Journal of Applied Security Research

ISSN: (Print) (Online) Journal homepage: https://www.tandfonline.com/loi/wasr20

A Comprehensive Review of the Internet of Things

Security

Maroua Ahmid & Okba Kazar

To cite this article: Maroua Ahmid & Okba Kazar (2023) A Comprehensive Review of the
Internet of Things Security, Journal of Applied Security Research, 18:3, 289-305, DOI:
10.1080/19361610.2021.1962677

To link to this article: https://doi.org/10.1080/19361610.2021.1962677

Published online: 28 Aug 2021.

Submit your article to this journal

Article views: 727

View related articles

View Crossmark data

Citing articles: 4 View citing articles

Full Terms & Conditions of access and use can be found at

https://www.tandfonline.com/action/journalInformation?journalCode=wasr20
JOURNAL OF APPLIED SECURITY RESEARCH
2023, VOL. 18, NO. 3, 289–305
https://doi.org/10.1080/19361610.2021.1962677

A Comprehensive Review of the Internet of

Things Security
Maroua Ahmid and Okba Kazar
LINFI Laboratory, Computer Sciences Department, Mohamed Khider University, Biskra, Algeria

ABSTRACT KEYWORDS
Currently, the Internet of Things (IoT) is the most contentious Internet of Things; IoT
research subject. However, IoT still suffers from many security architecture; attacks;
problems, and the security concerns are overgrowing with security challenges; security
requirements
substantial IoT deployment. IoT will remain in danger unless
understanding and addressing the security challenges. For this
reason, this paper implements a full view of the IoT architec-
ture and describes the characteristics and functionality of each
layer. For a deeper understanding of IoT security challenges,
we focus on identifying security requirements, and vulnerabil-
ities in each IoT layer. Also, we discuss and classified the dif-
ferent security attacks in IoT.

Introduction
Interest in the Internet of Things became increasingly; it invaded all fields
and familiar to some applications, including smart home, healthcare, smart
grids, smart transportation, etc. IoT is a combination of embedded things
connected to the Internet for data exchange, collection, and analysis.
Internet-connected devices are increasing day by day, with their number
reached 7 billion devices in 2018. According to the 2018 report of the IoT
Analytics website, the number is expected to reach 21.5 billion by 2025
(Lueth, 2018).
With so many IoT devices and IoT companies failing to implement a
secure system, the security risks are getting worse and security experts
warn of the potential danger of vast numbers of unsafe devices connected
to the Internet. In October 2016, users could not access Twitter, Netflix,
and SoundCloud due to the Distributed Denial of Service (DDoS) attack
using an IoT network. So, these attacks not only highlight security vulner-
abilities in IoT devices but also opens a meaningful conversation about IoT
security and volatility (Hilton, 2016). Additionally, the Internet of things
devices not only collects personal data, such as usernames, e-mail, and

CONTACT Maroua Ahmid maroua.ahmid@univ-biskra.dz LINFI Laboratory, Computer Sciences

Department, Mohamed Khider University, Biskra, Algeria.
ß 2021 Taylor & Francis Group, LLC
290 M. AHMID AND O. KAZAR

Figure 1. Internet of Things architecture.

phone numbers, but it can also monitor user behavior, this introduces a
whole new degree of online privacy concerns for users. To this day, secur-
ity and privacy remain vital issues for IoT devices.

Internet of Things architecture

The IoT aims to connect various things through the Internet and integrat-
ing heterogeneous systems and devices. Each IoT layer is characterized by
its functions, and materials, which made experts different in categorizing
this architecture into three layers are the application layer, the network
layer, and the perception layer or four layers (Ahmid et al., 2015) by add-
ing the middleware layer. Where the design of the IoT architecture must
take into consideration the decentralization, scalability, and interoperability
between heterogeneous devices, where devices may move or need to inter-
act in real-time with their environment. Consequently, dividing the IoT
architecture into four layers is an excellent way to achieve interoperability
between heterogeneous devices in many environments. Figure 1 shows the
different IoT architecture layers and components.

Perception layer
The perception layer or device layer or also named the sensor layer. It con-
tains a big collection of physical objects, monitors, embedded sensors, and
actuators, etc. It includes two parts:

Perception node
The perception node can be a motor, actuator, and sensors, etc. This part
detects, collects, and controlled data; this data can be heart rate, humidity,
movement, and air chemical changes, etc. The sensors sense the environ-
ment state, and the actuator changes it if it is necessary (Atzori
et al., 2017).
 JOURNAL OF APPLIED SECURITY RESEARCH 291

Perception network
The perception network is responsible for linking things to the network
layer and for transmitting data and receives control instructions to/from
the network layer (Bera et al., 2017). For this, gateways and switches oper-
ate as a medium connecting numerous devices for data aggregation and
transferring to/from other IoT devices.

Network layer
The goal of the network layer is to transfer information between perception
and middleware layers. Also, connect all IoT devices and allow them to
share the data between them, make initial classification and processing of
data, the routing, logical addresses to physical addresses conversion, and
packets fragmentation. Information transmission processes are based on
various network technologies, such as the Internet, communication proto-
cols, mobile communication network, wireless network. Network layer net-
works can be public, private, or hybrid models depending on domain
applications.

Middleware layer
The main objectives of the middleware layer are the integration of services
and application operations, to provide a cost-effective platform as well as
service management, communication, data exchange, and storage manage-
ment (Das et al., 2018). Promote service discovery to find things that can
provide the appropriate services and information. Also, determine the most
appropriate service to satisfy the request. Identify trust mechanisms that
can carefully extract, analyze, and use data from services and supporting
interaction between services to find a trustworthy framework. Cloud is a
good example that provides hardware, software platforms, protocols, appli-
cations, and it stores and analyzes IoT data.

Application layer
Mainly, the application layer or business layer managing the visible applica-
tions to the user by using data created and treated in the previous layers,
providing services, and determines protocols for information passing
(Ahmid & Kazar, 2021). Until now, no general standard for designing and
constructing IoT applications. It is currently structured according to the
services it provides; numerous IoT applications are implemented in differ-
ent domains, such as smart agriculture, smart cities, smart industry, etc.
(Bera et al., 2017).
292 M. AHMID AND O. KAZAR

Figure 2. Internet of Things security features.

Security features
The Internet of Things is still facing multiple security problems because of
the IoT heterogeneous components and limited computation and energy
capabilities of IoT devices, which add more concerns. It is necessary to
apply the six IoT security features showing in Figure 2, during the IoT
devices development and operation period to obtain a secure IoT system.

Confidentiality
Data confidentiality implies that the data is only presented to approved
parties (Ahmid et al., 2015). It is essential to ensure data protection, control
access to it, and allow only users who have permission. Also, ensure that
devices do not share data with other neighboring devices, whether they are
services, a person, or devices, etc. (Hui et al., 2020). Currently, exist many
security mechanisms to provide data confidentiality, such as two-step verifi-
cation and data encryption. However, they require high computational abil-
ity, so the sensor must have an appropriate encryption mechanism for it
and correspond to its computational and energy capabilities to ensure data
confidentiality. In addition, an IoT service that can access and manage data
must be defined (Lu & Da Xu, 2019).

Integrity
The different IoT devices exchange large amounts of data between them
and between cloud computing. For this reason, it is important to guarantee
 JOURNAL OF APPLIED SECURITY RESEARCH 293

the data integrity, verify that it comes from the correct sender. Also, mak-
ing sure it did not change at the transfer process because of the intentional
or unintended interference from attackers, users, or snoopers. In traditional
systems, we can enforce integration by supporting the security of node-to-
node connections and managing data traffic using protocols, firewalls, etc.
However, in the Internet of Things structure, these methods are not suffi-
cient to guarantee security at the end-points due to the distinctive charac-
teristics of IoT structure (Ahmid et al., 2015).

Authentication
Authentication is a process allowing the IoT things to secure data and limit
it to only those with the correct permission. Every IoT device must have
the ability to authenticate other devices easily. However, authentication
procedures are very difficult due to the complex structure of IoT and the
different IoT elements of devices, clients, services, etc. Also, lack of storage
space, computational power, energy, and a lack of a user interface con-
straints the IoT devices. Another point must support the mutual authenti-
cation mechanism for different IoT entities because the devices in each
connection for the first time need to authenticate other new devices that
did not authenticate before (Siboni et al., 2019).

Lightweight solutions
The Internet of Things system is implemented in many sensitive areas that
need to protect its information. For this reason, it must take into consider-
ation IoT devices limitations in the phase of designing and implementing
protocols; they must be suitable for IoT devices. Therefore, we need to
implement appropriate lightweight solutions to meet the high data security
requirement and make a balance between power consumption, security,
and system performance (Hui et al., 2020).

Availability
Availability is the guarantee that the system will run for users in all operat-
ing conditions and is a key IoT feature, especially in vital areas. For
example, in health monitoring systems, the data collection of patient health
must be in real-time, it is critical, and any disruption in availability affects
the lives of patients. To ensure availability in the IoT system requires the
integration of multiple factors altogether to ensure its availability in the
Internet of Things, such as implementing energy-efficient protocols, inte-
grating energy harvesting, light, and efficient encryption mechanism, etc.
(Sultana & Wahid, 2019). Ensuring availability in the IoT environment is
294 M. AHMID AND O. KAZAR

Figure 3. Internet of Things security features in each layer.

more complicated than the old Internet due to the IoT’s complicated, het-
erogeneous nature, make it exposed to energy depletion attacks.

Non-repudiation
Non-repudiation is a guarantee of entity identity that generates services
and sends data, instructions, and orders, and non-denial this by one of the
entities involved. Non-repudiation is especially critical for a sensitive sys-
tem. As an example, in the healthcare field, the medication modification
system must be amenable to modification only to the patient-doctor.
Usually, signatures are used to accomplish Non-repudiation because it
determines the party that has created this service or message to track
unauthorized criminal activities. Nevertheless, it is necessary to impose
non-repudiation in IoT applications (Sultana & Wahid, 2019).

Security challenges in IoT architecture

New security concerns have arisen due to the widespread presence of the
Internet of Things everywhere, which has generated new, generates access
points. Nearly 70% of IoT devices are exposed to attacks and violations,
according to HP company reports (Rawlinson, 2014). Also, all IoT layers
suffer from security problems and threats. In the following, we present
security issues in detail and their severity in every layer, as shown in
Figure 3.

Perception layer
Most devices in this layer use wireless technologies. Thus it can be pene-
trated by disturbing waves (Sagirlar et al., 2018) or intercept the sensor
waves easily. Generality, devices operate outside, which makes them more
vulnerable to physical attacks, theft, tampering with hardware components,
 JOURNAL OF APPLIED SECURITY RESEARCH 295

etc. Attackers can also control the perception layer network by planting
another device that sends malicious data. An attacker can compromise the
confidentiality of information if he can steal the object from the Internet of
Things networks and control it, or even monitor all data issued from him
and the orders sent to him. In addition to the industrial and technical
nature of devices, which has limited storage capacity, making it vulnerable
to numerous types of threats (Ahmid et al., in press). IoT products are
designed with usability and connection in mind. They may be secure when
purchased, but they grow susceptible with time. Responsible manufacturers
should go above and above with frequent patches and upgrades to com-
pletely protect the embedded software or firmware integrated into
their products.

Network layer
Network security is a challenging problem in the network layer due to mul-
tiple causes, including the heterogeneity nodes of the network, data
exchange, and remote access techniques. Also, devices exposed to various
attacks that storm privacy and confidentiality of data in the network and
eavesdrop and monitor all communications and analyze traffic information
(Ali et al., 2019). Also, doing identity theft by using and exploiting every-
thing connected to get user information and use it for the next attacks (Lu
& Da Xu, 2019). All this made it challenging to use the current network
protocols as they are (Mendez Mena et al., 2018). Cryptography is a power-
ful tool for dealing with this problem. In the case of illegal access or theft,
data encryption inhibits data visibility. Data encryption and decryption
ensure that data privacy and confidentiality are maintained, while the dan-
gers of data theft are reduced.

Middleware layer
The IoT uses a considerable quantity of heterogeneous devices, technolo-
gies, and many types of middleware to impose hardware integration
(Bouaziz & Rachedi, 2016). Because of this diversity, and complex IoT
architecture, this layer faces numerous security difficulties. It becomes
more difficult in cloud computing, such as authenticating users, security
issues, privacy protection, etc. Additionally, cloud service availability. Also,
users need to know who controls their information and where they are
stored. Also, they want to ensure that cloud service providers cannot use or
access their information illegally. Nowadays, cloud security has become a
research point.
296 M. AHMID AND O. KAZAR

Application layer
IoT applications have various authentication methods, which makes com-
bining them exceptionally difficult as does not exist global policies and
standards for the Internet of Things that manage communication and
improve uses (Bera et al., 2017). It can significantly impact the accessibility
of the service due to the enormous quantity of interconnected devices and
the amount of shared information; this will lead to significant spending on
applications that process and analyze this data. As users need mechanisms
to control the information that they must disclose, guarantees about their
privacy and to know how, where, and when the information will be used
and who is the manager of these applications. Another issue is poor pass-
word protection, which allows hackers to easily guess bespoke passwords
by utilizing factory-preset default usernames and passwords. IoT devices
should have flexible, secure default settings, such as password expiration,
password complexity, and a one-time password that requires users to
change the default password.
While the majority of the risks associated with IoT security concerns
are still on the manufacturing side, users and business processes might
pose bigger hazards. The user’s ignorance and lack of understanding of
IoT functionality are one of the most serious IoT security threats and
problems. Most of the time, tricking a person is the simplest approach
to get access to a network. Social engineering attacks are a form of IoT
security issue that is frequently neglected. Using the IoT, a hacker
attacks a human rather than a device. As a result, everyone is put in
danger. Users must be familiar with the functions and methods of usage
of their IoT devices. Also, they must carefully read the contracts before
paying for the IoT devices to understand what information is gathered,
where it is stored, and who is permitted to use it, etc.
Businesses may reap significant benefits from the Internet of Things.
However, technology has not yet matured and is not entirely secure.
Unfortunately, many companies continue to put off establishing an IoT
cybersecurity strategy and are unaware of IoT security issues until it is too
late. Many IoT security concerns remain for the whole IoT ecosystem,
from manufacturers to users.

Attacks on IoT systems

The IoT security problem increases day by day, with the increase of attacks
on the embedded device. In the section, we explain the most important
types of attacks and classify them into four categories, as showing in
Figure 4.
 JOURNAL OF APPLIED SECURITY RESEARCH 297

Micro Probing

Node Tampering

Physical Damage
Physical
Social Engineering
Aack
Reverse Engineering

Node Jamming

Malicious Code Aack

Malicious Node Aack

Traffic Analysis Aack

RFID Spoofing

RFID Cloning
Network
Sinkhole Aack
Aack
Denial of Service

Sybil Aack

IoT Replicaon Aack

Aacks
Logic Bombs

Virus and Worms

Soware
Trojan Social Horse Electromagnec Analysis
Aack
Malicious Scripts Power Analysis

Phishing Aack Timing Analysis

Fault Analysis
Side Channel Aack
Ciphertext Only Aack

Encrypon Man in the Middle

Known Plaintext Aack
Aack Aack

Chosen Plaintext Aack

Cryptanalysis Aacks
Chosen Key Aack

Figure 4. Hierarchical diagram of IoT security attacks.

Physical attacks
The physical attack focuses on equipment devices and where they can des-
troy equipment parts totally or partially. The attacker focuses on processing
298 M. AHMID AND O. KAZAR

electrical components, changing measurements, as well as electronic and

mechanical properties of the device parts and cause significant material
losses. However, fortunately, it is relatively difficult to implement because
they require expensive materials (Pan et al., 2017). The physical-digital
attack is based on errors in digital and physical elements of the manufac-
tured part. It exploits the relationship inter the physical and digital parts to
launch attacks to steal or modify technical data, etc. (Li et al., 2019).

Micro probing
The micro probing attack focuses on the internal CPU data bus; the
attacker chooses two to four probes to observe data signals, which are com-
bined as a whole data-trace later. This attack violations the data confidenti-
ality by tapping the chip signals, and it is violations the integrity by
extraction of secret keys and injection of memory contents by wrong sig-
nals and analyzing the result.

Node tampering
The attacker does physical access to the node, for controlling, replacing it
entirely or part of it, destroying it partly or entirely. Or even checking the
node electronically to obtain sensitive data and change it like cryptographic
keys and routing tables, etc. Alternatively, just providing wrong informa-
tion to the legal users by changing the node’s memory content through
cables attached to the memory circuit board.

Physical damage
Generally, the IoT devices are distributed in an external environment,
which makes them vulnerable to various physical attacks. Its goal is to
cause physical damage to IoT network devices. It directly targets the build-
ing security that hosts the IoT system to harm IoT services and their avail-
ability. It focuses on the energy sectors. Nevertheless, the vulnerabilities
stretch across petrochemicals, telecommunications, mining, manufacturing,
oil, and gas.

Social engineering
Social engineering is the art of psychologically manipulating users. It is a
kind of confidence trick for fraud or gathering confidential information to
use it for unauthorized access to IoT systems or to implement specific
measures that will serve its aims. This attack is classified in this category
because the attacker needs one or more physical interactions with users.
 JOURNAL OF APPLIED SECURITY RESEARCH 299

Reverse engineering
Reverse engineering focuses on dismantling things, study, and analysis of
its system to deduce its internal functioning. Also, to enhance
product (hardware and software) features or fix specific bugs, and to give
better-performing or superior products. Reverse engineering constitutes a
copyright violation, but in some cases, allow the licensed use of reverse
engineering. The attacker applies this attack in many fields of engineering,
including industry, mechanics, software engineering, etc.

Node jamming
It is the most common attack in wireless sensor networks where attackers
aim to either temporarily suspend or block connection to the nodes, stop
the service to IoT, and exhaust resources. Jamming can be done continu-
ously in an area or temporarily with random time intervals. The jamming
source may be robust enough to disable the entire network or less robust
and can only disable a small portion of the network. It can disturb radio
frequency signals by sending many noisy signals, which in turn leads to
radio frequency interference, deny nodes connection, and disrupt the net-
work. As a result, deny IoT service.

Malicious code attack

In a malicious code attack, the attacker injects malicious code into a
node, such as spyware, worms, viruses, and trojans, etc. for control of
the node, then access to the Internet of Things system and ultimately
control it. This attack has a severe effect on the IoT network and
may block the entire network, modifying data, depriving end-users of
services, etc.

Malicious node attack

Malicious node attack tends to control the communication channel, the
attacker deploying a new malicious node between two or more sending and
receiving nodes, and this malicious node is a replica of another node. After
that, add the other malicious node. Then these two nodes work together to
execute the attack and prevent communication to the victim node, and
thus a collision occurs. Because of this, the victim node cannot receive or
send any package. Consequently, the monitoring contract declares that the
victim node is behaving maliciously. Thus, controlling all data flow to and
from the nodes; feeds the system with false data and prevents the passage
of real data.
300 M. AHMID AND O. KAZAR

Network attacks
This attack focuses on gathering and modifying relevant data, stealing con-
fidential information, sabotaging the Internet of things network
(Chaabouni et al., 2019), and obtaining unauthorized access to the IoT sys-
tem. The attacker can do multiple pointless and undesirable traffic to deny
or block the IoT network. Also, they can disable things or the IoT system
by exploit imperfections and run their malware in the IoT system.

Traffic analysis attack

The attacker tries to obtain data and information about the network con-
nection to extract confidential information networking topology data by
analyzing traffic patterns, nodes’ intentions, and actions. For example, in
tactical communications, silence refers to infiltration or attack preparation.
Unlike the beginning of an attack, it coincides with a sudden increase in
traffic. This attack is accomplishing by using scanning of port applications,
exploration processes, and sniffing of applications packets, etc.

RFID cloning and spoofing

In Radio Frequency Identification (RFID) cloning attack, the attacker
attacks the signal to record and read the data transmitted from the RFID
tag. Then, send data contains the ID of the original tag; it pretends to be
the original source, which makes it look right. Thus, the attacker can con-
trol the IoT system. This attack provides false information that seems to be
right, and the system accepts it.
The attacker copies the data from a preexisting RFID tag and places it
into a new RFID tag, to make a copy of the first RFID tag, without copying
the original ID of the victim’s RFID tag. Unlike the event in an RFID
spoofing attack, it is possible to distinguish the compromised from the ori-
ginal, by comparing the identifier to RFID tags because this method does
not duplicate the original RFID identifier. An attacker could enter wrong
data or control data passing through the victim’s cloned node.

Sinkhole attack
A sinkhole attack damages the confidentiality and privacy of the data; the
attacker breaches a node inside the network and performs the attack using
this node. To redirect network nodes packets through the malicious node,
it announces a useful route to attract other nodes. For drop all packets
instead of forwarding them to the correct destination and prevent service
to the network and denies the network resource.
 JOURNAL OF APPLIED SECURITY RESEARCH 301

Denial of service
A denial of service attack (DoS) targets the availability of network services
as this attack consumes network resources and reduces its ability to provide
a service. Consequently, the network cannot perform its expected functions
in a timely and correct manner. The attacker floods the IoT network with
massive traffic data, thus preventing IoT devices from accessing network
services, exhausting available resources, blocking incoming and outgoing
packets, and preventing authorized users from using the services. To des-
troy or only disrupting the IoT network.

Sybil attack
In this attack, one malicious node impersonates the identities of multiple
nodes illegally in the same network. It confuses the network due to false
information acceptance by the neighboring nodes; it is directing its paths
through the malicious node. This attack reduces the effectiveness of fault
tolerance schemes. It is a huge threat to geographic routing protocols, top-
ology maintenance, data collection, misbehavior detection, and voting-
based algorithms where one node can vote multiple times.

Replication attack
The attacker adds a new node to the network by copying the identity of
the other node, then placing it in a different part of the network. In this
attack, the attacker gives the same identity to many physical nodes, unlike
the Sybil attack. The attacker launches this attack for collecting most of the
information traffic, corrupt the received packets, direct them to the wrong
place, disrupt the network, or only reduce its performance.

Software attacks
Software attacks do a statistical analysis of the device’s operational charac-
teristics, then exploit errors, bugs, IoT communication interfaces, and dif-
ferent system goals in the IoT framework. When the system is under
attack, the attackers first extract confidential data. Then, attempt to make
the system out of service (Ahmid et al., 2020). It is considering the most
widespread attack because it is easy to implement.

Logic bombs
A Logical Bomb is a malicious program that has been pre-programmed to
cause damage when meeting certain conditions, date, time, or the user
writes a specific command. It remains inactive until that moment and can
remain idle for years. Logical bombs are often used with viruses, worms,
302 M. AHMID AND O. KAZAR

and Trojans to do the maximum damage before being noticed. When the
time comes, a logical bomb activates the harmful code. It causes damage to
the IoT devices and systems; it can also change values in the database or
completely sabotage it, causing havoc in the IoT system. Logical bombs can
be very destructive if used in electronic wars.

Virus, worms, and trojan social horse

The damages of this attack deny system services, changing, or obtaining
confidential data, obtaining unauthorized access to the system, also wasting
system resources. On the other hand, the worm can replicate itself without
any human action because the execution of its payloads does not require a
host. Worms are programmed to spread themselves and carry out cata-
strophic loads without any user intervention. Moreover, the Trojans dis-
guise themselves before installation by emulating the original attributes of a
legal program to perform an illegal operation. The Trojan attack remains
idle until the attacker activates it.

Malicious scripts
Most IoT devices are connected to the Internet directly or through gate-
ways. The attack here tends to disconnect these devices from the Internet
by injecting a malicious script into one of the devices. The attacker can
access the system, then stop access to the necessary applications and serv-
ices, shutting down the entire system or just stealing data.

Phishing attack
Cybercrime attacks often start with phishing. The attacker uses a special
program that is installed or activated by users without their knowledge
because it appears to come from a trusted source. The goal of this attack is
to obtain confidential data, such as login data and authentication details, or
to install malware on the IoT devices, to be able to enter the IoT system.

Encryption attacks
Encryption attacks aim to destroy the encryption method where the
attacker can retrieve the keys used to encrypt and decrypt the data by using
different techniques including signal interception, electromagnetic analysis,
cracking the encryption scheme system, etc. (Grammatikis et al., 2019).

Side-channel attack
The side-channel attack aims to break down the data protection and
encryption mechanisms to retrieve the encryption key and to decode the
 JOURNAL OF APPLIED SECURITY RESEARCH 303

data; for this, it analyzes the side channel information emitted from the
IoT devices. This information is neither plain text nor coded text but con-
tains information about the fault frequency, the power and time required
to operate, etc. The attacker uses this information to detect the encryption
key. Exist various types of this attack, such as electromagnetic analysis, tim-
ing analysis attacks, and error analysis attacks, etc.

Man in the middle attack

The attacker aims to access confidential data, violating privacy by monitor-
ing IoT node’s communication, and placing himself in the line of commu-
nication. When the nodes exchange the key, the attacker intercepts the
connection and obtains the key. Thus, the attacker can encrypt and decrypt
all data coming from these nodes by using shared keys, and the right nodes
will think they are talking to each other.

Cryptanalysis attacks
The attacker aims to find the encryption key by cracking the
encryption scheme. Where the attacker obtains the encryption key by using
either plain text or encrypted text, this depending on the methodology
used. Exist several types of this attack, including the ciphertext only attack,
chosen plain text attack, chosen key attack, and known plain text
attack, etc.

Conclusions
In this paper, we presented a comprehensive analysis of IoT security; we
started by explaining the IoT architecture and its different layers; for
more understanding of the IoT security challenges, we discussed the IoT
security requirements and features. Also, we analyzed the security
requirements in all IoT architecture layers. Further, we discussed and
classified different attacks and determining the sensitivity and damage
level in every IoT layer. Exist numerous security difficulties and needs
that should be addressed. Soon, the Internet of Things will improve our
daily life. We can see everything changed through IoT only if security
concerns are addressed appropriately and find solutions to secur-
ity problems.

ORCID
Maroua Ahmid http://orcid.org/0000-0001-7578-2025
Okba Kazar http://orcid.org/0000-0003-0522-4954
304 M. AHMID AND O. KAZAR

References
Ahmid, M., Kazar, O. (2021). A cloud-IoT health monitoring system based on smart agent
for cardiovascular patients. In Proceedings of International Conference on Information
Technology (pp. 1–6). IEEE.
Ahmid, M., Kazar, O., & Kahloul, L. (in press). A secure and intelligent real-time health
monitoring system for remote cardiac patients. International Journal of Medical
Engineering and Informatics, 1(1), 1. https://doi.org/10.1504/IJMEI.2020.10033833
Ahmid, M., Kazar, O., Benharzallah, S., Kahloul, L., & Merizig, A. (2020). An intelligent
and secure health monitoring system based on agent [Paper presentation]. In Proceedings
of International Conference on Informatics, IoT, and Enabling Technologies (pp. 291–296).
IEEE. https://doi.org/10.1109/ICIoT48696.2020.9089602
Ahmid, M., Kazar, O., Hamida, S., Kahloul, L., Ghodous, P. (2015, December). Internet of
Things new challenges in distributed artificial intelligence. In 2015 International
Conference on Future Computational Technologies (ICFCT’2015) (pp. 158–162).
Ahmid, M., Kazar, O., Hamida, S., Laid, K., & Ghoudous, P. (2015). Internet of Things
new challenges in distributed artificial intelligence. International Journal of Computer
Science and Electronics Engineering, 3(5), 375–378.
Ali, F., Khan, M. S., & Akhtar, H. (2019). Security review in Internet of Things. Internet of
Things and Cloud Computing, 7(3), 80–87. https://doi.org/10.11648/j.iotcc.20190703.14
Atzori, L., Iera, A., & Morabito, G. (2017). Understanding the Internet of Things:
Definition, potentials, and societal role of a fast evolving paradigm. Ad Hoc Networks,
56, 122–140. https://doi.org/10.1016/j.adhoc.2016.12.004
Bera, S., Misra, S., & Vasilakos, A. V. (2017). Software-defined networking for Internet of
Things: A survey. IEEE Internet of Things Journal, 4(6), 1994–2008. https://doi.org/10.
1109/JIOT.2017.2746186
Bouaziz, M., & Rachedi, A. (2016). A survey on mobility management protocols in wireless
sensor networks based on 6LoWPAN technology. Computer Communications, 74, 3–15.
https://doi.org/10.1016/j.comcom.2014.10.004
Chaabouni, N., Mosbah, M., Zemmari, A., Sauvignac, C., & Faruki, P. (2019). Network
intrusion detection for IoT security based on learning techniques. IEEE Communications
Surveys & Tutorials, 21(3), 2671–2701. https://doi.org/10.1109/COMST.2019.2896380
Das, A. K., Zeadally, S., & He, D. (2018). Taxonomy and analysis of security protocols for
Internet of Things. Future Generation Computer Systems, 89, 110–125. https://doi.org/10.
1016/j.future.2018.06.027
Grammatikis, P. I. R., Sarigiannidis, P. G., & Moscholios, I. D. (2019). Securing the
Internet of Things: Challenges, threats and solutions. Internet of Things, 5, 41–70.
https://doi.org/10.1016/j.iot.2018.11.003
Hilton, S. (2016). Dyn analysis summary of Friday October 21 Attack. Dyn. https://dyn.
com/blog/dyn-analysis-summary-of-friday-october-21-attack/
Hui, H., Zhou, C., Xu, S., & Lin, F. (2020). A novel secure data transmission scheme in
industrial Internet of Things. China Communications, 17(1), 73–88. https://doi.org/10.
23919/JCC.2020.01.006
Li, F., Shi, Y., Shinde, A., Ye, J., & Song, W. Z. (2019). Enhanced cyber-physical security in
Internet of Things through energy auditing. IEEE Internet of Things Journal, 6(3),
5224–5231. https://doi.org/10.1109/JIOT.2019.2899492
Lu, Y., & Da Xu, L. (2019). Internet of Things (IoT) cybersecurity research: A review of
current research topics. IEEE Internet of Things Journal, 6(2), 2103–2115. https://doi.org/
10.1109/JIOT.2018.2869847
 JOURNAL OF APPLIED SECURITY RESEARCH 305

Lueth, K. L. (2018). State of the IoT 2018: Number of IoT devices now at 7B – Market
accelerating. IoT-Analytics. https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-
number-of-iot-devices-now-7b/
Mendez Mena, D., Papapanagiotou, I., & Yang, B. (2018). Internet of Things: Survey on
security. Information Security Journal: A Global Perspective, 27(3), 162–182. https://doi.
org/10.1080/19393555.2018.1458258
Pan, Y., White, J., Schmidt, D. C., Elhabashy, A., Sturm, L., Camelio, J., & Williams, C.
(2017). Taxonomies for reasoning about cyber-physical attacks in IoT-based manufactur-
ing systems. International Journal of Interactive Multimedia and Artificial Intelligence,
4(3), 45–54. https://doi.org/10.9781/ijimai.2017.437
Rawlinson, K. (2014). HP study reveals 70 percent of Internet of Things devices vulnerable
to attack. HP. https://www8.hp.com/us/en/hp-news/press-release.html?id=1744676
Sagirlar, G., Carminati, B., & Ferrari, E. (2018). Decentralizing privacy enforcement for
Internet of Things smart objects. Computer Networks, 143, 112–125. https://doi.org/10.
1016/j.comnet.2018.07.019
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai,
A., & Elovici, Y. (2019). Security testbed for Internet-of-Things devices. IEEE
Transactions on Reliability, 68(1), 23–44. https://doi.org/10.1109/TR.2018.2864536
Sultana, T., & Wahid, K. A. (2019). Choice of application layer protocols for next gener-
ation video surveillance using Internet of video things. IEEE Access, 7, 41607–41624.
https://doi.org/10.1109/ACCESS.2019.2907525