A comprehensive review of cybersecurity vulnerabilities, threats, and solutions for the Internet of Things at the network-cum-application layer

IF 13.3 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computer Science Review Pub Date : 2025-07-03 DOI:10.1016/j.cosrev.2025.100789

Abdul Razaque , Salim Hariri , Abrar M. Alajlan , Joon Yoo

{"title":"A comprehensive review of cybersecurity vulnerabilities, threats, and solutions for the Internet of Things at the network-cum-application layer","authors":"Abdul Razaque , Salim Hariri , Abrar M. Alajlan , Joon Yoo","doi":"10.1016/j.cosrev.2025.100789","DOIUrl":null,"url":null,"abstract":"<div><div>The proliferation of smart homes, smart logistics, and other technologies has expedited the expansion of Internet-of-Things (IoT) devices. This expansion has heightened the complexity of associated security challenges. Despite extensive research on IoT security, several studies fail to provide a comprehensive examination of both the network and application layers. This is particularly applicable to real-time and mission-critical settings. This review addresses that deficiency by offering a systematic review of IoT across five tiers. It concentrates on the application layer, categorizing it into three domains: real-time control systems, scientific decision-making systems, and query/scan search systems. The study examines vulnerabilities, attack vectors, and security measures in real-time control and query/scan systems. It examines how emerging technologies such as artificial intelligence (AI), Software Defined Networking (SDN), and fog/edge computing can enhance security via improved context awareness and access management. The study ultimately presents recommendations and suggests enhancements to foster trust, scalability, and enhanced security in contemporary IoT systems.</div></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"58 ","pages":"Article 100789"},"PeriodicalIF":13.3000,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013725000656","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The proliferation of smart homes, smart logistics, and other technologies has expedited the expansion of Internet-of-Things (IoT) devices. This expansion has heightened the complexity of associated security challenges. Despite extensive research on IoT security, several studies fail to provide a comprehensive examination of both the network and application layers. This is particularly applicable to real-time and mission-critical settings. This review addresses that deficiency by offering a systematic review of IoT across five tiers. It concentrates on the application layer, categorizing it into three domains: real-time control systems, scientific decision-making systems, and query/scan search systems. The study examines vulnerabilities, attack vectors, and security measures in real-time control and query/scan systems. It examines how emerging technologies such as artificial intelligence (AI), Software Defined Networking (SDN), and fog/edge computing can enhance security via improved context awareness and access management. The study ultimately presents recommendations and suggests enhancements to foster trust, scalability, and enhanced security in contemporary IoT systems.

查看原文本刊更多论文

全面回顾了网络和应用层的物联网网络安全漏洞、威胁和解决方案

智能家居、智能物流和其他技术的激增加速了物联网（IoT）设备的扩展。这种扩展增加了相关安全挑战的复杂性。尽管对物联网安全进行了广泛的研究，但一些研究未能对网络和应用层进行全面的检查。这特别适用于实时和关键任务设置。本文通过对物联网的五个层次进行系统回顾，解决了这一不足。它侧重于应用层，将其分为三个领域：实时控制系统、科学决策系统和查询/扫描搜索系统。该研究考察了实时控制和查询/扫描系统中的漏洞、攻击媒介和安全措施。报告探讨了人工智能（AI）、软件定义网络（SDN）和雾/边缘计算等新兴技术如何通过改进上下文感知和访问管理来增强安全性。该研究最终提出了建议和建议，以增强当代物联网系统的信任、可扩展性和增强的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Science Review Computer Science-General Computer Science

CiteScore

32.70

自引率

0.00%

发文量

审稿时长

51 days

期刊介绍： Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.