IoT Security and Privacy Issues: A Taxonomy

المؤلفون

  • Mohamad Ibrahim Ladan Prince Sultan University المؤلف

DOI:

https://doi.org/10.59992/IJCI.2025.v4n11p2

الكلمات المفتاحية:

Internet of Things، Internet of Things Security Issues، Internet of Things Privacy Issues

الملخص

The Internet of Things, IoT, is affecting almost every part of our life and it is connecting us in unprecedented ways. Every device we carry, own, or have at home or in office could be connected to the internet. It could be our air-conditioning, alarm system, smoke detector, doorbell, refrigerator, TV, water/energy meters, parking meters, pollution detectors, car navigation systems, and public or private transportation vehicles. This will lead us to be more in touch with our surroundings and eventually turn our communities and cities into fully integrated, smart, sustainable intelligent entities. All IoT-based transformations are now occurring to increase productivity and create a coordinated world across business and technologies, and to make our lives smarter and easier, however, this, as with any new technology, often comes with a cost in terms of new security and privacy challenges and risks. We, as users of this new technology are often too preoccupied by its wonderful benefits that we don’t even think about any possible privacy risks or security issues that this new technology might introduce. Moreover, the exchange, storage, processing and transfer of tremendous amounts of sensitive information has also given rise to severe security and privacy concerns that compromise the efficiency and usability of IoT. It has become a challenge for users to depend on such a vulnerable technology, where the IoT security risks outweigh its benefits. Hence, security and privacy requirement is one of the key challenges to the IoT’s growth and success, and different IoT applications and devices may require different levels of security. In this paper we review and classify the different security and privacy issues pertaining to IoT and their different uses and applications, and we discuss the different measures that can be put in place to alleviate and address these issues.

السيرة الشخصية للمؤلف

  • Mohamad Ibrahim Ladan، Prince Sultan University

    Software Engineering Department, College of Computer Science and Information System, Prince Sultan University, Riyadh, 11586, Saudi Arabia

المراجع

1. L. S. Vailshery, " https://www.statista.com/aboutus/our-research-commitment/2816/lionel-sujay-vailshery," Sep 11, 2024.

2. H.J. Felcia Bel and S. Sabeen, "A Survey on IoT Security: Attacks, Challenges and Countermeasures", Webology, pp. 3741-3763, 2022, DOI: 10.14704/WEB/V19I1/WEB19246

3. Harald Bauer, Mark Patel, and Jan Veira, "Internet of Things: Opportunities and challenges for semiconductor companies, https://www.mckinsey.com/industries/semiconductors/our-insights/internet-of-things-opportunities-and-challenges-for-semiconductor-companies", Oct. 2015.

4. M. Lazarte, "https://www.iso.org/news/2016/09/Ref2113.html#collapseSitemap," Sept. 5, 2016.

5. Paul Roberts, “Exclusive: Mirai Attack Was Costly for Dyn, Data Suggests”, The Security Ledger, Feb. 3, 2017.

6. Lo’ai Tawalbeh, Fadi Muheidat, Mais Tawalbeh, and Muhannad Quwaider, "IOT privacy and security: Challenges and solutions," Applied Sciences, vol. 10, no. 4102, 2020.

7. M. Ali, F. Naeem, M. Tariq and G. Kaddoum, "Federated Learning for Privacy Preservation in Smart Healthcare Systems: A Comprehensive Survey", in IEEE Journal of Biomedical and Health Informatics, vol. 27, no. 2, pp. 778-789, Feb. 2023.

8. S. Shea, "https://internetofthingsagenda.techtarget.com/feature/The-great-IoT-data-ownership-debate," April 23, 2018.

9. M. I. Al Ladan, "A review and a classification of mobile cloud computing security issues," in International Conference on Cyber Warfare and Security. Academic Conferences International Limited, 2016.

10. l. Columbus, "https://www.forbes.com/sites/louiscolumbus/2016/11/27/roundup-of-internet-of-things-forecasts-and-market-estimates-2016/#51c742a8292d," Nov. 27, 2017.

11. Tinshu Sasi, Arash Habibi Lashkari, Rongxing Lu, Pulei Xiong, Shahrear Iqbal, “A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges”, Journal of Information and Intelligence, Volume 2, Issue 6, 2024, Pages 455-513, ISSN 2949-7159, https://doi.org/10.1016/j.jiixd.2023.12.001.

12. Phillip Williams, Indira Kaylan Dutta, Hisham Daoud, Magdy Bayoumi, “A survey on security in internet of things with a focus on the impact of emerging technologies”, Internet of Things, Volume 19, 2022, 100564, ISSN 2542-6605, https://doi.org/10.1016/j.iot.2022.100564.

13. Swessi, D., Idoudi, H. A Survey on Internet-of-Things Security: Threats and Emerging Countermeasures. Wireless Pers Commun 124, 1557–1592 (2022). https://doi.org/10.1007/s11277-021-09420-0.

14. Mark Mbock Ogonji, George Okeyo, Joseph Muliaro Wafula, “A survey on privacy and security of Internet of Things”, Computer Science Review, Volume 38, 2020, 100312, ISSN 1574-0137, https://doi.org/10.1016/j.cosrev.2020.100312.

15. Chanal, P.M., Kakkasageri, M.S. Security and Privacy in IoT: A Survey. Wireless Pers Commun 115, 1667–1693 (2020). https://doi.org/10.1007/s11277-020-07649-9

16. Andrea, C. Chrysostomou and G. Hadjichristofi, "Internet of Things: Security vulnerabilities and challenges," 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, Cyprus, 2015, pp. 180-187, doi: 10.1109/ISCC.2015.7405513.

17. Hussain, N. Abughanam, J. Qadir, and A. Mohamed, "Jamming Detection in IoT Wireless Networks: An Edge-AI Based Approach," in Proceedings of the 12th International Conference on the Internet of Things, Pages 57 – 64, 2022.

18. Arabia,"Hezbollah-accuses-Israel-of-hacking-CCTV-Cameras-in-southern-Lebanon," https://english.alarabiya.net/News/middle-east/2023/12/28/Hezbollah-accuses-Israel-of-hacking-CCTV-Cameras-in-southern-Lebanon, 2023.

19. M. Alyami, I. Alharbi, C. Zou, Y. Solihin and K. Ackerman, "WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic," 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2022, pp. 385-392, doi: 10.1109/CCNC49033.2022.9700674.

20. R. Petrović, D. Simić, S. Stanković and M. Perić, "Man-In-The-Middle Attack Based on ARP Spoofing in IoT Educational Platform," 2021 15th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS), Nis, Serbia, 2021, pp. 307-310, doi: 10.1109/TELSIKS52058.2021.9606392.

21. F. Hussain, S. G. Abbas, M. Husnain, U. U. Fayyaz, F. Shahzad and G. A. Shah, "IoT DoS and DDoS Attack Detection using ResNet," 2020 IEEE 23rd International Multitopic Conference (INMIC), Bahawalpur, Pakistan, 2020, pp. 1-6, doi: 10.1109/INMIC50486.2020.9318216.

22. Mohamed Riadh Kadri, Abdelkrim Abdelli, Jalel Ben Othman, Lynda Mokdad, “Survey and classification of Dos and DDos attack detection and validation approaches for IoT environments”, Internet of Things, Volume 25, 2024, 101021, ISSN 2542-6605, https://doi.org/10.1016/j.iot.2023.101021.

23. Muhammad Aqeel, Fahad Ali, Muhammad Waseem Iqbal, Toqir A. Rana, Muhammad Arif, Md. Rabiul Auwul, "A Review of Security and Privacy Concerns in the Internet of Things (IoT)", Journal of Sensors, no. 5724168, Sept. 29, 2022, https://doi.org/10.1155/2022/5724168.

24. M. F. R. Zaminkar, "SoS-RPL: Securing Internet of Things Against Sinkhole Attack Using RPL Protocol-Based Node Rating and Ranking Mechanism," Wireless Pers Communication, vol. 114, p. 1287–1312, 2020.

25. P. Krishnakumar, "Wormhole Attacks in Wireless Sensor Networks (Wsn) & Internet of Things (IoT): A Review," International Journal of Recent Technology and Engineering, vol. 10, pp. 199-203.

26. K. Zhang, X. Liang, R. Lu and X. Shen, "Sybil Attacks and Their Defenses in the Internet of Things," in IEEE Internet of Things Journal, vol. 1, no. 5, pp. 372-383, Oct. 2014, doi: 10.1109/JIOT.2014.2344013.

27. Imperva, "What is a Sybil Attack?”, https://www.imperva.com/learn/application-security/sybil-attack/, 2024.

28. Tinshu Sasi, Arash Habibi Lashkari, Rongxing Lu, Pulei Xiong, and Shahrear Iqbal, “A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges”, Journal of Information and Intelligence, Volume 2, Issue 6, 2024, Pages 455-513, ISSN 2949-7159, https://doi.org/10.1016/j.jiixd.2023.12.001.

29. Bashis Mcw and Charles Rollet, "Toka - A Hacking Platform for Video Surveillance Devices Examined", 2022.

30. Times of India, AFP "Lebanon's Hezbollah accused Israel on Thursday of hacking into CCTV cameras”, https://timesofindia.indiatimes.com/world/middle-east/hezbollah-accuses-israel-of-hacking-lebanon-cctv-cameras/articleshow/106363364.cms, Dec. 29, 2023.

31. Daily Sun, AFP "Lebanon says Israeli GPS jamming confounding ground, air traffic", https://www.daily-sun.com/post/755748, July 2, 2024.

32. Mark Mbock Ogonji, George Okeyo, and Joseph Muliaro Wafula, "A survey on privacy and security of Internet of Things," Computer Science Review, Volume 38, 2020, 100312, ISSN 1574-0137, https://doi.org/10.1016/j.cosrev.2020.100312.

33. Victor, P., Lashkari, A.H., Lu, R. et al. IoT malware: An attribute-based taxonomy, detection mechanisms and challenges. Peer-to-Peer Netw. Appl. 16, 1380–1431 (2023). https://doi.org/10.1007/s12083-023-01478-w.

34. Hezam Akram Abdul-Ghani, D. Konstantas, and M. Mahyoub, "A comprehensive IoT attacks survey based on a building-blocked reference model," International Journal of Advanced Computer Science and Applications, vol. 9, no. 3, 2018.

35. J. Scarpati, "Enterprise IoT security: Is the sky truly falling?" TechTarget, 2015.

36. Andrea, C. Chrysostomou and G. Hadjichristofi, "Internet of Things: Security vulnerabilities and challenges," 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, Cyprus, 2015, pp. 180-187, doi: 10.1109/ISCC.2015.7405513.

37. Z. Berkay Celik, Earlence Fernandes, Eric Pauley, Gang Tan, and Patrick McDaniel, "Program Analysis of Commodity IoT Applications for Security and Privacy: Challenges and Opportunities," ACM Computing. Survey, vol. 52, no. 74, 2019.

38. T. Jones, "Microsoft takes holistic approach to IoT security concerns," TechTarget, 2018.

39. J. Borgini, "Features to look for in IoT monitoring tools," TechTarget, 2023.

التنزيلات

منشور

2025-11-17

إصدار

القسم

المقالات

كيفية الاقتباس

Mohamad Ibrahim Ladan. (2025). IoT Security and Privacy Issues: A Taxonomy. المجلة الدولية للحاسبات والمعلوماتية, 4(11). https://doi.org/10.59992/IJCI.2025.v4n11p2