Security Measures for Protecting the

Communications between IoT Devices

By
Mohammed Nasser Sayed

Seminar Thesis
Submitted to the Business Informatics Faculty
at the Faculty of Management Technology
German University in Cairo

Student(s) registration number(s): 31-5087

Date: 23rd Nov 2016
Supervisor: Dr. Hany Ismail

0
Contents
1. Introduction ...............................................................................................3
2. What is the internet of things ..................................................................................4
2.1 Objectives of the IoT .........................................................................................5
2.1.1 More extensive connection ....................................................................5
2.1.2 More Intensive information perception ...................................................5
2.1.3 More Comprehensive intelligent service ..................................................6
2.2 Architecture of IoT ........................................................................................6
2.2.1 Middleware layer..................................................................................7
2.2.2 Perception Layer ...................................................................................7
2.2.3 Network Layer ......................................................................................7
2.2.4 Application Layer ..................................................................................7
2.2.5 Coding layer .........................................................................................8
2.3 Technologies used in IoT ....................................................................................8
2.3.1 RFID ....................................................................................................8
2.3.2 WSN (Wireless Sensor Network) .............................................................9
2.3.3 Networking Technologies .................................................................... 11
2.3.4 Cloud computing ................................................................................ 11
2.4 Applications on IoT ......................................................................................... 12
2.4.1 Smart homes ...................................................................................... 12
2.4.2 Smart cities ........................................................................................ 13
2.4.3 Online Power transmission line.....14

2.4.4 IoTs in Medical Applications.....16

3. Security Problems of the IoT ..................................................................................... 17

3.1 Challenges on the RFID ................................................................................... 17
3.1.1 Unauthorized access to RFID ................................................................ 17
3.1.2 Unauthorized tag disabling .................................................................. 17
3.1.3 Unauthorized tag cloning ..................................................................... 18
3.1.4 Replay Attacks .................................................................................... 18
3.2 Cloud computing abuse ................................................................................ 18
3.3 Sensor-nodes security breach ....................................................................... 20

1
4. Models for the security of the IoT............................................................................. 22
4.1 Constructing preventive systems aganist DDoS attacks ........................................ 22
4.2 Models of solutions for technologies of IoT ........................................................ 24
4.2.1 RFID .................................................................................................. 24
4.2.2 WSNs ................................................................................................ 25
4.2.3 Cloud computing ................................................................................ 27
5. Conclusions and Outlook ......................................................................................... 28
Research gap. .................................................................................................... 28
References28

List of Figures
Figure 1 Architecture of IoT ...........................................................................................6
Figure 2Cooperation between IoT technologies ............................................................. 12
Figure 3 Smart home ................................................................................................... 13
Figure 4 Smart city key application areas ....................................................................... 15
Figure 5 Online monitoring of power transmission line ................................................... 15
Figure 6 Health Care in IoT ........................................................................................... 16

List of Tables

Table 1 Security Architecture ....................................................................................... 24

Table 2 Solutions for RFID security challenges ................................................................ 24

2
1. Introduction
The Internet of Things (IoT) is aimed at enabling the interconnection and integration
of the physical world and the cyber space. It represents the trend of future networking,
and leads the third wave of the IT industry revolution. IoT has become a persuasive
option nowadays despite being introduced under different names since 1982, with
"things" defined here as any object that one can imagine from refrigerators to cars or
even living organisms like humans that can monitor their heart rate ( Kumar & Pattel
2014 :4). More and more people with the IoT can access to such a global information
and communication infrastructure related to the use of the Internet as a global
platform for letting machines and smart objects communicate, dialogue, compute and
coordinate more than the two billions who use the Internet for browsing the Web in
many tasks like sending and receiving emails, accessing multimedia content and
services, using social networking applications or playing games (Miorandi et al 2012:
1497).
The internet of things becomes more popular because of the decrease in the price of
the subscription of the internet in addition to the popularity of the technologies that
IoT revolves around it. About the technologies the most popular of them are radio
frequency identifications (RFID), wireless sensors network (WSNs) and Cloud
computing. They all among others work together in order to provide the IoT as
a cohesive communication between man-to-machine and even machine-to-machine
(Farooq et al 2015: 4).
The introduction of IoT in large scale can play an important role in the improvement
of land agriculture by means of precision agriculture, the automation of healthcare
process, the conserving of energy and monitoring energy transmission lines (Chen et
al, 2011, 15). On the other side, The IoT help in the introducing of a new concept that
is the smart cities in which the traffic, waste, and even governmental affairs is being
controlled by IoT (Zanella & Vagelista 2014: 2).
However the huge potential in implementing IoT, there are security challenges and
many vulnerabilities that can be exploited whether from the IoT network as a whole
or the technologies that form the IoT technology. These challenges may affect the
confidentiality, integrity and the availability of the information causing heavy
consequences either to the business or the individuals that using IoT (FTC 2015: 10).
Despite these security challenges there is security models and measures in order to

3
overcome the security problem, these measures range from a measure to the overall
IoT technology to measures of the technologies that involve in formation of IoT (Jing
et al 2014: 3). The research question is: Can we develop a framework that addresses
security challenges and their solutions for different business applications and models?
In this study we will discuss the definition of IoT, its objectives, the architecture and
technologies used in IoT and its applications as well as the most common security
challenges that may affect the IoT and its technologies with their solution models.

2. What is the internet of things

The IoT has been prevailing in the technological report papers in 2005 indicating that
the technologies are moving into a "ubiquitous network society", this evolution has
come far from the origination of the IoT from the logistics requirements in business
organizations and the proposal of the IoT's idea at the late 1990s by the MIT's auto-ID
labs. With the increase in the trend of the IoT technology, we might see the IoT not
just increase in utility in business organizations only but also in the normal man's life
which can be used in cars, doors, elevators up to personal utilities and objects such as
toothbrushes, Televisions, laptops, air conditioning etc ; since the definition and
identification of a device that is included in the IoT technology has become so large
and more generalized while the devices are becoming more and more interconnected
with one another (Ma & HD 2011:2).

The IoT (Internet of Things) is defined according to (Ma & HD 2011) as "network
that inter-connects ordinary physical objects with the identifiable addresses so that
provides intelligent service". However there is os many definitions for the IoT
technology and not one of them is considered a standardized definition for it (Said &
Masud 2013 :2) it as a complex, sophisticated, yet satisfying and interconnected
technology that revolves around the existence of Internet, mobile communication
networks and wireless sensor networks.
IoT has three main characteristics: The instrumental of the objects, interconnectivity
of the terminals and the intelligence of the services. The first characteristics means
that cups, food, car tires etc. are identifiable by means of a barcode of an RFID tag or
other identifiable objects, the second is where the physical objects are interconnected
with each other and connected to a terminal to the digital world, and the last of the

4
IoT which indicates that the services provided to the user will get better as directly
proportional to the participation of the objects in the network (Ma & HD 2011:2).
2.1 Objectives of the IoT
The prevailing of the IoT technology was aimed to satisfy three goals that separates
the IoT technology from other technologies in the IT and BI (business intelligence)
markets, these goals are: more extensive connection, more intensive information
perception and more comprehensive intelligent service (Ma & HD 2011: 3) as well as
other objectives like access of content and services, Network and Device Discovery,
communication between man and machine or machine and machine.
2.1.1 More extensive connection
This goal is achieved by the means of three main categories: increase in the quantity
in which the number of the devices that are interconnected in the IoT are increased by
including non-intelligent objects like vehicles , whiteboards, sensors etc along with
the intelligent and information oriented objects and devices like laptops, computers,
mobile phones etc . and connecting the devices with tracking tags like RFID. The
second category is by increasing the type of the devices in the IoT connection by
costuming the connection efficiency of the network based on the energy supply of the
device, for example if the device is powered directly to an power supply it will
perform better than if it is dependent on a battery. The third and last category is the
type of the connection of the network in which may be a a wireless based connection
network or a wired connection network (Ma & HD 2011:3).
2.1.2 More Intensive information perception
This goal means that the IoT aims to shift the attention of the business from the
limited and old-schooled minded of the local environment down to the new and
expanded mind set of the global environment that is achieved by shifting from the old
single sensors to the new multi-sensors, since the single sensors have may
shortcomings like non-uniformity which is providing a single data for things that
needs and can't have consistent values like temperature, humidity etc, Inconsistency
which happens because of the inconsistency in the space-time inputs, discontinuities
in which the data are scattered and not integrated due to the capacity of the dynamic
network, inaccuracies that is caused by the sampling methods used to the data
gathered, Incomprehensiveness which can be caused by several errors in collecting
the data due to the restrictions of using the single mode model, and lastly the

5
Incompleteness which leads to the formation of unsatisfying information that can't be
used in the business processes or in the decision making involved (Ma & HD 2011:3).
2.1.3 More Comprehensive intelligent service
The IoT have the ability to give their services based on the expansive and extensive
connection network based on the amount of physical devices connected and the
perception of the devices to the surround environments, in which the physical are
participate in the process of delivering the service. However in order for these
services to perform efficiently in an environment with all its unpredictability these
services must be modified with certain methods in order to deliver on that promise,
despite that modifications the services are vulnerable to limitations in the environment
such as one of that methods is called conventional software development method in
which it has the ability to handle the user requirements and the cyber space (virtual
space) but doesn't allow the handling of physical space which leads to the inability to
provide more cohesive intelligent service (Ma & HD 2011:4).

2.2 Architecture of IoT

There are many models of the IoT architecture, however this layers is considered the
most important as well as the most common layers of the IoT's architecture:

Figure 1 Architecture of IoT (Chen et al 2011: 15)

6
6
2.2.1 Middleware layer
The middleware layer is considered the main intermediate between the perception
layer and the application layer in which the information that comes from the hardware
(perception layer) are processed via the middleware layer's processing equipment tool
and then are passed to the application layer in the form of an automated action based
on the information processed and transferred (Bandyopadhyay & Sen : 5). Thus the
middleware plays an important role the management of the IoT device as it is the
responsible for functions related to the organization of the data and information
management such as data filtering, data aggregation, access control and information
discovery.

2.2.2 Perception Layer

There are several names that is given to the perception layer, it is also called the edge
layer or simply the hardware, basically this layer is what gives the IoT a physical
appearance in the real world. It also can be take in form of different technologies
involved in the IoT such as the RFID, sensor networks and embedded edge
processors, however they all contribute to the main goal or function of the perception
layer is that it the identification, collection, storage of the information that is resulted
from the automated communication between linked devices/things and each other or
the communication of man with device (Farooq et al 2015: 2). The information is
transferred it into signals by the layer gets hold it. These signals are transferred to the
network layer to get the full use of the information (Bandyopadhyay & Sen : 5)
2.2.3 Network Layer
The network layer has its goal information from the perception layer and delivers it to
the middleware layer through transmitting of data upon several networks that can be
the internet as well as satellite nets, wireless networks, mobile communication
networks and protocols (Liu et al 2012: 648).
2.2.4 Application Layer
The Application Layer is at the top of the stack of the layers where the integration
between the industry and the IoT technology takes place resulting in things like smart
transportations, smart cities, Power operation management etc, depending on the
type of data being processed by the previous layers. The application layer has a big
role in developing the IoT network since the industry/business is the staple that the
IoT must be guided with in order to stay relevant within the business.(Bandyopadhyay

7
& Sen : 5). with more and more businesses using more application of the IoT within
their systems mainly because of the maturity of the hardware used for the IoT, thus
the IoT is evolving day after day providing more applications and u-sability ( Farooq
et al 2: 2015),
2.2.5 Coding layer
Before the existence of the hardware to collect data the coding layer is considered the
software that the IoT technology is based on (Farooq et al 2015:2). This layer
provides the object with the right identification and authorization to the objects as this
later provides the object with a distinct ID that makes it easy to commune with and
transfer data from and to other objects.

2.3 Technologies used in IoT

The IoT technology consists of several technologies that are blended together in order
to provide the service the IoT, the following are the most important technologies
related and involved in the IoT.
2.3.1 RFID
The RFID of radio frequency identification is considered the staple of what makes the
object distinct via EPC (Electronic product code) And it can be applied on any object
because of its small size and its little cost of production. It is classified into two types
based on the application of the IoT: Active and Passive.
The active tag has an internal battery that eases the communication between different
EPCs from a relatively small distance and they emit data signals from and to objects
in order to be processed. While the passive tag is activated when they get triggered as
the transceiver activates the EPC in order to get and receive information. Also unlike
the active tag its range is much bigger and while it lacks the internal battery that the
active tag has it can operated from the electromagnetic signal that comes from the tag
reader that acts as a power source. Also the tag reader is the object that scans the tag
of the RFID and gain access to the data that the tag is holding and then passes the
signal to the processors for the data to be analyzed, the major difference between and
RFID and a normal barcode is that the reader mustn't appear in front of the tag unlike
the barcode that requires the reader to be in front of the reader (Borgohain et al 2013
:2). RFID has replaced the barcode tag in many industries around the world especially
in supply chain and logistics departments as the RFID helps in interconnecting

8
computer devices through internet and allows for object management in order to avoid
mistakes and boosts the productivity of the machines that are attached to and RFID
tag (Lei et al 2011: 17).
2.3.2 WSN (Wireless Sensor Network)
WSN from its name is a networking architecture of sensor that is built from several
nodes of smart sensors with low power consumption that their numbers can reach
from few hundreds to few thousands based on the application, however they don't
have a cohesive architecture to speak of. It can be used in order to gather data that the
object is exposed to such as the humidity, speed of air, temperature. The sensor is
consisted from a micro-controller, an antenna in order to receive signals from other
nodes as well as a circuit that can act as a source of actuation, communication and
sensing unit respectively ( Farooq et al 2015: 3), about the different types of WSNs,
there are certain models that must be addressed: first the sensors of a certain type all
have the same ability. They don't have any type of identifiers and each WSN node is
related to a certain region such that no node shares two regions (Eltoweissy et al 2:
2004).Now the three most wide-spread and famous types of WSNs are: terrestrial,
underground and underwater WSNs.
The terrestrial WSNs are considered the most abundant and used type of the three in
which it is made of huge number of sensor nodes that are cheaply produced, they are
spread and scattered in a required are via random fashion or a pre-planned manner,
the random fashion from its name tends to drop the sensors of the network without an
organized way or manner and sometimes it is dropped from a high place in order to
the cover that are required.
However the pre-planned manners there are four distinct layouts for the dropping of
the sensors which are the optimal, grid, 2d and 3d replacement. The communication
between these sensors is very important especially in a dense or crowded environment
in which the nodes must communicate with each other in order to deliver the
information collected from the location to the base. The sensors can be equipped with
a solar recharger as alternative power consumption to its primary battery which can't
be recharged, as well as the ability to less consume the power of the battery via
optimal routing, minimizing delays and preventing the redundancy of the data (Yick
et al 2008: 2295).

9
The second type which is the underground provides less amount of sensor nodes used
in the given area that its counterpart the terrestrial. However these nodes are more
expensive in terms of deployment, equipment and maintenance as those nodes must
be prepared to provide a consistent and reliable connection and communication
between one another as they are operated in an underground territories like mine
caves, underground tunnels and underground caves. These nodes are vulnerable to
signal losses and high level of attenuation as the nodes' communication signal must
traverse through solid rocks, water, soils and other components (Yick et al 2008:
2296).
Also unlike their counterparts there is no different types of deployment in which the
nodes are placed by terms of planning, careful consideration of the environment and
strategy, finally they don't have an alternative type of regeneration power as the
battery can't be recharged so it's up to the efficient communication protocols and data
transfer to preserve the consumption of the battery (Yick et al 2008: 2296). Also there
is unevenness in the coverage density as they can be high at the end of the network
where the data is collected and weak in between; also if the collecting data failed the
whole connection fails. So there is an upgrade for the underground sensors that is
called Wireless underground sensor networks (WUSNs) that overcomes these two
problems. (Akyildiz & Stuntebeck 2006: 671)

The Third type of the WSNs is the underwater WSNs, this type is the most expensive
in terms of equipment and maintenance while also retains the least amount of nodes
usable and deployed through a given area. The sensors are deployed via vehicles
which can be used either for exploration or deploying sensors or gathering data from
these sensors. Also the sensors are sparse and widely spread instead of being
condensed in the area while also establishing communication waves and channels
between nodes via acoustics waves.
However the challenges of the transmission of waves comes from either technical
issues such as the bandwidth, long propagation and signal fading issues as well as
being problems coming from the environmental issues in which the sensor must adapt
to the changes and the harsh conditions of the deep oceans. Also like the underground
nodes the nodes suffers from the same shortcoming from the batteries that cannot be
replaced or changed while also heavily dependent on the efficient transmission
protocols and the reduction of data redundancy (Yick et al 2008 : 2296).

10
2.3.3 Networking Technologies
The networking technologies are essential for connecting the objects between one
another for the sake of communication and transferring data to one another, and so a
strong, reliable and effective interconnected network that have the ability to handle
and provide the capacity for available devices and soon-to-be objects. The networking
is based on the distance between the devices in the network, so there is the mobile
networking like the 3G, 4G & LTE, etc in order to handle wide-range
communications. There is also the BAN (body area network) that can be used in
applications for medical and personal health care, sports and fitness and even in the
entertainment and gaming (Wang & Patel 2010: 81).
However, this network might be not reliable because of its predictability as it includes
the normal mobile services like texting, sending SMS, surfing the internet. So there
must be a faster and more efficient network in the near future like the fifth generation
of mobile networks aside from the current mobile networks. Other networks like the
Bluetooth and the Wi-Fi can be included in the networking technologies in the short-
range network communication (Farooq et al 2015:4).
2.3.4 Cloud computing
The cloud computing as a technology is beginning to emerge as an answer to the
overabundance of devices every day, as the cloud computing has the capacity to store
all the required data while analyzing it to provide information. That is by sharing the
resources of the cloud provider who has the servers with the service user who can
increment or decrement the amount of the service based on his current status while
not having any restrictions at accessing the service. The cloud computing of all the
technologies involved is considered the most essential technology as it allows the
processing and analyzing information transmitted from the sensors while storing the
information resulted. In that view the IoT can hugely benefits from the existence of
the cloud computing and thus this relationship can lay a foundation for further
researches to increase the power of the IoT (Farooq et al 2015: 4). The cloud
computing consists of : SaaS (software as a service) that allows the user to access the
service via any terminal that have internet access, PaaS (platform as a service) in
which there is a considerable amount of options needed for building custom
applications via enhanced environments for building applications, IaaS (infrastructure
as a service) in which the data is stored for the purpose of retrieval or analysis of the
data, and the data centers which is considered the hardware layer that the cloud

11
computing is built upon (Lee et al 2011 :3). This figure explains how the
communication between the technologies of the IoT takes place:

Figure 2 cooperation between IoT technologies (windriver

& VxWorks 2015: 4)

2.4 Applications on IoT

IoT is has become more and more relevant in our modern world that will become
more used in the near future, since the IoT becomes more used in normal life the IoT
went to be an entire applications for systems like smart homes and smart cities.
2.4.1 Smart homes
Smart homes are becoming an attractive choice for implementing IoT thanks to the
advancements and the reduction costs in the fields of information technology,
electronics and communication technology. That can be applied in terms of the
telecommunications (intercom & telephones), the consumption of electric power and
gas and the transportation of water. Also windows can be controlled automatically;
doors can be locked on/off based on the IoT and even controlling the surrounding
environments like adjusting the air conditioning based on specific commands.

12
A major part in the application of smart home is the health aid system, for example a
person can alarm a system into providing him with a medicine or even getting an
appointment with a doctor if there is a significant change in the health state for the
person (Kumar & Pattel 2014 : 4).

Figure 3 Smart home (Kumar & Pattel 2014 : 4)

2.4.2 Smart cities
The smart cities' has many subcategories that are interconnected together in order to
provide a neat, complete and cohesive model of modern cities, these sectors can be
smart environments, smart buildings, smart utilities, smart governments etc ,
however the application of the smart city is not widely used if it is used due to several
restrictions that hinders the usage of the IoT in the smart cities which are political
barriers that there will be a shift in power from the government to the stakeholders.
Technical side which the several interconnected and sophisticated systems can
provide errors in operating and communicating with each other and last the financial
barrier is that there is no defined business model or guide for a smart city to build on
there is a risk at losing money in the investment while suffering from the limitations
of the current IoT especially the security challenges (Zanella & Vagelista 2014 : 2).

13
Smart city however differs from digital cities in which the digital city is considered a
type of simulation of a city that goes in parallel with the real cities. The concept of the
smart city that it is a modernized state-of-the-art city that uses IoT in order to achieve
its goals. It is mentioned though that if the three barriers of the smart cities were
overcome by future solutions it can provide the ability to increase the ability to solve
urban problems, manage the urban flow and the ability of forecasting them, and the
ability to push forward the intellectual assets of the cities (schaffers et al 2011: 434).
The smart city can provide two of the most important services that can solve the main
issues that are abundant in modern cities which are the waste management and traffic
congestion, the waste management is improved and is efficient over its equivalent in
normal modern city because of the IoT which is used in waste containers which can
lead to the increase in the quality of recycling as well as the ability to guide the waste
the collector for the waste routes in order to preserve time and energy as well as the
management of the waste lifting by sending messages from the tags that reads the
containers' load and sends the data to the data center in order for the data to be used in
the next operations (Zanella & Vagelista 2014: 3).
Also, there is the traffic congestion service that is provided in which IoT-based low
power communication as a replacement to the already known camera-based system
that is implemented in many cities, the IoT system will collect information about
traffic and provide information based on that information to the car driver and give
him the best route to stay away from the route that suffers from traffic congestion, and
useful for authorities to control the traffic, know if the traffic is based on a problem
send the police to solve, or if there is any trespass to the traffic law in which the
authority will take the action needed to ensure the law (Zanella & Vagelista 2014: 3).
2.4.3 Online Power transmission line:
Online power transmission line can involves IoT technology, this is particularly
important in areas that are vulnerable to natural disasters in which preventing
mitigation of power transmission as well as prevention of power disasters that might
occur. The system is divided into two parts: A part that is installed in order to monitor
the state of the power transmission lines, and the other part is implemented on top of
the transmission towers to keep track of the environment surrounding the power
transmission line, then the communication between them is held by a wireless
communication that transmits data back and forth.

14
 Figure 4 smart city key application areas (Shaffers et al 2011: 435)

Figure 5 online monitoring of power transmission lines (Chen et al 2011: 15)

After the inclusion of the IoT technology, The RFID portion will identify the places
where the power equipment in order to provide supervisory and guidance to the staff

15
responsible of the power transmission. This will increase the reliability of the power
supply as well as increase the efficiency of the power transmission line patrol (Chen
et al 2011: 15).
2.4.4. IoTs in Medical Application
IoT provides a proper application in dealing with problems that is related to the
healthcare field such as the lack of medical staff and medical facilities in some cities,
unavailability of proper and reliable disease prevention system and occurring social
problems by introducing the remote monitoring and management platform of health
care information (RMMP-HI).
This system uses a collection of sensors that is either in the person's body or in his
surrounding space, monitoring the health condition in real time and encourages
patients to get early treatments if the conditions changed from its stable state, if there
is an emergency state an urgency notice will be provided to the nearest hospital in
order to provide the needed treatment for the patient. This system provides reliable
decision making process for the diseases through the process of collecting data,
analyzing it and categorizing the patient to a specific group that is required for a
certain amount of care. (Kumar & Pattel 2014:3, Wang et al 2011: 662).

Figure 1 Health care in IoT (Kumar & Pattel 2014: 3)

16
3. Security Problems of the IoT
As long as the benefits and applications of the IoT arise, there are also security
limitations and challenges that affect the performance of the IoT devices to the
business area. These provide vulnerabilities to hurt users by illegally using their
information & sending malicious emails to others as well as hurting the overall
security system. This problem is magnified as there is a large amount of IoT devices
whether in a person's house or in a business system, this leads to large amounts of
weak spots within a network thus make the attack on the user's network more
dangerous. Especially if one device is compromised it can affect other devices in the
network making the whole network is at risk. A good example of the previous
situation is a DoS attack (Denial of service) that uses one device to affect others (FTC
2015: 10). The most common security challenges on the IoT are:
3.1 Challenges on the RFID
This section will discuss the security challenges of the RFID technology like
unauthorized access, tag disabling, cloning and replay attacks.
3.1.1 Unauthorized access to RFID
This limitation means that unauthorized individuals/ systems can have the ability to
access the data imbedded the device by using the identification data of the tags, this is
a huge problem as the confidential data like user data and business data in the devices
are vulnerable to be disclosed, manipulated or even damaged and erased by
unauthorized users and crackers, therefore if a person is buying something from a
store that supports the IoT technology the data entered by the user will be endangered
with the following vulnerabilities leading to the negative effect on the customer
relationship asset of the company (Farooq et al 2015: 4).
3.1.2 Unauthorized tag disabling
The unauthorized tag disabling is due to a DOS attack (denial of service) in which the
attacker perform it at a remote distance from the RFID tags attacked. That type of
attack on the RFID tag make the RFID tag suffer from misbehaving or malfunctioning
if it was read by an authorized reader , while also giving irrelevant information to the
related identification identity of the tag. This behavior may lead to the temporary or
permanent disability of the RFID tag causing technical and business-oriented damages
to the business applying the IoT technology (Medeiros & Burmester 2007: 1 ).

17
3.1.3 Unauthorized tag cloning
The cloning of a RFID tag takes place when the attackers is provided the ability to
know and capture the information that provides the authenticity and uniqueness of the
tag , like the identification identity or the EPC of the tag. If this data is captured then
the attacker from the analysis of the affected tag may be able to replicate its existence
forming weaknesses in the businesses processes that uses the RFID tag technology,
that is by bypassing some of the information collected from the tag and replacing it
with the information of the clone tag, affecting the integrity of the information used
while neglecting the security implementations that provide security to the RFID tag.
(Borgohain et al 2013: 2 , Medeiros & Burmester,2007: 2).
3.1.4 Replay Attacks
This type of attack makes the attacker impersonates the tag he is attacking, that is by
using the RFID tag's response to a reader, then interrupt the communicating signals of
the process, then the attacker saves this communicating signals and replaying it to the
system that is responsible for reading and collecting information from the tags when it
is required to fill a query, thus faking the availability of the affected tag while loading
the reader system with whatever data comes from the cause of the masquerade tag that
is substitute to the affected tag (Borgohain et al 2013 :2).
There are also many security challenges that is related to the RFID technology side of
the internet of things including reverse engineering attack, Eavesdropping, viruses,
tracking etc(Borgohain et al 2013 :2).
3.2 Cloud computing abuse
since the cloud computing technology is considered the biggest and most important
part of the related technologies to the internet of things, its vulnerability to a lot of the
security threats shared with other technologies like phishing and man-in-the-middle as
well as other threats that are only concern the cloud computing technologies. These
challenges increase the compromise of the confidentiality and the privacy of the
business data as the dependency of the IoT technology on the cloud computing as a
source for storing and analyzing business data and the increasing in numbers of the
number of stakeholders, parties and devices connected to the cloud.
Also these challenges may affect integrity of the information stored in the cloud as
the data should be changed only by authorized user, and because of that the cloud
provider must be trusted in order to maintain the business data's accuracy and validity

18
as the attack on the cloud may come from malicious insiders in the positions that they
have the authorization to access and maintain the business's data yet they trespass
these rights and permissions.
Finally there are security threats that affect the availability of the cloud, that means
that the cloud is available for use according to the service level agreement that is
formed between the cloud user and the cloud provider, these threats does not the
software portions of the cloud alone but may also target the hardware portions and the
resources of the cloud (Farooq et al, 2015, 5, Zissis & Lekkas, 2012, 586).
An institution that is responsible for cloud computing researches provided few
significant security threats affecting the cloud computing, they listed Malicious
insiders, Data loss, Man-in-the-middle, bot-nets.
The malicious insiders as explained from the above that are considered threats from
the inside in which they use their authorization in order to cause mischief and
damaging the information that belongs to the cloud user(s), this attackers can be from
small employees up to chief information officers and executives, they can perform
several types of damage to the security in which like using their knowledge of
knowing the vulnerabilities of the security system configuration that allow them to
fetch and monitor network packets, gain an authorized access to the information and
the ability to handcraft and manipulate the data collected from the IoT applications
and stored in the cloud (Subashini & Kabitha 2011: 5).
The second threat that is data loss/erase is that the data is damaged, erased or
manipulated either by inside users such as malicious users or external users that is no
from the parties involved in the agreement of the cloud computing such as hackers,
crackers etc... (Farooq et al 2015:5)
The Third threat is the Man-in-the-middle (MITM) in which the attacker has the
control and the data exchange in a conversation sessions that is entirely controlled by
the attacker in which he can manipulate in real-time (when the sensitive data is
automatically entered the cloud), with higher chance of success if the attacker
masquerades himself as one of the parties involved. The most common method of a
MITM attack is by distributing a malware that accesses the users' data and redirect it
to a masquerading website that the user intend to reach, then make a connection
bridge to the required site and monitor, manipulate and capture the data from the
traffic that is formed by acting as a proxy between the website and the user (Rouse
2015).

19
The final threat enlisted is the Botnets in which according to Rouse ( botnet(zombie
army)) is "a number of computers that although their owners are unaware of it have
been set up to forward transmissions including spam and/or viruses to other
computers on the internet.". These bots that are known as the "Zombie army" have the
ability to flood the traffic between the cloud provider and the cloud user performing a
DDOS attack (Distributed denial of service) in which the cloud is overloaded with
very huge numbers of requests leading to the systems' paralysis while using the
network for malicious business interests that hurts both the cloud users and cloud
provider both technical and financial-wise losses (25sevenIT 2015).
3.3 Sensor-nodes security breach
The sensor-nodes security breach is a type of security challenge that targets the
wireless sensor networks (WSNs) in which oppressive functions can affect the
prevalence of the WSN network, the WSN network security is important as it is
discussed above the WSN layers are responsible for the transmission of the data from
the sensors that collect data from the devices to the base where it is stored and
analyzed, and thus the attack may affect the transmission of the data or the
manipulation of the data stored temporarily in devices.
The attacks on the WSNs can be categorized as: attack on the secrecy and
confidentiality, attack on the integrity of the service and attack on the availability of
the service, the latter is considered the most common and most important as it affects
the transmission of the data and is caused by the most common threat in the
technologies related to the IoT technology: Denial of service attack. The denial of
service attack can cause negative effects such as Jamming which interferes with the
frequencies of the sensor nodes and sending large amounts of data into the network
thus halting the network, and flooding in which the DOS attack exhausts the memory
of the nodes and sensors by unleashing large amounts of traffics in the network of the
nodes (Farooq et al 2015 :5 , kumar & Patel 2014 :5).
The DOS attacks can also affect the five layers of the WSNs' architecture which are:
Physical, Link, Network, transport and application layers. Each has negative effects
by the DOS attacks;
The effects on the physical layer as a layer that is responsible for the carrier
frequency and responsible for processing and organizing the data including encryption
and decryption of data, modulation and demodulation of data and the transmission of

20
data from nodes and reception to the base data warehouse- are: Jamming which we
discussed above, and node tampering which is the extraction of data from the node
sensors (Borgohain et al 2013:2).
While the effects on the link layer that is responsible of reliable end-to-end and end-
to-multi-end communication and detecting MAC errors, data frame and error control
while multiplexing the data streams from multiple nodes are: Collision, which by
inducing small changes in the identification portions of two simultaneously delivered
packets of data at the same frequency channel, leads to the discarding of the packets
of data as it is not identical to the identification data that is known by the receiving
endpoint which leads to the re-producing the same packet, Unfairness which is
considered a bigger scale of collision type attack the affects nodes and exhausts them,
Battery exhaustion in which the battery is tired by transmitting high traffics of
requests severely reducing and limiting the accessibility of nodes (Borgohain et al,
2013 ,3), and Interrogation attack in which the node is being exhausted by many
requests-to-send messages in order to hinder a node from performing a clear-to-send
message to an adjacent node exploiting the handshake process (Kavitha & Sridharan ,
2009, 38).

The effect on the network layer that is responsible for routing of information are:
spoofing which is the misleading of packets of data traffic to the receiving endpoints,
Hello flood attack in which an affected node produces a useless messages that is
amplified in huge numbers by the attacker thus causing congestion in the traffics of
data, Homing which is shutting down the WSN by hitting searchable key managers
and cluster centers, The selective forwarding in which an affected node doesn't send
data to all other nodes but selecting only handful of them which are controlled by the
attacker so they can't forward or transmit the data to the base thus affecting the
availability and the validity of the data (Raymond & Midkiff 2008 : 78-79).
In addition there's Sybil that provides several identification identities to a replicated
node so it collects data from other nodes while disrupting and affecting the collection
of data, and wormhole that performs relocation of bits of data from their original
position in the network to another location through channeling these bits through a
low latency link, and finally the acknowledgement flooding where an infected node
misleads the routing of acknowledgement to their intended destination thus provide
false information to the other nodes (Borgohain et al 2013 :3).

21
The effects of the DOS on the transport layer which is responsible for reducing
congestion of the traffic in routing devices and providing reliable data transportations
are: Flooding which indicates the congestion of the communication and transmissions
network with useless requests and messages while producing huge amount of traffic,
also this threat has subcategories that was explained above.
Sinkholes attacks in which the traffic of the network from the nodes will be lured
around an infected node by the attack thus cause disruption in the network (Sharma &
Ghose, 2010, 43). And De-synchronization where false messages are produced at the
endpoint of the data transmission thus make the endpoints provide a retransmission
request for a mistake that was never occurred .this leads to the exhaustion of the
device as well as the drainage of the battery power trying to reload the information
that was lost in the process (Borgohain et al 2013 :3).
Finally in the application layer, the effect of DoS attacks hinders it from its
performance as the layer that is responsible for managing the traffic information as
well as providing the user with the comprehensible information that is translated and
analyzed from the data that was collected, processed and passed by the previous
layers or send and issue queries that are responsible to retrieve information from
databases, it is hindered by issuing a command to the sensor nodes by the attacker in
order to produce a huge traffic that is routed towards the data warehouse (Borgohain
et al 2013 :4).
4. Models for the security of the IoT
For the sake of ensuring security for the IoT technology we should consider the
protection of the infrastructure of the IoT as well as the technologies that involves in
the creation of the IoT technology.
For the IoT technology infrastructure, there are models in order to protect the
involved devices from the security challenges and issues. The first model of
protection is by constructing preventive systems against the DDoS attacks; as the
DDoS and DoS attacks are from the most common and most crucial threats that faces
the IoT
4.1 Constructing preventive systems aganist DDoS attacks
Since the IoT as technology is relatively new and emergent technology the researches
proposed for providing preventive systems for the DDoS attacks are still small in
number and in maturity, however from the proposed researches some of the systems

22
and strategies proved it relevance against the security shortcoming such as the
learning automata (LA). The learning automata provides a mean to wall DDoS attacks
by using the adaptive learning technique in which the packet sampling rate of data is
calculated and determined from the surrounding environment. This technique is
spread across layers of the network model of SOA (service-oriented architecture) in
which it provides a protective and preventive set of rules applied across the model.
According to the adaptive component that the LA is dependent upon, the data that is
gathered from the sampling rate is being used as an input to the LA in which the LA
analyzes and processes the input and provides the output results of action in which the
LA provides the best suitable route of action based on the results, While the
preventive component of the LA monitors the DDoS potential by monitoring and
counting the number of requests the layers is produced from the nodes, and compare
the counting of the request to a pre-determined ceiling number of requests for the
layers, if the count exceeded the pre-set maximum the DDoS alert will be activated
(DALERT) in which the neighboring nodes are informed that the maximum value is
exceeded(Green et al 2015: 5).
After that an identification of the DDoS attacker by monitoring and disclosing the IP
address and see which IP address issues the most number of requests, then the
information of the device that is connected to the target IP address is spread among
the other nodes to inform them that this IP address is an attacker's infected device, and
on that basis the nodes starts analyzing the traffic of the packets of data with
disposing and neglecting the malicious packets that is produced from the infected IP
address.
In that process of the LA there might be latency issues and increase in energy
consumptions occurred as a consequence for discovering and preventing the DDoS
attack so in order to compromise the problems the LA technique will choose the most
efficient alternative action for the DDoS attack while it will iterate the process until
the packets of data is below the maximum limit in the layers (Green et al 2015: 5).
There is also another proposition in which the node flooded by requests is reinforced
with another node that is called a redundant tunnel that holds part of the traffic that
exists in the sink node. This approach is cost-efficient as there is only one redundant
tunnel in the implementation while increasing the lifespan of the whole network.
Table (1) provides solutions that are related to the architecture of the IoT network
(Jing et al 2014: 3):

23
 Table 1 Security Architecture (Jing et al 2014: 3)

4.2 Models of solutions for technologies of IoT

In this section we will discuss the security models for the technology that the IoT take
advantage of which is RFID, WSNs and cloud computing.

Table 2 solutions for RFID security challenges (Khoo 2011: 4)

24
4.2.1 RFID
For the solutions of security challenges to the RFID, there are many proposed
solutions that help in limiting and walling the security threats concerning the RFID.
Some of the problems that we discussed is included in Table (2) in which the symbol
A is for making data not available, C for view confidential data and I is for changing
data (Khoo 2011: 4)
Other methods for overcoming RFID security problems are: Kill command, Faraday
cage approach, active jamming approach, Blocker tag and Bill of rights are from these
solutions.
For the kill command, the RFID tag is deactivated upon receiving a unique password
that is set upon the manufacturing of the RFID tag, thus disabling any potential attack
from this tag.
The Faraday cage approach is engulfing the RFID tag by electromagnetic insulator in
such as metal foil in which the RFID is protected from any attack that uses
electromagnetic fields.
The active jamming approach in which is considered an alteration and substitution to
the FC approach, instead of insulting the tag from any kind of electromagnetic field
the radio channel is disrupted by a specific device in which it is continuously
transmitting radio signals thus preventing any rogue readers of attempting an attack.
The blocker tag is considered a jamming approach like the previous two but the
difference is that it is a passive approach in which it provides a list of the possible
RFID id numbers and the one that defies those are considered attackers.
Finally there is the bill of rights which is considered a framework that the companies
that adopt RFID technologies in their operations should consider with their free will,
these framework helps in conserving the rights of these companies when they are
using RFID and protecting them legally from any kind of attack (lopez et al 2006: 7).
4.2.2 WSNs
There are three elements concerning the security solutions for the WSNs security
threats which are cryptographic algorithms, key management and securing route
protocols.
The cryptographic algorithms' goal is to ensure the safety and the security of the
physical layer of the WSNs as well as the foundation for the network's entire security,
it is divided into symmetric encryption algorithms and the public key algorithms,

25
however the symmetric encryption is the method that is used in the security of the
WSNs because the PK algorithms is too complex for the nodes of the network to
handle due to the availability of two keys that are related mathematically in instead of
one and the size of the keys must increase over time to attain security (Eberle &
Shantz 2005: 4) and that is inefficient with the nodes weak computation and the
limited capacity of the nodes. Despite that wide spread use of the symmetric key it has
some limitations: the key transfer protocol between the sender and receiver is too
sophisticated for the sake of the nodes' capability, If the key is being known and
disclosed from one node it becomes a huge security threat to the rest of the nodes
(Jing et al 2014:7) .and finally the extra power used for the authentication of the
messages. Because of that shortcoming there is an approach towards blending the
public key encryption with the symmetric as the public key has the ability to
overcome most of the deficiencies that comes with the symmetric encryption.
For the key management of the WSNs, there are four forms of the key management
which are: key distribution for the entire network in which the combinations of both
private and public keys is used to secure the whole network as the public key requires
private key has poor scalability which is improved by the public key
(Jing et al 2014: 7). The group key distribution which is used to secure the
interconnected communications between the nodes in which the group key is
considered the public and private key for the internal group of nodes forming a
cluster, The node master key which is the key responsible for the authentication of
communication between the network of nodes which each pair of groups has different
key (Lee et al 2007: 78) and the data warehouse of the data and finally the distribution
of keys between nodes which is responsible for the protection of the communication
and the transfer between a pair of nodes.
For the final topic which is the securing the routing protocols, it is important because
if the routing protocols of the networks was subjected to attacks and threats from the
outside the entire network will collapse and breakdown which leads to horrible
consequences on the business or the services. (Jing et al 2014: 7). The securing routes
is considering a challenging topic because it must deal with the limitations that occurs
within the routing protocols as well as the nodes themselves in which even traditional
security of the protocols cannot be applied. However there are two possible solutions
for the security of the protocols:

26
The first one is building security models specifically for the routing protocols in
which the details of the model is discussed as well as the energy consumption of the
model in order to provide acceptable results for the applied model, The second
approach is by providing solutions for the routing protocols based on the analysis of
the vulnerabilities in the routing protocols as well as the analysis of the threats that the
routing protocols are suspected to. However each has its compromising: the first
method will likely to focus on a model that will solve some problems while ignoring
other problems due to the issue of managing the power consumption while the other
method doesnt provide a way or a design to implement a proper solutions for these
analyzed threats (Jing et al 2014 : 7).
There is also several security mechanisms in order to defend the WSNs from DoS
attacks: The watchdog scheme in which we use the approach of watchdog and
pathrater in order to monitor any infected nodes (Marti et al, 2000), the rating scheme
the nodes that are near an certain node are used to give a rating to the performance of
that node (Molva & Michiardi, 2002), and virtual currency which is based on the
concept that the node isn't a selfish node with the data (Hu et al 2004: 94).
4.2.3 Cloud computing
For the cloud computing, the first step towards achieving security is that the cloud
service providers should know the accessibility of the cloud service users. Knowing
the type of devices the users will access the clouds from electronic devices, and based
on that the cloud providers will implement methods in order to provide security for
the accessed devices and identifying the devices as authorized users while preventing
other devices that are not registered from doing so. That is because any unauthorized
access to the cloud cannot be accepted by the provider due to the availability of
having the risk of identity theft and/or data losses of the cloud users.
Also, the providers must have the ability to monitor the process of accessing the users'
data in which it is accessed from the authorized users or not while also preserving the
privacy of the data. As well as, the providers must be able to reply to reports from
users about data manipulation without authorization and the loss of data -if it occurs-
and to recover such data if there is any occurs. Finally there is a framework of
regulations that is called security check events where the providers and the services
users must settle about the agreements of availability, security, assurance of data, and
reporting (Qadiree & Maqbool 2016 :4).

27
5. Conclusions and Outlook
In the last few years, this emerging domain for the IoT has been attracting the
significant interest, and will continue for the years to come. On that note we discussed
the of the internet of things in terms of definition, the objectives and purposes of the
IoT, its architecture and technologies that is related to the IoT and finally the
applications on the IoT. In spite of rapid evolution, we are still facing new difficulties
and severe security challenges. We discussed the security challenges that involves the
technologies that is related to the IoT, most importantly the security challenges on the
RFID, the cloud computing and the wireless sensors network. Finally we discussed
measures that can overcome the security problems, in more details measures for the
IoT as a whole network and the measures for the RFID, WSNs and cloud computing.
Research gap
There are different types of businesses and companies that can implement security
models for the IoT, however the scope of the security is different between business
models and business applications. Because of that there is no well-established IoT
security framework for different business applications and business models for
business to implement; furthermore it will not be able to attract new companies to
transfer to the IoT technology. Therefore there should be incorporation of a
framework that addresses security challenges and their possible solutions through
different business applications and business models.

References
25sevenIT, 2015 , Botnets: The dark side of the world
,http://www.25sevenit.co.uk/2015/07/21/botnets-the-dark-side-of-cloud-computing/
Akyildiz, I. F., & Stuntebeck, E. P. (2006). Wireless underground sensor networks: Research
challenges. Ad Hoc Networks, 4(6), 669-686.
Babar, S., Mahalle, P., Stango, A., Prasad, N., & Prasad, R. (2010, July). Proposed security
model and threat taxonomy for the Internet of Things (IoT). In International Conference on
Network Security and Applications (pp. 420-429). Springer Berlin Heidelberg.
Bandyopadhyay, D., & Sen, J. (2011). Internet of things: Applications and challenges in
technology and standardization. Wireless Personal Communications, 58(1), 49-69.
Borgohain, T., Kumar, U., & Sanyal, S. (2015). Survey of security and privacy issues of
internet of things. arXiv preprint arXiv:1501.02211.

28
Burmester, M., & De Medeiros, B. (2007, April). RFID security: attacks, countermeasures and
challenges. In The 5th RFID Academic Convocation, The RFID Journal Conference.
Dinh, Hoang T., et al. "A survey of mobile cloud computing: architecture, applications, and
approaches." Wireless communications and mobile computing 13.18 (2013): 1587-1611.
Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A Review on Internet
of Things (IoT). International Journal of Computer Applications, 113(1).
Federal Trade Commission. (2015). Internet of things: Privacy & security in a connected
world. Washington, DC: Federal Trade Commission.
Gracanin, D., Eltoweissy, M., Olariu, S., & Wadaa, A. (2004, April). On modeling wireless
sensor networks. In Parallel and Distributed Processing Symposium, 2004. Proceedings. 18th
International (p. 220). IEEE.
Hu, F., Ziobro, J., Tillett, J., & Sharma, N. K. (2004). Secure wireless sensor networks:
Problems and solutions. Rochester Institute of Technology, Rochester, New York, USA.
Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the internet of things:
Perspectives and challenges. Wireless Networks, 20(8), 2481-2501
Kavitha, T., & Sridharan, D. (2010). Security vulnerabilities in wireless sensor networks: A
survey. Journal of information Assurance and Security, 5(1), 31-44.
Khoo, B. (2011, October). RFID as an Enabler of the Internet of Things: Issues of Security and
Privacy. In Internet of Things (iThings/CPSCom), 2011 International Conference on and 4th
International Conference on Cyber, Physical and Social Computing (pp. 709-712). IEEE.
Kumar, J. S., & Patel, D. R. (2014). A survey on internet of things: Security and privacy
issues. International Journal of Computer Applications, 90(11).
Lee, J. C., Leung, V. C., Wong, K. H., Cao, J., & Chan, H. C. (2007). Key management issues in
wireless sensor networks: current proposals and future developments. IEEE Wireless
Communications, 14(5), 76-84.
Lei, Y., Ma, P., & Zhao, L. (2011). The Internet of Things brings new wave of the information
industry. International Journal of Computer Science and Network Security, 11(5), 15-21.
Liu, J., Li, X., Chen, X., Zhen, Y., & Zeng, L. (2011, February). Applications of Internet of Things
on smart grid in China. In Advanced Communication Technology (-ICACT), 2011 13th
International Conference on (pp. 13-17). IEEE.
Ma, H. D. (2011). Internet of things: Objectives and scientific challenges. Journal of Computer
science and Technology, 26(6), 919-924.
Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision,
applications and research challenges. Ad Hoc Networks, 10(7), 1497-1516.
P. Michiardi and R. Molva. Core: A COllaborative Reputation mechanism to enforce node
cooperation in Mobile Ad Hoc Networks. In Communications and Multimedia Security
Conference, 2002.
Patel, M., & Wang, J. (2010). Applications, challenges, and prospective in emerging body
area networking technologies. IEEE Wireless Communications Magazine, 17(1), 80-88.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2006,
September). RFID systems: A survey on security threats and proposed solutions. In IFIP
International Conference on Personal Wireless Communications (pp. 159-170). Springer
Berlin Heidelberg

29
Qadiree, J., & Maqbool, M. I. Solutions of Cloud Computing Security Issues.
Raymond, D. R., & Midkiff, S. F. (2008). Denial-of-service in wireless sensor networks: Attacks
and defenses. IEEE Pervasive Computing, 7(1), 74-81.
Rouse, P , 2015 , http://internetofthingsagenda.techtarget.com/definition/man-in-the-
middle-attack-MitM , Man in the middle Attack (MITM).
Rouse, P , 2015 , http://searchsecurity.techtarget.com/definition/botnet , botnet (Zombie
army)
S. Marti, T. Giuli, K. Lai, and M. Baker. Mitigating routing misbehavior in mobile ad hoc
networks. In Proceedings of MOBICOM, 2000.
Said, O., & Masud, M. (2013). Towards internet of things: Survey and future vision.
International Journal of Computer Networks, 5(1), 1-17.
Schaffers, H., Komninos, N., Pallot, M., Trousse, B., Nilsson, M., & Oliveira, A. (2011, May).
Smart cities and the future internet: Towards cooperation frameworks for open innovation.
In The Future Internet Assembly (pp. 431-446). Springer Berlin Heidelberg.
Sharma, K., & Ghose, M. K. (2010). Wireless sensor networks: An overview on its security
threats. IJCA, Special Issue on Mobile Ad-hoc Networks MANETs, 42-45.
Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of
cloud computing. Journal of network and computer applications, 34(1), 1-11.
Suo, H., Wan, J., Zou, C., & Liu, J. (2012, March). Security in the internet of things: a review.
In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference
on (Vol. 3, pp. 648-651). IEEE.
W. Zhao, C. Wang, and Y. Nakahira, Medical Application On IoT, International Conference
on Computer Theory and Applications (ICCTA), 2011, pp. 660-665.
Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005, March). Energy analysis
of public-key cryptography for wireless sensor networks. In Third IEEE international
conference on pervasive computing and communications (pp. 324-328). IEEE.
Yick, J., Mukherjee, B., & Ghosal, D. (2008). Wireless sensor network survey. Computer
networks, 52(12), 2292-2330.
Zanella, A., Bui, N., Castellani, A., Vangelista, L., & Zorzi, M. (2014). Internet of things for
smart cities. IEEE Internet of Things Journal, 1(1), 22-32.
Zhang, C., & Green, R. (2015, April). Communication security in internet of thing: preventive
measure and avoid DDoS attack over IoT network. In Proceedings of the 18th Symposium on
Communications & Networking (pp.8-15).Society for Computer Simulation International.
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation
computer systems, 28(3), 583-592.

30