A comprehensive survey on IoT security: Challenges, security issues, and countermeasures

IoT is an emerging technology in which physical objects are embedded with computing and networking capabilities, commonly referred to as intelligent devices. IoT technology is rapidly growing due to its unique features, such as minimal human intervention, cost-effectiveness, and ease of deployment. However, this widespread adoption also introduces challenges related to scalability and security. Since the IoT ecosystem is characterized by diverse technologies and resource-constrained devices, IoT applications become more vulnerable, providing attackers with a strategic advantage. Consequently, security is a paramount concern in IoT systems. The primary objective of this paper is to investigate security concerns in the IoT environment. This study examines security challenges from multiple perspectives, including architecture-level concerns, component-level vulnerabilities, application-level threats, and emerging risks. This paper discusses general IoT attacks, categorized according to different layers, and subsequently presents RFID as a use case to illustrate these concepts more clearly. Additionally, the current literature addresses emerging attack vectors and their associated countermeasures, offering a thorough overview of evolving security challenges and defense strategies. Many existing research papers do not comprehensively address security issues across the entire IoT ecosystem, including emerging attacks and their countermeasures. This paper covers the major attack vectors in IoT, explores state-of-the-art techniques such as blockchain and their role in enhancing IoT security, and examines newly emerged threats such as adversarial attacks, filling a critical gap.