Figure 2 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
The increasing deployment of Internet of Things (IoT) devices in mission-critical systems has made them more appealing to attackers. Cyberattacks on IoT devices have the potential to expose sensitive data, disrupt operations, and even endanger lives. As a result, IoT security has recently gained traction in both industry and academia. However, no r...
Context in source publication
Context 1
... weak, default, and hardcoded login credentials are favoured by attackers for password-guessing exploits. Figure 2 shows the top 10 default and weak passwords used by attackers ('123456' being the most widely used) to compromise IoT devices [48]. These lax password practices pose a significant risk to IoT deployment, allowing attackers to hijack firmware and making IoT devices vulnerable to malware and other cyberattacks. ...
Similar publications
Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when u...
Citations
... In 2019, the healthcare sector utilizes one-third of all IoT devices, which are expected to climb to 40%, or $6.2 trillion, of the total global IoT technology market value by 2025 [1]. The global adoption of IoT devices is expected to reach 29 billion by 2030, covering a wide range of economic sectors and disciplines [2]. Particularly, IoMT devices are poised to save $300 billion, predominantly in the chronic illness and telemedicine sectors. ...
Deep learning models have raised privacy and security concerns due to their reliance on large datasets on central servers. As the number of Internet of Things (IoT) devices increases, artificial intelligence (AI) will be crucial for resource management, data processing, and knowledge acquisition. To address those issues, federated learning (FL) has introduced a novel approach to building a versatile, large-scale machine learning framework that operates in a decentralized and hardware-agnostic manner. However, FL faces network bandwidth limitations and data breaches. To reduce the central dependency in FL and increase scalability, swarm learning (SL) has been proposed in collaboration with Hewlett Packard Enterprise (HPE). SL represents a decentralized machine learning framework that leverages blockchain technology for secure, scalable, and private data management. A blockchain-based network enables the exchange and aggregation of model parameters among participants, thus mitigating the risk of a single point of failure and eliminating communication bottlenecks. To the best of our knowledge, this survey is the first to introduce the principles of Swarm Learning, its architectural design, and its fields of application. In addition, it highlights numerous research avenues that require further exploration by academic and industry communities to unlock the full potential and applications of SL.
... Baho et al. [25] helped to identify cybersecurity risks and control IoT vulnerabilities by providing insight into current methods for assessing the vulnerabilities. Readers from a wide variety of backgrounds were drawn to it, from experts in vulnerability management and cybersecurity risk research to academics specializing in the IoT. ...
Instantaneous data processing has the potential to enhance scalability, lessen power usage, and permit and improve data presentation in Consumer Internet of Things (CIoT) devices. In simple terms, cloud-based solutions cannot handle many IoT applications. According to Industrialized IoT (IIoT) technologies, an automated resource allocation system can improve service delivery and minimize healthcare costs. To maximize resource usage and response time for end users, there needs to be an effective method to efficiently distribute workload between Fog Layer and Cloud Connection and enhance cloud network capital allocation. Data analytics of complex and vital healthcare data requires timely responses, making it complicated. This paper proposes a design based on the Lanner Swarm Optimization (LSO) algorithm, which was developed to overcome inefficient heuristic strategies where data is transported to the cloud layer based on traffic type. The LSO algorithm is used to improve resource allocation and workload distribution in cloud-assisted CIoT applications for smart healthcare systems, improving scalability, power consumption, and data processing. The objective function determines if diverse virtual machines (VMs) vary accomplishment time the most, considering this study's updating and pruning restrictions. The experimentation analysis demonstrated that the proposed load balancing and work scheduling method outperforms evolutionary and heuristics algorithms. In experimentation, the research model attains a makespan of 10 s, response time of 5.5 s, resource utilization with a rate of 0.9, execution time of 13 s, latency of 10 ms, throughput of 0.78 s, and delivery rate of 0.74%. At resource scheduling, the LSO model had the best payload routing, latency, packet delivery ratio, and network lifetime.
... Similar studies by Baho and Abawajy (2023) and Williams et al. (2017) focused on understanding what IoT devices were connected to the Internet, and techniques for vulnerability assessment to comprehend methods for evaluating approaches to assessing device security. The Internet of Things (IoT) has witnessed a substantial increase in the number of connected devices and applications in recent times, experiencing exponential growth (Baho & Abawajy, 2023). ...
... Similar studies by Baho and Abawajy (2023) and Williams et al. (2017) focused on understanding what IoT devices were connected to the Internet, and techniques for vulnerability assessment to comprehend methods for evaluating approaches to assessing device security. The Internet of Things (IoT) has witnessed a substantial increase in the number of connected devices and applications in recent times, experiencing exponential growth (Baho & Abawajy, 2023). However, this growth has resulted in several security challenges. ...
... Nessus uses the Common Vulnerability Scoring System (CVSS) to classify each vulnerability into one of several different risk thresholds. The Common Vulnerability Scoring System (CVSS) is a widely used open industry standard for assessing the severity of security vulnerabilities (Baho & Abawajy, 2023;Samtani et al., 2016). The severity and relative scores are presented in Table 1. ...
The internet of things (IoT) devices are gaining popularity in the consumer market, but they also pose security risks. This study examines the vulnerabilities of consumer devices connected to IoT, which can collect and share information that can be misused to trigger intelligent system decisions. The study uses the MITRE ATT&CK Framework definition of vulnerability classification, taxonomy, and risk assessment to investigate the scope, security rating, and scale of IoT consumer device vulnerabilities from 2018-2022. The research uses a quantitative approach, including data analysis, observation, and analytical research to evaluate the issue of identifying vulnerabilities of consumer IoT devices, privacy, and vulnerability characterization. The findings will provide new insights into a scalable IoT strategy.
... Wireless data transfer in IoMT exposes vulnerabilities to eavesdropping, compromises privacy, and allows malicious actors to inject data leading to inaccurate diagnoses. According to a survey there were 70% targeting rate in 2023 exploiting the vulnerabilities of the IoT devices against cyberattacks [2]. This highlights the increased necessity of security in smart healthcare, particularly in the times of crisis, such as the COVID-19 epidemic, where IoMT use has increased dramatically. ...
The rise of smart health technologies has offered benefits such as remote patient monitoring, individualized therapy, and early disease identification. However this advancement has also raised concerns about security and privacy of patient data.Authentication is essential for protecting patient data and smart health devices. The existing scheme is identified with security vulnerabilities in terms of stolen verifier, impersonation, and man in middle attacks. Motivated by this, authors have presented a secure, lightweight authentication technique for smart health environments for a remote monitoring scenario employing a Multiple Factor approach and a lightweight algorithm. The scheme is verified through formal and informal analysis. The scheme demonstrated enhanced authentication performance and security with processing overhead of (0.04 milliseconds) and transmission overhead of (704 bits), in comparison to the baseline scheme. This system has the potential to improve data security and privacy in a variety of smart health scenarios.
... It categorizes IoT security challenges into device-level, network-level, data-level, and privacy-related challenges. These challenges encompass aspects such as physical security [9], firmware vulnerabilities [10], secure communication protocols [11], and privacy protection [12]. Understanding these challenges is the foundation for developing effective security solutions that mitigate risks and protect IoT deployments. ...
The Internet of Things (IoT) has revolutionized various domains, enabling interconnected devices to communicate and exchange data. The integration of Artificial Intelligence (AI) in IoT systems further enhances their capabilities and potential benefits. Unfortunately, in the era of AI, ensuring the privacy and security of the IoT faces novel and specific challenges. IoT security is imperative, necessitating comprehensive strategies, including comprehension of IoT security challenges, implementation of AI methodologies, adoption of resilient security frameworks, and handling of privacy and ethical concerns to construct dependable and secure IoT systems. It is vital to note that the term ’security’ encompasses a more comprehensive view than cyberattacks alone. Therefore, with an emphasis on securing against cyberattacks, this comprehensive survey also includes physical security threats on the IoT. It investigates the complexities and solutions for IoT systems, placing particular emphasis on AI-based security techniques. The paper undertakes a categorization of the challenges associated with ensuring IoT security, investigates the utilization of AI in IoT security, presents security frameworks and strategies, underscores privacy and ethical considerations, and provides insights derived from practical case studies. Furthermore, the survey sheds light on emerging trends concerning IoT security in the AI era. This survey provides significant contributions to the understanding of establishing dependable and secure IoT systems through an exhaustive examination of the present condition of IoT security and the ramifications of AI on it.
... Strategic and tactical resilience models must be created to fully address system risks [43]. In determining the level of vulnerability in the digitalization capability framework, these models consider the vulnerability and reliability levels of hardware and software resources, as well as the functions of physical proximity and networking [44,45]. Creating a robust matrix framework for resilience indicators based on a four-stage lifecycle model: planning/preparation, absorption, recovery, and adaptation. ...
Amidst the rapid advancements in the digital landscape, the convergence of digitization and cyber threats presents new challenges for organizational security. This article presents a comprehensive framework that aims to shape the future of cyber security. This framework responds to the complexities of modern cyber threats and provides guidance to organizations to enhance their resilience. The primary focus lies in the integration of capabilities with resilience. By combining these elements into cyber security practices, organizations can improve their ability to predict, mitigate, respond to, and recover from cyber disasters. This article emphasizes the importance of organizational leadership, accountability, and innovation in achieving cyber resilience. As cyber threat challenges continue to evolve, this framework offers strategic guidance to address the intricate dynamics between digitization and cyber security, moving towards a safer and more robust digital environment in the future.
Authentication and Session Key Generation Protocols (SKGPs) play an essential role in securing the communication channels of connected Internet of Things (IoT) devices. Recently, through blockchain integration, scholars have tried to enhance the security and applicability of SKGPs. In brief, blockchain is a distributed ledger technology that can provide interesting features such as immutability, transparency, and accountability without any need for the active participation of trusted parties. This survey presents a comprehensive critical review of blockchain-assisted authentication and SKGPs, suggested for different IoT domains, including Internet of Vehicles (IoV), Internet of Drones (IoD), and Industrial IoT (IIoT). Our survey categorizes existing schemes based on several criteria, including IoT application domains, security aspects, and blockchain components. By presenting an unbiased critical review and taxonomy of protocols, we aim to clarify the key challenges. Our review will specifically indicate what properties authors gained or lost through the integration of blockchain. This survey is the only one that offers all prerequisites for interested readers in blockchain-integrated SKGPs, such as security features and attacks, attack models, verification tools, blockchain types, blockchain platforms, consensus mechanisms, and etc. Further, our survey elaborates existing research gaps in blockchain-assisted SKGPs. Doing so, we aim to guide future research in this field and provide researchers with the essential information they require.
