i.          Network layer

After data is collected in perception layer, it needs to be transmitted to the IoT cloud service, the network layer contains devices like wireless and wire routers, switches and firewall, IDS and IPS are used to deliver data from the perception layer to the could provider.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now


    ii.           Application Layer

The final destination of collected data is the cloud, cloud providers processing and analyzing the data to provide the IoT user with meaningful results, also this layer provides the user with a portal to view IoT services results.


3.    IoT Security

The main goal of cyber security is to preserve the Confidentiality, Integrity and Availability.


3.1  IoT Confidentiality

It is very important for data either in transmit or in store to be secure from unauthorized access that could expose user’s data and violates user’s privacy, 1-2-3 Zones 5 divided the IoT environment to threezones Internal zone, Middle zone and Outside zone figure 4. We can see from the figure 4 that data in IoT environment could be located and transmit as the following: – 1-    Data could be stored in the Internal zone, like in IoT devices.2-       Data could be stored in the External zone in the cloud.3-       Data transmits within devices in Internal zone, from sensors to IoT devices or controllers. 4-       Data transmits from Internal zone to Middle zone. 5-       Data transmit from Middle zone to external zone.So it is substantial to protect data confidentiality in all previous mentioned places. 3.1  IoT IntegrityAny unauthorized modify of IoT data either in store or in transmit would make all IoT results and analysis invalid, we can imagine that an intruder who break IoT medical device that reads a patient health activity and modify his health reading which definitely would expose his life to danger, so it’s very important to protect the integrity of data in IoT.  4.    Literature Survey There are a wide range of attacks targeting each layer of IoT architecture figure 3, many research papers have categories these attacks, this section will discuss the literature survey of IoT attacks.   3.1   Perception
layer attacks   Attacks in this layer will target mainly embedded technology like
sensors and other measuring devices, and due to the nature of these devices
that have small processing unit and limited power make it easy target for
intruders this layer could be target for the following attacks: –    
Node Tempering: – in this type of attack the intruder
may damage, replace or manipulate the IoT devices that sense and measures
activities 6, the goal of this attack is to get or alter the data measured by
these devices. –  
Code injection: – in code injection the attacker
exploits a vulnerability in the IoT device that enable him to inject the device
with malicious code 7 which enable the attacker to do whatever he wants like
inject the IoT device with a worm to join it in a botnet or to control the IoT
device and tamper data. –    
Man in the Middle Attack: – the intruder can eavesdrop
in IoT communications, which enable him to listen to the traffic between the
sensors and IoT controller or between controller and edge of the IoT network
which gives attacker the advantage to expose sheer amount of data 8.  –  
DOS Attack: – break the availability of services is a
very popular attack, DOS attack can be lunched against IoT environment or can
be lunched from IoT environment against other services, in the first scenario a
massive network request sent to IoT environment to flood the system resources
and make it unavailable, such attacks would be very disruptive if they target
sensitive environment like Smart Grid, in the second scenario where the attack
initiated from IoT environment, intruders control a wide network of IoT
environments making a network of botnet, and use that botnet to lunch DOS
attack against other target 239. –       
RFID Cloning and Spoofing: – this type of attack
enable the attacker to spoof signals, alter them and send its own using the genuine
RFID tag which make the signals appear coming from the original device 10.  –       
IoT Device Impersonation: – this attack take place
when attacker adds a device that can act as either sensor or IoT controller and
appears it belong to the IoT environment, which give the attacker the ability
to generates or receive data 11  –       
Password Attacks: – All IoT devices and controllers
have a portal that enable the user to configure and read the IoT results and
since these devices are connected to the internet they are target to the
password guessing attacks as it happened with Dyn cyberattack 23.  3.2  Network
Layer Attacks Attacks in
this layer will target network devices and services, which are responsible for
moving data from one layer to other layer, devices included in this would be
like router, switches, Wi-Fi, Bluetooth and others.

Traffic: – sniffing traffic in transmit is a popular attack in networking
world, attackers can sniff the flow of data while traveling to cloud, this


I'm Krystal!

Would you like to get a custom essay? How about receiving a customized one?

Check it out