Best Practices for Facing the Security Challenges of Internet of Things Devices Focusing on Software Development Life Cycle
Автор: Ratun Rahman, Md. Rafid Islam
Журнал: International Journal of Education and Management Engineering @ijeme
Статья в выпуске: 4 vol.13, 2023 года.
Бесплатный доступ
In the past few years, the number of IoT devices has grown substantially, and this trend is likely to continue. An increasing amount of effort is being put into developing software for the ever-increasing IoT devices. Every IoT system at its core has software that enables the devices to function efficiently. But security has always been a concern in this age of information and technology. Security for IoT devices is now a top priority due to the growing number of threats. This study introduces best practices for ensuring security in the IoT, with an emphasis on guidelines to be utilized in software development for IoT devices. The objective of the study is to raise awareness of the potential threats and emphasize the use of secure software development lifecycle. The study will also serve as a point of reference for future developments and provide a solid foundation for securing IoT software and dealing with vulnerabilities. This paper divides the most common concerns with Internet of Things (IoT) security into three primary categories, and then further subdivides each of those categories into other subcategories.
IoT, Security, SDLC, Security challenges, Best practices
Короткий адрес: https://sciup.org/15018668
IDR: 15018668 | DOI: 10.5815/ijeme.2023.04.04
Список литературы Best Practices for Facing the Security Challenges of Internet of Things Devices Focusing on Software Development Life Cycle
- Samie, F., Bauer, L. and Henkel, J., 2016, October. IoT technologies for embedded computing: A survey. In 2016 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ ISSS) (pp. 1-10). IEEE.
- Farooq, M.U., Waseem, M., Mazhar, S., Khairi, A. and Kamal, T., 2015. A review on internet of things (IoT). International journal of computer applications, 113(1), pp.1-7.
- Zeng, E., Mare, S. and Roesner, F., 2017. End user security and privacy concerns with smart homes. In Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017) (pp. 65-80).
- Frustaci, M., Pace, P., Aloi, G. and Fortino, G., 2017. Evaluating critical security issues of the IoT world: Present and future challenges. IEEE Internet of things journal, 5(4), pp.2483-2495.
- ul Hassan, S.Z. and Ahmad, S.Z., 2021. The Importance of Ethical Hacking Tools and Techniques in Software Development Life Cycle. International Journal, 10(3).
- Roman, R., Zhou, J. and Lopez, J., 2013. On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), pp.2266-2279.
- Rayes, A. and Salam, S., 2019. Internet of things (IoT) overview. In Internet of Things from hype to reality (pp. 1-35). Springer, Cham.
- Alam, T., 2018. A reliable communication framework and its use in internet of things (IoT). CSEIT1835111| Received, 10, pp.450-456.
- Botta, A., De Donato, W., Persico, V. and Pescapé, A., 2016. Integration of cloud computing and internet of things: a survey. Future generation computer systems, 56, pp.684-700.
- Gubbi, J., Buyya, R., Marusic, S. and Palaniswami, M., 2013. Internet of Things (IoT): A vision, architectural elements, and future directions. Future generation computer systems, 29(7), pp.1645-1660.
- Abomhara, M. and Køien, G.M., 2015. Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, pp.65-88.
- Blythe, J.M. and Johnson, S.D., 2018, March. The Consumer Security Index for IoT: A protocol for developing an index to improve consumer decision making and to incentivize greater security provision in IoT devices. In Living in the Internet of Things: Cybersecurity of the IoT-2018 (pp. 1-7). IET.
- Zhang, N., Demetriou, S., Mi, X., Diao, W., Yuan, K., Zong, P., Qian, F., Wang, X., Chen, K., Tian, Y. and Gunter, C.A., 2017. Understanding IoT security through the data crystal ball: Where we are now and where we are going to be. arXiv preprint arXiv:1703.09809.
- Bertino, E. and Islam, N., 2017. Botnets and internet of things security. Computer, 50(2), pp.76-79.
- Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A., Imran, M. and Guizani, M., 2017. The rise of ransomware and emerging security challenges in the Internet of Things. Computer Networks, 129, pp.444-458.
- Almusaylim, Z.A. and Zaman, N., 2019. A review on smart home present state and challenges: linked to context-awareness internet of things (IoT). Wireless networks, 25(6), pp.3193-3204.
- Biswas, A.R. and Giaffreda, R., 2014, March. IoT and cloud convergence: Opportunities and challenges. In 2014 IEEE World Forum on Internet of Things (WF-IoT) (pp. 375-376). IEEE.
- Bhardwaj, A., Al-Turjman, F., Kumar, M., Stephan, T. and Mostarda, L., 2020. Capturing-the-invisible (CTI): Behavior-based attacks recognition in IoT-oriented industrial control systems. IEEE access, 8, pp.104956-104966.
- Wood, D., Apthorpe, N. and Feamster, N., 2017, November. Cleartext data transmissions in consumer iot medical devices. In Proceedings of the 2017 Workshop on Internet of Things Security and Privacy (pp. 7-12).
- Surya, L., 2016. Security challenges and strategies for the IoT in cloud computing. International Journal of Innovations in Engineering Research and Technology ISSN, pp.2394-3696.
- Dias, J.P. and Ferreira, H.S., 2018. State of the software development life-cycle for the internet-of-things. arXiv preprint arXiv:1811.04159.
- Ashton, K., 2009. That ‘internet of things’ thing. RFID journal, 22(7), pp.97-114.
- Suresh, P., Daniel, J.V., Parthasarathy, V. and Aswathy, R.H., 2014, November. A state of the art review on the Internet of Things (IoT) history, technology and fields of deployment. In 2014 International conference on science engineering and management research (ICSEMR) (pp. 1-8). IEEE.
- Anthopoulos, L.G., 2015. Understanding the smart city domain: A literature review. Transforming city governments for successful smart cities, pp.9-21.
- El Khaddar, M.A. and Boulmalf, M., 2017. Smartphone: the ultimate IoT and IoE device. Smartphones from an applied research perspective, 137.
- Uhlemann, E., 2016. Connected-vehicles applications are emerging [connected vehicles]. IEEE Vehicular Technology Magazine, 11(1), pp.25-96.
- Madakam, S., Lake, V., Lake, V. and Lake, V., 2015. Internet of Things (IoT): A literature review. Journal of Computer and Communications, 3(05), p.164.
- Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K. and Shieh, S., 2014, November. IoT security: ongoing challenges and research opportunities. In 2014 IEEE 7th international conference on service-oriented computing and applications (pp. 230-234). IEEE.
- Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P. and Sikdar, B., 2019. A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access, 7, pp.82721-82743.
- Omolara, A.E., Alabdulatif, A., Abiodun, O.I., Alawida, M., Alabdulatif, A. and Arshad, H., 2022. The internet of things security: A survey encompassing unexplored areas and new insights. Computers & Security, 112, p.102494.
- Nebbione, G. and Calzarossa, M.C., 2020. Security of IoT application layer protocols: Challenges and findings. Future Internet, 12(3), p.55.
- Rahman, R., Islam, M.R., Ahmed, A., Hasan, M.K. and Mahmud, H., 2022, November. A Study of Permission-based Malware Detection Using Machine Learning. In 2022 15th International Conference on Security of Information and Networks (SIN) (pp. 01-06). IEEE.
- Islam, M.R., Rahman, R., Ahmed, A. and Jany, R., 2022. A Survey of Software Metrics for Transitioning to An Updated Version of The Current Existing Framework Or A New Framework.