Securing IoT Networks Enables Real-Time Defence Against Escalating Cybersecurity Threats

The increasing prevalence of Internet of Things (IoT) devices, predicted to surpass 30 billion connections by 2030, presents a growing and complex challenge to cybersecurity. Trung Dao from IBM, alongside Minh Nguyen, Son Do, and Hoang Tran, investigated the vulnerabilities, threats and potential defense mechanisms within IoT networks. Their comprehensive survey analyses the interplay between network and application layers, focusing on real-time monitoring and informed decision-making. By reviewing 59 scholarly articles published over the last fifteen years, the researchers identify critical threat categories and highlight promising advanced defense strategies. This work is significant as it proposes a novel five-layer IoT model and suggests future research avenues, including the integration of 6G networks, to strengthen the resilience of the entire IoT ecosystem.

IoT Expansion, Risks and Technological Convergence The Internet

The Internet of Things (IoT) is being deployed across numerous sectors including smart cities, smart homes, healthcare, industrial automation, energy systems, and underwater communication. IoT systems typically employ layered architectures for functionality and management, and there is a growing convergence of IoT with edge computing, cloud computing, and 5G/6G technologies. Securing this ecosystem requires a multi-faceted approach combining advanced technologies, standardized protocols, and a focus on both security and resource efficiency. IoT devices are susceptible to various attacks, including botnets, DDoS attacks, and data breaches, raising significant privacy concerns, particularly in smart home and city environments. Many IoT devices have limited processing power, memory, and energy, making it difficult to implement robust security measures, and security needs to be addressed at all layers of the IoT architecture. A future landscape will likely rely on blockchain, AI, lightweight cryptography, and Zero Trust principles to build a more secure and reliable IoT.

IoT Vulnerabilities and Security Analysis 2009, 2024

A study systematically analysed 59 scholarly articles published between 2009 and 2024 to address escalating cybersecurity challenges posed by the projected expansion of the Internet of Things. Researchers sourced articles from databases including IEEE Xplore, ScienceDirect, and PubMed, focusing on keywords relating to IoT vulnerabilities and security attacks. This rigorous selection process allowed for detailed identification of prevalent threats and emerging defence strategies. The core of the work involved a five-layer model of the IoT, encompassing perceptual recognition, network management, service management, application, and terminal layers.

Within the application layer, systems were categorised into real-time control, scientific decision-making, and query/scan search domains, enabling a nuanced understanding of security requirements. This detailed stratification facilitated the identification of critical threat categories, notably sensor vulnerabilities, Denial-of-Service attacks, and insecurities within public cloud infrastructure. Scientists investigated advanced defensive approaches, assessing the potential of Artificial Intelligence (AI) for anomaly detection, Blockchain technology for establishing decentralised trust, and Zero Trust Architecture (ZTA) for continuous verification protocols. The research examined how these technologies could be integrated into real-time monitoring and decision-making systems, enhancing the resilience of IoT networks.

This innovative model serves as a framework for understanding the complex interplay between different layers of the IoT ecosystem and their respective security implications. The study also considered future research directions, specifically highlighting the potential of quantum computing and 6G networks to further bolster IoT resilience, anticipating increasing data transmission exceeding 40 zettabytes across networks. By systematically reviewing existing literature and proposing a refined model, the research provides a valuable contribution to the ongoing effort to secure the rapidly expanding world of interconnected devices.

IoT Threat Landscape and Five-Layer Model

The escalating complexity of the Internet of Things, projected to encompass over 30 billion interconnected devices by 2030, presents significant cybersecurity challenges. A comprehensive study, drawing upon 59 scholarly articles published between 2009 and 2024, identified critical threat categories including sensor vulnerabilities, Denial-of-Service attacks, and public cloud insecurity within IoT ecosystems. This work details the development of a novel five-layer IoT model intended to guide future research and bolster overall system resilience, particularly in the context of emerging 6G networks. Experiments comparing Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) revealed a crucial performance trade-off for constrained devices.

While TLS 1.3 offers robust security, its overhead proves prohibitive for real-time applications, making DTLS 1.3, operating over UDP with a “Connection ID”, the superior standard for applications like smart metering. A “Lightweight Mutual Authentication” scheme for MQTT, the dominant IoT messaging protocol, reduced packet size by over 30% through the use of Elliptic Curve Cryptography and timestamped signatures. As automated attacks become more prevalent, defensive mechanisms are evolving beyond simple anomaly detection, with injecting attack samples into the training phase , termed “Adversarial Training” , now a mandatory requirement for robust machine learning-based defense systems. A comprehensive survey of Deep Learning (DL) in IoT demonstrated that architectures like Convolutional Neural Networks (CNNs) significantly outperform traditional shallow learning in feature extraction.

However, centralized training creates bandwidth bottlenecks and privacy risks, prompting exploration of Federated Learning (FL). The application of FL enables edge devices to train intrusion detection models locally, sharing only parameter updates, thus preserving data privacy while leveraging collective intelligence. Blockchain technology offers a fundamental layer of data integrity, ensuring sensor data cannot be retroactively altered, with Lightweight Consensus Mechanisms achieving transaction finality in milliseconds with minimal battery drain. Smart Contracts were also explored as a means of automating security enforcement and creating self-healing network structures. The study emphasized the importance of hardware-level security, highlighting the need for Trusted Execution Environments like ARM TrustZone to establish a verifiable “Root of Trust”. Hardware analysis of Ascon demonstrated the critical importance of resistance against Side-Channel Attacks, confirming that security must be designed into the physical logic gates to prevent key extraction.

IoT Security A Five-Layer Model Proposed

This research presents a comprehensive survey of vulnerabilities and security measures within the rapidly expanding Internet of Things ecosystem. Through an integrative review of recent scholarly work, the study identifies key threat categories including weaknesses in sensor technology, denial-of-service attacks, and risks associated with public cloud integration. Simultaneously, it highlights promising defensive strategies such as the application of artificial intelligence for anomaly detection, blockchain technology to establish trust, and the implementation of Zero Trust Architecture for continuous verification of access. The work’s primary contribution lies in the proposal of a novel five-layer IoT model designed to better understand and address the complex interplay of security challenges at different levels of the network. Authors acknowledge limitations inherent in survey methodologies, specifically the potential for bias in article selection and the evolving nature of the IoT landscape. They suggest that further research should focus on the integration of advanced computing paradigms and the potential of 6G networks to enhance the resilience of the IoT ecosystem, paving the way for more secure and robust interconnected device systems.