A Review of Current Security Issues in Internet of Things

  • Mudassar Ahmad
  • Tanveer Younis
  • Muhammad Asif HabibEmail author
  • Rehan Ashraf
  • Syed Hassan Ahmed
Part of the EAI/Springer Innovations in Communication and Computing book series (EAISICC)


The Internet of Things (IoT) is a framework in which every real-world object can be identified uniquely and has the capacity to send and receive data to the network. This paper presents analysis and survey on IOT security, also discusses the current status and challenges of IOT security. Typically, there are three layers in IoT architecture, i.e. perception layer, network layer, and application layer. For secure internet of things realization, at each layer a number of security principles should be enforced. In the future the implementation of IoT is only possible if the security issues related to each layer are resolved and addressed. A number of researchers try to address and to give corresponding countermeasures to secure each layer of IoT. This paper provides an overview on proposed countermeasures and challenges of Security.


  1. 1.
    Verizon. (2017). Intelligent, More Meaningful Business Connections.Google Scholar
  2. 2.
    Coetzee, L., & Eksteen, J. (2011). The internet of things-promise for the future? An introduction. In IST-Africa Conference Proceedings, 2011 (pp. 1–9). Piscataway: IEEE.Google Scholar
  3. 3.
    Kraijak, S., & Tuwanut, P. (2015). A survey on IoT architectures, protocols, applications, security, privacy, real-world implementation and future trends, 6–6.CrossRefGoogle Scholar
  4. 4.
    Zhao, K., & Ge, L. (2013). A survey on the internet of things security. In 2013 9th International Conference on Computational Intelligence and Security (CIS), (pp. 663–667). Piscataway: IEEE.CrossRefGoogle Scholar
  5. 5.
    Mahalle, P. N., Anggorojati, B., Prasad, N. R., & Prasad, R. (2013). Identity authentication and capability based access control (iacac) for the internet of things. Journal of Cyber Security and Mobility, 1(4), 309–348.Google Scholar
  6. 6.
    Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015). Internet of things (IoT) security: Current status, challenges and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336–341). Piscataway: IEEE.CrossRefGoogle Scholar
  7. 7.
    Khan, R., Khan, S. U., Zaheer, R., & Khan, S. (2012). Future internet: The internet of things architecture, possible applications and key challenges. In 2012 10th International Conference on Frontiers of Information Technology (FIT) (pp. 257–260). Piscataway: IEEE.CrossRefGoogle Scholar
  8. 8.
    Kumar, J. S., & Patel, D. R. (2014). A survey on internet of things: Security and privacy issues. International Journal of Computer Applications, 90(11), 20–26.CrossRefGoogle Scholar
  9. 9.
    Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266–2279.CrossRefGoogle Scholar
  10. 10.
    Farooq, M. U., Waseem, M., Khairi, A., & Mazhar, S. (2015). A critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications, 111(7), 1–6.CrossRefGoogle Scholar
  11. 11.
    Wen, Q., Dong, X., & Zhang, R. (2012). Application of dynamic variable cipher security certificate in internet of things. In 2012 IEEE 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS) (Vol. 3, pp. 1062–1066). Piscataway: IEEE.Google Scholar
  12. 12.
    Roman, R., Najera, P., & Lopez, J. (2011). Securing the internet of things. Computer, 44(9), 51–58.CrossRefGoogle Scholar
  13. 13.
    Leo, M., Battisti, F., Carli, M., & Neri, A. (2014). A federated architecture approach for internet of things security. In Euro Med Telco Conference (EMTC), 2014 (pp. 1–5). Piscataway: IEEE.Google Scholar
  14. 14.
    Zhao, G., Si, X., Wang, J., Long, X., & Hu, T. (2011). A novel mutual authentication scheme for internet of things. In Proceedings of 2011 International Conference on Modelling, Identification and Control (ICMIC) (pp. 563–566). Piscataway: IEEE.CrossRefGoogle Scholar
  15. 15.
    Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177), 203–209.MathSciNetCrossRefGoogle Scholar
  16. 16.
    Lee, J.-Y., Lin, W.-C., & Huang, Y.-H. (2014). A lightweight authentication protocol for internet of things. In 2014 International Symposium on Next-Generation Electronics (ISNE) (pp. 1–2). Piscataway: IEEE.Google Scholar
  17. 17.
    Xie, Y., & Wang, D. (2014). An item-level access control framework for inter-system security in the internet of things. In Applied mechanics and materials (Vol. 548, pp. 1430–1432). Zürich: Trans Tech Publications.CrossRefGoogle Scholar
  18. 18.
    Patton, M., Gross, E., Chinn, R., Forbis, S., Walker, L., & Chen, H. (2014). Uninvited connections: A study of vulnerable devices on the internet of things (IoT). In 2014 IEEE Joint Intelligence and Security Informatics Conference (JISIC) (pp. 232–235). Piscataway: IEEE.Google Scholar
  19. 19.
    Panwar, M., & Kumar, A. (2015). Security for IoT: An effective dtls with public certificates. In 2015 International Conference on Advances in Computer Engineering and Applications (ICACEA) (pp. 163–166). Piscataway: IEEE.CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Mudassar Ahmad
    • 1
  • Tanveer Younis
    • 1
  • Muhammad Asif Habib
    • 1
    Email author
  • Rehan Ashraf
    • 1
  • Syed Hassan Ahmed
    • 2
  1. 1.Department of Computer ScienceNational Textile UniversityFaisalabadPakistan
  2. 2.Department of Computer ScienceGeorgia Southern UniversityStatesboroUSA

Personalised recommendations