شناسایی مؤلفه‌های امنیت سایبری اینترنت اشیاء

داودی, سید محمد رضا; نعمتی, عبدالله; صباغی, طاهره

doi:10.22034/jmsmo.2025.220930

شناسایی مؤلفه‌های امنیت سایبری اینترنت اشیاء

نوع مقاله : مقاله مروری

نویسندگان

سید محمد رضا داودی ¹

عبدالله نعمتی ²

طاهره صباغی ²

¹ دانشیار، دانشکده مدیریت، واحد دهاقان، دانشگاه آزاد اسلامی، دهاقان، ایران

² دانشجوی دکتری، دانشکده مدیریت، واحد دهاقان، دانشگاه آزاد اسلامی، دهاقان، ایران

10.22034/jmsmo.2025.220930

چکیده

هدف از این تحقیق، شناساسی مؤلفه‌های امنیت سایبری اینترنت اشیاء و احراز هویت متقابل می‌باشد. در این مقاله، با توجه به بکر و خاص بودن موضوع و گستردگی و غنی بودن تحقیق و پژوهش در این زمینه و سهولت دسترسی به منابع و از سوی دیگر مطالعه و جمع بندی تمامی مقاله‌های مرتبط از روش فراترکیب استفاده شده است. فراترکیب روشی است که با گام‌های مشخص، داده‌های نتایج حاصل از سایر مطالعات را برای پاسخگویی به هدف پژوهشگر ترکیب نموده و نتایج جدیدی به دست می‌دهد. با استفاده از الگوی سندلوسکی و بارسو، و کلید وا‌ژه‌های امنیت اینترنت اشیاء، حریم خصوصی، امنیت شبکه و احراز هویت متقابل، حدود 65 مقاله خارجی و داخلی علمی پژوهشی چاپ شده از سال 2014 تا 2023 و مطالب جمع آوری شده از بانک‌های اطلاعاتی خارجی و مقالات فارسی چاپ شده در مجلات و نشریه‌های علمی و پژوهشی داخل کشور از سال 1394 تا 1401 یافت شد که تعداد مقاله خارجی 47 و مقاله داخلی 18 عنوان بود. تعداد 40 مقاله پس از بررسی و پالایش جهت استخراج مطالب مورد نیاز مقاله انتخاب شد که تعداد 34 عنوان مقاله خارجی و تعداد 6 عنوان مقاله فارسی انتخاب شد. از جمله مؤلفه‌های کنترل تهدید، کنترل دسترسی، کنترل فنی، حفاظت فایروال، امنیت API ، دروازه های امنیتی، احراز هویت و توکن‌ها شناسایی شد.

کلیدواژه‌ها

امنیت اینترنت اشیاء

حریم خصوصی

امنیت شبکه

احراز هویت متقابل

موضوعات

سایر مباحث مرتبط با مدیریت و سازمان

عنوان مقاله English

Identification of Cyber Security Components of Internet of Things

نویسندگان English

Sayyed Mohammadreza Davoodi ¹

Abdollah Nemati ²

Tahereh Sabbaghi ²

¹ Associate Professor, Faculty of Management, Dehaqan Branch, Islamic Azad University, Dehaqan, Iran

² PhD Student, Faculty of Management, Dehaqan Branch, Islamic Azad University, Dehaqan, Iran

چکیده English

This research aims to identify the components of cybersecurity of the Internet of Things and mutual authentication. In this paper, considering the unique and specific nature of the subject, the breadth and richness of research in this field, the ease of access to resources, and the study and summary of all related articles, the metasynthesis method has been used. Metasynthesis is a method that combines data from other studies with specific steps to meet the researcher's goal and yields new results. Using the Sandelowski and Barso model, and the keywords of Internet of Things security, privacy, network security, and mutual authentication, about 65 foreign and domestic scientific research articles published from 2014 to 2023 and materials collected from foreign databases and Persian articles published in scientific and research journals and publications in the country from 2015 to 2022 were found, of which the number of foreign articles was 47 and the number of domestic articles was 18. After reviewing and filtering, 40 articles were selected to extract the required content of the article, of which 34 were foreign articles and 6 Persian articles were selected. Among the components identified were threat control, access control, technical control, firewall protection, API security, security gateways, authentication, and tokens.

کلیدواژه‌ها English

Internet of Things Security

Privacy

Network Security

Mutual Authentication

Abbasi, M., Plaza-Hernandez, M., Prieto, J., & Corchado, J. M. (2022). Security in the Internet of Things Application Layer: Requirements. Threats, and Solutions. IEEE Access(10), 97197–97216.

Agrawal, S., Das, M. L., & Lopez, J. (2019). Detection of Node Capture Attack in Wireless Sensor Networks. IEEE Syst. J.(13), 238–247.

Alaba, F. A., Othman, M., Hashem, I. A., & Alotaibi, F. (2017). Internet of Things security: A survey. J. Netw. Comput. Appl.(88), 10–28.

Alamr, A. A., Kausar, F., Kim, J., & Seo, C. (2018). A secure ECC-based RFID mutual authentication protocol for internet of things. The Journal of Supercomputing, 74, 4281-4294.

Alharbi, I. A., Almalki, A. J., Alyami, M., Zou, C., & Solihin, Y. (2022). Profiling Attack on WiFi-based IoT Devices using an Eavesdropping of an Encrypted Data Frames. Adv. Sci. Technol. Eng. Syst. J.(7), 49–57.

An, G. H., & Cho, T. H. (2022). Improving Sinkhole Attack Detection Rate through Knowledge-Based Specification Rule for a Sinkhole Attack Intrusion Detection Technique of IoT. Int. J. Comput. Netw. Appl.(9), 169.

Arkian, H. (2015). Security and Privacy in the Internet of Things. Bi-quarterly scientific-promotional journal, Herald of Security in the Space of Information Production and Exchange (AFTA), 4. [In Persian]

Biplob, R. (2014). Scalable RFID security framework and protocol supporting Internet of

Things. Journal of Computer Networks.

Che, B., Liu, L., & Zhang, H. (2020). KNEMAG: Key Node Estimation Mechanism Based on Attack Graph for IoT Security. J. Internet Things(2), 145–162.

Chenail, R. J. (2009). Bringing Method to the Madness: Sandelowski and Barroso’s Handbook for Synthesizing Qualitative Research. The Qualitative Report, 13(4), 8-12. https://doi.org/10.46743/2160-3715/2009.2820

Das, A., & Yashkova, O. (2022). Market Analysis Perspective: Worldwide Internet of Things. Infrastructure and the Intelligent Edge. (IDC) from IDC: The Premier Global Market Intelligence Company. https://www.idc.com/etdoc.jsp?containerId=US49735922

Debroy, S., Samanta, P., & Bashir, A. (2019). Chatterjee, M. SpEED-IoT: Spectrum aware energy efficient routing for device-to-device IoT communication. Future Gener. Comput. Syst.(93), 833–848.

Fei, H. (2016). Security and Privacy in Internet of Things (IoTs) Models. Algorithms, and Implementations, 144.

Gholichi, H. (2016). Security Threats on the Internet and Methods of Counteracting Them. Inajafy. [In Persian]

Hung, C. W., & Hsu, W. T. (2018). Power Consumption and Calculation Requirement Analysis of AES for WSN IoT. Sensors(18), 1675.

Hussein, N., & Nhlabatsi, A. (2022). Living in the Dark: MQTT-Based Exploitation of IoT Security Vulnerabilities in ZigBee Networks for Smart Lighting Control. IoT(3), 450–472.

Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile omputing, 24, 210-223.

Kareem, M. K., Aborisade, O. D., Onashoga, S. A., Sutikno, T., & Olayiwola, O. M. (2023). Efficient model for detecting application layer distributed denial of service attacks. Bull. Electr. Eng. Inform(12), 441–450.

Khemissa, H., & Tandjaoui, D. (2016). A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of Internet of Things. 2016 Wireless Telecommunications Symposium (WTS), 1-6.

Kim, M., & Suh, T. (2021). Eavesdropping Vulnerability and Countermeasure in Infrared Communication for IoT Devices. Sensors(21), 8207.

Lu, Y., & Da, X. L. (2103). Internet of Things cybersecurity research: A review of current research topics. IEEE Internet of Things Journal, 6(2), 15.

Matheu, S., Hernandez-Ramos, J., Skarmeta, A., & Baldini, G. (2020). A survey of cybersecurity certification for the internet of things. ACM Computing Surveys (CSUR), 53(6), 1-36.

Moaveni, M. (2016). How to secure devices connected to the Internet and deal with threats. Moaveni. [In Persian]

Nam, D., & Sukhomlin, V. (2023). On cybersecurity of the Internet of Things systems. International Journal of Open Information Technologies, 11(2), 85-97.

Pappalardo, M., & Virdis, A. ( 2022). Mingozzi, E. An Edge-Based LWM2M Proxy for Device Management to Efficiently Support QoS-Aware IoT Services. IoT(3), 169–190.

Park, J. H., Kim, H. S., & Kim, W. T. (2018). M-MQTT: An Efficient MQTT Based on SDN Multicast for Massive IoT Communications. Sensors(18), 3071.

Rahnavard, M. (2015). Knowledge Management System to Cover the Process of Creating, Organizing, Dissemination, and Applying Knowledge in Creating a Value. [In Persian]

Roohollah., G. (2015). Internet of Things Governance: Experiences of Countries Around the World and Iran's Roadmap. Communications and Information Technology Research Institute. ICT Policy and Strategic Management Research Institute. ICT Business Development and Entrepreneurship Group. [In Persian]

Scott, M. (2017). How to secure your IoT devices from botnets and other threats. Techrepublic.

Seoane, V., Garcia-Rubio, C., Almenares, F., & Campo, C. (2022). Performance evaluation of CoAP and MQTT with security support for IoT.

Shiranzaei, A. (2018). Khan, R.Z. An Approach to Discover the Sinkhole and Selective Forwarding Attack in IoT. J. Inf. Secur. Res.(9), 107.

Sreekanth, M., & Jeyachitra, R. (2022). Implementation of area-efficient AES using FPGA for IOT applications. Int. J. Embed. Syst.(15), 354.

Tsai, W. C., Tsai, T. H., Wang, T. J., & Chiang, M. L. (2022). Automatic Key Update Mechanism for Lightweight M2M Communication and Enhancement of IoT Security: A Case Study of CoAP Using Libcoap Library. Sensors(22), 340.

Vaclavova, A., Strelec, P., Horak, T., Kebisek, M., Tanuska, P., & Huraj, L. (2022). Proposal for an IIoT Device Solution According to Industry 4.0 Concept. Sensors(22), 325.

Venkatraman, S., & Overmars, A. (2019). New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT. Cryptography(3), 20.

Wani, A. R., Gupta, S. K., Khanam, Z., Rashid, M., Alshamrani, S. S., & Baz, M. (2022). A novel approach for securing data against adversary attacks in UAV embedded HetNet using identity based authentication scheme. IET Intell. Transp. Syst., 1-19.

Yoon, J. (2020). Deep-learning approach to attack handling of IoT devices using IoT-enabled network services. Internet Things(11), 100241.

Yu, H., & Park, Y. (2021). Design and implementation of IIoT edge device for collecting heterogeneous machine data. J. Internet Electron. Commer. Resarch(21), 23–32.

Zeng, J. Y., Chang, L. E., Cho, H. H., Chen, C. Y., Chao, H. C., & Yeh, K. H. (2022). Using Poisson Distribution to Enhance CNN-based NB-IoT LDoS Attack Detection. In Proceedings of the 2022 IEEE Conference on Dependable and Secure Computing (DSC), Edinburgh, UK, 1–7.