EEET2424 Computer And Network Security

Introduction

The term “Internet of Things” was first used in 1999 by Kevin Ashton- former MIT’s Auto-ID centre director in his Procter and Gamble presentation (Mario, 2016). Since then, the term is so popular, an event that made the International Telecommunication Union (ITU) to use the Internet of things in 2006 Internet Report (Mario, 2016). Internet of things (IoT), is a convenient way of linking devices with each other. It connects numerous objects within a single source of the network that assists in the completion of tasks requiring such connectivity. The connection can be made remotely across the present network infrastructure, enabling the integration of the physical world into computerized systems. In effect, it results in enhanced efficiency, accuracy as well as minimized human intervention. The application of IoT is broad, as such the devices connected to this system can be in cities, houses, and factories and even in schools (Floarea et al., 2017). According to Zhang et al. (2011), Internet of things is an interconnected network infrastructure of self-configured and intelligent nodes (things), which interact with each other unconditionally. Studies on this matter estimate that the IoT will consist of between 50 to 100 billion objects, shortly following the current trend, where, in 2017, 31% increment of these devices was recorded (Sedrati and Mezrioui, 2017). None could predict these figures 20 years back, therefore, if this is something to go with, the future of the Internet is almost impossible to predict.

Aims and Objectives of the project

Main Objective

The main aim of this project is to assess the existing IoT security goals and challenges to establish more advanced ways of protecting the system against any threat.

Specific Objectives

1. To identify the ways through which the Internet of things protects the collected data.
2. To identify the differences between Internet of things and the traditional Internet.

• To identify the security challenges in the Internet of things.

Project Plan

Planning is an essential part of any successful study. It enables the researcher to accomplish various tasks within the stipulated period. Besides, it allows for evaluation and improvement in areas of less strength to achieve the set objectives. Research is an expensive exercise, and therefore, the need for budgeting is necessary, and this is achievable through planning. For this particular research, the tasks are divided into six parts. The first part of this project is to develop the project proposal will be submitted to the supervisor for assessment. After approval and relevant comments put into consideration, the second step will be to commence the project by developing a comprehensive background of the study and the research questions. The third step is to write a literature review part, and this involves rewriting the existing literature on the topic. In this section, the study will focus on creating understanding about IoT, its risks as well as its applications. The fourth part will be data collection, and this entails gathering relevant data as per the objectives. Following this step is data analysis, and this involves analyzing the collected data by the use of tools like SSP or Microsoft Excel. The last part is the completion of the project through producing the final version of the dissertation as shown in table one. In this part, all the sections of the study including the discussion and the recommendation are included in the paper and a comprehensive review done before the presentation. The period for every event of the project is in table one, and for the project to be complete, it will take a maximum of seven months.

Project Step	Start Date	End Date	# of Days
Prepare project proposal	1/2/2018	10/2/2018	10 days
Commence the project introduction/Background and Research Questions	11/2/2018	13/3/2018	31 days
Writing Literature review	14/3/2018	13/4/2018	31 days
Collection of data	14/4/2018	24/5/2018	40 days
Analysis of the data	25/5/2018	05/7/2018	40 days
Complete final version of dissertation	06/7/2018	25/8/2018	49 days

Table 1: Project Time Plan

Literature Review

Internet of Things Architecture

Hardware and software are the most basic Internet of things components. The hardware component consists of Radio-Frequency Identification (RFID), Near Field Communication (NFC) and Sensor Networks. RFID works by the use of radio- frequency electromagnetic fields which allows the communication between the RFID tag and RFID reader. One form of the tag's data is the Electronic Product Code (EPC) which IoT utilizes to identify an object. NFC, on the other hand, is a new technology, and it uses a short-range communication standard. Through its Unique Identification (UID) capability, NFC allows devices to communicate with each other in touch or to fall close to one another. Conversely, Sensor Networks are used to observe particular occurrences in the environment or weather. For instance, sensors can monitor temperature or humidity.

Internet of things largely depend on the current hardware infrastructure, therefore, the need to develop software that allows compatibility among various devices is vital. The component that lies between the Internet of things hardware component and its applications is middleware. In this case, middleware will include various devices that generate incredible information. Consequently middleware component enables the developer to provide new services without necessarily creating a distinctive code for every device. Internet of things network currently used to display and index information on the web content is inconsistent, and this calls for the need of Browsing. Browsing or searching enables the search for specific information, and this solves the problems resulting from the extensive information produced by IoT. Therefore, Browsing software is a requirement in the entire Internet of things so that its users can benefit from the resulting functions.

Internet of Things Layers

Concerning the number of IoT layers, different opinions come forth. However, various studies focus on three major layers which include: the application, network, and perception layers. These layers differ regarding their roles and the devices operating in them (Fielding and Taylor, 2002).

Each layer in IoT (Internet of Things) is defined according to their functions as well as services being used by that layer. The opinions in context to the number of layers existing in IoT are different however, as per Sadeghi, Wachsmann and Waidner (2015), along with other researchers, there are mainly three layers that is Perception, Network and Application. Inherent security issues are existing within each layer of IoT and basic architectural framework of IoT has been presented which shows the devices and technologies being used in each layer.

Perception layer

The perception layer is an IoT layer that collects, and figure out the information in IoT enabled devices. It uses devices like sensor nodes, smartcards, and RFID tags to collect information of relevance to the user. The layer is further divided into two significant component namely the perception node and perception network (Qi et al., 2014). The perception node is utilized in data control and utilization through the use of controllers or sensors. Perception network, on the other hand, sends control signals or collected data to the controller and the gateway to be conveyed in the Network Layer respectively. This layer of IoT is also considered as the sensor layer in IoT as the main function of this layer is data acquisition from the environment which is carried out by using sensors and actuators. The focus of this layer is on detecting, collecting and processing information for transmitting it to the next layer that is network layer (Jing et al., 2014). The collaboration of IoT node in networks whether short or long range is performed in this layer.

Network layer

The network layer is for connectivity purpose. Therefore, it manages wireless and wired connections through the use of sensors and computers as a means of transferring the collected data. As a means of maintaining the reliability of data collection, it also supports the connection-oriented services. The transmissions, switching, and gateway occurs in this layer. These functions are facilitated by various technologies like Wi-Fi, 3G, and Bluetooth (Tasneem et al., 2015) (Chen et al., 2014). This layer in IoT has the functionality of routing data and transmitting those to various other IoT hubs as well as devices through the Internet. In this layer, the technologies such as cloud computing and Internet gateways along with devices for switching or routing uses latest technological innovations that supports wireless transmissions (Conti et al., 2018). The network gateways act as a facilitator between the different nodes of IoT so that aggregation, filtration and transmission can be easily carried out through different sensors.

Application layer

The layer connects the applications and users as it is located in between them. It allows these two components to communicate. Aside from supporting various business services it has the capability of recognizing the resource allocation and computation of data. Moreover, through its filtering feature it can recognize spam data, malicious data as well as valid (Cai et al., 2014). Besides, it makes resolutions of the received information, decides on it as per the command to enable intelligent processing between devices. It is the layer in IoT which ensures authenticity, integrity as well as data confidentiality so that information is secured while transmission occurs within the IoT nodes. The purpose of this layer is to ensure that a smart environment is successfully created and achieved (Lee and Lee, 2015). This is the layer which is considered as the end product which is being achieved with the help of IoT.

IoT Applications

According to Atzori et al. (2010); Miorandi et al. (2012) the Internet of things application is split into four domain areas, and these include: smart infrastructure, healthcare, supply logistics and social applications. In smart infrastructure, IoT is utilized to collect and display crucial information like power consumption which later assists in energy conservation (Liu et al., 2011). Next, IoT is used in human healthcare. It converts essential human functions to the machine, and this creates efficiency in the healthcare sector. An example of such is taking the patient’s medical readings and presenting them to the relevant medical physician (Dohr et al., 2010). In supply chains/logistics, IoT improves the performance since it aids in displaying updated information, minimizing counterfeiting as well as enhancing product traceability. The possibility of this function is due to RFID and sensors which are widely used in chains and logistics support. Regarding the social application, IoT devices interact with social media applications like Facebook and Twitter to accomplish the intended user requirement.

Smart home is the highest ranked application of IoT as per measured in different channels as the term “Smart Home” is being currently searched by more than 60000 people all over the world. There are overall 256 companies as well as startups included in the IoT analytics company database. This IoT application is being widely focused by more companies rather than any other IoT application. Some of the major IoT applications that are being widely used in different industries are presented as below:

Airline Industry: In this industry, an application for equipment tracking is being used so that the engineers can get a live preview of the locations of equipment required for maintenance. This IoT application is not only increasing the efficiency of engineers but also helping to reduce costs as well as efforts required for process improvements (Hossain, Fotouhi and Hasan, 2015). This application of IoT in the Airline Industry is also increasing the customer experience with the help of more reliable and on-time flights.

Pharmaceutical Industry: In this industry, an application is used for temperature monitoring of medication to check whether it has exceeded than the acceptable range and it ensures that medical supplies meet the required quality during delivery. There are various IoT based smart applications that are used for monitoring the temperature conditions that so that they could be used for proper handling of temperature.

Manufacturing Industry: For the manufacturing industry, a smart application has been designed which leverages IoT sensors along with predictive analysis for performing predictive maintenance (Alur et al., 2016). The IoT applications are being used in the industry so that lighting can be optimized along with reducing the consumption of power. The use of IoT application in the manufacturing industry has helped to transform the business processes in an efficient manner.

Media and Entertainment Industry: Sensors are being used in entertainment design and production firm so that foot traffic can be monitored during events (Sicari et al., 2015). The IoT application also provides visualization of the volunteer traffics in real time so that the sponsors are able to understand the best places for advertising and marketing.

Security Challenges in IoT Layers

Internet of things layers are susceptible to both passive or active security attacks and threats. When the IoT network data is attacked without the services being interrupted, we say the passive attack has occurred. However, when these services are failing, then the active attack is said to have taken place, in effect it causes a drawback in the performance of the network. However, all the layers are prone to a common threat that denies authorized users from accessing essential services (Ajay et al., 2011). The coined name for this attack is Denial of Service attacks (DoS).

Perception Layer

Three fundamental security issues face the Internet of things perception layer. The first concern is the location of IoT nodes operation which is an outdoor environment. Such an environment makes it vulnerable to physical attack in the sense that the attacker can tamper with the hardware components. Next, the dynamic network is heterogonous, and this enables the mobility of IoT appliances. However, due to various limitations like the computation capability, power consumption, and storage capacity, devices connected to IoT becomes more prone to different types of attacks and threats. The last concern is due to the fact that the transmission of information in IoT uses wireless technologies. As such, the strength of the wireless signals may be affected by existing waves. Therefore, the confidentiality of this layer is exploited by various kinds of attacks (Choi et al., 2012).

In this layer, attack may happen using the Replay attack which is an exploit that is used to break confidentiality and that can be done through spoofing along with alteration or replicating the information of device being connected in IoT. Another assault that may happen in this layer is timing assault in which the assailant can access the encryption key with examination of time that is required for playing out the encryption procedure (Mahmoud et al., 2015). The most common of all approaches of exploitation that can occur in this layer is DoS that is possible by consumption of energy required by IoT nodes and restricting them from sleep mode which is used by the nodes for saving energy.

Network Layer

The network layer is predisposed to DOS attack due to various factors, and these include power constraint, sensor node’s computation, and the transmission medium’s broadcast nature. Apart from the threats from DoS, network layer can be attacked by passive monitoring, eavesdropping attacks as well as traffic analysis, and this may compromise its privacy and confidentiality. Data exchange and remote access mechanisms despite being the core functions of the network layer is another reason for the attack.

The communication procedure being followed in IoT is different than the internet as it not restricted only within machine to human. IoT has brought a revolution in the technology world that is communication between machines but there lies a security issue which is compatibility (Farooq et al., 2015). The major difficulty is being faced while using existing network protocols due to heterogeneous nature of the components within the network for producing efficient mechanisms for protection. The attackers can utilize this as an advantage as everything is connected in IoT and the information of users can be accessed by the attackers for misuse or conducting criminal activities (Mahmoud et al., 2015). The protection of network is an essential requirement for IoT but is equally important to protect objects of the network.

Application Layer

The Internet of things lacks global policies and standards that guide the development of devices and their interaction. Therefore, the application layer faces various security issues (Ajay et al., 2011). The interaction between different applications is made more difficult due to diverse authentication mechanisms in their functionality. However, this is as well as privacy measure that safeguards the users’ data. Again the connected devices allow the sharing of volumes of data, and this results in the massive overhead on the applications which improves service availability due to data analysis.

Another security issues that is faced in context to this layer is related to the users like how the interaction will take place between users and IoT applications, who will be using those applications along with it what data will be revealed through those applications and who will have the responsibility of managing those applications (Mishra et al., 2016). The users must have knowledge as well as adapt the use of certain tools so that they have control over the data and they may restrict the disclosure of information.

Threats Facing IoT

Different threats face internet of things. There are various attacks in which these threats are rooted, and these include sinkhole attacks, selective forwarding attacks, wormhole attacks, clone attacks as well as overload denial-of-service attacks (Eastman and Kumar, 2017).

1- Sinkhole Attacks occur if malicious nodes become attractive to the surrounding nodes so that instead of forwarding the packets through the legitimate node, they go through the malicious node.

2- Selective Forwarding Attacks takes place where the malicious node intends to remain the only viable node by forwarding the necessary packets, for example sending control packets only, while dropping packets like data packets as the attacker desires.

Wormhole Attacks occur when two nodes are joined as a consequence of an attacker through an abnormally of an attacker causes two nodes to become joined by a strange attractive link that otherwise would not exist. Subsequently, the attacker takes charge of the routing flow given that this link will be considered as the pathway to other parts of the network by the neighboring nodes.

4- Clone Attacks occur when nodes are incapable of discerning the difference due to copying a node’s relevant attributes to another node. Depending on the position of the clone in the network, packets will be directed to the clone as if it is a legitimate node.

5- Overload Denial-of-Service Attacks takes place when a malicious node directs several packets towards the sink node in the effort of overloading the queue in the sink node and results to the dropping of packets by dint of total resource exhaustion (Chelladhurai et al., 2016). Such an attack has a higher chance of occurring in the Internet of things since an attacker is capable of taking advantage of resource asymmetry.

The fundamental differences between Internet of things and traditional Internet

Internet of things is considered as the next generation of the internet as it allows the connectivity of all sorts of objects. As opposed to the Internet, IoT enables all devices to access networks. The possibility of this to happen is due to the presence of sensor which communicates and support the three pillars-being identifiable, communicate and interact (Sedrati and Mezrioui, 2017). The differences between the two will base on the following technologies:

1- Sensors:

Sensors enable the connectivity of things. The traditional internet devices such as smartphones and PC have a sophisticated electronic system contrary to IoT things whose primary role is never technological.

2- Autonomous “Things”:

In IoT, things are more independent in the sense that they do not require human intervention as is the case of the classical internet devices.

3- The difference in nodes:

IoT has different nodes like (RFID) and WSN whose resource is limited, whereas internet has servers with abundant resources (Jing et al., 2014).

The connections in traditional internet are being done with the help of physical links between different webpages whereas in IoT, for situation detection there is a requirement to initiate combination of data (Ansari et al., 2015). This is appeared in the joining of data as setting based event plans in which a part of the data chooses the particular situation and the other chooses the case itself. There is furthermore a refinement in the motivator to the client. In the regular Internet, the regard stays in taking note of a request that is acted by the customer, all around while chasing down information or starting organizations. In the IoT, the regard is lucky action or notice in light of perceived conditions (Yaqoob et al., 2017). This passes on us to differentiating the best in class in the two domains. The customary Internet is a create advancement; it has models in various domains and web records that one can talk with using trademark languages. The net result is that the usage of the traditional Internet ought to be conceivable by everybody without the need of any specific capacities.

In any case, in the IoT space, the situation is exceptionally remarkable. The regulation effort is simply in its first stages, along these lines, the data compromise is done uncommonly selected and requires skilled programming engineers in order to realize an application. In the IoT region, the condition is undeniably unpleasant (Sood, Yu and Xiang, 2016). The lingos that exist are significantly more low-level in regard to SQL and require a tolerable appreciation of the particular semantics of the tongue. Appropriately, personalization of the application advances toward ending up, a significant part of the time, in every way that is considered not to be possible.

Security Directions for IoT layers

Based on the challenges facing the Internet of things layers, this section will provide directions for IoT security. Typically, an IoT system comprises of three distinct layers facing different security threats, which this section will address through the use of a multi-layered security approach (Andrea, et al., 2015). The approach is structured in a way that it gives optimal layered protection in an IoT system as indicated in table two.

	IoT Physical Layer Security	IoT Network Layer Security	IoT Application Layer Security
a	Secure Booting	Data privacy	Data security
b	Device authentication	Routing security	Access Control Lists (ACLs)
c	Data integrity	Data integrity	Firewalls
d	Data Confidentiality		Anti-virus, Anti-spyware, and Anti-adware
e	Anonymity

Table 2: IoT System Structured Approach

Security measures are required for all the three layers of IoT to ensure data confidentiality and reducing the risks of information misuse or theft by attackers. Countermeasures have to be properly implemented for data gathering in physical layer, for routing and switching or transmission in the network layer and maintenance of confidentiality along with integration and authentication in the application layer (Yu et al., 2015). Some of the security measures that will help to address the existing issues within IoT are presented as below:

Authentication measure: A mutual authentication scheme was presented in the year 2011 for the connection of IoT between platforms and terminal nodes. The schema being presented was based on hashing and feature extraction (Li, Tryfonas and Li, 2016). In the schema, there was combination of feature extraction with hash function so that collision attacks can be prevented and this solution was eventually proved to be an effective authentication measure to be used in IoT.

Establishment of trust: The physical movement of devices in IoT is possible from one owner to another hence there is a requirement that trust is being established between the owners so that smooth transition can occur in terms of access control as well as permissions (Chasaki and Mansour, 2015). A work shows shared trust for between system securities in IoT by influencing a thing to level access-control structure. It develops trust from the creation to action and transmission time of IoT.

Awareness of security: It is one of the important measure that requires involvement of users to ensure success along with growth of IoT framework. The users have to be aware of the operations, communication or interaction procedure that have to be followed while accessing the devices in IoT (Elkhodr, Shahrestani and Cheung, 2016). The awareness of security measures that have to be adapted by the users should be clear so that they are not exploited by the attackers.

Methodology

In this section, the methodology is defined along with various suitable approaches for conducting the research so that the required results can be achieved by the researcher. The process by which determination of the challenges associated with IoT (Internet of Things) are carried out is presented in this section. The philosophy behind the research is also illustrated upon to demonstrate the suitability of such philosophy along with how it will help to conduct the research successfully. The approach that has been followed for conducting this research is also discussed in details to determine the appropriate one so that desired results can be gained by the researcher. The method that is followed by the researcher to collect data about the security issues related to IoT is also discussed along with the procedure for analyzing the collected data. The validity of data have to be checked thoroughly and verified while conducting analysis with the help of secondary data analysis technique.

Research Philosophy

Basically, there are three types of philosophies being followed to conduct researches that are positivism, realism and interpretivism. The philosophy plays an important role in research methodology and it explains the appropriate processes that have to be undertaken for conducting a research successfully to meet the research goal. For any kind of internet based services the security is referred to as a very thing that has the ability the safeguard the IOT processes. IOT technology plays active role for developing smart city, smart home, smart ware etc. In all of these cases it is very much crucial to design a secured system. Due to lack of security mechanism the IOT based system may face serious challenges. With the help of proper research philosophy the security challenges can be easily identified and accordingly mitigated also. Overall it has been found that the research philosophy can determine the accurate manner of obtaining details of the research topic (Mackey and Gass, 2015). In addition to this the research philosophy also helps to explain the process of assumptions that has been undertaken by the researcher. Professional thinking process is referred to as a very important thing for successful processing of the research topic thus it is necessary for the researcher to adopt the most suitable research philosophy. After detail analysis on the key challenges of IOT application, the most suitable research philosophy among interpretivism, positivism and realism has to be selected by the researcher.

Positivism research philosophy is mostly helpful for the logical application additionally it also helps to identify the hidden facts associated to key security challenges of IOT application. Through a scientific manner all the hidden facts can be revealed with the helpful proper application of the most suitable research philosophy (Taylor, Bogdan and DeVault, 2015). All the metaphysics will be rejected for enabling knowledge collection and details observation on key security challenges of IOT system and its application. In order to support complex structures most of the times positivism philosophy is being used. Apart from this, realism research philosophy is a mixture of positivism and interpretivism which is a combination of human belief that helps in studying interaction of the human belief also realities.

Among positivism, realism and interpretivism research philosophies for identifying the key security challenges of IOT mechanism the most suitable research philosophy that the researcher requires to adopt is positivism. With the help of positivism research philosophy a better analysis on the hidden facts will become easier.  

Research Approach

Two different types of research approaches such as deductive and inductive are there. It is expected that with the adoption of proper research approach the researcher will be able to analyze in-depth information. The initial step of the inductive research approach is referred to as observation which helps to obtain related data that helps to build the direction the entire research accordingly (Lewis, 2015). Thus, new theoretical framework cab also be designed, with the help of inductive research approach. The researcher mainly selects the inductive research approach when enough data regarding the research topic are not available to the researcher. For this specific research approach the researcher is needed to choose the inductive approach above the deductive one. On the other hand, the deductive research approach is used for obtaining the process that demonstrates the details practical specifications of the research topic “Security challenges of the IOT system”. Deductive approach aims to build the theory with more specifications than the inductive research approach (Flick, 2015). Thus, it can be said that based on the research details the researcher is needed to select the most suitable approach. Thus, based on the research topic the researcher is required to choose the most suitable approach.

Between deductive and inductive research approaches the researcher is required to choose the deductive approach. It will help the readers to understand the topic details much precisely with a clear manner.  As the inductive approach fails to implement the new concept thus the researcher has nominated the deductive approach to follow.

Research Design

Explanatory, exploratory and descriptive are the research designs and among three of these designs the researcher is required to choose the most suitable one. The outline or framework of this research topic will become clearer if proper design is selected (Silverman, 2016). The pattern of data analysis and information collection will become much practical with the selection of appropriate design. Mainly for the academic research purpose one among three of these designs can be selected by the researchers. In order to acknowledge different kinds of thoughts and ideas the exploratory design is helpful. On the other hand, the occurrences of total events and their corresponding effects can also be highlighted and pointed with accurate design. Due to the mere explanation the penetration details and the cause and effect relationship will become limited (Brinkmann, 2014). On the other hand the descriptive design gives proper description of the research topic.

For this specific research topic the researcher has selected the descriptive design and the exploratory design is avoided because it supports the longitudinal study. The descriptive design is capable of defining the involved process associated to the application. The explanatory design is avoided because it supports the longitudinal studies. However, it is not possible for defining the security challenges with the IOT system. The descriptive design was capable to define the process details those are involves to the key challenges of the IOT security system (Panneerselvam, 2014). With the help of the descriptive design approach the security challenges will be scrutinized successfully.

Data Collection Method 

Data are collection of all useful information those are required to be utilized accurately so that the security challenges associated to the IOT application can be prominently identified. In order to detail research or study of the research topic proper data resources are needed to be identified by the researcher and also accordingly proper data are required to be gathered from the sources (Choy, 2014). For deriving proper technical results, it is the role of the researcher to choose the most suitable data collection process.

Data sources

Two different sorts of data sources such as primary and secondary are available for the researcher and between them the most suitable data source is needed to be selected by the researcher to gather useful data. Those data are to be converted into useful information for its successful application (Dang and Pheng, 2015). In order to gain details of the research topic, it is necessary for the researcher to adopt either the primary or secondary data sources.  In order to collect raw data those are directly catered according to the requirement of the research topic, the primary sources are helpful though the first hand data collection requires proper reliability and validity clarifications.

 On the other hand, for the secondary data collection approaches are used in those cases where the research topic needs more elaboration. For a better study on security challenges of IOT application the researcher is needed to go through secondary data sources (Silverman, 2016). With the secondary data sources deeper analysis will become possible for the researchers.

In case of the primary data collection an interaction session has to be conducted. The interaction session may include the companies who are utilizing the concept of IOT for improving their technical applications. Then again, the writing wellsprings of the exploration subject can be considered as the yield of data got from the optional sources. The instruments of the optional sources incorporate both the disconnected and also online sources, for example, articles, web journals, sites diaries and so forth. (Lewis, 2015). For this particular research theme the essential sources are stayed away from and the auxiliary information gathering techniques will be received by the analyst for effectively directing the examination work.

Data techniques

Two different data techniques such as qualitative and quantitative are there those are widely used by the researchers for the successful identification of the security challenges of IOT mechanism. In order to record, narrative form of records the qualitative data techniques are very helpful as it can add on better and detail descriptions to the research topic. With the practical field more theoretical concept can be added with the help of the qualitative data (Flick, 2015). The researcher will be able to get better and descriptive ideas regarding the topic with the qualitative data techniques.   

On the other hand the quantitative data applies different statistical data those are helpful for recording the data of larger size of samples. For this specific research topic, the qualitative data technique is required to be considered by the researcher to gain valid and reliable information accordingly.

Data Analysis Method

Qualitative Data Analysis (QDA) is referred to as a range of process rather procedure that have been gathered into some kind of explanation, understanding and interpretation of different situation. After reviewing the literature such as journals, articles, blogs etc, the necessary data can be accordingly gathered (Brinkmann, 2014). Basically, this is an interpretative philosophy, which is required to be followed by the researchers to successfully identify the challenges of the IOT mechanism. The QDA process involves two different things in terms of theme identification and writing something in approximately all forms of QDA. The qualitative data analysis technique is more concern about the quality of the study. The qualitative data analysis will be conducted using both the online and offline sources will be properly utilized by the researchers. Proper theoretical framework can be amended to the practical field application with the accurate analytical results that are generated from the qualitative data analysis.   

Ethical Consideration

During the research on the topic “security challenges of IOT mechanism”, certain ethical approaches are required to be considered by the researcher. In order to conduct an error free research work the researchers are needed to keep in mind about certain ethical aspects. If all the ethical perspectives are properly maintained by the researchers then it will be said that the research has met the ultimate goal and objectives (Dang and Pheng, 2015). In order to identify the security challenges of IOT mechanism those are to be considered by the researchers include the below:

Proper data application: The information obtained through the research work should be utilized by the researchers in right field. In order to understand the present trends of security challenges that the users of IOT technology users may face are identified through proper application of the gathered information (Flick, 2015). However, in order to keep the findings bounded within the academic purposes only it is necessary for the researchers to avoid its usability in the commercial application field.

Validation of data: The collected data have to be validated by checking authenticity of the sources. The online or offline sources from which data is collected must have proper validation to ensure that desired outcomes or accurate results are achieved from the research (Dang and Pheng, 2015). The validity of the sources is an essential factor while conducting analysis through secondary data analysis technique.

Verification of data: The researcher must be aware of the sources from which data is being collected as the sources may not be valid or contain proper information. Hence, the collected data have to be verified by checking them with other sources (Dumay and Cai, 2015). The information gathered from the sources can be compared with peer reviewed journals to ensure that collected data is valid and the source is reliable for this research.

It is expected that all the above mentioned ethical perspectives are to be followed professionally by the researchers to conduct the research work successfully with all measurable constants.

Research Limitation

Certain avoidable and non-avoidable restrictions are enlisted by the researchers to obtain proper result regarding the research topic “Security challenges of IOT system”. The area of restricted abilities and scopes are defined while conducting the research topic. For this specific research topic the limitations those are identified include the followings:  

Reliability: The sources from which data is extracted for the research must be authenticated and the sources should have valid information such that the collected data is reliable for the research. Though the users of the IOT mechanism can be biased enough towards the application of the IOT mechanism for technology based improvements which may negatively impact the result of the research topic (Taylor, Bogdan and DeVault, 2015). Thus, it can be said that, wide range of reliability issues are associated to this research topic.

Time constraints: The researcher has faced issues like time limitation due to the cross sectional nature of the study. The research work cannot be successfully conducted within that much short time phase (Choy, 2014). The research work lags few limitations regarding the research topic. The details quality analysis of the research topic could have been improved if SPSS software and some statistical tools are properly utilized by the researchers.  

Findings and Analysis

For reviewing the present plans executed in the IoT publicize, an examination of structures beginning at now open will be performed in this section. The examinations will comparatively fill in as examples of security blueprints, and how to enhance security in this field. The examinations will be based around various utilize cases and specific degrees of progress influencing a buyer's standard regular nearness (Lin et al., 2017). In this segment some reasonable up will be finished in regards to how the outcomes were grabbed, and instantly decide the impacts of the issues. One of the inspirations driving the recommendation was a report introduced by Hewlett Packard on the condition of security related to Internet of Things where it was understood that 80 % of the endeavored gadgets had lacking insistence and furthermore underwriting, 80 % demonstrated confirmation concerns, and 70 % utilized decoded correspondence channels (Ziegeldorf, Morchon and Wehrle, 2014). Looking examination and media reports rapidly backs up these cases with cases, for example, the European standard for sharp cross areas utilizing home-amassed and unpredictable cryptography and BMW utilizing no kind of cryptography in any of their autos, impacting a large number of people far and wide. With the amount of related devices having recently accomplished a couple of billions and continuing to rise, IoT security will impact a growing number of people in the coming years.

Analysis

Familiarizing out of date advancement with the Internet of Things is generally not a shrewd idea. Separating another thing using old, unobtrusive development that has become different updates to encounter with the fresher advances, for instance, Internet organize, exhibited a glaring nonappearance of security. By tuning in the structure's correspondence, it was conceivable to take control of the entire framework by grabbing a solitary pile of any sort (Islam et al., 2015). A gadget is not more remain than its weakest point, and acquainting Internet correspondence with out of date customs and propelling them as the inescapable predetermination of IoT does simply harm the fate of security in IoT. All through the hypothesis, three specific impediments are used to detach devices in IoT from standard work region figuring, and builds up the system for the displayed challenges, specifically the power need, transmission limit essential and getting ready essential (Granjal, Monteiro and Silva, 2015). These essentials will dependably be open in IoT, so how one works around them, and to what degree the gadget is obliged by the contrasting destinations, will depict how a gadget and its security structures are organized and executed.

Analyzing the Fitbit Health Tracker

Fitbit is an American affiliation passing on a degree of human action screens with a practically identical name that was first discharged in 2007, and has since extended to various structures which before long join flourishing watching, heart-rate checking, and telephone cautions. This exploratory area will base on the Fitbit One, discharged in September 2012, which combines estimations, for example, step tally, floor check, dynamic minutes, empty voyaged and calories copied, and rest quality, among others (Andrea, Chrysostomou and Hadjichristofi, 2015). The gadget can be synchronized with the Fitbit web advantage for essential utmost and examination of information. Synchronization is driven utilizing Bluetooth 4.0 either through a flawless moved PDA, or an included USB dongle. The two frameworks for synchronization have some essential complexities. While a cellphone will synchronize the Fitbit of the endorsed client, the dongle will synchronize all Fitbits inside range, and does not require any sort of affirmation. Synchronization through the dongle will be the basic purpose of joining of this area, as it is the all the all the all the more enchanting of the two.

Security: All Fitbits cooperate with the dongle will utilize Bluetooth 4.0 for correspondence between the gadget and the machine. The host machine will then read the information from the Bluetooth dongle, and after that transmit this information to the Fitbit web advantage utilizing TLS with the target that the information cannot be analyzed in development (Perera, Liu and Jayawardena, 2015). While utilizing the Fitbit cell phone application, we can set up an association with a Fitbit gadget that is associated with our record. Right when the telephone and gadget has a working Bluetooth alliance, we can see steady move check from the gadget. When looking information offered between the telephone and the gadget, current impel check information can be seen without more encryption than that given by the Bluetooth affiliation. Regardless, this is in like manner the primary data that is transmitted "decoded", and exactly when there is a working relationship with the device.

Key exchange: The AES encryption inside the Fitbit will require an encryption key that is known both by the Fitbit and the server, with the target that the information can be decoded and found in the web application (Perera, Liu and Jayawardena, 2015). This key can be added to the gadget in two unmistakable courses, either amidst creation by referencing the course to the gadget id, or it can be hovered to the gadget after it has passed on to the purchaser. The setup procedure of another Fitbit gadget begins with establishment of the Fitbit synchronization programming and development of the keep running with USB dongle on a respectable PC. The thing will then request that the client position the gadget as near the dongle as could sensibly be ordinary, and not to have some extraordinary gadgets in close area. In the event that the dongle sees particular gadgets near to (utilizing the Received Signal Strength Indicator (RSSI) respect), the client will be requested to move these gadgets from the dongle (Kumar, Vealey and Srivastava, 2016). As the Bluetooth connection is a conceivable explanation behind assault, the alliance methodology of the gadgets are darkened from the coursed standard. While this makes it harder to utilize uninhibitedly discharged contraptions to break the Bluetooth association, security by unverifiable quality is not viewed as an awesome prosperity effort. The dongle chats with the host PC utilizing serial charges, and propelling itself as a Human Interface Device (HID), this data is undeniably critical, and could uncover the key amidst setup if the key is coursed along these lines. Regardless, ambushing the USB serial correspondence is not seen as the reason for scarcest restriction in the correspondence channel between the Fitbit servers along with devices.

Security Implications: The Fitbit level of trackers are anchored with exceptional on-chip encryption between the contraption and the servers, and besides using strong encryption in the midst of transmission of the mixed data between the PC and server. The security of a customer wearing the Fitbit for the traverse of the day is poor (Bello and Zeadally, 2016). By using a blueprint of horrifying beneficiaries, the circumstance of a customer can be conveyed after and pinpointed down to a little zone. While the security recommendation are not as real as spilling GPS data, the insurance concerns can be as enormous when in closeness to the customer. Recognizing randomized Bluetooth-zones will fathom the security issues in this particular case.

Analyzing the BMW Connected Drive System for Automobiles

Related vehicles are twisting up dynamically average, and they are joining a frequently extending number of highlights over the structure. A German motoring organization together called Allgemeiner Deutscher Automobil-Club (ADAC) found an absence of assurance affecting 2.2 million autos worldwide from BMW, Mini and Rolls Royce utilizing the BMW Connected Drive framework (Chen, 2017). The door locks, headlights and horn could be controlled remotely, the present condition of the auto sensors, for example, GPS zone, current speed and entrance jar state could be seen remotely, the crisis numbers could be changed remotely, and all private system correspondence could be listened stealthily remotely. The on-board PC watched that the information source was one of the BMW servers, yet as IP-satirizing is nicely clear, this is not viewed as satisfactory security.

Security: The security for this circumstance has been in every practical sense non-existent, and has been subject to no one tuning in the versatile framework. Approval of transmitted data have similarly been in every way that really matters non-existent with simply direct IP beginning stage check for affirmation (Singh and Singh, 2015). The auto's sensor information could be investigated and information could be made to the auto over the versatile structure in clear substance. A replay-strike engaged the entries of the auto to be opened and headlights squinted despite various things. The framework moreover thought about adjustment of crisis numbers that would in this manner be called after a misfortune. The standard basic for this alteration ask for was that it started from the IP of a BMW server. Utilizing IP criticizing, a corrupted number could be introduced into the vehicles.

Protection: As the auto's present GPS area was transmitted decoded over the structure, the security proposition could be epic (Singh and Singh, 2015). Despite the manner in which that the autos position is not without a doubt client particular, it will all around give a relative locale, for example, the client's near and dear or work zone.

Security Implications: The GPS zone of the broad number of vehicles could be inspected, having epic results on the affirmation of the client. The entries could be opened remotely, so things set away in the auto could be recovered without sounding the alert of the auto (Singh, Tripathi and Jara, 2014). The crisis numbers could be adjusted so they had could feel that the crisis associations had been accomplished, when in confirmation they were irrefutably not. This issue was settled by BMW by including SSL/TLS through a remote structure restore.

Analysis of the HomeEasy Protocol for Home Automation

The HomeEasy robotization custom is utilized by different gadget producers, for example, Nexa, Byron, Proove and Anslut. The framework depends upon 433.92MHz radios to transmit data between them. The structure is utilized for controlling force plug trades, dimmers, entryway ringers, windows blinds and improvement sensors (Skarmeta, Hernandez-Ramos and Moreno, 2014). The framework use On-Off Keying, an Amplitude Shift Keying technique, to transmit codes to the recipients. The gadgets are connected with the Internet through a focal concentration that upon ask for controls the 433MHz gadgets, or without Internet through neighborhood 433MHz transmitters (light switches) obviously.

Security: The HomeEasy custom works by assigning recipients to transmitters. This is finished by organizing every individual recipient to the transmitter by squeezing keys of the two gadgets, and trading the ID from the transmitter to the specialist remotely. This ID is a 24 bit number, particular to every transmitter (Mukherjee, 2015). Precisely when a beneficiary gets a charge from one of the set away IDs, and its own particular unit code, it will get up to speed with the demand. If not, the demand will be disposed of. The tradition furthermore mulls over one social occasion request to be transmitted by each transmitter. Every gatherer that is consolidated into the social affair request will catch up on the get-together summon request from the set away transmitter ID. The bundle configuration contains 32 bits by and large (for all intents and purposes 64 as all bits are sent unnecessarily).

The fundamental 26 bits are the transmitter ID. This is the ID of the transmitter that should be remarkable for each transmitter for various clients not to encroach with each other. The going with piece is the social event standard, displaying whether this is a party summon or not (Mukherjee, 2015). By then there is the state, indicating whether the gadget ought to be turned on or off. The going with two bits is the gadget code, showing the beneficiary, with the target that individual beneficiaries can be controlled. The last two bits show the estimation of the activity. This can be a darkening worth or the statures of window blinds.

Protection: The security proposal in this framework is close non-existent. The transmitter will pass on an astoundingly identifiable ID when they are utilized, yet transmission occurs tolerably only sometimes stood out from various remote traditions, and since these devices are for the most part used at home, the possible assurance issues are even to a lesser degree a stress (Botta et al., 2016). One could imagine making a point by point guide of a customer's typical illustrations, yet there are other, more open methods for doing such implementations.

Security Implications: The security of these gadgets have updated since they were first acquainted with the market, utilizing a physically addressable, short ID that could definitely be savage obliged as just 256 combinations were accessible, and was a practically identical structure wide for sender and recipient (Botta et al., 2016). The security set up today is up till now not extraordinary, as the ID is the major requirement for an activity to be perceived by the recipient. Home computerization gadgets in context of the Bluetooth or ZigBee convention will for the most part just be uncovered upon key trade, and gives an altogether improved security strategy than what is acknowledged in the HomeEasy custom.

4. Analyzing the Eye-Fi Internet-Connected SD-Card for Digital Cameras

EyeFi is a Secure Digital (SD) card that is particularly connected with towards photography. The SD card contains a remote way and web-server in spite of the normal glimmer gathering. These SD cards come in two unprecedented modifications, one focused towards masters where the card interfaces with a remote structure, and the other focused towards standard buyers that goes about as a base-station for telephones and workstations to associate with (Dorri, Kanhere and Jurdak, 2016). All through this examination, the SD card focused towards standard buyers, called EyeFi Mobi, will be the objective of examination.

Security: The fundamental note one can make is that these cards have utilized WPA encryption for a long time which is viewed as a weaker kind of remote encryption emerged from WPA2. A vocabulary ambush can without a lot of a stretch be used against this kind of framework, with the accomplishment depending upon the multifaceted idea of the key (Dorri, Kanhere and Jurdak, 2016). An ordinary compose scratch for the Mobi SD card is in the going with structure: A52QMKSHVZ.

Privacy: Wi-Fi hosts will have a dubious issue from Bluetooth does, where the gadget is granting a remarkable MAC address that will be settled and traceable. While the transmission control is likely keeping pace with the Bluetooth module, these cards may pass on its system when they pick up control, i.e. precisely when the camera is controlled (Dorri, Kanhere and Jurdak, 2016). Right when the camera is fueled off and anchored in a pocket or rucksack, no traceable data can be gotten, and thus the protection proposition with these gadgets are basically nothing.

Security Implications: As the security of these cards are dependent on a mono-alphabetic substitution-figure scratch age estimation, utilizing the MAC address as scratching material, what began as a respectably secure structure is before long uncertain (Billure, Tayur and Mahesh, 2015). A foe could get enlistment to every single one of the photographs set away on a camera remotely, possibly from a far parcel utilizing a high-get radio wire.

Results and Discussion

The Internet of Things is going up against security challenges that fluctuate perpetually from standard work region preparing, on account of the unique necessities. In this part we demonstrate the fundamental destinations, what challenges they cause, and inconveniences that will surface later on. The inconveniences that are shown merges a portion of the standard difficulties inside IT security, for example, affirmation, underwriting, transparency and portrayal, what's more difficulties, for example, confirmation, comfort, DoS and physical security which are not as distinguishable inconveniences in the more settled PC structures (Stojkoska and Trivodaliev, 2017). While unmistakable factors, for example, mental, cash related, normal and political will impact the predetermination of IoT, and conceivably show different difficulties, this is accepted to be past the level of the speculation.

Discussion 

The present Internet of Things is viewed as outstandingly principal showed up contrastingly in connection to what is hypothetically conceivable. Different gadgets will associate with a telephone going about as a center to a focal server, interface with a stationary home concentration, or interface direct to a focal server. Two or three gadgets will utilize a work engineer related with a middle to talk with a centralized server. Each layer in IoT (Internet of Things) is defined according to their functions as well as services being used by that layer. The opinions in context to the number of layers existing in IoT are different however, as per Abomhara and Koien (2014) along with other researchers, there are mainly three layers that is Perception, Network and Application. Inherent security issues are existing within each layer of IoT and basic architectural framework of IoT has been presented which shows the devices and technologies being used in each layer. In the perception layer of IoT, attack may happen using the Replay attack which is an exploit that is used to break confidentiality and that can be done through spoofing along with alteration or replicating the information of device being connected in IoT. Another attack that may occur in this layer is timing attack in which the attacker can gain access to the encryption key with analysis of time that is required for performing the encryption process (Diaz, Martín and Rubio, 2016). The most common of all approaches of exploitation that can occur in this layer is DoS that is possible by consumption of energy required by IoT nodes and restricting them from sleep mode which is used by the nodes for saving energy. While in network layer, the communication procedure being followed in IoT varies than the internet as it not limited only within machine to human. IoT has brought a revolution in the technology world that is communication between machines but there lies a security issue which is compatibility.

The major difficulty is being faced while using existing network protocols due to heterogeneous nature of the components within the network for producing efficient mechanisms for protection. The attackers can utilize this as an advantage as everything is connected in IoT and the information of users can be accessed by the attackers for misuse or conducting criminal activities (Sfar et al., 2018). The protection of network is an essential requirement for IoT but is equally important to protect objects of the network. Another security issue being faced in the application layer is related to the users like how the interaction will take place between users and IoT applications, who will be using those applications along with it what data will be revealed through those applications and who will have the responsibility of managing those applications. The users must have knowledge as well as adapt the use of certain tools so that they have control over the data and they may restrict the disclosure of information.

Constraints

There are many restricting sections related with security in the Internet of things, the three most perceptible being preparing limit, control basics and data trade constrain necessities, When looked with these requirements, one will rapidly understand that we cannot just utilize a practically identical security joins as are utilized as a bit of work stations without considering how it will impact our gadgets.

The capacity of preparing is ending up less of an issue over the long haul, as constantly speedier chips are conveyed each year (Mineraud et al., 2016). The measure of an effect dealing with execution has on a gadget will be at risk to the kind of gadget. In the event that it is not critical that the gadget is set up to get information or follow up on occasions continually, dealing with rate will not be an issue in such way. Such gadgets will routinely be temperature sensors that transmit on set between times. On the off chance that the chip comprehends that it should transmit sensor respects each X minutes, it will be able to scramble the payload in the midst of every estimation. In any case, it the gadget needs to make up for lost time with specific occasions, for example, improvement and need to report this information reliably, it cannot be submerged with encryption over quite a while. Power necessities are a vital issue with the present Internet of Things (Ho et al., 2016). The gadget's capacity utilize will impact managing pace, data transmission, and temperature or battery life. A comparable number of the gadgets are working with a battery as the guideline vitality source, it is enchanting to have the longest working time conceivable, and in like way low power use. Regardless, the manner by which we take a gander at it, secures information will require expanded power use showed up distinctively in connection to no security, as some kind of calculation is required, and all figuring will gobble up control. Regardless, notwithstanding the way that we consolidate security instruments in the devices, there are various differentiations between what courses of action are realized.

There are clear differentiations amidst different encryption computations, key age figuring’s, propelled check estimations and hashing counts concerning control viability. Moreover, one of a kind chips will in like manner influence how these counts perform. Data transmission is every now and again a remarkable asset in the Internet of things. To coordinate vitality and keep warm waste low, one needs to control the radio for as short measure of time as would be prudent. This surmises one should need to use as high rehash as could be ordinary thinking about the current circumstance, and have as pitiful payload as conceivable to transmit information rapidly (Matharu, Upadhyay and Chaudhary, 2014). Regardless, with higher rehash, the degree of the remote radio declines, and we have to create transmission capacity to transmit information over longer parcels. Then we would lean toward not to squander control by having the flag achieve more far away than should not to strange. One along these lines needs to locate the best convergence point between the pined for speed and range for the particular application relying on payload and accessible power. Encoded data will reliably point a few information exchange limit overhead, yet the impact on the certified package appraise has not been prohibitive starting at as of late, as bundle sizes have been for the most part immense in traditional framework structures.

With customs particularly altered for the Internet of Things, then again, the rate increment in bundle survey is persuading the chance to be restrictive as the package measure is squeezed to indeed the base. Adjusting these three sections is fundamental for any gadget in the Internet of Things (Bi, Da Xu and Wang, 2014). Right now, while spreading out new gadgets, one needs to make tradeoffs, and pick which to make for every particular case: To anchor computational power one can offload managing to focal servers, in any case this will require transmitting more information or more as frequently as would be prudent, accomplishing centrality use by the remote radio instead of the processor. In the event that we rather process the information locally before transmission, we diminish vitality cost in the radio, yet increment preparing and restrict cost in the gadget. To lessen control cost in the radio, one can utilize versatile impact control for the radio, yet this will necessitate possibly also getting ready, and can extend retransmissions due to extended package disaster if the partition or deterrent is outstandingly factor.

Another plan frequently used as a piece of IoT is the possibility of a central focus, dealing with correspondence between two unmistakable frameworks, with diverse objectives. This thought is realized in frameworks with remote sensor as well as home robotization structures among others (Niu et al., 2016). The inside point is routinely not obliged by control, yet rather is not put where there is a prerequisite for the organization, and along these lines constrained by the earth. These middle focuses are for the most part an association between plan association with long range requiring a huge amount of power, similar to cell-structures, parabola-affiliations or Wi-Fi-affiliations, and system association with shorter range, at any rate low power necessities, for example, ZigBee, Z-Wave or Bluetooth Low Energy. In remote sensor systems, gadgets will report their information to within especially, routinely utilizing a sort of work dealing with, and the center will by then forward either orchestrated or ordinary information as far as possible.

Current challenges

The present Internet of Things is seen as amazingly fundamental showed up diversely in connection to what is hypothetically conceivable. Different gadgets will interface with a telephone going about as a center point to a focal server, associate with a stationary home concentration, or interface direct to a focal server. A few gadgets will utilize a work deal with related with an inside point to chat with a focal server (Chen et al., 2015). Amidst this segment, the contrasting present and future inconveniences in IoT are introduced. These are appeared with talks together with the possible result of the test, what their particular destinations are, and the related courses of action that exists.

Approval: Authorization is the show of surrendering access to various parts of the framework just to gadgets that should approach. Supporting a gadget inside IoT have a few difficulties that does not exist in work an area enrolling, where the likelihood of a client with various client names and passwords will be gone into the association a client wishes to utilize. In IoT, the client is not right currently utilizing the gadget through a moved UI (Misra, Maheswaran and Hashmi, 2017). As gadgets are physical, they can be lost or sold to different clients, and in like way the manager of "a solitary gadget approaches a particular client" will not be suitable. The idea inside IoT can all the more plausible be explained as a client utilizing both an association and a gadget, with these three contemplations being particular things, as opposed to a gadget and client being the same from the perspective of the association. Along these lines, the two clients and gadgets need to enroll as clear parts. For this to be conceivable in IoT, one needs to utilize underwriting to particularly depict rights for both the gadget and client.

Verification: The IoT show is developing, and assessing sensibly a more unmistakable measure of both our own specific and open life and the earth around us. The expanded hoarding of information is overhauling our capacity to settle on choices from hard information, where there before was none. In any case, the outcomes of polluted or lost information can be remarkable, and can instigate choices that outcomes in a more shocking result than if there were no information to construct the choice in light (Yan, Zhang and Vasilakos, 2014). Information got from an embraced gadget probably will not be the information that the transmitting gadget sent. If a foe going up against the presence of an affirmed device were to keep an eye on the correspondence channel and modify data in the midst of movement, we would not have the ability to distinguish the change, and along these lines recognize the data as right. This could in a couple of conditions hugely influence the system, dependent upon the sort of information that is conveyed.

Availability: To guarantee criticalness, IoT gadgets do not customarily hold an unfaltering association with a system, and will reliably enter a "resting" state for longer time ranges, subordinate upon their use case. To the degree security, this can be an issue with respect to restoring security parameters (e.g. cryptographic keys), and remote viewing. Right when a possibly revolt focus point enters a confided in mastermind, either all inside focuses or a focal comfort should be startled of the break (Da Xu, He and Li, 2014). With rest cycles as long as days, it will set aside a long opportunity to alert trade focus focuses. Subordinate upon the break, the foe can shield the alarm from instigating to trade focus focuses when they are woken up through system or physical triggers, when they wake up free from some other individual, or shield the caution from achieving the focal help.

Absence of Multi-layer security: tying down a device on various layers of the Open Systems Interconnection (OSI) stack will demonstrate included security layers in the event that one of substitute layers ought to be broken. In the event that a gadget is physically dashed behind an entry, an idea of security is presented in the physical layer. This physical layer security will broaden the square for a foe to increment physical force of the gadget, a critical piece of the chance to such an extent, to the point that physical break is farfetched (Jararweh et al., 2015). In the interim, physical control of a gadget can be viewed in general break, as all set away information and keys are accessible either in encoded or decoded diagram. Unmistakable techniques for anchoring the physical layer, for example, epoxying the chips and including a change sensor are finished in gadgets, in any case with moving level of accomplishment in giving obstruction against an enemy. Security on the application level will catch the gadget on an essentially more raised whole. Mooring the application layer is keeping pace with the lower layers of the stack both to the degree potential information accident and validity of break. Encoding set away and transmitted information locally on the gadget or mooring the web interface of the gadget from Cross Site Scripting (XSS) are examples of central application layer security executed in gadgets. Scrambling information on the application level before transmitting over a secured affiliation will guarantee that the information is kept private, paying little notice to whether an adversary is to break the structure layer security. This is what was found while isolating the Fitbit tracker in the examination (Rose, Eldridge and Chapin, 2015). As it was certainly not hard to inspect the information between the two system transmissions (Bluetooth and Ethernet), every single one of the information would have been uncovered, had it not been for how the information was encoded on the application level. While the likelihood of the gadget being physically broken is higher inside IoT than in other planned PC frameworks, it is correspondingly less possible to hook these at a physical level. Sensoring focus focuses are as frequently as conceivable put straightforwardly spaces and inside sight, for instance in structures or carried on a man, which makes them a verifiable objective. Joining improvement markers for exasperating is reliably too much expensive, or inconceivable because of natural limitations.

Unintended utilizations: While standard work stations have been utilized as a bit of a to some degree controlled, standard path, gadgets inside the Internet of Things can be utilized as a bit of ways that was not at first proposed by the creator. To make things as clear as could sensibly be ordinary, makers frequently just breaker security suited for their particular utilize case, as setting up solid encryption routinely adds to the startup-cost for the client (Al-Fuqaha et al., 2015). Sound and video frameworks routinely bars an extensive variety of security in their things, and depend upon a current moored orchestrate. A case that one routinely finds is bars and other open scenes that utilization contrasting media frameworks at first proposed for private utilize. It is beginning to wind up standard for bars and cafes to give a remote structure to clients, as an additional association. Precisely when clients out of the blue approach the setting's structure, the security that all the contrasting media frameworks depend upon is all of a sudden gone. Dealt with speakers, for example, the Sonos framework [Son] just requires the client to have an application introduced on their cell phone for them to gain power of the settings music, and furthermore the aggregate of their related records, for example, Spotify, Google Music, Tidal, Deezer, etc. (Moosavi et al., 2016). This issue might be more average than one may might speculate, as this has been the circumstance a couple of spots, where we were immediately arranged to control the music at standard scenes in the wake of finding that the sound structure was made by Sonos. The nonappearance of security in for all intents and purposes all Bluetooth-empowered sound frameworks legitimizes saying here, at any rate after a short time it radiates an impression of being a significant number individuals grasp that the whole nonattendance of security makes an obvious issue, as these structures are now and again experienced in pubic settings.

Future challenges

One ought to be ready when endeavoring to imagine the unavoidable fate of IoT, as the future can take diverse heading. We can securely expect that managing cutoff will be broadened veered from cost or size of gadgets as this is an illustration that has been progressing for a long time, and does not appear to change whenever within the near future (Lake et al., 2014). There are different conceivable uses for this computational expansion that will impact the inescapable predetermination of IoT. Diminished size can drive IoT forward in the medicinal business, reduced cost can amass the measure of gadgets in the Internet of Things, the broadened methodology most distant point can be utilized for security instruments, or neighborhood pre-preparing before achieving the focal server. One of the conceivable dreams is to diminish the vitality of a focal server, dependent upon all the specific gadgets taking obviously and doing neighborhood dealing with on information.

Another is to affect the focal server stunningly to a more unmistakable degree a concentration to inspiration driving the Internet of Things, by utilizing every single open datum to make guesses for the client. Different minor departure from these two predeterminations are likely more sensible. From a business viewpoint, one is periodically animated by acquiring information from its client, so a focal database will at show be a piece unbounded of IoT (Mumtaz et al., 2017). Whatever the future brings, we can securely expect that the measure of gadgets will increment, and thusly obstruction and structure crash will be an expanding issue.

Conclusion and Recommendations

Conclusion

The structure of IoT is defenseless against strikes that may occur in the different layers; from this time forward there are various security troubles and necessities that ought to be tended to. Energy state of research in IoT is in a general sense based on approval and access control traditions, yet with the snappy progress of advancement it is fundamental to combine new frameworks association customs like IPv6 along with 5G for accomplishing dynamic blend of the topology of IoT. The authentic degrees of progress saw in IoT are on a very basic level on little scale i.e. inside affiliations, a few undertakings and so on. The IoT can change the manner by which we live today. By and by, the focal worry in certification of completely competent systems is security. In the event that security concerns like confirmation, insurance, endorsement, get the chance of control, security on an end-to-end basis, association for trust, generally speaking techniques and norms are tended to totally, it can be witnessed that the distinction in all by IoT inside the not so distant future. Hence, it is essential to grasp a new prominent affirmation, remote, programming, and equipment types of progress to choose the before long open challenges in research related to IoT similar to the measures for diverse gadgets, utilization of vital association as well as character foundation structures, and trust association center core interests.

The security in IoT is overseen by different components along with security standards examined already, and the inconveniences that are looked by IoT security has been the purpose of merging of different specialists. Here, an examination of some interrelated work is appeared besides the commitment of this research study has been shown. In a paper review by various authors, an isolated presentation around IoT and major issues with security close-by the essential IoT benchmarks have been reflected. Regardless, no strategies have suited the identified challenges with security. This work was trailed by the graph examination in which countermeasures are obliged all security challenges. Regardless, by and large game-plans for secures IoT and computational assets of security strategies with respect to gadgets are not given. The work endeavors to depict the issues being faced at different layers of IoT with assured prosperity attempts. By the way, no arrangement is given apart from encryption at the network layer. The examination indicated reports the risks related to security, difficulties, fundamentals besides that the present condition of-craftsmanship countermeasures for just a single security highlight of access control. In this work, IoT security to the degree the basic rules of security like assurance, uprightness, and receptiveness are tended to in a way. The producers recommended two-push support utilizing biometrics which is not material if there should be an occurrence of communication between machines. The proposed actions are not undeniable and do not takes into account the particular idea of IoT in context to low power diverse gadgets alongside colossal structure improvement.

A nice review for IoT along with Web of Things (WoT) and Social Web of Things (SWoT) has been exhibited in this paper, where the issues of security, mitigation strategies and other potential study has been reflected. In study presented with this research, the difficulties of security alongside necessities then condition of-workmanship procedures besides research has been given supplement on utilizing the most recent system customs like IPv6 along with 5G to besides point out the measures for IoT security. The study has also presented the condition of craftsmanship advances to stay many outfit countermeasures has been demonstrated by IoT to switch up to different challenges faced due to security, a liberal bit of them are kept for authentication, character establishment, and functionalities to support access control. RISP that is Remote Internet Service Provider along with RADIUS are prevailing responses to provide insistence and endorsing in IoT by systems for Wi-Fi being used to access the Internet. In the present day, numerous sharp gadgets strengthen IPv6 correspondences, at any rate the present approaches in IoT in all probability will not bolster it, and in this way requires unrehearsed doors and middleware's. The examination demonstrates that challenges related to open research are available to accomplish joined freedom in terms of IoT gadgets by incorporating a Management Hub that deals with obvious proof of issues with communication in context to IoT.

Recommendations

Many changes has been seen in IoT since the beginning, late in the locales of stages of Telemedicine, systems for Intelligent Transportation along with Monitoring of logistics and systems for Pollution Monitoring. Two or three inspectors even accept that the concept of IoT will enlarge up to about 26 billion units in future by the year 2020. Regardless, the challenges identified in context to security in IoT should be considered as how to accomplish its headway and change. Given underneath are future heading for investigate with a particular true objective to make the IoT perspective more secure. Each inquiry in the IoT must have the ability to obviously recognize and approve diverse things. In any case, this method can be to a great degree testing an aftereffect of the possibility of the IoT; various components are incorporated (devices, people, organizations, authority associations and getting ready units) and one other thing is that once in a while dissents may need to work together with others out of nowhere. In light of this, an instrument to for the most part attest segments in each relationship in the IoT is required. Lightweight courses of action are an emerging security consolidate that is shown on account of the snags in computational as well power limits of the various gadgets related with IoT. As the checks have to keep on running on various IoT gadgets within constrained points of confinement, so they should be perfect with the gadget limits.

Architecture Standards: IoT right at present uses different gadgets, associations, and customs to accomplish a common objective. Notwithstanding, to compose a game plan of IoT structures to accomplish a more noticeable structure, for instance, to layout a sharp town by the tradeoff of numerous adroit homes, there should be a strategy of principles that ought to be taken after from the more diminutive scale to full scale points in context to the implementation of IoT. Nowadays, the need of IoT is all around depicted arrangement measures including information prototypes, mockup designs and customs that are able to fortify a wide-ranging collection of people, gadgets, and tongues as well as working structures.

Personality Management: The association of identity in IoT is done by trading perceiving data among the equipment for alliancing in the first time. This strategy is presented to tuning in which can incite man-in within assault, and in like way can imperil the entire IoT structure. In this way, there should be some predefined personality association substance or center point that is able to screen the arrangement of communications between different gadgets with the application of cryptography along with different systems for mitigating the issues of data leakage or misuse.

Session Layer: As shown by most examiners, the working of IoT in three layers do not support the initial, shutting along with dealing for a session among two things. Along these lines, conventions are required that are able to mitigate the identified issues as well as empower the communication in between various gadgets. A speculative layer that is session have to be incorporated as an additional layer in framework of IoT that is capable of dealing with the affiliations, conventions alongside sessions while communication occurs between various devices.

5G Protocol: To comprehend the execution of IoT, there is a need of IPv4 for obliging the massive amounts of IPidentifiable things. It is the main inspiration driving the people to move towards IPv6, which can reinforce 3.4x1038 devices. In any case, such number will make tremendous measure of movement, which can provoke more put off and in this way more information transmission is required. 5G will be able to deal with the activity being performed by the gadgets associated with IoT. Notwithstanding, every one of these types of progress run with their individual particular challenges of security. In addition, dispersed enlisting and SDNs will develop the measures of DDoS assaults because of the On-Demand Self-Service commonplace for appropriated handling. Notwithstanding the manner in which that the check and security of SDN have been tended to by having a decentralized control of certification utilizing client subordinate security setting, the security of 5G and all the making advances attracted with 5G must be by and large watched out for, so as to guarantee the security in IoT.

References

Abomhara, M. and Køien, G.M. (2014), May. Security and privacy in the Internet of Things: Current status and open issues. In Privacy and Security in Mobile Systems (PRISMS) (2014) International Conference on (pp. 1-8). IEEE.

Abomhara, M. and Køien, G.M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4(1), pp.65-88.

Adat, V. and Gupta, B.B. (2018). Security in Internet of Things: issues, challenges, taxonomy, and architecture. Telecommunication Systems, 67(3), pp.423-441.

Ahmed, E., Yaqoob, I., Gani, A., Imran, M. and Guizani, M. (2016). Internet-of-things-based smart environments: state of the art, taxonomy, and open research challenges. IEEE Wireless Communications, 23(5), pp.10-16.

Ajay Vikram Singh, Bani Singh, M. Afshar Alam. (2011) “Issues and Challenges associated with Secure QoS aware Routing in MANETs,” International Journal of Research and Reviews in Ad Hoc Networks (IJRRAN), Vol. 1, No. 3, pp.73-76, ISSN: 2046-5106, Science Academy Publisher, United Kingdom.

Ajay Vikram Singh, Vandana Juyal, Ravi Saggar (n.d). “Trust-based Intelligent Routing Algorithm for Delay Tolerant Network Using Artificial Neural Network,” Wireless Networks (WINE), Springer publication, US, Volume-22, Issue-135 pp 1-10.

Alaba, F.A., Othman, M., Hashem, I.A.T. and Alotaibi, F. (2017). Internet of things security: A survey. Journal of Network and Computer Applications, 88, pp.10-28.

Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M. and Ayyash, M. (2015). Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys and Tutorials, 17(4), pp.2347-2376.

Alioto, M. ed. (2017). Enabling the Internet of Things: From Integrated Circuits to Integrated Systems. Springer.

Alrawais, A., Alhothaily, A., Hu, C. and Cheng, X. (2017). Fog computing for the internet of things: Security and privacy issues. IEEE Internet Computing, 21(2), pp.34-42.

Alur, R., Berger, E., Drobnis, A.W., Fix, L., Fu, K., Hager, G.D., Lopresti, D., Nahrstedt, K., Mynatt, E., Patel, S. and Rexford, J. (2016). Systems computing challenges in the Internet of Things. arXiv preprint arXiv:1604.02980.

Amadeo, M., Campolo, C., Quevedo, J., Corujo, D., Molinaro, A., Iera, A., Aguiar, R.L. and Vasilakos, A.V. (2016). Information-centric networking for the internet of things: challenges and opportunities. IEEE Network, 30(2), pp.92-100.

Andrea, I., chrysostomou, .C. and Hadjichristofi, G. (2015). Internet of Things: Security Vulnerabilities and challenges. S.I., The 3rd IEEE ISCC 2015 International Workshop on Smart City and Ubiquitous Computing Applications.

Andrea, I., Chrysostomou, C. and Hadjichristofi, G. (2015), July. Internet of Things: Security vulnerabilities and challenges. In Computers and Communication (ISCC) (2015) IEEE Symposium on (pp. 180-187). IEEE.

Ansari, A.N., Sedky, M., Sharma, N. and Tyagi, A. (2015), January. An Internet of things approach for motion detection using Raspberry Pi. In Intelligent Computing and Internet of Things (ICIT) (2014) International Conference on (pp. 131-134). IEEE.

Atzori, L., Iera, A., and Morabito, G. (2010). The Internet of Things: a survey. Computer Networks, 54(15), 2787–2805.

Bello, O. and Zeadally, S. (2016). Intelligent device-to-device communication in the internet of things. IEEE Systems Journal, 10(3), pp.1172-1182.

Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, (2), pp.76-79.

Bertino, E., Choo, K.K.R., Georgakopolous, D. and Nepal, S. (2016). Internet of Things (IoT): Smart and secure service delivery. ACM Transactions on Internet Technology (TOIT), 16(4), p.22.

Bi, Z., Da Xu, L. and Wang, C. (2014). Internet of things for enterprise systems of modern manufacturing. IEEE Transactions on industrial informatics, 10(2), pp.1537-1546.

Billure, R., Tayur, V.M. and Mahesh, V. (2015), June. Internet of Things-a study on the security challenges. In Advance Computing Conference (IACC) (2015) IEEE International (pp. 247-252). IEEE.

Borgohain, T., Kumar, U. and Sanyal, S. (2015). Survey of security and privacy issues of internet of things. arXiv preprint arXiv:1501.02211.

Botta, A., De Donato, W., Persico, V. and Pescapé, A. (2016). Integration of cloud computing and internet of things: a survey. Future Generation Computer Systems, 56, pp.684-700.

Bradley, D., Russell, D., Ferguson, I., Isaacs, J., MacLeod, A. and White, R. (2015). The Internet of Things–The future or the end of mechatronics. Mechatronics, 27, pp.57-74.

Brinkmann, S. (2014). Interview. In Encyclopedia of critical psychology (pp. 1008-1010). Springer New York.

Bugeja, J., Jacobsson, A. and Davidsson, P. (2016), August. On privacy and security challenges in smart connected homes. In Intelligence and Security Informatics Conference (EISIC) (2016) European (pp. 172-175). IEEE.

Cai, H., Xu, L., Xu, B., Xie, C., Quin, S., and Jiang, L. (2014), “It-Based Configurable Information Service Platform for Product Lifecycle Management, “Industrial Informatics, IEEE Transactions on, Vol. 10, No. 2, pp. 1558-1567.

Chasaki, D. and Mansour, C. (2015). Security challenges in the internet of things. International Journal of Space-Based and Situated Computing, 5(3), pp.141-149.

Chen, E.T. (2017). The Internet of Things: Opportunities, Issues, and Challenges. In The Internet of Things in the Modern Business Environment (pp. 167-187). IGI Global.

Chen, F., Deng, P., Wan, J., Zhang, D., Vasilakos, A.V. and Rong, X. (2015). Data mining for the internet of things: literature review and challenges. International Journal of Distributed Sensor Networks, 11(8), p.431047.

Chen, Y., Han, F., Yang, Y. –H., Ma, H., Han, Y., Jiang, C., Lai, H.-Q., Claffey, D., Safar, Z., and Liu, K.R. (2014), “ Internet of Things Journal, IEEE, Vol.1, No. 1, pp. 81-98.

Chiang, M. and Zhang, T. (2016). Fog and IoT: An overview of research opportunities. IEEE Internet of Things Journal, 3(6), pp.854-864.

Choi, J., Li, S., Wang, X., and Ha, J. (2012), “A General Distributed Consensus Algorithm for Wireless Sensor Networks, “Wireless Advanced (WiAd), 2012, London, United Kingdom: IEE, pp. 16-21.

Choy, L.T. (2014). The strengths and weaknesses of research methodology: Comparison and complimentary between qualitative and quantitative approaches. IOSR Journal of Humanities and Social Science, 19(4), pp.99-104.

Conti, M., Dehghantanha, A., Franke, K. and Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities.

Da Xu, L., He, W. and Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on industrial informatics, 10(4), pp.2233-2243.

Dang, G. and Pheng, L.S. (2015). Research methodology. In Infrastructure Investments in Developing Economies (pp. 135-155). Springer, Singapore.

Daqiang Zhang, Laurence T. Yang, Hongyu Huang. (2011) “Searching in the Internet of Things: Vision and challenges, “Parallel and Distributed Processing with Applications (ISPA) 2011 IEEE 9th International Symposium on 2011.

Darwish, A., Hassanien, A.E., Elhoseny, M., Sangaiah, A.K. and Muhammad, K. (2017). The impact of the hybrid platform of internet of things and cloud computing on healthcare systems: Opportunities, challenges, and open problems. Journal of Ambient Intelligence and Humanized Computing, pp.1-16.

Dastjerdi, A.V. and Buyya, R. (2016). Fog computing: Helping the Internet of Things realize its potential. Computer, 49(8), pp.112-116.

Díaz, M., Martín, C. and Rubio, B. (2016). State-of-the-art, challenges, and open issues in the integration of Internet of things and cloud computing. Journal of Network and Computer Applications, 67, pp.99-117.

Dohr, A., Modre-Opsrian, R., Drobics, M., Hayn, D., and Schreier, G. (2010). The Internet of Things for Ambient Assisted Living. Proceedings of the Seventh International Conference on Information Technology: New Generations (ITNG).

Dorri, A., Kanhere, S.S. and Jurdak, R. (2016). Blockchain in internet of things: challenges and solutions. arXiv preprint arXiv:1608.05187.

Dumay, J. and Cai, L. (2015). Using content analysis as a research methodology for investigating intellectual capital disclosure: a critique. Journal of Intellectual Capital, 16(1), pp.121-155.

Eastman, D. and Kumar, S. A. (2017). A Simulation Study to Detect Attacks on the Internet of Things. S.l., IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and computing and Cyber Science and Technology Congress.

Eastman, D. and Kumar, S. A. (2017). A Simulation Study to Detect Attacks on the Internet of things. S.l., IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress

Elkhodr, M., Shahrestani, S. and Cheung, H. (2016). The Internet of Things: new interoperability, management and security challenges. arXiv preprint arXiv:1604.04824.

Elmaghraby, A.S. and Losavio, M.M. (2014). Cyber security challenges in Smart Cities: Safety, security and privacy. Journal of advanced research, 5(4), pp.491-497.

Farooq, M.U., Waseem, M., Khairi, A. and Mazhar, S. (2015). A critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications, 111(7).

Farooq, M.U., Waseem, M., Mazhar, S., Khairi, A. and Kamal, T. (2015). A review on Internet of Things (IoT). International Journal of Computer Applications, 113(1), pp.1-7.

Fielding, R.T., and Taylor, R.N. (2002), “Principled Design of the Modern Web Architecture, “ ACM Transactions on Internet Technology (TOIT), Vol. 2, No. 2, pp. 115-150.

Fink, G.A., Zarzhitsky, D.V., Carroll, T.E. and Farquhar, E.D. (2015), June. Security and privacy grand challenges for the Internet of Things. In Collaboration Technologies and Systems (CTS) (2015) International Conference on (pp. 27-34). IEEE.

Flick, U. (2015). Introducing research methodology: A beginner's guide to doing a research project. Sage.

Florea, I., Ruse, L., C. and Rughinis, R. (2016). Challenges in Security in the Internet of Things. Bucharest Romania.

Granjal, J., Monteiro, E. and Silva, J.S. (2015). Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys and Tutorials, 17(3), pp.1294-1312.

Guerrero-Ibanez, J.A., Zeadally, S. and Contreras-Castillo, J. (2015). Integration challenges of intelligent transportation systems with connected vehicle, cloud computing, and internet of things technologies. IEEE Wireless Communications, 22(6), pp.122-128.

Hassanalieragh, M., Page, A., Soyata, T., Sharma, G., Aktas, M., Mateos, G., Kantarci, B. and Andreescu, S. (2015), June. Health monitoring and management using Internet-of-Things (IoT) sensing with cloud-based processing: Opportunities and challenges. In 2015 IEEE international conference on services computing (SCC) (pp. 285-292). IEEE.

Ho, G., Leung, D., Mishra, P., Hosseini, A., Song, D. and Wagner, D. (2016), May. Smart locks: Lessons for securing commodity internet of things devices. In Proceedings of the 11th ACM on Asia conference on computer and communications security (pp. 461-472). ACM.

Hossain, M.M., Fotouhi, M. and Hasan, R. (2015), June. Towards an analysis of security issues, challenges, and open problems in the internet of things. In Services (SERVICES) (2015) IEEE World Congress on (pp. 21-28). IEEE.

Huckle, S., Bhattacharya, R., White, M. and Beloff, N. (2016). Internet of things, blockchain and shared economy applications. Procedia computer science, 98, pp.461-466.

Hwang, Y.H. (2015), April. Iot security and privacy: threats and challenges. In Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security (pp. 1-1). ACM.

Iotamy.com. (2018). Sensors are the key to IoT. [online] Available at: https://www.iotamy.com/IoT_Sensors [Accessed 4 Aug. 2018].

Islam, S.R., Kwak, D., Kabir, M.H., Hossain, M. and Kwak, K.S. (2015). The internet of things for health care: a comprehensive survey. IEEE Access, 3, pp.678-708.

Challadhurai, P.R Chelliah, and S.A. Kumar. (2016). “ Securing Docker Containers from Denial of Service (DoS) Attacks, in Proceedings of 2016 IEEE (2016)

Jararweh, Y., Al-Ayyoub, M., Benkhelifa, E., Vouk, M. and Rindos, A. (2015). Sdiot: a software defined based internet of things framework. Journal of Ambient Intelligence and Humanized Computing, 6(4), pp.453-461.

Jing, Q., Vasilakos, A.V., Wan, J., Lu, J. and Qiu, D. (2014). Security of the Internet of Things: perspectives and challenges. Wireless Networks, 20(8), pp.2481-2501.

Kshetri, N. (2017). Can blockchain strengthen the internet of things?. IT Professional, 19(4), pp.68-72.

Kumar, S.A., Vealey, T. and Srivastava, H. (2016), January. Security in internet of things: Challenges, solutions and future directions. In System Sciences (HICSS) (2016) 49th Hawaii International Conference on (pp. 5772-5781). IEEE.

Lake, D., Milito, R., Morrow, M. and Vargheese, R. (2014). Internet of things: Architectural framework for ehealth security. J. ICT Stand, 1(3), pp.301-328.

Laplante, P.A. and Laplante, N. (2016). The internet of things in healthcare: Potential applications and challenges. IT Professional, (3), pp.2-4.

Lee, I. and Lee, K. (2015). The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 58(4), pp.431-440.

Lewis, S. (2015). Qualitative inquiry and research design: Choosing among five approaches. Health promotion practice, 16(4), pp.473-475.

Li, S., Da Xu, L. and Zhao, S. (2015). The internet of things: a survey. Information Systems Frontiers, 17(2), pp.243-259.

Li, S., Tryfonas, T. and Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), pp.337-359.

Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H. and Zhao, W. (2017). A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal, 4(5), pp.1125-1142.

Lui, J., Li, X., Chen, X., Zhen, Y., and Zeng, L. (2011). Applications of the Internet of Things on the Smart grid in China. Proceedings of the 13th International Conference on Advanced Communication Technology (ICACT).

Mackey, A. and Gass, S.M. (2015). Second language research: Methodology and design. Routledge.

Mahmoud, R., Yousuf, T., Aloul, F. and Zualkernan, I. (2015), December. Internet of things (IoT) security: Current status, challenges and prospective measures. In Internet Technology and Secured Transactions (ICITST) (2015) 10th International Conference for (pp. 336-341). IEEE.

Malina, L., Hajny, J., Fujdiak, R. and Hosek, J. (2016). On perspective of security and privacy-preserving solutions in the internet of things. Computer Networks, 102, pp.83-95.

Mario Weber, M. (2016). Security Challenges of the Internet of the Things. Opatija, Croatia.

Matharu, G.S., Upadhyay, P. and Chaudhary, L. (2014), December. The internet of things: Challenges and security issues. In Emerging Technologies (ICET) (2014) International Conference on (pp. 54-59). IEEE.

Mavromoustakis, C.X., Mastorakis, G. and Batalla, J.M. eds. (2016). Internet of Things (IoT) in 5G mobile technologies (Vol. 8). Springer.

Mehmood, Y., Ahmad, F., Yaqoob, I., Adnane, A., Imran, M. and Guizani, S. (2017). Internet-of-things-based smart cities: Recent advances and challenges. IEEE Communications Magazine, 55(9), pp.16-24.

Mineraud, J., Mazhelis, O., Su, X. and Tarkoma, S. (2016). A gap analysis of Internet-of-Things platforms. Computer Communications, 89, pp.5-16.

Miorandi, D., Sicari, S., De Pellegrini, F., and Chlamtac, I. (2012). Internet of Things: Vision Applications and research challenges. Ad Hoc Networks, 10(7), 1497-1516.

Mishra, D., Gunasekaran, A., Childe, S.J., Papadopoulos, T., Dubey, R. and Wamba, S. (2016). Vision, applications and future challenges of Internet of Things: A bibliometric study of the recent literature. Industrial Management and Data Systems, 116(7), pp.1331-1355.

Misra, S., Maheswaran, M. and Hashmi, S. (2017). Security challenges and approaches in internet of things. Springer International Publishing.

Moosavi, S.R., Gia, T.N., Nigussie, E., Rahmani, A.M., Virtanen, S., Tenhunen, H. and Isoaho, J. (2016). End-to-end security scheme for mobility enabled healthcare Internet of Things. Future Generation Computer Systems, 64, pp.108-124.

Mosenia, A. and Jha, N.K. (2017). A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing, 5(4), pp.586-602.

Mukherjee, A. (2015). Physical-layer security in the internet of things: Sensing and communication confidentiality under resource constraints. Proceedings of the IEEE, 103(10), pp.1747-1761.

Mukhopadhyay, S.C. and Suryadevara, N.K. (2014). Internet of things: Challenges and opportunities. In Internet of Things (pp. 1-17). Springer, Cham.

Mumtaz, S., Alsohaily, A., Pang, Z., Rayes, A., Tsang, K.F. and Rodriguez, J. (2017). Massive Internet of Things for industrial applications: Addressing wireless IIoT connectivity challenges and ecosystem fragmentation. IEEE Industrial Electronics Magazine, 11(1), pp.28-33.

Ni, J., Zhang, K., Lin, X. and Shen, X.S. (2017). Securing fog computing for internet of things applications: Challenges and solutions. IEEE Communications Surveys and Tutorials, 20(1), pp.601-628.

Ning, H. (2016). Unit and ubiquitous internet of things. CRC press.

Ning, H., Liu, H. and Yang, L. (2015). Aggregated-proof based hierarchical authentication scheme for the internet of things. IEEE Transactions on Parallel and Distributed Systems, (1), pp.1-1.

Niu, J., Jin, Y., Lee, A.J., Sandhu, R., Xu, W. and Zhang, X. (2016), June. Panel security and privacy in the age of Internet of Things: Opportunities and challenges. In Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies (pp. 49-50). ACM.

Panneerselvam, R. (2014). Research methodology. PHI Learning Pvt. Ltd..

Perera, C., Liu, C.H. and Jayawardena, S. (2015). The emerging internet of things marketplace from an industrial perspective: A survey. IEEE Transactions on Emerging Topics in Computing, 3(4), pp.585-598.

Puthal, D., Nepal, S., Ranjan, R. and Chen, J. (2016). Threats to networking cloud and edge datacenters in the internet of things. IEEE Cloud Computing, 3(3), pp.64-71.

Jing, A.V. Vasilakos, J. Wan J. Lu, D. Quiv. (2014) “Security of the Internet of Things: perspectives and challenges.” Volume 20, issue 8, pp. 2481-2507. Wireless Networks.

Qi, Jing, A.V. Vasilakos, J. Wan J. Lu, D. Quiv. (2014). The Internet of Things: A Security Point of View. Springer Science, P. 2.

Rose, K., Eldridge, S. and Chapin, L. (2015). The internet of things: An overview. The Internet Society (ISOC), pp.1-50.

Sadeghi, A.R., Wachsmann, C. and Waidner, M. (2015), June. Security and privacy challenges in industrial internet of things. In Design Automation Conference (DAC) (2015) 52nd ACM/EDAC/IEEE (pp. 1-6). IEEE.

Saha, H.N., Mandal, A. and Sinha, A. (2017), January. Recent trends in the Internet of Things. In Computing and Communication Workshop and Conference (CCWC) (2017) IEEE 7th Annual (pp. 1-4). IEEE.

Sain, M., Kang, Y.J. and Lee, H.J. (2017), February. Survey on security in Internet of Things: State of the art and challenges. In Advanced Communication Technology (ICACT) (2017) 19th International Conference on (pp. 699-704). IEEE.

Sajid, A., Abbas, H. and Saleem, K. (2016). Cloud-assisted IoT-based SCADA systems security: A review of the state of the art and future challenges. IEEE Access, 4, pp.1375-1384.

Samaila, M.G., Neto, M., Fernandes, D.A., Freire, M.M. and Inácio, P.R. (2017). Security challenges of the Internet of Things. In Beyond the Internet of Things (pp. 53-82). Springer, Cham.

Sedrati, A. and Mezrioui, A. (2017). Internet of Things Challenges: A focus on Security aspects. Rabat, Morocco, 8th International Conference on Information and Communication Systems (ICICS).

Sfar, A.R., Natalizio, E., Challal, Y. and Chtourou, Z. (2018). A roadmap for security challenges in the Internet of Things. Digital Communications and Networks, 4(2), pp.118-137.

Sha, K., Wei, W., Yang, T.A., Wang, Z. and Shi, W. (2018). On security challenges and open issues in Internet of Things. Future Generation Computer Systems, 83, pp.326-337.

Sicari, S., Rizzardi, A., Grieco, L.A. and Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer networks, 76, pp.146-164.

Silverman, D. ed. (2016). Qualitative research. Sage.

Singh, D., Tripathi, G. and Jara, A.J. (2014), March. A survey of Internet-of-Things: Future vision, architecture, challenges and services. In Internet of things (WF-IoT) (2014) IEEE world forum on (pp. 287-292). IEEE.

Singh, S. and Singh, N. (2015), October. Internet of Things (IoT): Security challenges, business opportunities and reference architecture for E-commerce. In Green Computing and Internet of Things (ICGCIoT) (2015) International Conference on (pp. 1577-1581). IEEE.

Skarmeta, A.F., Hernandez-Ramos, J.L. and Moreno, M.V. (2014), March. A decentralized approach for security and privacy challenges in the internet of things. In Internet of Things (WF-IoT) (2014) IEEE World Forum on (pp. 67-72). IEEE.

Sood, K., Yu, S. and Xiang, Y. (2016). Software-defined wireless networking opportunities and challenges for Internet-of-Things: A review. IEEE Internet of Things Journal, 3(4), pp.453-463.

Stojkoska, B.L.R. and Trivodaliev, K.V. (2017). A review of Internet of Things for smart home: Challenges and solutions. Journal of Cleaner Production, 140, pp.1454-1464.

Tasneem, Y., Rwan, M., Fadi, A. and Imran, Z. (2015). Internet of Things (IoT) Security: Current Status, Challenges, and Countermeasures. International Journal for Information Security: Current Status Challenges and Countermeasures. International Journal for Information Security Research (IJISR), p. 9

Taylor, S.J., Bogdan, R. and DeVault, M. (2015). Introduction to qualitative research methods: A guidebook and resource. John Wiley and Sons.

Thierer, A.D. (2015). The internet of things and wearable technology: Addressing privacy and security concerns without derailing innovation.

Vasilomanolakis, E., Daubert, J., Luthra, M., Gazis, V., Wiesmaier, A. and Kikiras, P. (2015), September. On the security and privacy of internet of things architectures and systems. In Secure Internet of Things (SIoT) (2015) International Workshop on (pp. 49-57). IEEE.

Want, R., Schilit, B.N. and Jenson, S. (2015). Enabling the internet of things. Computer, 48(1), pp.28-35.

Weber, M. and Boban, M. (2016), May. Security challenges of the internet of things. In Information and Communication Technology, Electronics and Microelectronics (MIPRO) (2016) 39th International Convention on (pp. 638-643). IEEE.

Williams, P.A. and McCauley, V. (2016), December. Always connected: The security challenges of the healthcare Internet of Things. In Internet of Things (WF-IoT) (2016) IEEE 3rd World Forum on (pp. 30-35). IEEE.

Wortmann, F. and Flüchter, K. (2015). Internet of things. Business and Information Systems Engineering, 57(3), pp.221-224.

Yan, Z., Zhang, P. and Vasilakos, A.V. (2014). A survey on trust management for Internet of Things. Journal of network and computer applications, 42, pp.120-134.

Yaqoob, I., Ahmed, E., Hashem, I.A.T., Ahmed, A.I.A., Gani, A., Imran, M. and Guizani, M. (2017). Internet of things architecture: Recent advances, taxonomy, requirements, and open challenges. IEEE wireless communications, 24(3), pp.10-16.

Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C. (2015), November. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.

Yuehong, Y.I.N., Zeng, Y., Chen, X. and Fan, Y. (2016). The internet of things in healthcare: An overview. Journal of Industrial Information Integration, 1, pp.3-13.

Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K. and Shieh, S. (2014), November. IoT security: ongoing challenges and research opportunities. In Service-Oriented Computing and Applications (SOCA) (2014) IEEE 7th International Conference on (pp. 230-234). IEEE.

Zhou, J., Cao, Z., Dong, X. and Vasilakos, A.V. (2017). Security and privacy for cloud-based IoT: challenges. IEEE Communications Magazine, 55(1), pp.26-33.

Ziegeldorf, J.H., Morchon, O.G. and Wehrle, K. (2014). Privacy in the Internet of Things: threats and challenges. Security and Communication Networks, 7(12), pp.2728-2742.