The IoT that uses the Internet Protocol (IP) plays a vital role to connect with real-world through physical Objects. Trust management plays a prime role in IoT information security, reliable data integration, qualified services with context-awareness, and improved user privacy.
Every user is assigned a trust value based on the history and a license, which is cryptographically secured against the replay or forgery attacks. Detection of attackers is viable by considering these two features provided by every user. In IoT context, the hybrid mechanism proposes a hybrid detection scheme depends on the trust information and routing based metrics. Initially, this mechanism filters suspicious flows based on the trust value measured by the client device.
Trust is an important aspect while surveys about security systems. At a certain point, the IoT system discloses some of the data to the end user and vice-versa. Thus, there is a need to provide a level of trust between the end user and the IoT system for the successful utilization of the IoT concept. A system can behave in an untrustworthy manner even after having security and privacy implementation. Moreover, the behavior-based analysis of devices is required for predicting the device performance over the time. The trust management provides behavior-based analysis of all entities, using their past behavior, reputation in the network. A trustworthy system is needed to prevent from malicious activities launched by malicious devices. In this, each node maintains its trust value towards other nodes. For scalability, a node likely to just keep its trust assessment towards a limited set of nodes in which it is interested. Furthermore, the trust management protocol is activity-based as well as encounter based, which means the trust value is updated upon an interaction activity or an encounter event. Two nodes that encounter each other or involved in a direct interaction activity can directly observe each other and update their trust measurements. They also exchange their trust assessment results toward other nodes as recommendations. Figure 1 shows the trust and cryptography based secure routing in IoT environment.
|Security Issues||SecurityParameters||IOT Layers||Working Of|
|Terminal and Sensor network|
|Collection ofinformation||Sensors, Smart Card, RFID tag,|
- + Trust and Cryptography Based Secure Routing
- + Security Issues and Parameters of IoT Layers
Security Issues SecurityParameters IOT Layers Working Of
Components Terminal and Sensor network
Collection ofinformation Sensors, Smart Card, RFID tag, Datatransmission security Integrity,
Networklayer Transmission of
Privacy Applicationlayer Analysis ofinformation.
Ants food searching activity solves the routing problem in MANET. Ant colony optimization helps to select the shortest path depends on the bandwidth, hop-count and congestion level for routing the packets from source to destination. Limited bandwidth, energy consumption, and dynamic topology make the computational problem in MANET. In this method, ants select the shortest way depends on the amount of pheromone content in the traveling path. Pheromone is like a chemical content which left from ants. Ants search for the food in the shortest way, where the pheromone deposit amount is high.
Security must be considered in the design of a new system or device. The effectiveness of the defense processes strongly depends on the routing topology of the network. There is a real need for securing IoT, which has consequently resulted in a need to understand the attacks and threats on IoT routing extensively. Cyber-attacks are not new to it, however, as it is deeply interwoven in our societies, it is becoming obligatory to step up and take cyber defense activities seriously. The IoT communication among all kinds of devices certainly increases security concerns due to the automated integration among all classes of applications  . For instance, an adversary is likely to leverage the interconnected devices for malware propagation. Hence, to ensure the reliable routing of IoT, the efficient and effective defense mechanisms are considered as an utmost important feature. During routing, the DoS is a threat that potentially degrades the availability of a resource in an IoT system. The existing survey of DoS attack and defense mechanisms are relatively outdated, and it does not reflect the significant improvements in this area in recent years. Preventing DoS attacks is a very challenging issue, as they can take place even in the absence of software vulnerabilities in a system. Moreover, the several unique features of Distributed DoS attacks (DDOS) make effective defenses extremely difficult to design. In this, the traffic volume generated by a DDoS attack can occupy the capacities of most corporate internet links, as well as exceed the throughput of many network security devices. Furthermore, the traffic from each attack source of a DDoS attack does not need to be noticeable to constitute a powerful attack. Therefore, DDoS attack traffic tends to appear legitimate, which makes it extremely complex to filter attack traffic without disrupting legitimate traffic. Four broad categories of defense against DoS attacks are considered, they are attack prevention, attack detection, attack source identification, and attack reaction . Support for secure device tamper detection requires specific hardware capabilities. Many embedded devices are deployed outside of the standard enterprise security perimeter; it is critical that the security must be included in the device itself.
Cryptography is a technique to encode the information to keep the information more confidential. Lightweight Cryptography (LWC) is one of the state-of-the-art technologies, which delivers adequate security and it does not always exploit the security-efficiency trade-offs. The lightweight public key primitives are in demand for key management protocols in smart object networks, and the required resource for public key primitives is much larger than that of symmetric key primitives. In the field of the defense, the cryptographic key required to process security for the message may be determined implicitly or explicitly. In , Request for Comments (RFC) currently defines different values for this field, thus supports different key management approaches, namely group keys, keys per pair of sensing devices, and digital signatures. This field supports various levels of granularity of packet protection and is divided into a key source and key index sub-fields. The key source sub-field indicates the logical identifier of the originator of a group key, while the key index sub-field, when present, allows unique identification of keys with the same originator. Moreover, the certificate pre-validation involves a security gateway supporting the validation of certificates in the context of the handshake, before forwarding the messages to the destination sensing device. Iot nodes are resource constrained and have limited computational capabilities and memory. Any secure routing protocol design thus should ideally consider lightweight but a security metric system. Secure routing operations such as public key cryptography or shortest path algorithms should ideally be limited to only a few nodes to reduce complexity. It is advisable to perform encryption only at the route endpoints during route creation. This helps to defend against the DoS attacks common to sensor networks. Authentication for a pairwise key establishment protocol relates to the ability, for one or both nodes that undertake it, to bind the established key material with the identity of its peer . This family of asymmetric techniques changes the implicit assumption that any identifier can be authenticated, provided that it is securely bound to a public key. These techniques assume indeed that the authenticated identifier of a node is obtained from the node public key in the form of a hash of this public key. Mechanisms are then defined to build protocol stack identifiers from these cryptographically generated identifiers.
- Sicari, Sabrina, Alessandra Rizzardi, Luigi Alfredo Grieco, and Alberto Coen-Porisini. “Security, privacy and trust in the Internet of Things: The road ahead.” Computer Networks 76 (2015): 146-164.
- Yan, Zheng, Peng Zhang, and Athanasios V. Vasilakos. “A survey on trust management for Internet of Things.” Journal of network and computer applications, Vol.42, pp.120-134, 2014.
- Yang, Yuchen, et al. “A Survey on Security and Privacy Issues in Internet-of-Things.” IEEE Internet of Things Journal, 2017.
- M. Mahmud Hossain, M.Fotouhi, and R. Hasan, “ Towards an Analysis of Security Issues, Challenges and Open Problems in the Internet of Things,” in Services (SERVICES), 2015 IEEE World Congress on. IEEE, 2015, pp.21-28.
- E. Alsaadi and A. Tubaishat, “Internet of Things : Features , and Challenges,” vol. 4, no. 1, pp. 1–13, 2015.
- Sonar, Krushang, and Hardik Upadhyay. “An Approach to Secure Internet of Things Against DDoS.” In Proceedings of International Conference on ICT for Sustainable Development, pp. 367-376. Springer Singapore, 2016.
- Granjal, Jorge, Edmundo Monteiro, and Jorge Sá Silva. “Security for the internet of things: a survey of existing protocols and open research issues.” IEEE Communications Surveys & Tutorials 17, no. 3 (2015): 1294-1312.