{"title":"A survey on privacy and security issues in IoT-based environments: Technologies, protection measures and future directions","authors":"","doi":"10.1016/j.cose.2024.104097","DOIUrl":null,"url":null,"abstract":"<div><p>With the continuous development of information technology, privacy protection in the Internet of Things (IoT) has attracted people 's attention. This paper summarizes and discusses the privacy and security issues faced by various levels of the IoT, and proposes an overall framework for privacy and security protection; investigates the research progress of ABE search security in the IoT, summarizes the types of firmware implementation defects in the IoT, analyzes the typical defect generation mechanisms, and summarizes the existing firmware defect detection methods from the perspectives of static analysis, symbol execution, fuzzy testing, program validation, and machine learning; analyzes the existing mainstream access control models in the IoT, and summarizes the issues that need to be addressed in the future for blockchain based access control in the IoT. It further studies the recent achievements and progress of machine learning in the security protection of the IoT, and summarizes the privacy laws, especially the information protection law of the European Union (EU) in enterprises. Finally, we propose the main challenges that current research still faces and point out the direction of future research development.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004024","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
With the continuous development of information technology, privacy protection in the Internet of Things (IoT) has attracted people 's attention. This paper summarizes and discusses the privacy and security issues faced by various levels of the IoT, and proposes an overall framework for privacy and security protection; investigates the research progress of ABE search security in the IoT, summarizes the types of firmware implementation defects in the IoT, analyzes the typical defect generation mechanisms, and summarizes the existing firmware defect detection methods from the perspectives of static analysis, symbol execution, fuzzy testing, program validation, and machine learning; analyzes the existing mainstream access control models in the IoT, and summarizes the issues that need to be addressed in the future for blockchain based access control in the IoT. It further studies the recent achievements and progress of machine learning in the security protection of the IoT, and summarizes the privacy laws, especially the information protection law of the European Union (EU) in enterprises. Finally, we propose the main challenges that current research still faces and point out the direction of future research development.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.