Modern Studies in Management and Organization

Modern Studies in Management and Organization

Identification of Cyber Security Components of Internet of Things

Document Type : Review article

Authors
Sayyed Mohammadreza Davoodi 1
Abdollah Nemati 2
Tahereh Sabbaghi 2
1 Associate Professor, Faculty of Management, Dehaqan Branch, Islamic Azad University, Dehaqan, Iran
2 PhD Student, Faculty of Management, Dehaqan Branch, Islamic Azad University, Dehaqan, Iran
10.22034/jmsmo.2025.220930
Abstract
This research aims to identify the components of cybersecurity of the Internet of Things and mutual authentication. In this paper, considering the unique and specific nature of the subject, the breadth and richness of research in this field, the ease of access to resources, and the study and summary of all related articles, the metasynthesis method has been used. Metasynthesis is a method that combines data from other studies with specific steps to meet the researcher's goal and yields new results. Using the Sandelowski and Barso model, and the keywords of Internet of Things security, privacy, network security, and mutual authentication, about 65 foreign and domestic scientific research articles published from 2014 to 2023 and materials collected from foreign databases and Persian articles published in scientific and research journals and publications in the country from 2015 to 2022 were found, of which the number of foreign articles was 47 and the number of domestic articles was 18. After reviewing and filtering, 40 articles were selected to extract the required content of the article, of which 34 were foreign articles and 6 Persian articles were selected. Among the components identified were threat control, access control, technical control, firewall protection, API security, security gateways, authentication, and tokens.
Keywords
Internet of Things Security
Privacy
Network Security
Mutual Authentication

Subjects

Abbasi, M., Plaza-Hernandez, M., Prieto, J., & Corchado, J. M. (2022). Security in the Internet of Things Application Layer: Requirements. Threats, and Solutions. IEEE Access(10), 97197–97216.
Agrawal, S., Das, M. L., & Lopez, J. (2019). Detection of Node Capture Attack in Wireless Sensor Networks. IEEE Syst. J.(13), 238–247.
Alaba, F. A., Othman, M., Hashem, I. A., & Alotaibi, F. (2017). Internet of Things security: A survey. J. Netw. Comput. Appl.(88), 10–28.
Alamr, A. A., Kausar, F., Kim, J., & Seo, C. (2018). A secure ECC-based RFID mutual authentication protocol for internet of things. The Journal of Supercomputing, 74, 4281-4294.
Alharbi, I. A., Almalki, A. J., Alyami, M., Zou, C., & Solihin, Y. (2022). Profiling Attack on WiFi-based IoT Devices using an Eavesdropping of an Encrypted Data Frames. Adv. Sci. Technol. Eng. Syst. J.(7), 49–57.
An, G. H., & Cho, T. H. (2022). Improving Sinkhole Attack Detection Rate through Knowledge-Based Specification Rule for a Sinkhole Attack Intrusion Detection Technique of IoT. Int. J. Comput. Netw. Appl.(9), 169.
Arkian, H. (2015). Security and Privacy in the Internet of Things. Bi-quarterly scientific-promotional journal, Herald of Security in the Space of Information Production and Exchange (AFTA), 4. [In Persian]
Biplob, R. (2014). Scalable RFID security framework and protocol supporting Internet of
Things. Journal of Computer Networks.
Che, B., Liu, L., & Zhang, H. (2020). KNEMAG: Key Node Estimation Mechanism Based on Attack Graph for IoT Security. J. Internet Things(2), 145–162.
Chenail, R. J. (2009). Bringing Method to the Madness: Sandelowski and Barroso’s Handbook for Synthesizing Qualitative Research. The Qualitative Report, 13(4), 8-12. https://doi.org/10.46743/2160-3715/2009.2820
Das, A., & Yashkova, O. (2022). Market Analysis Perspective: Worldwide Internet of Things. Infrastructure and the Intelligent Edge. (IDC) from IDC: The Premier Global Market Intelligence Company. https://www.idc.com/etdoc.jsp?containerId=US49735922
Debroy, S., Samanta, P., & Bashir, A. (2019). Chatterjee, M. SpEED-IoT: Spectrum aware energy efficient routing for device-to-device IoT communication. Future Gener. Comput. Syst.(93), 833–848.
Fei, H. (2016). Security and Privacy in Internet of Things (IoTs) Models. Algorithms, and Implementations, 144.
Gholichi, H. (2016). Security Threats on the Internet and Methods of Counteracting Them. Inajafy. [In Persian]
Hung, C. W., & Hsu, W. T. (2018). Power Consumption and Calculation Requirement Analysis of AES for WSN IoT. Sensors(18), 1675.
Hussein, N., & Nhlabatsi, A. (2022). Living in the Dark: MQTT-Based Exploitation of IoT Security Vulnerabilities in ZigBee Networks for Smart Lighting Control. IoT(3), 450–472.
Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers. Pervasive and Mobile omputing, 24, 210-223.
Kareem, M. K., Aborisade, O. D., Onashoga, S. A., Sutikno, T., & Olayiwola, O. M. (2023). Efficient model for detecting application layer distributed denial of service attacks. Bull. Electr. Eng. Inform(12), 441–450.
Khemissa, H., & Tandjaoui, D. (2016). A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of Internet of Things. 2016 Wireless Telecommunications Symposium (WTS), 1-6.
Kim, M., & Suh, T. (2021). Eavesdropping Vulnerability and Countermeasure in Infrared Communication for IoT Devices. Sensors(21), 8207.
Lu, Y., & Da, X. L. (2103). Internet of Things cybersecurity research: A review of current research topics. IEEE Internet of Things Journal, 6(2), 15.
Matheu, S., Hernandez-Ramos, J., Skarmeta, A., & Baldini, G. (2020). A survey of cybersecurity certification for the internet of things. ACM Computing Surveys (CSUR), 53(6), 1-36.
Moaveni, M. (2016). How to secure devices connected to the Internet and deal with threats. Moaveni. [In Persian]
Nam, D., & Sukhomlin, V. (2023). On cybersecurity of the Internet of Things systems. International Journal of Open Information Technologies, 11(2), 85-97.
Pappalardo, M., & Virdis, A. ( 2022). Mingozzi, E. An Edge-Based LWM2M Proxy for Device Management to Efficiently Support QoS-Aware IoT Services. IoT(3), 169–190.
Park, J. H., Kim, H. S., & Kim, W. T. (2018). M-MQTT: An Efficient MQTT Based on SDN Multicast for Massive IoT Communications. Sensors(18), 3071.
Rahnavard, M. (2015). Knowledge Management System to Cover the Process of Creating, Organizing, Dissemination, and Applying Knowledge in Creating a Value. [In Persian]
Roohollah., G. (2015). Internet of Things Governance: Experiences of Countries Around the World and Iran's Roadmap. Communications and Information Technology Research Institute. ICT Policy and Strategic Management Research Institute. ICT Business Development and Entrepreneurship Group. [In Persian]
Scott, M. (2017). How to secure your IoT devices from botnets and other threats. Techrepublic.
Seoane, V., Garcia-Rubio, C., Almenares, F., & Campo, C. (2022). Performance evaluation of CoAP and MQTT with security support for IoT.
Shiranzaei, A. (2018). Khan, R.Z. An Approach to Discover the Sinkhole and Selective Forwarding Attack in IoT. J. Inf. Secur. Res.(9), 107.
Sreekanth, M., & Jeyachitra, R. (2022). Implementation of area-efficient AES using FPGA for IOT applications. Int. J. Embed. Syst.(15), 354.
Tsai, W. C., Tsai, T. H., Wang, T. J., & Chiang, M. L. (2022). Automatic Key Update Mechanism for Lightweight M2M Communication and Enhancement of IoT Security: A Case Study of CoAP Using Libcoap Library. Sensors(22), 340.
Vaclavova, A., Strelec, P., Horak, T., Kebisek, M., Tanuska, P., & Huraj, L. (2022). Proposal for an IIoT Device Solution According to Industry 4.0 Concept. Sensors(22), 325.
Venkatraman, S., & Overmars, A. (2019). New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT. Cryptography(3), 20.
Wani, A. R., Gupta, S. K., Khanam, Z., Rashid, M., Alshamrani, S. S., & Baz, M. (2022). A novel approach for securing data against adversary attacks in UAV embedded HetNet using identity based authentication scheme. IET Intell. Transp. Syst., 1-19.
Yoon, J. (2020). Deep-learning approach to attack handling of IoT devices using IoT-enabled network services. Internet Things(11), 100241.
Yu, H., & Park, Y. (2021). Design and implementation of IIoT edge device for collecting heterogeneous machine data. J. Internet Electron. Commer. Resarch(21), 23–32.
Zeng, J. Y., Chang, L. E., Cho, H. H., Chen, C. Y., Chao, H. C., & Yeh, K. H. (2022). Using Poisson Distribution to Enhance CNN-based NB-IoT LDoS Attack Detection. In Proceedings of the 2022 IEEE Conference on Dependable and Secure Computing (DSC), Edinburgh, UK, 1–7.

  • Receive Date 05 November 2024
  • Revise Date 17 November 2024
  • Accept Date 12 March 2025
  • Publish Date 15 March 2025