A Review of Security and Privacy Concerns in the Internet of Things (IoT)

The recent two decades have witnessed tremendous growth in Internet of things (IoT) applications. There are more than 50 billion devices connected globally. IoT applications' connectivity with the Internet persistently victimized them with a divergent range of traditional threats, including viruses, worms, malware, spyware, Trojans, malicious code injections, and backdoor attacks. Traditional threats provide essential services such as authentication, authorization, and accountability. Authentication and authorization are the process of verifying that a subject is bound to an object. Traditional authentication and authorization mechanisms use three different factors to identity a subject to verify if the subject has the right capability to access the object. Further, it is defined that a computer virus is a type of malware. Malware includes computer viruses, worms, Trojan horses, spyware, and ransomware. There is a high probability that IoT systems can get infected with a more sophisticated form of malware and high-frequency electromagnetic waves. Purpose oriented with distinct nature IoT devices is developed to work in a constrained environment. So there is a dire need to address these security issues because relying on existing traditional techniques is not good. Manufacturers and researchers must think about resolving these security and privacy issues. Most importantly, this study identifies the knowledge and research gap in this area. The primary objective of this systematic literature review is to discuss the divergent types of threats that target IoT systems. Most importantly, the goal is to understand the mode of action of these threats and develop the recovery mechanism to cover the damage. In this study, more than 170 research articles are systematically studied to understand security and privacy issues. Further, security threats and attacks are categorized on a single platform and provide an analysis to explain how and to what extent they damage the targeted IoT systems. This review paper encapsulates IoT security threats and categorizes and analyses them by implementing a comparative study. Moreover, the research work concludes to expand advanced technologies, e.g., blockchain, machine learning, and artificial intelligence, to guarantee security, privacy, and IoT systems.

Automated summary

The past two decades have seen significant growth in Internet of Things (IoT) applications, with over 50 billion connected devices globally. However, the connectivity of IoT applications with the internet has also made them vulnerable to a range of traditional threats, including viruses, malware, and backdoor attacks. Traditional security techniques are no longer sufficient to address these issues, and there is a need to explore advanced technologies such as blockchain, machine learning, and artificial intelligence to ensure the security and privacy of IoT systems. This study aims to identify and categorize the various types of threats targeting IoT systems and develop recovery mechanisms to mitigate the damage caused by these threats. The findings of this study highlight the research gaps in this area and suggest the importance of expanding advanced technologies to guarantee the security and privacy of IoT systems.