Investigating the IoT Security and Privacy Challenges: Summary and Recommendations


  • Premlata Chauhan Department of Computer Science & Engineering, Azad Institute of Engineering & Technology, Lucknow, Uttar Pradesh, India
  • Shafeeq Ahmad Department of Computer Science & Engineering, Azad Institute of Engineering & Technology, Lucknow, Uttar Pradesh, India
  • Pervez Rauf Khan Department of Computer Science & Engineering, Azad Institute of Engineering & Technology, Lucknow, Uttar Pradesh, India
  • Naseem Ahmad Khan Department of Computer Science & Engineering, Azad Institute of Engineering & Technology, Lucknow, Uttar Pradesh, India



Internet of Things, IoT Systems, security, privacy, cyber-attack


With the development of innovative technology transformation like cloud and Internet of Things (IoT), more technology companies are pursuing research in employing such innovations. Smart homes and cities are just two examples of the many systems and technologies that the IoT can endorse. IoT - based smart objects communicate with other parts, such as proxies, portable devices, as well as data collectors. Although these components help to tackle a number of societal issues and offer users new, cutting-edge services, their confined processing power makes them susceptible to well-known privacy and security attacks. This in turn highlights the demand for a strong technical as well as legislative foundation and asserts the significance of validity and reliability in IoT. This paper provides an insight of the IoT, security, as well as privacy challenges, and also discusses the recommendations for IoT solutions. Further we also highlighting some unresolved problems that require further study.


Vermesan, O., & Friess, P. (Eds.). (2013). Internet of things: converging technologies for smart environments and integrated ecosystems. River publishers.

Abdel‐Basset, M., Manogaran, G., Mohamed, M., & Rushdy, E. (2019). Internet of things in smart education environment: Supportive framework in the decision‐making process. Concurrency and Computation: Practice and Experience, 31(10), e4515.

Ortiz, A. M., Hussein, D., Park, S., Han, S. N., & Crespi, N. (2014). The cluster between internet of things and social networks: Review and research challenges. IEEE internet of things journal, 1(3), 206-215.

Da Xu, L., He, W., & Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on industrial informatics, 10(4), 2233-2243.

Borgia, E. (2014). The Internet of Things vision: Key features, applications and open issues. Computer Communications, 54, 1-31.

Algarni, A. (2019). A survey and classification of security and privacy research in smart healthcare systems. IEEE Access, 7, 101879-101894.

Haque, N. I., Rahman, M. A., Shahriar, M. H., Khalil, A. A., & Uluagac, S. (2021). A novel framework for threat analysis of machine learning-based smart healthcare systems. arXiv preprint arXiv:2103.03472.

Newaz, A. I., Sikder, A. K., Rahman, M. A., & Uluagac, A. S. (2019, October). Healthguard: A machine learning-based security framework for smart healthcare systems. In 2019 Sixth International Conference on Social Networks Analysis, Management and Security (SNAMS) (pp. 389-396). IEEE.

Khatri, S., Alzahrani, F. A., Ansari, M. T. J., Agrawal, A., Kumar, R., & Khan, R. A. (2021). A systematic analysis on blockchain integration with healthcare domain: scope and challenges. IEEE Access, 9, 84666-84687.

Ansari, M. T. J., Agrawal, A., & Khan, R. A. (2022). DURASec: Durable Security Blueprints for Web-Applications Empowering Digital India Initiative. EAI Endorsed Transactions on Scalable Information Systems, e25-e25.

Raval, M., Bhardwaj, S., Aravelli, A., Dofe, J., & Gohel, H. (2021). Smart energy optimization for massive IoT using artificial intelligence. Internet of Things, 13, 100354.

Samann, F. E. F., Zeebaree, S. R., & Askar, S. (2021). IoT provisioning QoS based on cloud and fog computing. Journal of Applied Science and Technology Trends, 2(01), 29-40.

Shahzad, Y., Javed, H., Farman, H., Ahmad, J., Jan, B., & Zubair, M. (2020). Internet of energy: Opportunities, applications, architectures and challenges in smart industries. Computers & Electrical Engineering, 86, 106739.

Butpheng, C., Yeh, K. H., & Xiong, H. (2020). Security and privacy in IoT-cloud-based e-health systems—A comprehensive review. Symmetry, 12(7), 1191.

Ansari, M. T. J., Pandey, D., & Alenezi, M. (2018). STORE: Security threat oriented requirements engineering methodology. Journal of King Saud University-Computer and Information Sciences.

Bhatt, S., & Bhushan, B. (2022). Cyberattacks and Risk Management Strategy in Internet of Things Architecture. In Artificial Intelligence and Cybersecurity (pp. 51-68). CRC Press.

IOT Security Statistics (2022): What you should know. Intersog. (2021, December 1). Retrieved June 25, 2022, from

Sava, J. A. (2022, April 19). IOT Security Market Size Worldwide 2016-2025. Statista. Retrieved June 25, 2022,

Ansari, M. T. J., Al-Zahrani, F. A., Pandey, D., & Agrawal, A. (2020). A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development. BMC Medical Informatics and Decision Making, 20(1), 1-13.

Ansari, M. T. J., Baz, A., Alhakami, H., Alhakami, W., Kumar, R., & Khan, R. A. (2021). P-STORE: Extension of STORE methodology to elicit privacy requirements. Arabian Journal for Science and Engineering, 46(9), 8287-8310.

Iqbal, M. A., Olaleye, O. G., & Bayoumi, M. A. (2017). A review on internet of things (IoT): security and privacy requirements and the solution approaches. Global Journal of Computer Science and Technology.

Liao, B., Ali, Y., Nazir, S., He, L., & Khan, H. U. (2020). Security analysis of IoT devices by using mobile computing: a systematic literature review. IEEE Access, 8, 120331-120350.

Geneiatakis, D., Kounelis, I., Neisse, R., Nai-Fovino, I., Steri, G., & Baldini, G. (2017, May). Security and privacy issues for an IoT based smart home. In 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 1292-1297). IEEE.

Khoo, B. (2011, October). RFID as an Enabler of the Internet of Things: Issues of Security and Privacy. In 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing (pp. 709-712). IEEE.

Ferrag, M. A., Shu, L., Yang, X., Derhab, A., & Maglaras, L. (2020). Security and privacy for green IoT-based agriculture: Review, blockchain solutions, and challenges. IEEE access, 8, 32031-32053.

Bertino, E. (2016, March). Data Security and Privacy in the IoT. In EDBT (Vol. 2016, pp. 1-3).

Al Shuhaimi, F., Jose, M., & Singh, A. V. (2016, September). Software defined network as solution to overcome security challenges in IoT. In 2016 5th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions)(ICRITO) (pp. 491-496). IEEE.

Malina, L., Hajny, J., Fujdiak, R., & Hosek, J. (2016). On perspective of security and privacy-preserving solutions in the internet of things. Computer Networks, 102, 83-95.

Slama, D., Puhlmann, F., Morrish, J., & Bhatnagar, R. M. (2015). Enterprise IoT: Strategies and Best practices for connected products and services. " O'Reilly Media, Inc.".

Collins, T. (2017). A methodology for building the Internet of Things. Retrieved August, 21, 2021.

Sicari, S., Rizzardi, A., Miorandi, D., & Coen-Porisini, A. (2018). A risk assessment methodology for the Internet of Things. Computer Communications, 129, 67-79.

Perumal, S., Norwawi, N. M., & Raman, V. (2015, October). Internet of Things (IoT) digital forensic investigation model: Top-down forensic approach methodology. In 2015 Fifth International Conference on Digital Information Processing and Communications (ICDIPC) (pp. 19-23). IEEE.

Uckelmann, D., Harrison, M., & Michahelles, F. (2011). An architectural approach towards the future internet of things. In Architecting the internet of things (pp. 1-24). Springer, Berlin, Heidelberg.

Jeschke, S., Brecher, C., Meisen, T., Özdemir, D., & Eschert, T. (2017). Industrial internet of things and cyber manufacturing systems. In Industrial internet of things (pp. 3-19). Springer, Cham.

Galbusera, F., Casaroli, G., & Bassani, T. (2019). Artificial intelligence and machine learning in spine research. JOR spine, 2(1), e1044.

Lemos, A. L., Daniel, F., & Benatallah, B. (2015). Web service composition: a survey of techniques and tools. ACM Computing Surveys (CSUR), 48(3), 1-41.

Jallow, A. K., Demian, P., Anumba, C. J., & Baldwin, A. N. (2017). An enterprise architecture framework for electronic requirements information management. International journal of information management, 37(5), 455-472.

Muzammal, S. M., & Murugesan, R. K. (2018, October). A study on leveraging blockchain technology for IoT security enhancement. In 2018 Fourth International Conference on Advances in Computing, Communication & Automation (ICACCA) (pp. 1-6). IEEE.




How to Cite

P. Chauhan, S. Ahmad, P. R. Khan, and N. A. Khan, “Investigating the IoT Security and Privacy Challenges: Summary and Recommendations”, EAI Endorsed Trans Cloud Sys, vol. 7, no. 22, p. e5, Aug. 2022.