A Review of Attacks and Countermeasures in Internet of Things and Cyber Physical Systems

A Review of Attacks and Countermeasures in Internet of Things and Cyber Physical Systems

Vasaki Ponnusamy (Universiti Tunku Abdul Rahman, Malaysia), Naveena Devi Regunathan (Universiti Tunku Abdul Rahman, Malaysia), Pardeep Kumar (Quaid-e-Awam University of Engineering, Science and Technology, Pakistan), Robithoh Annur (Universiti Tunku Abdul Rahman, Malaysia) and Khalid Rafique (AJK Information Technology Board, Pakistan)
DOI: 10.4018/978-1-7998-2803-7.ch001


The internet usage for commercial and public services has significantly increased over these decades to where security of information is becoming a more important issue to society. At the same time, the number of network attacks in IoT is increasing. These include distributed denial of service (DDOS) attack, phishing, trojan, and others that will cause the network information to not be secure. With the revolution in Industry 4.0 and IoT being the main asset in the Fourth Industrial Revolution, many companies spend thousands or millions to protect their networks and servers. Unfortunately, the success rate to prevent network attack is still not welcoming. The attacks on physical layers, such as jamming, node tampering; link layer, such as collision, unfairness, battery exhaustion; network layer, such as spoofing, hello flood, Sybil attack, wormhole, DOS, DDOS; transport layer, such as flooding, de-synchronization; application layer, such as flooding, are alarming. This chapter reviews attacks and countermeasures.
Chapter Preview


Technologies have been evolving from the day it was founded. We are currently transitioning from the Industry 3.0 to Industry 4.0 which is a whole new addition to technology. Industry 3.0 deals with computers, automation, last-mile/kilometre access and digital sales and purchase while the Industry 4.0 is solely focused on Automated Physical Systems, Smart Cities, Internet of Things(IoT), Robotics, Artificial Intelligence (AI) and Blockchain. This change defines the change in work culture around the world almost in all industries. This era is said to be a combination of a cyber-physical system, where Industry 4.0 is made possible by IoT and the Internet of Systems and also it made the smart factories into reality.

With every good thing, there is always a flaw or a problem. The same goes for Industry 4.0 as it is closely associated with cybersecurity. A good cybersecuritry governance and secured systems is needed in this case. This survey work is an extension to the previous published works (Ponnusamy. V et al. 2020) on cybersecurity governance and secured systems. The cases of the attacks are increasing rapidly day by day and it is stressing the need to strengthen cyber resilience. In those days before IoT existed, the cyber experts were only dealing with attacks over the wired network and now they have to deal with attacks over a wireless network where it can be attacked from the physical layer, the network layer, processing layer and the application layer. These are the attacks that can be done in the physical layer which are Jamming in Wireless Network Sensors (WSN), Node Tampering, Physical Damage, and Social Engineering. For the network layer, the attacks are Traffic Analysis Attack, RFID Cloning, Man In The Middle Attack, Sleep Deprivation Attack, RFID Spoofing and Malicious Code Attack. On the other hand, the processing layer the attacks can be done by Unauthorized Access, Malicious Insider, Data Security, Virtualization Threats, and Application Security. Last but not the least, for the application layer; the attacks are Phishing attacks, Sleep Deprivation Attack Viruses and Trojan horse attacks, Malicious Scripts, Encryption Attacks, Side-Channel Attack and Distributed Denial of Service. Once the hackers use one of these methods to bypass the security in any layer, the victim’s money or personal information can be stolen or tampered. The hackers will use all the information they gather to either blackmail the victim or even impersonate them. They can also use the victim’s personal information to commit fraud or even endanger the victim’s life. This can also disrupt the IoT services if hacked by a hacker. For example, an IoT printer where documents are being printed, a hacker can hack the devices and view all the important documents like Financial Reports and Personal Banking information.

What Is Internet of Things (IoT) and Industrial Internet of Things?

Figure 1.

Components of Internet of Things (IoT)


The Internet of Things (Figure 1), or IoT, is billions of physical devices connected to the internet throughout the world. They are all transmitting, receiving and sharing data. It is possible to turn anything to become IoT. For example, a self-driving car is part of IoT. IoT is the merging of the physical and digital world and it adds the level of intelligence to the devices enabling them to communicate real-time without a human present. The industrial internet of things (IIoT) is the use of smart sensors and actuators to enhance manufacturing and industrial processes. Also known as the industrial internet or Industry 4.0, IIoT leverages the power of smart machines and real-time analytics to take advantage of the data that dumb machines have produced in industrial settings for years. The driving philosophy behind IIoT is that smart machines are not only better than humans at capturing and analyzing data in real time, they are better at communicating important information that can be used to drive business decisions faster and more accurately.

Complete Chapter List

Search this Book: