STATE OF THE ART ANALYSIS ON BATTERY-RELATED THREATS AND DEFENSES OF IOT DEVICES USING KITCHENHAM
Abstract
The Internet of Things (IoT) keeps growing in size every year, but its growth also companied with threats to its security. This paper centers on the research article that focuses on various attacks on IoT system and devices through power drain techniques targeting IoT devices. This paper discusses various existing attack models, and security model. The main objective is to reveal the state of the art of the security issues of IoT related to attacks to the devices’ power. The literature review is performed by implementing Kitchenham method and utilizing Google Scholar and Science Direct databases. 42 publications between 2010 and 2023, fulfilling the selection criteria are selected and comprehensively reviewed. To counteract power drain-induced Denial of Service (DoS) threats, the paper evaluates existing defense mechanisms specifically tailored to mitigate these attacks. These defenses encompass adaptive power management strategies, hardware-level security enhancements, and network-level security measures. The effectiveness, practicality, and trade-offs of these defense mechanisms are examined. The combination of these papers offers comprehensive insights into battery-related security concerns in the IoT landscape, with sleep deprivation attacks, Denial of Service-induced battery drain, and Vampire attack, highlighting the importance of robust security measures in the IoT ecosystem.
Downloads
References
Statista, "Number of Internet of Things (IoT) connected devices worldwide from 2019 to 2030," 2022. https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/ (Accessed 09/23/2023).
Markets and Markets, "Battery market for IoT by type, rechargeability, end-use application, and geography - Global Forecast to 2025," 2020. https://www.marketsandmarkets.com/Market-Reports/battery-iot-market-153084557.htm (Accessed 09/23/2023).
W. Zhou, Y. Jia, A. Peng, Y. Zhang and P. Liu, "The effect of IoT new features on security and privacy: new threats, existing Solutions, and Challenges Yet to Be Solved," in IEEE Internet of Things Journal, vol. 6, no. 2, pp. 1606-1616, April 2019, doi: 10.1109/JIOT.2018.2847733.
L. G. A. Rodriguez and D. M. Batista. “Program-Aware Fuzzing for MQTT Applications,” in Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 582–586, 2020.
R. Kumar, S. Kumar and P. Arjariya, "A Comprehensive Survey of Security Challenges and Threats in Internet of Things," 2021 5th International Conference on Information Systems and Computer Networks (ISCON), Mathura, India, 2021, pp. 1-5, doi: 10.1109/ISCON52037.2021.9702368..
M.A. Siddiqi, W.A. Serdijn & C. Strydis, "Zero-power defense done right: shielding IMDs from battery-depletion attacks," J. Sign Process Syst 93, pp. 421 - 437, 2021. https://doi.org/10.1007/s11265-020-01530-5.
A. Abdullah, R. Hamad, M. Abdulrahman, H. Moala and S. Elkhediri, "CyberSecurity: A review of Internet of Things (IoT) security issues, challenges and techniques," 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, 2019, pp. 1-6, doi: 10.1109/CAIS.2019.8769560.
X. Hei, X. Du, J. Wu and F. Hu, "Defending resource depletion attacks on implantable medical devices," 2010 IEEE Global Telecommunications Conference GLOBECOM 2010, Miami, FL, USA, 2010, pp. 1-5, doi: 10.1109/GLOCOM.2010.5685228.
V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal and B. Sikdar, "A survey on IoT security: application areas, security threats, and solution architectures," in IEEE Access, vol. 7, pp. 82721-82743, 2019, doi: 10.1109/ACCESS.2019.2924045.
Q. Monnet, Y. Hammal, L. Mokdad and J. Ben-Othman, "Fair election of monitoring nodes in WSNs," 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, USA, 2015, pp. 1-6, doi: 10.1109/GLOCOM.2015.7417091.
H. Ismaeel and W. Elmedany, "Anomaly-based detection technique using deep learning for Internet of Things: A Survey," 2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), Sakheer, Bahrain, 2022, pp. 278-284, doi: 10.1109/3ICT56508.2022.9990632.
J. Fobe, M. Nogueira, and D. Batista. "A new defensive technique against sleep deprivation attacks driven by battery usage", in Anais do XXII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, Santa Maria, 2022, pp. 85-96. doi: https://doi.org/10.5753/sbseg.2022.224911.
J. Fobe, M. Nogueira, and D. Batista. "A new defensive technique against sleep deprivation attacks driven by battery usage", in Proceedings of the 22nd Brazilian Symposium on Information and Computational Systems Security, Santa Maria, 2022, pp. 85-96, doi: https://doi.org/10.5753/sbseg.2022.224911.
P. P. Ioulianou, V. G. Vassilakis, and M. D. Logothetis, "Battery drain denial-of-service attacks and defenses in the Internet of Things", JTIT, no. 2, pp. 37–45, Jun. 2019, doi: 10.26636/jtit.2019.131919.
C. Pu and T. Song, "Hatchetman attack: A denial of service attack against routing in low power and lossy networks," 2018 5th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2018 4th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), Shanghai, China, 2018, pp. 12-17, doi: 10.1109/CSCloud/EdgeCom.2018.00012.
P. Kasinathan, C. Pastrone, M. A. Spirito and M. Vinkovits, "Denial-of-Service detection in 6LoWPAN based Internet of Things," 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Lyon, France, 2013, pp. 600-607, doi: 10.1109/WiMOB.2013.6673419.
Wallgren L, Raza S, Voigt T. "Routing attacks and countermeasures in the rpl-based Internet of Things," International Journal of Distributed Sensor Networks. 2013;9(8). doi:10.1155/2013/794326.
A. Mayzaud, R. Badonnel, and I. Chrisment, "A taxonomy of attacks in RPL-based internet of things, "HAL (Le Centre Pour La Communication Scientifique Directe), May 2016, doi: 10.6633/ijns.201605.18(3).07.
H. -S. Kim, J. Ko, D. E. Culler and J. Paek, "Challenging the IPv6 routing protocol for low-power and lossy networks (RPL): A Survey," in IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2502-2525, Fourthquarter 2017, doi: 10.1109/COMST.2017.2751617.
E. Garcia Ribera, B. Martinez Alvarez, C. Samuel, P.P. Ioulianou, V.G. Vassilakis, "An intrusion detection system for RPL-based IoT networks", Electronics 2022, 11, 4041. https://doi.org/10.3390/electronics11234041.
A. Alazab, A. Khraisat, S. Singh, S. Bevinakoppa, O.A. Mahdi, "Routing attacks detection in 6LoWPAN-Based Internet of Things", Electronics 2023, 12, 1320. https://doi.org/10.3390/electronics12061320.
A. Dvir, T. Holczer and L. Buttyan, "VeRA - Version Number and Rank Authentication in RPL," 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, Valencia, Spain, 2011, pp. 709-714, doi: 10.1109/MASS.2011.76.
G. Simoglou, G. Violettas, S. Petridou, L. Mamatas, "Intrusion detection systems for RPL Security: A comparative analysis", Computers & Security, vol. 104, 2021, 102219. https://doi.org/10.1016/j.cose.2021.102219.
S.S. Solapure, H.H. Kenchannavar, K.P. Sarode, "Issues faced during RPL protocol analysis in Contiki-2.7". In: Tuba, M., Akashe, S., Joshi, A. (eds) ICT Systems and Sustainability. Advances in Intelligent Systems and Computing, vol 1077. Springer, Singapore, 2020. https://doi.org/10.1007/978-981-15-0936-0_51
C. Pu, J. Brown and L. Carpenter, "A theil index-based countermeasure against advanced vampire attack in Internet of Things," 2020 IEEE 21st International Conference on High Performance Switching and Routing (HPSR), Newark, NJ, USA, 2020, pp. 1-6, doi: 10.1109/HPSR48589.2020.9098987.
C. Pu, "Spam DIS attack against routing protocol in the Internet of Things," 2019 International Conference on Computing, Networking and Communications (ICNC), Honolulu, HI, USA, 2019, pp. 73-77, doi: 10.1109/ICCNC.2019.8685628.
E. Y. Vasserman and N. Hopper, "Vampire attacks: draining life from wireless ad hoc sensor networks," in IEEE Transactions on Mobile Computing, vol. 12, no. 2, pp. 318-332, Feb. 2013, doi: 10.1109/TMC.2011.274.
R. Kanbur and A. Snell, "Inequality indices as tests of fairness, " The Economic Journal, vol. 129, no. 621, pp. 2216–2239, Jan. 2019, doi: 10.1111/ecoj.12637.
A. Varga, OMNeT++, 2014, http://www.omnetpp.org/ (Accessed 9/10/2023).
Y.D. Prabowo, A. I. Kristijantoro, H.L.H.S. Warnars, W. Budiharto, "Systematic literature review on abstractive text summarization using Kitchenham method," ICIC Express Letters, Part B: Applications 21852766, ICIC International, 2021, 12, 1, 1075. https://cir.nii.ac.jp/crid/1390009225965346944
T. Matsunaga, K. Toyoda and I. Sasase, "Low false alarm rate RPL network monitoring system by considering timing inconstancy between the rank measurements," 2014 11th International Symposium on Wireless Communications Systems (ISWCS), Barcelona, Spain, 2014, pp. 427-431, doi: 10.1109/ISWCS.2014.6933391.
A. Arış, S. B. Ö. Yalçın, and S. Oktuğ, "New lightweight mitigation techniques for RPL version number attacks," Ad Hoc Networks, vol. 85, pp. 81–91, Mar. 2019, doi: 10.1016/j.adhoc.2018.10.022.
S. Chang, S. L. S. Kumar, Y.-C. Hu, and Y. Park, "Power-Positive networking, " ACM Transactions on Sensor Networks, vol. 15, no. 3, pp. 1–25, May 2019, doi: 10.1145/3317686.
F. Nizzi, T. Pecorella, F. Esposito, L. Pierucci and R. Fantacci, "IoT security via address shuffling: the easy way," in IEEE Internet of Things Journal, vol. 6, no. 2, pp. 3764-3774, April 2019, doi: 10.1109/JIOT.2019.2892003.
A. Jalaly Bidgoly and H. Jalaly Bidgoly, "A novel chaining encryption algorithm for LPWAN IoT network," in IEEE Sensors Journal, vol. 19, no. 16, pp. 7027-7034, 15 Aug.15, 2019, doi: 10.1109/JSEN.2019.2910850.
S. Murali and A. Jamalipour, "A Lightweight Intrusion Detection for Sybil Attack Under Mobile RPL in the Internet of Things," in IEEE Internet of Things Journal, vol. 7, no. 1, pp. 379-388, Jan. 2020, doi: 10.1109/JIOT.2019.2948149.
C. Pu and B. Groves, "Energy Depletion Attack in Low Power and Lossy Networks: Analysis and Defenses," 2019 2nd International Conference on Data Intelligence and Security (ICDIS), South Padre Island, TX, USA, 2019, pp. 14-21, doi: 10.1109/ICDIS.2019.00010.
K. Zeitz, M. Cantrell, R. Marchany and J. Tront, "Changing the game: A micro moving target IPv6 defense for the Internet of Things," in IEEE Wireless Communications Letters, vol. 7, no. 4, pp. 578-581, Aug. 2018, doi: 10.1109/LWC.2018.2797916.
C. Pu, S. Lim, B. Jung and M. Min, "Mitigating stealthy collision attack in energy harvesting motivated networks," MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM), Baltimore, MD, USA, 2017, pp. 539-544, doi: 10.1109/MILCOM.2017.8170779.
A. Vasudeva and M. Sood, "Survey on sybil attack defense mechanisms in wireless ad hoc networks, " Journal of Network and Computer Applications, vol. 120, pp. 78–118, Oct. 2018, doi: 10.1016/j.jnca.2018.07.006.
A. Raoof, A. Matrawy and C. -H. Lung, "Routing attacks and mitigation methods for RPL-based Internet of Things," in IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1582-1606, Secondquarter 2019, doi: 10.1109/COMST.2018.2885894.
W. Zhao, S. Yang and X. Luo, "On Threat Analysis of IoT-Based Systems: A Survey," 2020 IEEE International Conference on Smart Internet of Things (SmartIoT), Beijing, China, 2020, pp. 205-212, doi: 10.1109/SmartIoT49966.2020.00038.
Copyright (c) 2024 Azka Ghafara Putra Agung, Aditya Pradana, Rahmat Budiarto
This work is licensed under a Creative Commons Attribution 4.0 International License.