Internet of Things Security: A Survey and Taxonomy

The Internet of Things (IoT) regulates millions of terabytes of data for everyday commercial, industrial, technical and personal usage. Considered as the greatest technological revolution, all IoT-based transformations are now occurring to increase productivity and create a coordinated world across business and technologies. However, the exchange, storage, processing and transfer of tremendous amounts of sensitive information has also given rise to severe security and privacy concerns that compromise the efficiency and usability of IoT. It has become a challenge for users to depend on such a vulnerable technology, where the IoT security risks outweigh its benefits. Several defense techniques, algorithms and solution models have been proposed and implemented to counter these attacks. However, there are limitations involved as robust incursions make these solutions obsolete. It is vital to have an overview of the research done and find loopholes to fill in the security gaps to ensure a safe IoT ecosystem. Realizing the need of enhanced problem-solving strategies, this paper provides a systematic review of the existing strategies for IoT security and privacy, and provides an analytical approach in identifying the concerns and solutions. It discusses IoT architecture, classifies the various domains of security and privacy and presents a taxonomy and a comparative analysis to outline the security goals, threats and attacks, and solutions proposed in recent years (2015–2018). Our research methodology comprises of thorough qualitative analyses and a literature review to help evaluate the questions asked in this survey. We also highlight the limitations of the previous studies and the open issues. Our survey results focus on the problems that require further attention to improve the IoT progression.