Categorizing IoT Software Systems Security Vulnerabilities Through Literature Studies
Resumo
Despite the popularity of IoT software systems and the enormous variety of intelligent devices, there are still security challenges, considering the lack of descriptions of practices that can support the mitigation of security risks, augmenting the uncertainties on the weaknesses encompassing such systems. Therefore, this paper presents the results of two literature studies (ad-hoc and structured) that can contribute to the decision-making regarding mitigating risks associated with security vulnerabilities in IoT software systems. The ad-hoc literature study identified 27 coarse-grained security vulnerabilities from software organizations. The structured literature study identified 69 fine-grained security vulnerabilities from the technical literature, which allowed identifying and categorizing these vulnerabilities into four categories (application, network, device, and Peopleware) for better organization and understanding. The results comparison highlighted a set of 30 most impactful security vulnerabilities that should be considered by software engineers when mitigating the risks regarding the lack of security in IoT software systems.
Palavras-chave:
Security, Vulnerabilities, Internet of Things, Contemporary Software Systems, Literature Study, Evidence-based Software Engineering
Referências
Song, L. and García-Valls, M. 2022. Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities. Sensors 22, 5004. DOI: 10.3390/s22135004.
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai, A., Elovici, Y. 2019. Security Testbed for Internet-of-Things Devices. IEEE Transactions on Reliability 68, 23–44. DOI: 10.1109/TR.2018.2864536.
Bochie, K., Gonzalez, E., Giserman, L., Campista, M., Costa, L. 2020. Detecção de Ataques a Redes IoT Usando Técnicas de Aprendizado de Máquina e Aprendizado Profundo. XX SBSEG. SBC, Brasil, pp. 257–270. DOI: 10.5753/sbseg.2020.19242.
Abdalla, P. and Varol, C. 2020. Testing IoT Security: The Case Study of an IP Camera. 8th IEEE ISDFS. Beirut, Lebanon, pp. 1–5. DOI: 10.1109/ISDFS49300.2020.9116392.
Khan, M. and Salah, K. 2018. IoT security: Review, blockchain solutions, and open challenges. Future Generation Computer Systems 82, 395–411. DOI: 10.1016/j.future.2017.11.022.
Davis, B., Mason, J., Anwar, M. 2020. Vulnerability Studies and Security Postures of IoT Devices: A Smart Home Case Study. IEEE Internet of Things Journal 7, 10102–10110. DOI: 10.1109/JIOT.2020.2983983.
Da Silva, D., Souza, B. P., Gonçalves, T., and Travassos, G, Uma Tecnologia para Apoiar a Engenharia de Requisitos de Sistemas de Software IoT. 2020. XXIII Ibero-American Conference on Software Engineering. Curitiba, Brazil (Online), p S09 P3:14 pages.
Kuhrmann et al. Kuhrmann, M., Fernández, D. M., Daneva, M. 2017. On the pragmatic design of literature studies in software engineering: an experience-based guideline. ESE 22.6.
Atzori, L., Iera, A. and Morabito, G. 2010. The Internet of Things: A survey. Computer Networks, vol. 54, nº 15, p. 2787–2805, out. 2010, DOI: 10.1016/j.comnet.2010.05.010.
Motta, R. C., Silva, V. and Travassos G. H. 2019. Towards a more in-depth understanding of the IoT Paradigm and its challenges. JSERD, vol. 7, p. 3, ago. 2019, DOI: 10.5753/jserd.2019.14.
Aldahmani, A., Ouni, B., Lestable, T., Debbah, M. 2023. Cyber-Security of Embedded IoTs in Smart Homes: Challenges, Requirements, Countermeasures, and Trends. IEEE Open Journal of Vehicular Technology. 4, 281–292. DOI: 10.1109/OJVT.2023.3234069.
Arora, A., Kaur, A., Bhushan, B., Saini, H. 2019. Security Concerns and Future Trends of Internet of Things. International Conference on Intelligent Computing, Instrumentation and Control Technologies, pp. 891–896. DOI: 10.1109/ICICICT46008.2019.8993222.
Paes, V., Pessoa, C., Costa, V., Oliveira, L, Souza, J. 2022. IoE Knowledge Flow Model in Smart Cities. IEEE SMC, pp. 982–987. DOI: 10.1109/SMC53654.2022.9945275.
Zanon, V., Romancini, E., Manoel, B., Lau, J., Ourique, F., Morales, A. 2022. Avaliação experimental de uma camada de segurança implementada em dispositivo vestível cardíaco para Internet das Coisas Médicas. XXII SBSEG. SBC, Brasil, pp. 97–110. DOI: 10.5753/sbseg.2022.224659.
Torre, D., Mesadieu, F., Chennamaneni, A. 2023. Deep Learning Techniques to Detect Cybersecurity Attacks: A Systematic Mapping Study. Empirical Software Engineering 28, 76. DOI: 10.1007/s10664-023-10302-1.
Yadav, E., Mittal, E., Yadav, H. 2018. IoT: Challenges and Issues in Indian Perspective. 3rd IEEE IoT-SIU, pp. 1–5. DOI: 10.1109/IoT-SIU.2018.8519869.
Koziolek, H. 2011. Sustainability evaluation of software architectures: a systematic review. QoSA-ISARCS '11. Association for Computing Machinery, pp. 3–12. DOI: 10.1145/2000259.2000263.
Sheikh, Z. and Singh, Y. 2022. A Hybrid Threat Assessment Model for Security of Cyber-Physical Systems. 7th IEEE Seventh International Conference on Parallel, Distributed and Grid Computing, pp. 582–587. DOI: 10.1109/PDGC56933.2022.10053332.
Barisic, A. and Cunha, J. 2017. Sustainability in Modelling of Cyber-Physical Systems: A Systematic Literature Review - Intermediate Technical Report (Research Report). Universidade NOVA de Lisboa. [link].
ISO/IEC 27000. 2018. Information technology — Security techniques — Information security management systems — Overview and vocabulary. Accessed in 5.10.23. [link].
OWASP. 2016. Category: Vulnerability. Accessed in 5.10.23. [link].
Kariri, E. 2022. IoT Powered Agricultural Cyber-Physical System: Security Issue Assessment. IETE Journal of Research. DOI: 10.1080/03772063.2022.2032848.
Alfadel, M., Costa, D, Shihab, E. 2023. Empirical analysis of security vulnerabilities in Python packages. Empirical Software Engineering 28, 59. DOI: 10.1007/s10664-022-10278-4.
Baho, S. and Abawajy, J. 2023. Analysis of Consumer IoT Device Vulnerability Quantification Frameworks. Electronics 12, 1176. DOI: 10.3390/electronics12051176.
Sahmi, I., Mazri, T., Hmina, N. 2019. Study of the Different Security Threats on the Internet of Things and Their Applications. ACM International Conference Proceeding Series. DOI: 10.1145/3320326.3320402.
Zhao, W., Yang, S., Luo, X., 2020. On Threat Analysis of IoT-Based Systems: A Survey. IEEE SmartIoT, Beijing, China, pp. 205–212. DOI: 10.1109/SmartIoT49966.2020.00038.
Benzarti, S., Triki, B., Korbaa, O. 2017. A survey on attacks in Internet of Things based networks. IEEE International Conference on Engineering & MIS, pp. 1–7. DOI: 10.1109/ICEMIS.2017.8273006.
Rahimi, H., Zibaeenejad, A., Rajabzadeh, P., Safavi, A. 2018. On the Security of the 5G-IoT Architecture. IoTSC, Mashhad Iran, pp. 1–8. DOI: 10.1145/3269961.3269968.
Xu, H., Sgandurra, D., Mayes, K., Li, P., Wang, R. 2017. Analysing the Resilience of the Internet of Things Against Physical and Proximity Attacks. Security, Privacy, and Anonymity in Computation, Communication, and Storage. Springer International Publishing, pp. 291–301. DOI: 10.1007/978-3-319-72395-2_27.
Sookhak, M., Tang, H., He, Y., Yu, F. 2019. Security and Privacy of Smart Cities: A Survey, Research Issues and Challenges. IEEE Communications Surveys and Tutorials 21, 1718–1743. DOI: 10.1109/COMST.2018.2867288.
Chhetri, C. and Motti, V. 2021. Identifying Vulnerabilities in Security and Privacy of Smart Home Devices. Advances in Intelligent Systems and Computing 1271, 211–231. DOI: 10.1007/978-3-030-58703-1_13.
Pedreira, V., Barros, D. and Pinto, P. 2021. A Review of Attacks, Vulnerabilities, and Defenses in Industry 4.0 with New Challenges on Data Sovereignty Ahead. Sensors 21, no. 15: 5189. DOI: 10.3390/s21155189.
Silva, H. 2019. A Caixa de Ferramentas Conceituais de Richard Rorty: O Uso de Técnicas Ad hoc. Cognitio-Estudos: Revista Eletrônica de Filosofia 16, 257–267. DOI: 10.23925/1809-8428.2019v16i2p257-267.
Biolchini, J. Mian, P. G., Natali, A. C. C. and Travassos G. H. 2005. Systematic Review in Software Engineering. Technical Report-ES 679/05. Systems Engineering and Computer Science Department COPPE/UFRJ. Access in: [link].
Moher, D., Stewart, L., Shekelle, P. 2015. All in the Family: systematic reviews, rapid reviews, scoping reviews, realist reviews, and more. Systematic Reviews 4, 183, s13643-015-0163–7. DOI: 10.1186/s13643-015-0163-7.
Motta, R., Oliveira, K., Travassos, G. 2019. A conceptual perspective on interoperability in context-aware software systems. Information and Software Technology 114, 231–257. DOI: 10.1016/j.infsof.2019.07.001.
Mourão, E., Pimentel, J., Murta, L., Kalinowski, M., Mendes, E., Wohlin, C. 2020. On the performance of hybrid search strategies for systematic literature reviews in software engineering. Information and Software Technology 123, 106294. DOI: 10.1016/j.infsof.2020.106294.
Petticrew, M. and Roberts, H. 2006. Systematic Reviews in the Social Sciences. Blackwell Publishing Ltd, Oxford, UK. DOI: 10.1002/9780470754887.
Noble, H. and Mitchell, G. 2016. What is grounded theory? Evidence Based Nursing 19, 34–35. DOI: 10.1136/eb-2016-102306.
Alqassem, I. and Svetinovic, D. 2014. A taxonomy of security and privacy requirements for the Internet of Things (IoT). IEEE International Conference on Industrial Engineering and Engineering Management, pp. 1244–1248. DOI: 10.1109/IEEM.2014.7058837.
Karie, N. M., Sahri, N. M., Yang, W., Valli, C. and Kebande, V. R. 2021. A Review of Security Standards and Frameworks for IoT-Based Smart Environments. IEEE Access, vol. 9, p. 121975–121995. DOI: 10.1109/ACCESS.2021.3109886.
Kamoru, O.K., Frank, I., & Yemi, A. 2014. Computer Security Measures, Tools and Best Practices. British Journal of Applied Science and Technology, 4, 4380-4394.
Takada, T. 2017. Authentication Shutter: Alternative Countermeasure against Password Reuse Attack by Availability Control. Proceedings of the 12th International Conference on Availability, Reliability and Security.
Al Abdulwahid, A., Clarke, N., Furnell, S., Stengel, I. and Reich, C. 2015. The Current Use of Authentication Technologies: An Investigative Review. International Conference on Cloud Computing (ICCC), Riyadh, Saudi Arabia, 2015, pp. 1-8, DOI: 10.1109/CLOUDCOMP.2015.7149658.
Patil, A., Rana, D., Vichare, S. and Raut, C. 2018. Effective Authentication for Restricting Unauthorized Users. International Conference on Smart City and Emerging Technology (ICSCET), Mumbai, India, pp. 1-4, DOI: 10.1109/ICSCET.2018.8537323.
Ali, R.F., Muneer, A., Dominic, P.D., Taib, S.M. and Ghaleb, E.A. 2021. Internet of Things (IoT) Security Challenges and Solutions: A Systematic Literature Review. In: Abdullah, N., Manickam, S., Anbar, M. (eds) Advances in Cyber Security. Communications in Computer and Information Science, vol 1487. Springer, Singapore. DOI: 10.1007/978-981-16-8059-5_9
Roohi, A., Adeel, M. and Shah, M. A. 2019. DDoS in IoT: A Roadmap Towards Security & Countermeasures. 25th International Conference on Automation and Computing (ICAC), Lancaster, UK, pp. 1-6, DOI: 10.23919/IConAC.2019.8895034.
Wang, W., Xu, P. and Yang, L. 2018. Secure Data Collection, Storage and Access in Cloud-Assisted IoT. In IEEE Cloud Computing, vol. 5, no. 04, pp. 77-88. DOI: 10.1109/MCC.2018.111122026.
Olaniyi, O.O., Okunleye, O.J., Olabanji, S.O., Asonze, C.U., and Ajayi, S.A. (2023). IoT Security in the Era of Ubiquitous Computing: A Multidisciplinary Approach to Addressing Vulnerabilities and Promoting Resilience. Asian Journal of Research in Computer Science.
Kimani, K., Oduol, V.K., and Langat, K. 2019. Cyber security challenges for IoT-based smart grid networks. Int. J. Crit. Infrastructure Prot., 25, 36-49.
Gromov, M., Arnold, D., and Saniie, J. (2022). Tackling Multiple Security Threats in an IoT Environment. 2022 IEEE International Conference on Electro Information Technology (eIT), 290-295.
Ammayappan, K., Puthuparambil, A.B., and Negi, A. (2020). Key Vulnerabilities in Internet of Things.
Fortuna, B., Rupnik, J., Brank, J., Fortuna, C., Jovanoski, V., Mario, Karlovcec, Kazic, B.M., Kenda, K., Leban, G., Muhic, A., Novak, B., Jost, Novljan, Papler, M., Rei, L., Sovdat, B., Stopar, L., Grobelnik, M., Dunja, & Mladenić. 2014. QMiner: Data Analytics Platform for Processing Streams of Structured and Unstructured Data.
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai, A., Elovici, Y. 2019. Security Testbed for Internet-of-Things Devices. IEEE Transactions on Reliability 68, 23–44. DOI: 10.1109/TR.2018.2864536.
Bochie, K., Gonzalez, E., Giserman, L., Campista, M., Costa, L. 2020. Detecção de Ataques a Redes IoT Usando Técnicas de Aprendizado de Máquina e Aprendizado Profundo. XX SBSEG. SBC, Brasil, pp. 257–270. DOI: 10.5753/sbseg.2020.19242.
Abdalla, P. and Varol, C. 2020. Testing IoT Security: The Case Study of an IP Camera. 8th IEEE ISDFS. Beirut, Lebanon, pp. 1–5. DOI: 10.1109/ISDFS49300.2020.9116392.
Khan, M. and Salah, K. 2018. IoT security: Review, blockchain solutions, and open challenges. Future Generation Computer Systems 82, 395–411. DOI: 10.1016/j.future.2017.11.022.
Davis, B., Mason, J., Anwar, M. 2020. Vulnerability Studies and Security Postures of IoT Devices: A Smart Home Case Study. IEEE Internet of Things Journal 7, 10102–10110. DOI: 10.1109/JIOT.2020.2983983.
Da Silva, D., Souza, B. P., Gonçalves, T., and Travassos, G, Uma Tecnologia para Apoiar a Engenharia de Requisitos de Sistemas de Software IoT. 2020. XXIII Ibero-American Conference on Software Engineering. Curitiba, Brazil (Online), p S09 P3:14 pages.
Kuhrmann et al. Kuhrmann, M., Fernández, D. M., Daneva, M. 2017. On the pragmatic design of literature studies in software engineering: an experience-based guideline. ESE 22.6.
Atzori, L., Iera, A. and Morabito, G. 2010. The Internet of Things: A survey. Computer Networks, vol. 54, nº 15, p. 2787–2805, out. 2010, DOI: 10.1016/j.comnet.2010.05.010.
Motta, R. C., Silva, V. and Travassos G. H. 2019. Towards a more in-depth understanding of the IoT Paradigm and its challenges. JSERD, vol. 7, p. 3, ago. 2019, DOI: 10.5753/jserd.2019.14.
Aldahmani, A., Ouni, B., Lestable, T., Debbah, M. 2023. Cyber-Security of Embedded IoTs in Smart Homes: Challenges, Requirements, Countermeasures, and Trends. IEEE Open Journal of Vehicular Technology. 4, 281–292. DOI: 10.1109/OJVT.2023.3234069.
Arora, A., Kaur, A., Bhushan, B., Saini, H. 2019. Security Concerns and Future Trends of Internet of Things. International Conference on Intelligent Computing, Instrumentation and Control Technologies, pp. 891–896. DOI: 10.1109/ICICICT46008.2019.8993222.
Paes, V., Pessoa, C., Costa, V., Oliveira, L, Souza, J. 2022. IoE Knowledge Flow Model in Smart Cities. IEEE SMC, pp. 982–987. DOI: 10.1109/SMC53654.2022.9945275.
Zanon, V., Romancini, E., Manoel, B., Lau, J., Ourique, F., Morales, A. 2022. Avaliação experimental de uma camada de segurança implementada em dispositivo vestível cardíaco para Internet das Coisas Médicas. XXII SBSEG. SBC, Brasil, pp. 97–110. DOI: 10.5753/sbseg.2022.224659.
Torre, D., Mesadieu, F., Chennamaneni, A. 2023. Deep Learning Techniques to Detect Cybersecurity Attacks: A Systematic Mapping Study. Empirical Software Engineering 28, 76. DOI: 10.1007/s10664-023-10302-1.
Yadav, E., Mittal, E., Yadav, H. 2018. IoT: Challenges and Issues in Indian Perspective. 3rd IEEE IoT-SIU, pp. 1–5. DOI: 10.1109/IoT-SIU.2018.8519869.
Koziolek, H. 2011. Sustainability evaluation of software architectures: a systematic review. QoSA-ISARCS '11. Association for Computing Machinery, pp. 3–12. DOI: 10.1145/2000259.2000263.
Sheikh, Z. and Singh, Y. 2022. A Hybrid Threat Assessment Model for Security of Cyber-Physical Systems. 7th IEEE Seventh International Conference on Parallel, Distributed and Grid Computing, pp. 582–587. DOI: 10.1109/PDGC56933.2022.10053332.
Barisic, A. and Cunha, J. 2017. Sustainability in Modelling of Cyber-Physical Systems: A Systematic Literature Review - Intermediate Technical Report (Research Report). Universidade NOVA de Lisboa. [link].
ISO/IEC 27000. 2018. Information technology — Security techniques — Information security management systems — Overview and vocabulary. Accessed in 5.10.23. [link].
OWASP. 2016. Category: Vulnerability. Accessed in 5.10.23. [link].
Kariri, E. 2022. IoT Powered Agricultural Cyber-Physical System: Security Issue Assessment. IETE Journal of Research. DOI: 10.1080/03772063.2022.2032848.
Alfadel, M., Costa, D, Shihab, E. 2023. Empirical analysis of security vulnerabilities in Python packages. Empirical Software Engineering 28, 59. DOI: 10.1007/s10664-022-10278-4.
Baho, S. and Abawajy, J. 2023. Analysis of Consumer IoT Device Vulnerability Quantification Frameworks. Electronics 12, 1176. DOI: 10.3390/electronics12051176.
Sahmi, I., Mazri, T., Hmina, N. 2019. Study of the Different Security Threats on the Internet of Things and Their Applications. ACM International Conference Proceeding Series. DOI: 10.1145/3320326.3320402.
Zhao, W., Yang, S., Luo, X., 2020. On Threat Analysis of IoT-Based Systems: A Survey. IEEE SmartIoT, Beijing, China, pp. 205–212. DOI: 10.1109/SmartIoT49966.2020.00038.
Benzarti, S., Triki, B., Korbaa, O. 2017. A survey on attacks in Internet of Things based networks. IEEE International Conference on Engineering & MIS, pp. 1–7. DOI: 10.1109/ICEMIS.2017.8273006.
Rahimi, H., Zibaeenejad, A., Rajabzadeh, P., Safavi, A. 2018. On the Security of the 5G-IoT Architecture. IoTSC, Mashhad Iran, pp. 1–8. DOI: 10.1145/3269961.3269968.
Xu, H., Sgandurra, D., Mayes, K., Li, P., Wang, R. 2017. Analysing the Resilience of the Internet of Things Against Physical and Proximity Attacks. Security, Privacy, and Anonymity in Computation, Communication, and Storage. Springer International Publishing, pp. 291–301. DOI: 10.1007/978-3-319-72395-2_27.
Sookhak, M., Tang, H., He, Y., Yu, F. 2019. Security and Privacy of Smart Cities: A Survey, Research Issues and Challenges. IEEE Communications Surveys and Tutorials 21, 1718–1743. DOI: 10.1109/COMST.2018.2867288.
Chhetri, C. and Motti, V. 2021. Identifying Vulnerabilities in Security and Privacy of Smart Home Devices. Advances in Intelligent Systems and Computing 1271, 211–231. DOI: 10.1007/978-3-030-58703-1_13.
Pedreira, V., Barros, D. and Pinto, P. 2021. A Review of Attacks, Vulnerabilities, and Defenses in Industry 4.0 with New Challenges on Data Sovereignty Ahead. Sensors 21, no. 15: 5189. DOI: 10.3390/s21155189.
Silva, H. 2019. A Caixa de Ferramentas Conceituais de Richard Rorty: O Uso de Técnicas Ad hoc. Cognitio-Estudos: Revista Eletrônica de Filosofia 16, 257–267. DOI: 10.23925/1809-8428.2019v16i2p257-267.
Biolchini, J. Mian, P. G., Natali, A. C. C. and Travassos G. H. 2005. Systematic Review in Software Engineering. Technical Report-ES 679/05. Systems Engineering and Computer Science Department COPPE/UFRJ. Access in: [link].
Moher, D., Stewart, L., Shekelle, P. 2015. All in the Family: systematic reviews, rapid reviews, scoping reviews, realist reviews, and more. Systematic Reviews 4, 183, s13643-015-0163–7. DOI: 10.1186/s13643-015-0163-7.
Motta, R., Oliveira, K., Travassos, G. 2019. A conceptual perspective on interoperability in context-aware software systems. Information and Software Technology 114, 231–257. DOI: 10.1016/j.infsof.2019.07.001.
Mourão, E., Pimentel, J., Murta, L., Kalinowski, M., Mendes, E., Wohlin, C. 2020. On the performance of hybrid search strategies for systematic literature reviews in software engineering. Information and Software Technology 123, 106294. DOI: 10.1016/j.infsof.2020.106294.
Petticrew, M. and Roberts, H. 2006. Systematic Reviews in the Social Sciences. Blackwell Publishing Ltd, Oxford, UK. DOI: 10.1002/9780470754887.
Noble, H. and Mitchell, G. 2016. What is grounded theory? Evidence Based Nursing 19, 34–35. DOI: 10.1136/eb-2016-102306.
Alqassem, I. and Svetinovic, D. 2014. A taxonomy of security and privacy requirements for the Internet of Things (IoT). IEEE International Conference on Industrial Engineering and Engineering Management, pp. 1244–1248. DOI: 10.1109/IEEM.2014.7058837.
Karie, N. M., Sahri, N. M., Yang, W., Valli, C. and Kebande, V. R. 2021. A Review of Security Standards and Frameworks for IoT-Based Smart Environments. IEEE Access, vol. 9, p. 121975–121995. DOI: 10.1109/ACCESS.2021.3109886.
Kamoru, O.K., Frank, I., & Yemi, A. 2014. Computer Security Measures, Tools and Best Practices. British Journal of Applied Science and Technology, 4, 4380-4394.
Takada, T. 2017. Authentication Shutter: Alternative Countermeasure against Password Reuse Attack by Availability Control. Proceedings of the 12th International Conference on Availability, Reliability and Security.
Al Abdulwahid, A., Clarke, N., Furnell, S., Stengel, I. and Reich, C. 2015. The Current Use of Authentication Technologies: An Investigative Review. International Conference on Cloud Computing (ICCC), Riyadh, Saudi Arabia, 2015, pp. 1-8, DOI: 10.1109/CLOUDCOMP.2015.7149658.
Patil, A., Rana, D., Vichare, S. and Raut, C. 2018. Effective Authentication for Restricting Unauthorized Users. International Conference on Smart City and Emerging Technology (ICSCET), Mumbai, India, pp. 1-4, DOI: 10.1109/ICSCET.2018.8537323.
Ali, R.F., Muneer, A., Dominic, P.D., Taib, S.M. and Ghaleb, E.A. 2021. Internet of Things (IoT) Security Challenges and Solutions: A Systematic Literature Review. In: Abdullah, N., Manickam, S., Anbar, M. (eds) Advances in Cyber Security. Communications in Computer and Information Science, vol 1487. Springer, Singapore. DOI: 10.1007/978-981-16-8059-5_9
Roohi, A., Adeel, M. and Shah, M. A. 2019. DDoS in IoT: A Roadmap Towards Security & Countermeasures. 25th International Conference on Automation and Computing (ICAC), Lancaster, UK, pp. 1-6, DOI: 10.23919/IConAC.2019.8895034.
Wang, W., Xu, P. and Yang, L. 2018. Secure Data Collection, Storage and Access in Cloud-Assisted IoT. In IEEE Cloud Computing, vol. 5, no. 04, pp. 77-88. DOI: 10.1109/MCC.2018.111122026.
Olaniyi, O.O., Okunleye, O.J., Olabanji, S.O., Asonze, C.U., and Ajayi, S.A. (2023). IoT Security in the Era of Ubiquitous Computing: A Multidisciplinary Approach to Addressing Vulnerabilities and Promoting Resilience. Asian Journal of Research in Computer Science.
Kimani, K., Oduol, V.K., and Langat, K. 2019. Cyber security challenges for IoT-based smart grid networks. Int. J. Crit. Infrastructure Prot., 25, 36-49.
Gromov, M., Arnold, D., and Saniie, J. (2022). Tackling Multiple Security Threats in an IoT Environment. 2022 IEEE International Conference on Electro Information Technology (eIT), 290-295.
Ammayappan, K., Puthuparambil, A.B., and Negi, A. (2020). Key Vulnerabilities in Internet of Things.
Fortuna, B., Rupnik, J., Brank, J., Fortuna, C., Jovanoski, V., Mario, Karlovcec, Kazic, B.M., Kenda, K., Leban, G., Muhic, A., Novak, B., Jost, Novljan, Papler, M., Rei, L., Sovdat, B., Stopar, L., Grobelnik, M., Dunja, & Mladenić. 2014. QMiner: Data Analytics Platform for Processing Streams of Structured and Unstructured Data.
Publicado
30/09/2024
Como Citar
PESSOA, Clinton Hudson Moreira; TRAVASSOS, Guilherme Horta.
Categorizing IoT Software Systems Security Vulnerabilities Through Literature Studies. In: SIMPÓSIO BRASILEIRO DE ENGENHARIA DE SOFTWARE (SBES), 38. , 2024, Curitiba/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 169-180.
DOI: https://doi.org/10.5753/sbes.2024.3346.