Internet of things (IoT) is a collection of objects,

Internet of things (IoT) is a collection of objects, services and devices which are connected via a network and can communicate and share information to achieve a common goal in different areas and applications. {4} In other words it is a technological revolution which represents the future of computing, communications and its development in upcoming days depends on the innovation of dynamic technology from wireless sensor to nanotechnology. {15} The architecture of IoT mainly based on two things. One is data communication tools and another one is radio frequency identification (RFID). {15} IoT can be implemented in different field such as agriculture, healthcare, distribution etc. The purpose of IoT is to perform daily tasks and responsibilities by using intelligent devices for changing humans’ usual lifestyle. {4} Devices used in IoT are arranged with sensors and processing power which qualify them that to be fitted in many environments. {1} Fig.1 is a representation of some common applications of IoT in different environments such as smart healthcare, wearable technology, smart home, smart transport etc. Services provided by IoT applications is a blessing of modern technology as it provides great benefit for humans’ life. As every advantage have some disadvantage like that those benefits have some security and privacy concern. {1} In recent years IoT applications have a huge expansion due to the rapid development of technology especially in Radio Frequency Identification (RFID) and Wireless Sensor Network (WSN). {4} The RFID enables the tagging or labeling of every single device. On the other hand, due to WSN people, devices, objects etc. becomes a wireless recognizable object and can communicate with each other in the physical, cyber and virtual world. {4} The rest of this paper is organized as follows. Section II describes the architecture of IoT. In section III, the security and issues of different security principles and IoT devices are presented. The section also contains the security issues that are associated with each layer of IoT. Section IV discusses the application of IoT in different sectors. Section V gives the big picture of comparison and criticism of existing research work of IoT. Finally, the paper is concluded in Section VI.

Different researcher gives different opinion regarding the number of layers in IoT. However, majority number of researcher declared that IoT mainly have three layers. They are: Perception layer, Network layer and Application layers.  These layers are isolated by their functions and the devices that are used with them. Each layer has some security issues associated with it. Fig. 2 shows the general architecture of IoT. {4} Perception layer also referred as a “Device layer” in IoT. It contains the physical objects and sensor devices such as RFID, camera, Bluetooth etc. mainly based on object detection method. This layer detects, collects and process information and transmits it to the network layer. The transmitted information may vary due to the different type of sensor. It can be about location, temperature, motion etc. {8} The main purpose of the network layer is to transmit the information due to that we can call it “Transmission Layer”. It securely transfers the information from sensors to different IoT hubs or devices over the internet. The transmission medium can be wired or wireless. Internet gateways, routing devices etc. perform the transmission by using the modern technology such as WIFI, 3G, LTE etc. depending on the sensor. {8 + 4} The application layer provides the security that means authenticity, integrity, and confidentiality of the data. In this layer, the main purpose of IoT which is the establishment of a smart environment is achieved. {4} Except those three commonly used architecture, some researcher declared that in IoT architecture some other layer also exists. Such as, M. Wu et al. defined two more layers in IoT architecture one is Middleware layer and another one is business layer 15. The function of middleware layer is to receive information from network layer and store them in the database. Correspondingly, the business layer has the responsibility for the whole IoT system including application and services. Hui Suo et al. describes one extra layer Support layer with the three general layers. Support layer work as a support platform for the application layer. Here all kind of computing power is organized through network grid and cloud computing. It combines the application layer upward and network layer downward.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

With the increasing popularity of IoT, the security issues and threats are also increasing. A huge number of the researcher working to minimize and prevent those security issues. To prevent the security vulnerabilities and attacks in IoT system the first step is to classify the different attacks in different categories and then implement a security system to prevent the attack. As IoT is implemented by using different modern network technologies (WSN, RFID, Internet etc.) for this reason it is required a proper categorization of the attacks and threats, so that a better security system can be developed and implemented. {3} Different scholars classified attacks in different ways. Some may have classified them as per architectural layer whereas some classify them as per attacks type. Also, some of them classified them attacks on the specific device basis. However, maybe their categorization is different, but the attack is almost same everywhere. Andrea et al. 3 classified the IoT attacks in four distinct classes: physical, network, software and encryption attacks. Physical attacks are mainly focused on the hardware components of an IoT system. To attack the system attacker, need to be physically close or reside within the system. Whereas for the network attack attacker need not be closed on the system. It mainly manipulates the network system of IoT network for damage. Software attack makes the security vulnerabilities of IoT system. It exploits the system by the attack of trojan horse, worm, spyware or any other malicious activities. Due to these types of activities, it can steal information from the system some time it may damage the devices also. Encryption attack breaks the encryption scheme of the system and attacks the system.  Man-in-the-middle attack, cryptoanalysis attack etc. are varieties of encryption attack. {1} Xu Xingmei et al. 6 defines security problem covers in each layer of IoT system.  In the perception layer, the main threat is the RFID and WSN security. Many types of attack can happen in this network such as replication attack, channel blocking attack, flooding attack etc. Consequently, in the network layer, the common security attacks are the DDOS attack, middleman attack, heterogeneous network attack etc. Finally, in the application layer, the security challenge is to provide user privacy for information protection, prohibit illegal access to the database, prevent information leakage of system etc. Weizhe Zhang et al. 5 also explains different type of threats for the different architectural layer of IoT. In the perceptual layer the node resource is limited, a versatile network topology and distributed organized structure is present but still, it has some security threats like brute force attack, routing attack, clone node etc. the main security concern of network layer are DoS attack, data attack or session attack. Whereas in application layer security attack can be done by privacy leak, malicious activities or social engineering.