Online citations, reference lists, and bibliographies.
Please confirm you are human
(Sign Up for free to never see this)
← Back to Search

Review On Security Of Internet Of Things Authentication Mechanism

Tarak Nandy, M. Idris, Rafidah Md Noor, Miss Laiha Mat Kiah, Lau Sian Lun, Nor Badrul Annuar Juma’at, I. Ahmedy, Norjihan Abdul Ghani, Sananda Bhattacharyya
Published 2019 · Computer Science

Save to my Library
Download PDF
Analyze on Scholarcy
Share
Internet of things (IoT) is considered as a collection of heterogeneous devices, such as sensors, Radio-frequency identification (RFID) and actuators, which form a huge network, enabling non-internet components in the network to produce a better world of services, like smart home, smart city, smart transportation, and smart industries. On the other hand, security and privacy are the most important aspects of the IoT network, which includes authentication, authorization, data protection, network security, and access control. Additionally, traditional network security cannot be directly used in IoT networks due to its limitations on computational capabilities and storage capacities. Furthermore, authentication is the mainstay of the IoT network, as all components undergo an authentication process before establishing communication. Therefore, securing authentication is essential. In this paper, we have focused on IoT security particularly on their authentication mechanisms. Consequently, we highlighted enormous attacks and technical methods on the IoT authentication mechanism. Additionally, we discussed existing security verification techniques and evaluation schemes of IoT authentication. Furthermore, analysis against current existing protocols have been discussed in all parts and provided some recommendation. Finally, the aim of our study is to help the future researcher by providing security issues, open challenges and future scopes in IoT authentication.
This paper references
10.1109/JIOT.2016.2619679
S2M: A Lightweight Acoustic Fingerprints-Based Wireless Device Authentication Protocol
D. Chen (2017)
10.3390/s140610081
Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography
Younsung Choi (2014)
10.1109/TCE.2014.6780922
Enhanced three-factor security protocol for consumer USB mass storage devices
D. He (2014)
10.1007/978-3-642-29038-1_24
Data Privacy against Composition Attack
M. M. Baig (2012)
10.1007/s11235-017-0299-y
ESSPR: an efficient secure routing scheme based on searchable encryption with vehicle proxy re-encryption for vehicular peer-to-peer social network
M. Ferrag (2017)
10.1016/j.jcss.2013.07.004
A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture
K. Xue (2014)
10.1145/77648.77649
A logic of authentication
M. Burrows (1990)
10.2991/jcis.2006.241
Optimal Energy Consumption for Wireless Sensor Networks
H. Jang (2006)
10.1007/s00779-012-0539-9
Protecting the sink location privacy in wireless sensor networks
L. Yao (2012)
10.1007/S11277-019-06252-X
An Enhanced and Secure Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards
Subhasish Banerjee (2019)
Social Engineering Attacks to Watch Out For, The State Of Security News
D. Bisson (2019)
10.5755/j01.itc.44.4.9197
An Improved Authentication Scheme for Electronic Payment Systems in Global Mobility Networks
M. Heydari (2015)
10.1016/j.jnca.2012.05.010
A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks
K. Xue (2013)
10.1007/s11277-016-3297-6
Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement
Sonam Devgan Kaul (2016)
NHS Cyber Attack: Why Stolen Medical Information is so Much More Valuable than Financial Data
A. Sulleyman (2019)
10.1007/s11227-016-1849-x
Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags
Aakanksha Tewari (2016)
10.1109/VTCFall.2017.8288279
Vehicle-to-Vehicle Message Content Plausibility Check through Low-Power Beaconing
Taeho Kim (2017)
10.1109/NSysS.2017.7885798
A security-aware Near Field Communication architecture
A. Asaduzzaman (2017)
10.1016/J.PROCS.2016.03.092
Detection and Prevention of Wormhole Attack in Wireless Sensor Network using AOMDV Protocol
Parmar Amish (2016)
10.1109/ICMETE.2016.66
Identification and Mitigation of Black Hole Attack in Wireless Sensor Networks
Harpreet Kaur (2016)
10.1007/s11432-009-0222-6
Partial cooperative spectrum sensing schedule in cognitive network
Fangmin Xu (2009)
10.1109/IEMCON.2018.8614837
Risks from Spam Attacks on Blockchains for Intemet-of-Things Devices
Santeri Paavolainen (2018)
10.1109/CCNC.2019.8651825
Token-Based Lightweight Authentication to Secure IoT Networks
Maissa Dammak (2019)
10.1016/j.compeleceng.2016.02.017
A lightweight message authentication scheme for Smart Grid communications in power sector
Khalid Mahmood (2016)
10.1016/j.future.2016.12.028
A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment
R. Amin (2018)
10.1016/j.adhoc.2016.11.002
Secure and efficient user authentication scheme for multi-gateway wireless sensor networks
J. Srinivas (2017)
10.1177/1550147719842725
Toward secure and accountable data transmission in Narrow Band Internet of Things based on blockchain
Hanshu Hong (2019)
10.1109/GIIS.2017.8169799
Real-Time data dissemination and analytics platform for challenging IoT environments
Glenn Daneels (2017)
10.1109/CyberC.2018.00022
An Improved User Authentication Protocol for IoT
Jianming Cui (2018)
10.3390/s18103236
Suppression Attack Against Multicast Protocol in Low Power and Lossy Networks: Analysis and Defenses
Cong Pu (2018)
10.1109/ACCESS.2016.2638038
A Secure IoT-Based Healthcare System With Body Sensor Networks
K. Yeh (2016)
10.1016/j.future.2016.11.033
A lightweight multi-layer authentication protocol for wireless body area networks
Jian Shen (2018)
10.1109/SECON.2017.7925274
Secure authentication on the Internet of Things
P. Griffin (2017)
10.1016/j.ins.2019.01.073
A lightweight machine learning-based authentication framework for smart IoT devices
P. Punithavathi (2019)
10.1016/j.eswa.2013.08.040
An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics
Ming-Chin Chuang (2014)
10.1109/WISPNET.2016.7566478
Anomaly based detection of Black Hole Attack on leach protocol in WSN
Vishali Bansal (2016)
10.1109/ACCESS.2017.2673239
Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks
Q. Jiang (2017)
10.2991/ijcis.2018.25905181
Deep Learning for Detection of Routing Attacks in the Internet of Things
F. Yavuz (2018)
10.1109/LES.2016.2630729
Public Key Authentication and Key Agreement in IoT Devices With Minimal Airtime Consumption
Savio Sciancalepore (2017)
10.1109/ICE.2017.8279999
Intelligent security on the edge of the cloud
Dimitrios Zissis (2017)
10.1016/J.JNCA.2019.01.006
Efficient DDoS attacks mitigation for stateful forwarding in Internet of Things
Gang Liu (2019)
10.1016/j.jnca.2016.10.001
An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks
Qi Jiang (2016)
10.1049/IP-IFS:20055073
Password-Based Authenticated Key Exchange in the Three-Party Setting
M. Abdalla (2004)
10.1109/ICECCS.2014.90
An Energy Efficient Temporal Credential Based Mutual Authentication Scheme for WSN
M. Sarvabhatla (2014)
10.1016/j.adhoc.2014.03.009
A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion
Muhamed Turkanovic (2014)
Efficient Two-Pass Anonymous Identity Authentication Using Smart Card
J. Chou (2013)
10.1016/j.comcom.2012.01.009
HealthShare: Achieving secure and privacy-preserving health information sharing through health social networks
Xiaohui Liang (2012)
Internet Security: How to Defend Against Attackers on the Web
M. Harwood (2015)
Security improvements of dynamic ID-based remote user authentication scheme with session key agreement
Young-Hwa An (2013)
10.1016/j.future.2016.02.020
End-to-end security scheme for mobility enabled healthcare Internet of Things
S. R. Moosavi (2016)
10.1109/IEEE.ICIOT.2017.10
Boot-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of IoT Nodes
Md. Mahmud Hossain (2017)
10.1016/j.adhoc.2015.05.014
An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment
M. Farash (2016)
10.1109/ACCESS.2018.2875678
Misbehavior Detection Based on Support Vector Machine and Dempster-Shafer Theory of Evidence in VANETs
Chunhua Zhang (2018)
10.1145/3175731.3176177
Towards a framework for managing inconsistencies in systems of systems
Thiago Viana (2016)
10.23919/ICACT.2017.7890132
Managing IoT devices using blockchain platform
S. Huh (2017)
10.3390/s18092813
New DoS Defense Method Based on Strong Designated Verifier Signatures
Marcone Pereira de Almeida (2018)
10.1109/PST.2018.8514197
Demonstrating Cyber-Physical Attacks and Defense for Synchrophasor Technology in Smart Grid
R. Khan (2018)
Two-Phase Security Protection for the Internet of Things Object
Vera Suryani (2018)
10.1109/TC.2002.1004593
Examining Smart-Card Security under the Threat of Power Analysis Attacks
Thomas S. Messerges (2002)
10.1109/IKT.2015.7288749
Detection of black hole attack in wireless sensor network using UAV
M. Motamedi (2015)
10.1109/GLOCOM.2010.5684211
FLIP: An Efficient Privacy-Preserving Protocol for Finding Like-Minded Vehicles on the Road
R. Lu (2010)
10.1007/978-1-4419-1674-7_38
An Overview of Privacy and Security Issues in the Internet of Things
C. M. Medaglia (2010)
10.1109/JIOT.2017.2775248
Privacy-Preserving and Lightweight Key Agreement Protocol for V2G in the Social Internet of Things
Jian Shen (2018)
10.1002/sec.1558
A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks
F. Wu (2016)
10.1109/ACCESS.2018.2884672
Security in Fog Computing: A Novel Technique to Tackle an Impersonation Attack
Shanshan Tu (2018)
10.1016/j.jisa.2017.03.001
Lightweight adaptive Random-Forest for IoT rule generation and execution
Menachem Domb (2017)
10.1007/s12652-016-0345-8
A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security
F. Wu (2017)
10.1016/j.future.2015.09.004
Secure clustering for efficient data dissemination in vehicular cyber-physical systems
Rasmeet S. Bali (2016)
10.1016/j.adhoc.2015.05.020
A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks
R. Amin (2016)
10.1109/TWC.2015.2473165
A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks
C. Chang (2016)
ProVerif: Cryptographic Protocol Verifier in the Formal Model
B. Blanchet (2010)
10.3390/s151229767
Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks
I. Chang (2015)
10.1145/3203422.3203426
Cracking IoT Device User Account via Brute-force Attack to SMS Authentication Code
Dong Wang (2018)
10.1145/1401890.1401926
Composition attacks and auxiliary information in data privacy
S. R. Ganta (2008)
10.1016/j.ins.2015.02.010
A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks
D. He (2015)
10.1109/HICSS.2000.926982
Energy-efficient communication protocol for wireless microsensor networks
W. Heinzelman (2000)
10.1155/2016/6854303
Comparative Study on Various Authentication Protocols in Wireless Sensor Networks
S. Rajeswari (2016)
Mutual Authentication Protocol for Low-cost RFID
J. Yang (2005)
10.1109/JIOT.2017.2703088
Mutual Authentication in IoT Systems Using Physical Unclonable Functions
M. Aman (2017)
10.1109/JIOT.2017.2787800
A Robust and Energy Efficient Authentication Protocol for Industrial Internet of Things
X. Li (2018)
10.1109/ISCC.2016.7543884
Identity-based authentication scheme for the Internet of Things
O. Salman (2016)
10.1109/JIOT.2017.2714179
Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things
S. Roy (2018)
10.1016/j.eswa.2013.09.032
A defence scheme against Identity Theft Attack based on multiple social networks
B. He (2014)
10.1016/j.cose.2017.08.002
USB-based attacks
N. Nissim (2017)
10.1016/j.comnet.2016.01.006
Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks
R. Amin (2016)
10.1109/JIOT.2017.2659783
Security and Privacy Preservation Scheme of Face Identification and Resolution Framework Using Fog Computing in Internet of Things
P. Hu (2017)
10.1109/EAIT.2014.23
A Secure Biometric-Based User Authentication Scheme for Heterogeneous WSN
M. Sarvabhatla (2014)
10.1016/j.compeleceng.2014.05.007
An improved remote user authentication scheme with key agreement
S. Kumari (2014)
10.1016/j.comnet.2016.03.011
On perspective of security and privacy-preserving solutions in the internet of things
L. Malina (2016)
10.1109/TII.2017.2773666
A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things
X. Li (2018)
10.1145/2981547
Authentication Protocol for an IoT-Enabled LTE Network
N. Saxena (2016)
10.1016/J.COMNET.2010.05.010
The Internet of Things: A survey
L. Atzori (2010)
10.1016/j.future.2017.06.023
Lightweight and privacy-preserving RFID authentication scheme for distributed IoT infrastructure with secure localization services for smart city environment
Prosanta Gope (2018)
WSN Integrated Authentication Schemes Based on Internet of Things
Tsung-Hung Lin (2018)
10.1016/j.camwa.2012.02.025
Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (RFID) tag mutual authentication protocol
Jung-Sik Cho (2015)
10.1016/j.compeleceng.2018.02.030
IoT application protection against power analysis attack
Jae-geun Moon (2018)
10.1109/GLOCOM.2016.7841543
A Secure Routing Protocol Based on RPL for Internet of Things
Ghada Glissa (2016)
10.1109/IIKI.2016.3
A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes
Tianyi Song (2016)
10.1109/ACCESS.2018.2798626
Compression Header Analyzer Intrusion Detection System (CHA - IDS) for 6LoWPAN Communication Protocol
Mohamad Nazrin Napiah (2018)
10.1155/2018/9046064
Efficient and Secure Biometric-Based User Authenticated Key Agreement Scheme with Anonymity
Dongwoo Kang (2018)
10.1109/JSEN.2015.2502401
BSN-Care: A Secure IoT-Based Modern Healthcare System Using Body Sensor Network
Prosanta Gope (2016)
10.1016/j.inffus.2016.04.007
Spatial anomaly detection in sensor networks using neighborhood information
H. J. Bosman (2017)
10.1109/ACCESS.2018.2846779
Continuous Patient Monitoring With a Patient Centric Agent: A Block Architecture
M. A. Uddin (2018)
10.1109/TSG.2011.2160661
A Lightweight Message Authentication Scheme for Smart Grid Communications
Mostafa Fouda (2011)
10.1007/s10916-017-0743-2
Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack
K. Nirmal Raja (2017)
10.1145/266420.266432
A calculus for cryptographic protocols: the spi calculus
M. Abadi (1997)
10.1016/j.future.2013.01.010
Internet of Things (IoT): A vision, architectural elements, and future directions
J. Gubbi (2013)
10.1145/3270101.3270106
Towards Query Efficient Black-box Attacks: An Input-free Perspective
Yali Du (2018)
10.3390/s110504767
A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography
Hsiu-lien Yeh (2011)
10.1016/j.jnca.2016.12.008
An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment
F. Wu (2017)
10.1016/j.jnca.2017.07.001
A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments
X. Li (2018)
10.3390/s18061938
A Novel Friendly Jamming Scheme in Industrial Crowdsensing Networks against Eavesdropping Attack
Xuran Li (2018)
10.1002/dac.2552
Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update
Y. Chang (2014)
10.1109/JIOT.2014.2306328
Internet of Things for Smart Cities
A. Zanella (2014)
10.1007/s11276-015-1005-1
Vehicle authentication via monolithically certified public key and attributes
S. Dolev (2016)
10.1007/s11277-013-1547-4
A Robust User Authentication Scheme Using Dynamic Identity in Wireless Sensor Networks
WenBin Hsieh (2014)
10.1186/s40064-016-3250-x
Realizing IoT service’s policy privacy over publish/subscribe-based middleware
L. Duan (2016)
10.1155/2017/6562953
Authentication Protocols for Internet of Things: A Comprehensive Survey
M. Ferrag (2017)
10.1155/2013/730831
A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography
Wenbo Shi (2013)
10.5755/J01.EEE.19.6.2038
An Improved Dynamic Password-based User Authentication Scheme for Hierarchical Wireless Sensor Networks
Muhamed Turkanovic (2013)
10.1016/j.jnca.2012.03.011
A dynamic password-based user authentication scheme for hierarchical wireless sensor networks
A. K. Das (2012)
10.1007/s11227-017-2105-8
On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags
King-Hang Wang (2017)
10.1109/ACCESS.2017.2676119
Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications
S. Challa (2017)
10.1016/j.future.2017.08.035
A payload-based mutual authentication scheme for Internet of Things
M. Jan (2019)
10.1016/j.cose.2013.10.001
DNS amplification attack revisited
M. Anagnostopoulos (2013)
10.3390/APP9010178
A Lightweight Perceptron-Based Intrusion Detection System for Fog Computing
Belal Sudqi Khater (2019)
10.1016/j.adhoc.2014.11.018
User authentication schemes for wireless sensor networks: A review
S. Kumari (2015)
10.1109/FiCloud.2016.22
Practical and Secure IoT Device Authentication Using Physical Unclonable Functions
John Ross Wallrabenstein (2016)
10.1002/dac.3437
Pseudonym changing strategy with multiple mix zones for trajectory privacy protection in road networks
Imran Memon (2018)
ITU Internet reports 2005: The Internet of Things
ITU’s Strategy (2005)
Smart Home concept and the integration of energy meters into a home based system
R. Lutolf (1992)



This paper is referenced by
10.1145/3388176.3388185
An Enhanced Two-factor Authentication Protocol for V2V Communication in VANETs
Tarak Nandy (2020)
10.1109/ACCESS.2020.3002932
A Survey on Trend and Classification of Internet of Things Reviews
Azana Hafizah Mohd Aman (2020)
10.1109/ACCESS.2020.3037359
A Survey of Security Challenges, Attacks Taxonomy and Advanced Countermeasures in the Internet of Things
Shapla Khanam (2020)
10.1109/NCETSTEA48365.2020.9119934
T-BCIDS: Trust-Based Collaborative Intrusion Detection System for VANET
Tarak Nandy (2020)
10.1109/INOCON50539.2020.9298304
A Systematic Review of Authentication Methods for Internet of Things
M. Mehta (2020)
10.33093/jetap.2020.x1.1
No. 1 Vehicle Positioning System Based on Cubic Spline Interpolation Using Statistical Analysis
Tarak Nandy (2020)
10.1016/j.ins.2020.09.051
Adaptive XACML access policies for heterogeneous distributed IoT environments
Khaled Riad (2021)
10.1109/ACCESS.2020.2989456
Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities
Muktar Yahuza (2020)
10.1109/CCWC47524.2020.9031254
Ticket-Based Authentication for Securing Internet of Things
A. Shrestha (2020)
10.1109/3ICT51146.2020.9312024
Collaborative Data Anonymization for Privacy-Preserving Vehicular Ad-hoc Network
Tarak Nandy (2020)
10.36227/techrxiv.12866978
Vehicle Location Prediction System Based on Historical Data
Tarak Nandy (2020)
10.1109/ICCCS49678.2020.9276868
A PUF-based Mutual Authentication Protocol for Internet of Things
Krishna Prasad Satamraju (2020)
Semantic Scholar Logo Some data provided by SemanticScholar