IoT Security Attacks on the Public Sector: Systematic Literature Review

Authors

    Fandan Dwi Nugroho Wicaksono( 1 ) Winny Purbaratri( 2 ) Moch Fajar Purnomo Alam( 3 ) Agnes Novita Ida Safitri( 4 )

    (1) Perbanas Institute
    (2) Perbanas Institute
    (3) Universitas Kristen Satya Wacana
    (4) Perbanas Institute

DOI:


https://doi.org/10.32877/bt.v7i1.1627

Keywords:


Attack, e-Government, IoT, Public Sector, Security

Abstract

The primary objective of this study is to examine security threats that specifically target the Internet of Things (IoT) used in the Public Sector. This sector is widely acknowledged as a crucial element of the fourth industrial revolution. The high volume of intelligent devices employed in the public sector, which are linked in the Internet of Things (IoT), and each of them transmits sensitive data in numerous instances, makes security of utmost importance. The objective of this study is to categorize various forms of security attacks and propose strategies to mitigate security breaches through many approaches. This study employed a systematic review, which is a methodical examination of current literature. The data synthesis methodology in this study consisted of comparing 15 literature sources that had been evaluated for quality and satisfied the specified criteria for inclusion and exclusion. The utilized database sources include renowned platforms such as Scopus, ACM, and IEEE. The present study employs a qualitative methodology, specifically utilizing the perspectives of two information security specialists to examine the existing literature. The findings of this study have made a meaningful contribution to the field of public sector. This study categorizes four types of assaults against Public Sector IoT: 37% Denial-of-Service (DoS) attacks, 31% Malware attacks, and 19% Phishing attacks. System attacks account for 13% of all system attacks. By contrast, 50% of the security attack mitigation strategies rely on authentication, 36% on Secure Communication, and 14% on Application Security.

Downloads

Download data is not yet available.

References

W. Najib, S. Sulistyo, and Widyawan, “Tinjauan Ancaman dan Solusi Keamanan pada Teknologi Internet of Things,” J. Nas. Tek. Elektro dan Teknol. Inf., vol. 9, no. 4, pp. 375–384, 2020, doi: 10.22146/jnteti.v9i4.539.

D. Serpanos and M. Wolf, Internet-of-Things (IoT) Systems. 2018. doi: 10.1007/978-3-319-69715-4.

Q. F. Hassan, A. ur R. Khan, and S. A. Madani, Internet of things, vol. 44, no. 3. 2017. doi: 10.4018/ijssoe.2017070103.

Peter Yeung, Hong Kong Science Park. 2017. [Online]. Available: http://hdl.handle.net/10722/28381

V. N. Fathya et al., “Pemanfaatan Teknologi Dalam Pelayanan Publik (E-Government)”, [Online]. Available: www.freepik.com

L. Hidayat, E. Kurniawan, and M. Ramdhani, “Perancangan Sistem Palang Parkir Otomatis Dan Pendeteksi Slot Parkir Berbasis Iot,” e-Proceeeding Eng., vol. 9, no. 2, pp. 174–180, 2022.

G. R. Koten et al., “Penerapan internet of things pada smart parking system untuk kebutuhan pengembangan smart city,” J. Tek. Ind. dan Manaj. Rekayasa, vol. 1, no. 1, pp. 49–59, 2023, doi: 10.24002/jtimr.v1i1.7204.

Sumarno, H. S. Setiawan, V. H. Valentino, and A. S. Putra, “Penerapan Internet of Think (IoT) Pada Transportasi Cerdas,” Semin. Nas. Pengaplikasian Telemat., vol. 1, no. 1, pp. 94–98, 2021.

H. I. Adauwiyah, M. R. Kamaluddin, R. F. Al Kautsar, and F. Fitroh, “Systematic Literature Review terhadap Pemanfaatan Internet of Things (IoT) dalam Bidang Kesehatan,” Appl. Inf. Syst. Manag., vol. 5, no. 2, pp. 67–74, 2022, doi: 10.15408/aism.v5i2.21187.

L. A. Maulana, D. A. Saputra, A. K. Putra, and J. P. Surya, “PENERAPAN IOT DAN MEDIA INFORMASI PADA DESA KERTOSARI,” Angew. Chemie Int. Ed. 6(11), 951–952., vol. 1, no. April, pp. 873–887, 2015.

Bunyamin, S. Wahjusaputri, and Johan, Penerapan Model SMK Membangun Desa - IoT, no. 0. 2016.

P. Papadopoulou, K. Kolomvatsos, and S. Hadjiefthymiades, “Internet of Things in E-Government,” Int. J. Artif. Intell. Mach. Learn., vol. 10, no. 2, pp. 99–118, 2020, doi: 10.4018/ijaiml.2020070106.

B. A. Iswandari, “Jaminan Atas Pemenuhan Hak Keamanan Data Pribadi Dalam Penyelenggaraan E-Government Guna Mewujudkan Good Governance,” J. Huk. Ius Quia Iustum, vol. 28, no. 1, pp. 115–138, 2021, doi: 10.20885/iustum.vol28.iss1.art6.

M. amin Hariyadi and J. E. W. Prakasa, Sistem Informasi Manajemen – Keamanan Sistem Informasi, no. January. 2014. [Online]. Available: https://datakata.wordpress.com/2014/03/31/sistem-informasi-manajemen-keamanan-sistem-informasi/

N. Saxena, D. S. Chakravarthi, A. N. Venkatesh, N. Soni, and S. Kant, “The Future of Blockchain Technology and the Internet of Things in Healthcare,” Proc. 2022 Int. Conf. Innov. Comput. Intell. Commun. Smart Electr. Syst. ICSES 2022, pp. 1–9, 2022, doi: 10.1109/ICSES55317.2022.9914080.

T. Ramzan and S. Zafar, “Blockchain-based Security for Internet of Medical Things Application,” 2022 Int. Conf. Cyber Warf. Secur. ICCWS 2022 - Proc., pp. 69–74, 2022, doi: 10.1109/ICCWS56285.2022.9998443.

G. Ganapathy, S. J. Anand, M. Jayaprakash, S. Lakshmi, V. B. Priya, and S. Pandi V, “A blockchain based federated deep learning model for secured data transmission in healthcare Iot networks,” Meas. Sensors, vol. 33, no. January, p. 101176, 2024, doi: 10.1016/j.measen.2024.101176.

D. Gough, S. Oliver, and J. Thomas, An introduction to systematic reviews / David Gough, Sandy Oliver, James Thomas. 2012. [Online]. Available: https://b-ok.asia/book/2718381/a08a63

B. Kitchenham, O. Pearl Brereton, D. Budgen, M. Turner, J. Bailey, and S. Linkman, “Systematic literature reviews in software engineering - A systematic literature review,” Inf. Softw. Technol., vol. 51, no. 1, pp. 7–15, 2009, doi: 10.1016/j.infsof.2008.09.009.

H. U. Khan, M. Z. Malik, S. Nazir, and F. Khan, “Utilizing Bio Metric System for Enhancing Cyber Security in Banking Sector: A Systematic Analysis,” IEEE Access, vol. 11, no. July, pp. 80181–80198, 2023, doi: 10.1109/ACCESS.2023.3298824.

S. Altayaran and W. Elmedany, “Security Threats of Application Programming Interface (API’s) in Internet of Things (IoT) Communications,” IET Conf. Proc., vol. 2021, no. 11, pp. 552–557, 2021, doi: 10.1049/icp.2022.0399.

K. Parvathy and B. Nataraj, “Certain Investigation of Attacks in the Field of Internet of Things and Blockchain Technology,” in Proceedings - 2nd International Conference on Smart Technologies, Communication and Robotics 2022, STCR 2022, IEEE, 2022, pp. 1–6. doi: 10.1109/STCR55312.2022.10009205.

A. Gupta, A. Kapoor, G. Gupta, and Di. Wanchoo, “Perils and Applications of IoT Security in Military Operations,” in Proceedings of the 2nd International Conference on Electronics and Sustainable Communication Systems, ICESC 2021, IEEE, 2021, pp. 690–697. doi: 10.1109/ICESC51422.2021.9532996.

O. Westerlund and R. Asif, “Drone Hacking with Raspberry-Pi 3 and WiFi Pineapple: Security and Privacy Threats for the Internet-of-Things,” in 2019 1st International Conference on Unmanned Vehicle Systems-Oman, UVS 2019, IEEE, 2019, pp. 1–10. doi: 10.1109/UVS.2019.8658279.

W. Meng, W. Li, and L. Zhu, “Enhancing Medical Smartphone Networks via Blockchain-Based Trust Management against Insider Attacks,” IEEE Trans. Eng. Manag., vol. 67, no. 4, pp. 1377–1386, 2020, doi: 10.1109/TEM.2019.2921736.

S. Abbas et al., “Evaluating deep learning variants for cyber-attacks detection and multi-class classification in IoT networks,” PeerJ Comput. Sci., vol. 10, pp. 1–23, 2024, doi: 10.7717/peerj-cs.1793.

O. D. Sai Krishna, M. Dhinesh, U. S. Ram, P. D. S. V. R. Raju, G. Bindu, and S. Srithar, “A Survey of Key Challenges in Integrating IoT and Cloud Security,” Proc. - 2023 3rd Int. Conf. Pervasive Comput. Soc. Networking, ICPCSN 2023, pp. 1439–1442, 2023, doi: 10.1109/ICPCSN58827.2023.00240.

M. K. Kala and M. Priya, “A Comprehensive Survey on the IoT-Based Electronic Healthcare Records Security, Privacy Issues, and Countermeasures Using Blockchain Technology,” Proc. - 2023 Int. Conf. Innov. Eng. Technol. ICIET 2023, pp. 1–8, 2023, doi: 10.1109/ICIET57285.2023.10220624.

J. Singh, G. Singh, and S. Negi, “Evaluating Security Principals and Technologies to Overcome Security Threats in IoT World,” Proc. 2nd Int. Conf. Appl. Artif. Intell. Comput. ICAAIC 2023, no. Icaaic, pp. 1405–1410, 2023, doi: 10.1109/ICAAIC56838.2023.10141083.

P. Bajpai and R. Enbody, “Preparing smart cities for ransomware attacks,” Proc. - 2020 3rd Int. Conf. Data Intell. Secur. ICDIS 2020, no. Section III, pp. 127–133, 2020, doi: 10.1109/ICDIS50059.2020.00023.

J. I. Pegorini, A. C. C. Souza, A. R. Ortoncelli, R. T. Pagno, and N. C. Will, “Security and Threats in the Brazilian e-Voting System: A Documentary Case Study Based on Public Security Tests,” ACM Int. Conf. Proceeding Ser., pp. 157–164, 2021, doi: 10.1145/3494193.3494301.

A. H. Matey, P. Danquah, and G. Y. Koi-Akrofi, “Predicting Cyber-Attack using Cyber Situational Awareness: The Case of Independent Power Producers (IPPs),” Int. J. Adv. Comput. Sci. Appl., vol. 13, no. 1, pp. 700–709, 2022, doi: 10.14569/IJACSA.2022.0130181.

A. Iacovazzi, H. Wang, I. Butun, and S. Raza, “Towards Cyber Threat Intelligence for the IoT,” Proc. - 19th Int. Conf. Distrib. Comput. Smart Syst. Internet Things, DCOSS-IoT 2023, pp. 483–490, 2023, doi: 10.1109/DCOSS-IoT58021.2023.00081.

J. S. Chavis and D. P. Syed, “Envisioning Cybersecurity Analytics for the Internet of Things,” 2020 IEEE 3rd 5G World Forum, 5GWF 2020 - Conf. Proc., pp. 193–198, 2020, doi: 10.1109/5GWF49715.2020.9221018.

S. Kumari, M. Karuppiah, A. K. Das, X. Li, F. Wu, and N. Kumar, “A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers,” J. Supercomput., vol. 74, no. 12, pp. 6428–6453, 2018, doi: 10.1007/s11227-017-2048-0.

R. Lama and S. Karmakar, “3-way Authentication Approach for Agricultural IOT using IFTTT application,” 2021 12th Int. Conf. Comput. Commun. Netw. Technol. ICCCNT 2021, pp. 1–7, 2021, doi: 10.1109/ICCCNT51525.2021.9579958.

J. Liu, A. Ren, L. Zhang, R. Sun, X. Du, and M. Guizani, “A Novel Secure Authentication Scheme for Heterogeneous Internet of Things,” IEEE Int. Conf. Commun., vol. 2019-May, pp. 1–6, 2019, doi: 10.1109/ICC.2019.8761951.

M. Almulhim and N. Zaman, “Proposing secure and lightweight authentication scheme for IoT based E-health applications,” Int. Conf. Adv. Commun. Technol. ICACT, vol. 2018-Febru, pp. 481–487, 2018, doi: 10.23919/ICACT.2018.8323802.

M. Shakeel, C. Lakshmana Rao, T. Shyam Prasad, T. Alam, N. Rawat, and R. Kavitha, “An Examination of Cybersecurity Threats and Authentication Systems,” 2023 3rd Int. Conf. Adv. Comput. Innov. Technol. Eng. ICACITE 2023, pp. 2727–2731, 2023, doi: 10.1109/ICACITE57410.2023.10182687.

F. Jaison, C. Chaudhary, and R. Manaswini, “Blockchain and Edge Computing for IoT Advancements,” 3rd IEEE Int. Conf. ICT Bus. Ind. Gov. ICTBIG 2023, pp. 1–6, 2023, doi: 10.1109/ICTBIG59752.2023.10456203.

R. R. Pahlevi, V. Suryani, H. H. Nuha, and R. Yasirandi, “Secure Two-Factor Authentication for IoT Device,” 2022 10th Int. Conf. Inf. Commun. Technol. ICoICT 2022, pp. 407–412, 2022, doi: 10.1109/ICoICT55009.2022.9914866.

A. K. Mishra, M. Wazid, D. P. Singh, A. K. Das, and M. Guizani, “Securing Fog Computing-based Industry 4.0 Communication Using Authenticated Key Agreement Scheme,” 2023 Int. Wirel. Commun. Mob. Comput. IWCMC 2023, vol. 0, pp. 1448–1453, 2023, doi: 10.1109/IWCMC58020.2023.10183021.

S. Mawlood Hussein, J. A. López Ramos, and J. A. Álvarez Bermejo, “Distributed Key Management to Secure IoT Wireless Sensor Networks in Smart-Agro,” Sensors (Basel)., vol. 20, no. 8, pp. 1–13, 2020, doi: 10.3390/s20082242.

S. Altayran, T. Homeed, and W. Elmedany, “APIs in Internet of Things Communications Security Threats and Solutions,” IET Conf. Proc., vol. 2022, no. 26, pp. 458–463, 2022, doi: 10.1049/icp.2023.0646.

Y. An, F. R. Yu, J. Li, J. Chen, and V. C. M. Leung, “Edge Intelligence (EI)-Enabled HTTP Anomaly Detection Framework for the Internet of Things (IoT),” IEEE Internet Things J., vol. 8, no. 5, pp. 3554–3566, 2021, doi: 10.1109/JIOT.2020.3024645.

A. Vangala, R. Maheshwari, A. K. Das, and S. Pal, “Cloud-Assisted Security Framework for Drone-Enabled Offshore Communications,” IEEE INFOCOM 2023 - Conf. Comput. Commun. Work. INFOCOM WKSHPS 2023, pp. 1–6, 2023, doi: 10.1109/INFOCOMWKSHPS57453.2023.10225952.

M. Lourens, D. Gangodkar, M. Tiwari, D. Buddhi, D. Dharamvir, and S. Kuchhal, “IoT Implementation in Various Applications: A Detailed Review of Cyber Security Issues and Challenges,” 2023 3rd Int. Conf. Adv. Comput. Innov. Technol. Eng. ICACITE 2023, pp. 1543–1547, 2023, doi: 10.1109/ICACITE57410.2023.10183094.

M. Gutfleisch et al., “Caring About IoT-Security-An Interview Study in the Healthcare Sector,” ACM Int. Conf. Proceeding Ser., pp. 202–215, 2022, doi: 10.1145/3549015.3554209.

L. Minh Dang, M. J. Piran, D. Han, K. Min, and H. Moon, “A survey on internet of things and cloud computing for healthcare,” Electron., vol. 8, no. 7, pp. 1–49, 2019, doi: 10.3390/electronics8070768.

Downloads

Published

2024-08-28

How to Cite

[1]
F. D. N. Wicaksono, W. Purbaratri, M. F. P. Alam, and A. N. Ida Safitri, “IoT Security Attacks on the Public Sector: Systematic Literature Review”, bit-Tech, vol. 7, no. 1, pp. 194–201, Aug. 2024.

Issue

Section

Articles
DOI : https://doi.org/10.32877/bt.v7i1.1627
Abstract views: 99 / PDF downloads: 48