A Review and Case Study on Attacking and Security Tools at Application-Layer of IoT

Internet of Things (IoT) is a revolution in our daily life ranging from tiny devices to large industrial setup. Since the last decade, the proliferation of IoT has raised major security concerns which are not often considered by the manufacturers and the end-users as well. IoT devices are more vulnerable to attacks due to weak passwords, lack of standard architecture, availability, and plug and play services, etc. Most of the existing IoT security literature primarily focus on network layer security. However, this paper mainly focuses on the application layer security of IoT for secure cloud-based sensor data handling. We provide a detailed taxonomy of various attacking and security tools at the application layer of IoT. We also provide a comparative analysis of these tools. Finally, a Denial of Service (DoS) case study is performed in the simulated IoT testbed environment integrated with Amazon Web Services (AWS)-IoT using open source tools. We hope that our work will be helpful to the researchers working in the area of IoT security.