authorized user by creating a large number of requests to the server at a time, DoS attack is quite common in ToT based network, where ‘an unauthorized user sends thousands of requests to the authentication server to shut down the operation temporarily To contrast, de Almeida et al. [48] developed a method 10 defense Dos artack in a network by providing packet-level authentication, In addition, a distributed denial of service dastack is an advanced DoS attack where DoS is performed ina distributed manner. To execute DDoS aatacks, attackers use a huge network of botnets to put down the service of a network. AS a result, genuine users cannot access the ser- vice from a particular network. Consequently, Liu. et al. [78] developed an enhanced distributed low-rate attack mitigation echanism for oT networks. On the other hand, as per FIGURE 6, the DNS ampli Jication attack takes advantage of DNS behavior in order to amplify the attack. A DNS server holds the public TP addresses and their accompanying hostnames. Therefore, the DNS resolver requests the IP of a hostname to the DNS server. Ifthe server does not contain the information, it refers, {to one of the root DNS servers, which refers to another DNS server to provide the IP, which boosts this attack, During the DNS amplification attack, attacker spoof the IP of vietims IP send a request to provide DNS list to the server. Because of spoofing all replies go to the vie- tim's system and the attacker can amplify the attack up to 100%. To protect the DNS amplification attack, YT needs ° chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:fia watts txzle7 cloueont.neti60982778Review_on_Securty_ of Internet_of_. 9136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism TABLE 7. loT authentication protocols to protect against MITM attacks. ‘MiiMt Awacks 2 9g 8 4 2 4 ¢ z ta BGo2o2 aid of Bo, F dad ® €. 22 2 #. 2 FEE 2 2 q26¢ 2205? #22 ¢ gi 2 e ge F Bi: ze: 2FE F s ¢oaid ig Po oao4 2 “ta g 5 | dey é 2 2£ 4 @ 33 ¢ go og@ Protocols ioe Chang and Le No No No No -No No No No NoYes SNS SON re Bares wa Ye Ne Ne No Ne Ne Ne Ne NO Yw ONeONeSONS rr Wadaliy Ye No Ne MyM ee ‘Kang tal. 3 Yes No No No No No No No No No No NON Leta pl] Yes_No No “No “No “No No NN Yas NNN Liketal Ba] No No No No No No No Nv NNN Lista 3] Yss__No No No No No No No NoMa N NN Roysetal [M4] No No No No No No No No No No No ¥s_No Wang etal 5] Yes__No No No No No No No NoYes NNN ‘Amin eta [36] No No No No No No No No NoYes No No WN Chula etal 5] Yer No No “No No “No “No No NNN NN Srins, et al No No No No No No No No No YuNo—ONo—No 140 Siena jal] Ya No No _Nv “Ne “Ne “Noo SNS Dammak et al No No No -No No No No No “NoYes SNo~SONDSOND 16) ‘Zhangseta Si]_No_No_Yoq__Veu_No No “No “No SNS SSN Puand Zhou [st] No No Yeu_No No NoNo No “No No No No ‘No Kim, tal [59] No No No _Ves_No No No No No No No No _No Khan tal. 6] No No No No Yes__No No No No No No No No Mahmood, etal No” Yer” NoYes No No No No No —=Mo—=Mo—OND—SWNo 1s Ferra [6] No Ya Ne Ww Ne Ne No VasYe—No Ros rin] No No No ‘No -NoYou_No No No “No No No No Wa,etal 6] No No No No -No No No No NoYes NNN Kom ct al No No No No -No No No No NO OMOONSSCYSONO rr, Scinoclpors a No No No No Ne Ne No No NO ONe SONS au ‘Jan ctal fa] __Yes__NoNo NNN NNO NSN NN acta [73] Yes_No No _No “Ne -No No No No NN NN Song cta.\74] Yos No No No No No No No No No N No No ong tal. ('5|Yes No No No No No No No No NN No No ‘Nueefa [761 No No _No_No No No _Yes__No No No No No _NO more research. Similarly, Flooding is a type of Denial of Service attack that is aimed to put a server or network down by flooding it with a huge number of traffics. Syn-flood is one (ofthe most hazardous in loT network, where the [oT network and application server become so weighted down initiating incomplete connection request that it no longer process 3 chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:la watts xzle7 cloudront.nei60982778Review_on_Securiy_of Intemet_of... ‘genuine request from the authenticated node. Additionally, when a node tries to communicate via exchanging common interest information, various attacks take place to capture the transmitted data without a proper certificate. After that, the captured data can be rejected and prevent from further travel to the destination. This type of attack is known as, 10136ejo4r2021 Nandy al: Review on Secu of oT Authentication Mechanism Roviow_on_Security_of Intemel_of_Things pa IEEE Access: TABLE 8, Desctiption of different types of DOS attacks Dos Auacks DDoS attack Description Inthe aac, eackars deny servos fom aserver or network wan autorzed user by erating a lags numberof requcsts {othe sever ttn, The action i perform in. distbuted esion ‘DNS Amplification aac Rejection aac ‘Desynctonization ack Tn this atk, an atackernseasesthe repli fom serve ta user by spon and performing false DNS aquest In this attack an adversary ignows the equest of communication fom legal use this stack, an aflacker Docks communication between RFID redler and backend sever, Therefire the tag's information frm the RFID device and serve misc TABLE. loT authentication protocols to protect against D0S attacks ‘Dos Atacks ‘DuS/DDoS tack DNS Amplification atack Flooding attack ‘Desynchroniration| Attack Protocols Doleset ah (25) Ye Ne No No Paras etal 26) Ye No No No ope, ea |29) Yes No No Yeo Lista. 31] No No No Yoo ‘Wang. et 35) Yo No No Yes ‘Chat ea. [38] Yo. No No No Bat anal Kumar 8) No Ne Ye No ‘Goes ane 15) Ye. Ne No No Moose a. 64) Ye No Ye: No an, etl (72 Yes No No No Hong (78) Yes No No No abhi etal [79] es No No No. Hu, et [801 Yes Xo No No ‘Anagowstopouto, etal fi] No Yer No No Salman t [821 Yes No No No — Insecure 9 connection \ wk on rd ee co aes FIGURE €, DNS amplification attack the Rejection attack. Alternatively, RFID related authenti- cation systems use a backend database 10 authenticate the user. Therefore, the attacker performs a desynchron ‘attack to block the communication between the RFID reader ‘and backend database server so that the tag’s key stored in the database and the tag’s memory mismatches and denies access. A way of rejection attack has been demonstrated Receiver ers 5. % ‘Aversary FIGURE 7. Rejection attack, in FIGURE 7. Moreover, an illustration of 1oT authentica- tion protocols, which protect from DoS attacks, is shown in TABLES. D. FORGING ATTACK Forging attack allows an attacker to steal authentication formation of a genuine user in a network and use the information as an authenticated user to gain access u chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:la watts xzle7 cloudront.nei60982778Review_on_Securiy_of Intemet_of... 1186ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism TABLE 10, Description of dtfrent types of forging attacks ging Avacks| ~Deseripton Gateway Forgery Tn this tack, the atacker acts 84 ges 1 9 gene ier, To Jos, the atcker got messages fom he sor and response to he user with momph dt. ‘Sensor Forgery Tn this atack, the attacker acts a Sensor othe gene use. To do, the atacker gos messages fom the sor and response to dhe usr with meh dats Sybil Atak Tin dhis atack, an atacker nod holds mile instances to communicate in a nework. These ashiovanents are posible by disabling or forging Ieitinste noes in the network: Replay Atak 1 this attack, an atacker capture the dla send by the use nd forward ite tbe next hop as an actual ust ‘Audio Reply Attack ‘Changing Distance Atack [In this attack an atisker spoof thence ad test et ke an automate speaker verifier. Tn this atack, an attacker performs malicious activites by manipulating the distance betwsen the objstsin lot ‘tbat Trace Atack Inds atk, an atacker racks the atributs that send during the communication and tlizes those atibtes fo further communication as 2 ser ‘Sucosive Response Ara nth auch, the atachr es ike alr usr and sens the request othe gateway or server sepeatly 50 thatthe servercan send muitpe responses for an stabs omminiation and the atacker ean eves her edt that have used during this communication ‘Colson tack ‘nts tack, en attacker can combine wo deen datasets and produce a completely new dase io pefoem the tack Spam Aaok Tn tis atack, an ater sends infarmation othe network alongwith malicious code o inject te Vins ato the new Redirection Ask In tis ack, an ae orwanks message othe other rote a execute an unexpected unk ‘iit and ak: thx Anack ‘When an adversary attack a network and gin fll ees fo the tage model, known asa Wie box aac bouttheatacker docs not possess many ideas about explicit knowlodge andean design an etack tho it is called ablekbox atc over confidential data. It can be further classified in user {forgery attack, sensor forgery attack, gateway forgery attack Sybil attack, replay attack, audio replay attack, changing distance aack, ariribute-trace antack, successive-response attack, collusion attack, spam attack, redirection attack, white and black-box attack. FIGURE 3 shows the classification and ‘TABLE 10 illustrates the description of forgery attacks in loT authentication An attacker can behave like a normal user if he/she gets or intends to get authenticated data from a process of authent- cation inthe loT network. Indifferent phase, the adversary ‘may use predietion to the different messages to gain access to the user's data or the network, which is known as user forgery attack. To protect the IoT systems from user forgery ‘attack Wa et al. 28] invented an. effective authentication protocol. On the other hand, sensor plays a major role in IoT authentication, as all the authentication messages pass through any ofthe sensors. Due to a lack of computation and storage capacity, IoT authentication protocols use simple and robust encryption and deeryption techniques, which make attackers to open the gate for sensor forging artack. In WSN, hhackers use malicious seripts to get access to the authentica- tion process data from the sensor and after modifying them pass to victims as the original message. In between, there is chance to grab the information from the authentication request if the message is not properly encrypted. To high- light, Wu etal. [28] describe how their protocol protcets 2 sensor forgery attack. Unlike sensor forgery, if the protocol has breached, antagonists also can forge the gateway node In this situation, adversary takes advantage over GWN, and then mitigates authentication requests, after that gets users and network information and finally morph existing. data, Wu et a. [28] proposes a protocol that protects the LoT net- work from gateway forgery attack by spreading important information in different messages. On the other hand, in the Sybil attack, & malicious node possesses multiple iden- tifications in order (0 establish communication in an ToT network, which could be achieved by disabling or forging legitimate nodes in the network, In this attack. a single noxie ‘or device can harm multiple devices from a different network ‘Suryani etal. [83] claimed that their protocol prevents Sybil «aitack during authentication using two-phase security protec- tion, FIGURE 9 gives a clear view of the Sybil attack. Alte natively, ina replay amack, an attacker intercepts and acquires the data send by the sender and send it to the destination as an original sender. However, timestamp and sequence number with the packet can be implemented to prevent the replay attack. Moreover, there is various information pass through the Io network and during authentication, the node transfers its user id and password to the other node or authentication server. Therefore, that information can be captured and used {to authenticate an intruder. In contrast to take advantage of a replay attack, attackers need to access the raw network data and that is possible either via network tap, ARP poisoning or chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:/a watts xzle7 cloudront.nei60982778Review_on_Securiy_of Internet... 12136ejo4r2021 Nandy al: Review on Secu of oT Authentication Mechanism Roviow_on_Security_of Intemel_of_Things pa IEEE Access: 9 Vietim Receiver Soft éontant Samet pay content Hacker FIGURE, Replay attack, ) syncs @ veins O)tomat nite FIGURE 9, Sybil attack via installing the malware inthe vietim’s computer. A replay attack is further ilustratcd in FIGURE 8. oP devices are heterogeneous in nature and dynamie in behavior. Moreover, IoT devices can be static and mobile. Therefore, the system ies to detect if the authentica- tion distance and access distance of the deviees fuetuates. Sometimes, adversaries try to inerease the success proba- bility of auacks by changing the distance between devices This phenomenon is known as changing distance attacks Chen et al. [84] introduces a fingerprint-based authentica- tion protocol to prevent changing distance attack. On the contrary, an amount of loT systems are required to tag with formalized attributes to authenticate the activities ofthe audi- tor. For example, Health Social Networks (HSN) use attribute tagging widely. Where the attribute-oriented authentication scheme empowers to generate an HSN attribute for every HSN user to protect from attribute tracking attack. ka 2012, Liang tal. [90] proposed attribute security in HSN. After that, Uddin ral [86 proposed tier-based health architecture in a patientcentric agent to monitor patient health. Com- prably, a user sends authentication requests to the network to panicipate. In return, the authentication server exchanges several other packets with the user to reply, acknowledge or response. Therefore, attackers take advantage of those packets by sending a successive packet so thatthe previous packet, which was sentby th original sender, will discard and the attacker can intrude ito the system. Lu eal. [87] claimed that thei privacy preservation protocol successfully prevents successive-response attack on ToV network, Nevertheles the collusion attack, the execution of operation can combine, manipulate and produce a completely new dataset, espe- cially files, to disguise the server, However, spoofing multiple packets from various uscr’s authentication information and create a set of new authentication packets can also count as. A collusion attack, Nevertheless, unnecessary and irrelevant ppackets send to the enormous number of users through the internet just to fulfill phishing or spreading malware. On the other hand, the main target of spam anacks is to introduce Viruses, worm, spyware, Trojan horse to various legitimate systems, It spread through email by some offensive link, website, or the web content as well as without proper sender mail id. Paavolainen et at, [88] converse about various risks con blockehain in ToT by spam atzack. Likewise, open redirect abuse is not much popular in loT but it can cause a problem ‘on security as it redirects to malicious content instead of the. actual one. However, detecting IP and protocol ereating spam. ‘can reduce the possibilities of redirection attacks. Likewise, intemet aitacks are classified into different cat- cegories. Among them, when an adversary attacks and gains full access and control to the target model are known a a white-box attack. In contrast, while performing a black-box attack, the hacker does not have any idea about explici knowledge but can design queries to achieve corresponding desite [89], ‘Additionally, eybereriminals attacking the 1oT networks “will be driven by the financial gain as the black market [15] for malware and the dark web continue to mature. During the authentication process, users, sensors and GWNs or servers, send data among themselves to authenticate, authorize for registration or login. During that period, an intruder can attack the network andif the protocol is soft enough to penetrate, he! she antfices message and uses as per his! her requirement Morphing user's data and intentionally passing wrong mes- ‘sages are common behavior for intruders. In spite of detecting the forgery attacks, prevention is very important. Therefore, researchers developed a protocol mechanism to protect the ToT network from various attacks. TABLE 11 describes most, ‘of the effective work by a few years to prevent a forgery attack in IoT authentication, E, GUESSING ATTACK JoT authentication server stores authentication information of users and different peripherals in loT network, such as device id, userid, device seret key, user password. Adversares try to get those credentials to access the system. If they have direct aceess to the server then they can extract passwords from the server, but if they cannot gt those physically, then attackers tr to guess the password to authenticate themselves asavalid user. This isknown as. guessing artack. Description of all possible guessing attacks are discussed in TABLE 12. guessing attacks can be done using a dictionary attack or brute force attack. Wu etal. [28] proposed an authentication scheme for multi gateway WSN. Adlonally to authorize in a network, the attacker tries a plethora of possibilities 18 ‘chrome-extensionlloemmndebldbolebtnladdacoctmadacmynits:la wants xzle7 cloudont.nel80%82776'Review_on_Securty_of Intemot_of.. 13136ejo4r2021 IEEE Access Roviow_on_Security_of Intemel_of_Things pa “.Nandy eal: Review on Secutity oft Authentication Mechanism TABLE 11. Forgery attack preventive IT authentication protocols mes ; 5 “ Poe Eq 4 ght, 43 ia. iy PP f PE bapa: soit ai rote #io)oa ag dpa dt od: PE PR PF tea’ af bag ae eS ee ee ie a a a eee vce he Ye Fee ee neapl iy teat ee wet ee a a a a ae eee eee tee Ne NNN frst sal Ng Ng No NN Ne NY new Nec Ns Ne Ne Ngo RNY TABLE 12. Desciption of dtferent types of guessing attack. ‘Guessing Attacks Description (Chosen Pinint Anas In this attack, te atcha choos random putes wo erypanalsis eon] and gt infannaten fom at, Bute Force ack In thi attach anatacker uses a land aor math Wo st no a rotated dataset Oine Guising In this attach an adversary user software o gues and ry credential in one mode Sexi Netwatking Atack ol infra, In his tach, an wersry tes io guess credentials by using information about somiman ineress and tor Consequently, in the chasen-plaintext attack (CPA) erypt- analysis process, adversary guesses plain text and encrypt with known possible encryption techniques to obtain the corresponding cipher text. Duan etal. [91] proposed a pol- iy privacy solution by two-layer cooperating method for protecting ToT. Additionally, devices need several ways to authenticate [oT peripherals in a network, such as a password, smart card or biometric. Among them, the password system is popular but vulnerable. Itcan easily be victimized by attacks like brute-force, where attackers use software 10 guess the password tobe authenticated. Random password and common password guessing arc most effective among all other pos- sibilities. Wang er al [81] discussed how an attacker eracks ToT device user account by trespassing SMS authentication code using a Brute-force attack. On the other hand, attackers ‘may perform eavesdropping on an authentication process or penetrate to the network to steal authentication code using a Brute-force attack. Similarly, atacker may perform caves dropping on an authentication process or penetrate to the network to teal valuable user information or files to use them against a legal user of his! her choosing. Therefore, if the user ericks the encryption process of the message, hel she can try an afflin-guessing attack on credentials. In an online password-guessing scenario, an attacker tries to guess a pass- ‘word by logging to the system. However, online password guessing is less powerful than offline password guessing “ FIGURE 10. Social engineering attack lfeyce [9] since the attacker hasa maximum limit of wies. Alterna- tively, offline guessing can be performed without logging into the actual system and there is no such limitation exists, In different circumstances, social networking is an attack vector that relies based on human interaction. On which, & perpetrator tries to get common and social information of & vietim to intercept him by guessing or predicting credentials. Baiting, Scareware, Pretexting, phishing, Spear phishing are ‘common social networking attacks in ToS [95}. Harwood [96] describes the way to defend internet attacks on the web and chrome-extensionsloemmndebidboiebtnladdacodfmadadmmts:/a watts xzle7 cloudront.nei60982778Review_on_Securiy_of Internet... 1436