Received 24 June 2024, accepted 10 September 2024, date of publication 16 September 2024, date of current version 19 December 2024.

Digital Object Identifier 10.1109/ACCESS.2024.3462170

Holistic Survey on Security in IoT Application

Layer: Attacks, Protocols, and Applications
N. SHARMILA KUMARI1 , (Member, IEEE), H. S. VIMALA1 , C. N. PRUTHVI 2, (Member, IEEE),
AND J. SHREYAS 3 , (Member, IEEE)
1 Department of Computer Science and Engineering, University of Visvesvaraya College of Engineering (UVCE, IIT Model College), Bangalore University,
Bengaluru 560001, India
2 Department of Computer Science and Engineering, Dayananda Sagar College of Engineering, Bengaluru 560078, India
3 Department of Information Technology, Manipal Institute of Technology Bengaluru, Manipal Academy of Higher Education, Manipal, Karnataka 576104, India

Corresponding author: J. Shreyas ([email protected])

ABSTRACT Context: The growing number of linked devices, the limitations of some IoT devices, worries
about data privacy, risks to physical safety, and the ever-changing threats all highlight why it’s crucial to
have strong security measures in the IoT application layer. We need these measures to protect our devices
and data, keep our personal information safe, and prevent potential harm or attacks. It’s important to make
sure our IoT applications have effective security to counter these risks.
Objective: The study’s goal is to examine the research on IoT application layer security with attacks,
applications and protocols and demands further focus in current and future research areas.
Method: To find the relevant literature, a systematic investigation was done, in 221 articles, 123 articles are
selected as a most relevant articles and classified as security in IoT applications and protocols.
Result: This paper mainly concentrated on security in IoT application layer, the articles are grouped as
attacks, applications and protocols. Based on IoT applications, smart home (15.3%), smart health care
(12.2%), smart home (13.3%), smart agriculture (17.3%), smart vehicles (16.3%), smart grid(15.3%) and
Industrial IoT (10.2%) represents the majority of articles. This survey further analyses the performance
metrics, parameters and performance evaluation of the existing literature.
Conclusion: The results confirm that we need these measures to protect our devices and data, keep our
personal information safe, and prevent potential harm or attacks. It’s important to make sure our IoT
applications have effective security to counter these risks.

INDEX TERMS Attacks, application layer, IoT, security, protocols.

I. INTRODUCTION of IoT devices in use until 2030, which is expected to follow

The Internet of Things (IoT) refers to the growing network an exponential trend [4].
of smart physical objects such as smartphones, wearables, Cisco predicts greater than 500 billion of things will be
home appliances, smart farming, smart grid, smart garbage, linked to the Internet by the end of 2025. Many researchers
smart home, smart cities, smart transportation, industrial and industry analysts agree that the economic impact of IoT
machinery and medical equipment etc that can detect and is substantial and growing. A report from the McKinsey
respond to their environment, gather and process data, Global Institute in 2015 IoT is predicted to could have a
communicate and share information with each other [1], [2]. total potential influence on the economy of 3.9 trillion to
With the proliferation of IoT applications, the number of 11.1 trillion per year by 2025 [5], [6]. The IoT is primarily
devices utilizing IoT applications is also increasing. This intended to change the way we work and live by creating
leads to a corresponding increase in data traffic load within intelligent tools and services that do our daily task.
networks [3]. Figure 1 illustrates the projected global growth In spite of all these advancements and initiatives, there
are still a number of problems that prevent the complete
The associate editor coordinating the review of this manuscript and and effective deployment of IoT in the real world. Security
approving it for publication was Jose Saldana . is a major issue or challenge that IoT faces and that
2024 The Authors. This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.
For more information, see https://creativecommons.org/licenses/by-nc-nd/4.0/
VOLUME 12, 2024 186957
 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

B. PURPOSE OF THE SURVEY

This survey aims to provide an overview of the diverse range
of security aspects in the Internet of Things (IoT) application
layer. It aims to examine attacks, applications, and protocols
of the IoT application layer that have been discussed in
numerous research works published between 2018 and the
present time (submission date).

C. MOTIVATION
IoT devices has brought about significant advancements and
transformative opportunities in various sectors, ranging from
healthcare and transportation to smart homes and industrial
FIGURE 1. Increase of IoT devices per year. automation. As IoT continues to evolve, it has become crucial
to address the inherent security challenges that arise within
needs to be resolved [7], [8]. In fact, IoT security threats its complex ecosystem. The application layer of the IoT
are becoming more and also its complexity. Numerous architecture plays a critical role in facilitating communication
investigations have demonstrated security and privacy issues and interaction between devices, applications, and users.
in IoT systems, related to authentication, authorization, However, it is also vulnerable to various security threats,
confidentiality, attacks, etc [7], [9], [10]. IoT security has including unauthorized access, data breaches, malicious
grown to be a major worry for research communities, attacks, and privacy violations. These vulnerabilities can have
industry, and the general public, needing additional in-depth severe consequences, such as compromising sensitive data,
study. disrupting critical services, and even endangering human
This paper’s primary goals are to identify and analyse safety. To ensure the successful and secure deployment
the fundamental security needs or requirements for the IoT of IoT systems, it is essential to have a comprehensive
application layer, to analyze and identify security attacks understanding of the existing security landscape in the
in IoT application layer, and the protocols used in different application layer. By examining the research works published
IoT applications. The papers also examines current security between 2018 and the present, we can gain insights into the
solutions at the IoT application layer. Several survey papers advancements, challenges, and potential solutions proposed
in the filed of IoT security have been published, but there by multiple authors in this domain.
is no clear focus on security with respect to the application
layer. our main aim is to look over a survey of security D. CONTRIBUTION OF THIS SURVEY
in the application layer considering the major security There are several existing surveys available in the field of IoT
requirements, attacks, protocols, and existing solutions in the application layer security. To the best of our knowledge, our
application layer. survey provides a more detailed analysis than existing works.
The major contributions of our survey are mentioned below.
A. RELATED SURVEYS 1) This paper’s primary contribution is to present a thor-
Several surveys have been conducted to review security in ough investigation on security in the IoT application
application layer, and their findings are summarized in the layer.
Table 1. In [11] authors explains only requirements, [12] 2) This survey categorizes different types of attacks in the
explains only protocols off IoT application layer. Authors IoT application layer.
in [13], [14], and [15] gives the details of requirements and 3) This survey focuses more on security in IoT applica-
protocols of IoT application layer, [16] and [17] explains tions where security is becoming a major concern and
only protocols. In [18] authors describes attacks and protocols summarizes all literature based on seven major IoT
of IoT application layer. Reference [19] provides review applications.
of requirements, attacks and applications of IoT and [20] 4) This survey summarizes protocols used in the IoT
provides review of requirements and protocols. Authors application layer.
in [5] analyzes requirements, attacks and protocols of IoT 5) A recent article in the field of security in the
application layer. References [21] and [22] explains the IoT application layer describes the advantages and
requirements, attacks and applications but not protocols. Our future work in detail, providing a comparison among
survey differs from existing surveys in a way of analyzing methods, including performance metrics, parameters,
the different types of attacks, applications and protocols of and performance evaluation, allowing researchers to
IoT application layer also describes the most prevalent perfor- comprehend various methodologies and choose the
mance metrics and parameters with performance evaluation. most appropriate one based on their needs.
At last mentioned the challenges and future direction of 6) This study provides a performance evaluation of
security in IoT application layer. IoT application security in terms of applications,

186958 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 1. Comparison of our survey with existing surveys.

evaluation, technologies used, key requirements, and A. SYSTEMATIC REVIEWS AND MAPPINGS: RESEARCH
datasets considered in each literature. QUESTIONS
7) This study lists the challenges and future directions of
security in the IoT application layer. The following are the research questions considered for the
rest of the paper.
RQ1. How collected articles are distributed based on
E. ORGANIZATION OF THIS PAPER publications in security of IoT application layer, and which
Figure 2 shows the taxonomy of this survey. Section I gives publication have published more articles?
an introduction. Section II shows the survey methodology. RQ2. How have research papers on security in the IoT
Section III gives details of IoT and security requirements applications and protocols been dispersed throughout the
of application layer. Categories of attacks in IoT described years?
in Section IV. Section V explains the security solutions of RQ3. How relevant articles are distributed in terms
each applications. Section VI explains the protocols of IoT publication type and publication year and which forum
application layer. Performance metrics and parameters of IoT published more articles?
applications are listed in Section VII. Section VIII gives the RQ4. What are the different application layer attacks and
performance evaluation. Section IX gives the challenges and how they are differentiated?
future directions of security in IoT application layer. Finally RQ5.What are the most common performance metrics
conclusion at Section X. and parameters used in security in the IoT application
layer?
RQ6. How many articles have looked at security in smart
II. SURVEY METHODOLOGY cities, smart homes, smart agriculture, smart home, smart
We followed the systematic survey mapping methodology health care, and smart grid applications?
proposed by [23] to propose this comprehensive review, RQ7. How articles of security in IoT application layer are
which results in a systematic review of any topic. validated?

VOLUME 12, 2024 186959

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 2. Organization of the survey.

186960 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

RQ8. Which is the most prevalent technology used

to give solutions for security problems in IoT applica-
tions?
RQ9. How articles are distributed throughout the IoT
applications, validations and technologies together?
RQ10. Which articles in the security in IoT applications
domain have received the most citations?
RQ11. What are the challenges and future direction of
security in IoT application layer?

B. LITERATURE SOURCES AND SEARCH STRATEGIES

In this study, the fundamental literature sources used to
search the research papers on security in IoT application layer FIGURE 3. Year wise distribution of most relevant papers.
published in Google scholar, IEEE explore, ACM, Elsevier,
Springer, MDPI, etc. include book chapters, transactions, 4) Attacks on the IoT application layer must be covered in
journals, and conferences. The search strategy employed the articles.
in the first stage [16] is a keyword-based one based on 5) The papers covered security issues with IoT protocols,
phrases like ‘‘security’’, ‘‘application layer’’, ‘‘security in applications, and attacks.
IoT application layer’’, ‘‘attacks’’, ‘‘protocols of application
2) EXCLUSION CRITERIA
layer’’, etc. 221 of the approximately 287 papers that were
1) The papers covered generic IoT security.
chosen for this study are regarded as being the most pertinent.
2) The papers discussed alternative application layer
Additionally, search methods are employed to discover the
security models for the IoT.
most pertinent sources by taking into account the title,
We ultimately chose 123 articles from 287 that met the
abstract, and keyword, as well as 123 chosen articles. From
inclusion and exclusion criteria and were most pertinent to
2018 through 2023 (as of the time of submission), these
security in IoT applications and protocols. Responding to
123 articles will be used for the categorization of security in
RQ3, Table 3 shows the distribution of most retained articles
IoT application layer.
in terms of publication type and published year. Table 4 lists
With regard to RQ1, Table 2 displays the total number
the most retained papers in security of IOT applications with
of papers published with and without selection criteria, with
the details of publisher, publication, impact factor, ranking.
more publications appearing in IEEE Xplore.
TABLE 2. Number of papers gathered for each database. III. IoT APPLICATION LAYER SECURITY
A. IoT
IoT is a concept that centres on the connectivity of items and
the communication between them and humans. Kevin Ashton
first coined the phrase ‘‘IoT’’ in 1998. A wide variety of tools
and communication protocols may be used in an IoT network
to gather and share data with other nodes [5]. There are three
main architectures in IoT shown in Figure 4, namely,
1) Three-Layer Architecture: Application Layer, Network
Layer, and Perception Layer are the three levels that
make up this architecture. Each layer has a certain
Figure 3 illustrates the year-wise distribution of most function. Coming to the top layer of the architecture
relevant articles in response to RQ2. These facts support deals with the application part, the network layer
the topic’s importance, which is being recognised by focuses on the various network protocols, and the
the scientific community. We took into account articles perception layer focuses on the various input collection
from 2018 to 2023 (up until the submission deadline), options [5], [9], [12].
however there are less articles from 2023 because it is yet 2) Four-Layer Architecture: The researchers have devel-
2023 and many items have not yet been published. oped a new layer based on the three-layer architecture
with a focus on support between the network layer
1) INCLUSION CRITERIA and the application layer of the architecture. This new
1) The security in IoT application layer must be covered layer is called the support layer, which focuses on the
in the articles. intermediate supporting components [13], [16].
2) The articles covered effective security measures for 3) Five-Layer Architecture: This layer comes with a
application-layer security in the IoT. more specific layer that focuses on various aspects
3) IoT application layer protocols’ effective security of IoT applications like- business aspects, processing
solution should be covered in the papers. Aspects, and data movement aspects as in Figure-4.

VOLUME 12, 2024 186961

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 3. Distribution of articles preserved by publications.

[16], [17]. The business layer of the architecture automation, healthcare monitoring, and environmental mon-
focuses on managing the entire business aspects of IoT itoring, among many others.
like application, profits model, and security aspects
of the application data. The processing Layer of the 2) NETWORK LAYER
architecture focuses on various control and processing In the three layer architecture network layer designed as a
of data across the system. The transport layer focuses middle layer and also called as a transmission layer [25]. The
on the data transfer protocol like UDP and TCP. network layer in the IoT three-layer architecture comprises
several components, including various devices like gateways,
hubs, and cloud infrastructure. Additionally, it incorporates
different communication protocols such as WiFi and cel-
lular networks [26]. It primarily focuses on facilitating
communication and data transfer between different IoT
devices and systems. This layer is responsible for managing
network connectivity, addressing, and routing mechanisms.
It ensures that data packets are efficiently transmitted
across the IoT network, enabling seamless connectivity and
interaction among devices. The network layer also plays
a vital role in optimizing network resources, managing
traffic, and providing security measures to protect data during
transmission.

3) PERCEPTION LAYER
This is the bottom layer in the three-layer architecture also
called as sensor layer [27]. Through the use of intelligent
devices like Radio Frequency Identification (RFID) tags and
other sensors, it enables interaction between physical things
FIGURE 4. Three general IoT architectural layers. and entities inside an IoT network.
It is crucial to maintain security in the IoT. This is mostly
In this study, we define the levels and roles inside the due to the growing integration of IoT devices into essential
IoT using the well-known three-layer design as a basis. services and applications for security, safety, and efficiency.
Many other IoT systems use this three-layer design (refer Examples of such applications include smart cities, industrial
to Figure 4). Additionally, we concentrate our investigation automation, e-health systems, and smart mobility solutions.
specifically on the IoT application layer, enabling a targeted To avoid unauthorised access, data breaches, and possible
and thorough examination of this particular aspect. threats to people, it is crucial to protect the integrity and
confidentiality of data transferred which is processed by these
1) APPLICATION LAYER IoT devices [28].
This is the IoT architecture’s top layer [24]. The deployment In addition, IoT devices have the ability to collect,
of a broad range of IoT applications and services is made preprocess, and transmit data that may include sensitive
possible in large part by the application layer in the IoT. Its and security-critical information. Consequently, they become
main responsibility involves managing important functions vulnerable targets for potential intruders. It is essential
like data processing, decision-making, and user interaction. to strengthen the security measures of the underlying
This layer facilitates the smooth integration of IoT devices components, concentrating on protocols, devices, and data
and systems with the larger network infrastructure and in particular to guard against nefarious agents or adversaries,
services, thereby facilitating efficient communication and in order to ensure the efficient and safe performance of IoT
data exchange. The application layer empowers IoT solutions systems. Strengthening security in these areas is essential
to deliver innovative services, such as smart homes, industrial for safeguarding the integrity, confidentiality, and privacy

186962 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 4. Publication forums of retained papers on security in IoT applications sorted based on no. of paper published.

of IoT data and mitigating potential threats and risks complex security mechanisms. Due to their resource-
[29], [30], [31]. constrained nature, implementing extensive secu-
IoT systems are more vulnerable to security assaults rity protocols may be challenging or impractical
compared to traditional communication networks for a [34], [35].
number of reasons [32], [33]. • The majority of IoT networks utilize wireless protocols,
• Many IoT devices face limitations in terms of resources such as WiFi and Sigfox, for communication. However,
such as power, storage, computation, and memory. this wireless nature makes IoT networks vulnerable
As a result, these devices are unable to accommodate to security breaches, as malicious actors can intercept

VOLUME 12, 2024 186963

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 5. Publication forums of retained papers on security in IoT applications sorted based on no. of paper published.

and gather confidential data by eavesdropping on the This paper is centered around the three-layer architecture
wireless channel [36]. of IoT, with a specific emphasis on the application layer.
• In many IoT systems, centralized data management The main goal of the study is to provide a taxonomy of
approaches, such as utilizing cloud and local servers, security needs, risks, and potential remedies for the IoT
are commonly employed. However, these centralized application layer. We examine the security features of the IoT
approaches introduce vulnerabilities to the overall application layer from three different perspectives—Attacks,
system due to a single point of failure and an increased IoT applications, and IoT application layer protocols—in
probability of security attacks. Relying on a single order to achieve this aim. These viewpoints are extensively
centralized entity for data storage and processing means discussed in further sections.
that if that entity fails or becomes compromised, it can
lead to system-wide disruptions and potential data B. SECURITY REQUIREMENTS OF THE APPLICATION
breaches [37]. LAYER
• The security challenges faced by IoT systems are Examining and understanding the security requirements that
further complicated by their increasing complexity the IoT application layer must meet is crucial for ensuring the
and heterogeneity. IoT systems comprise a diverse proper functioning and security of IoT systems. There may be
range of devices, networks, and applications, which serious security risks for the system if these standards are not
adds to the complexity of ensuring robust security. met. Presented below are the key security requirements in the
The various components involved may have different IoT application layer: The requirement has been listed here
security requirements, protocols, and vulnerabilities, are investigated from [5], [9], [39].
making it challenging to establish a comprehensive and
unified security approach [38]. 1) CONFIDENTIALITY
Recognizing the significance of IoT security, particularly When IoT devices deals with the privacy data transfer,
within the IoT application layer, and the absence of a confidentiality is a crucial requirement. Confidentiality
comprehensive survey addressing security in this specific entails safeguarding information from unauthorized access
layer, we aim to bridge this gap by conducting an extensive by individuals or entities who are not authorized to view
survey on the topic. In the subsequent sections, we will it [40]. It also involves protecting IoT devices and equipment
delve deeper into the research gap, discussing the need for from unauthorized access. Ensuring confidentiality poses
a thorough examination of security aspects within the IoT challenges, especially when dealing with various devices
application layer. and components involved in IoT use cases. Protecting

186964 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

confidentiality in IoT systems requires implementing robust or communication systems, ensuring privacy becomes
security measures to prevent unauthorized access to sensitive paramount. The data involved may include personal or sensi-
data and devices. The diverse nature of IoT use cases further tive information that should not be disclosed to third parties.
complicates confidentiality protection, necessitating tailored Protecting privacy in IoT systems involves implementing
security approaches to address the specific requirements and robust security measures to prevent unauthorized access, data
characteristics of each use case [5], [41]. breaches, and unauthorized use of personal data, maintaining
the confidentiality and privacy expectations of the data
2) INTEGRITY owner [5].
Data/message integrity in the context of IoT systems
ensures that a message remains unchanged throughout its IV. CATEGORIES OF ATTACKS IN IoT
lifecycle, from the time it is sent to the time it is received. An attack is any unauthorized or malicious action against
It pertains to maintaining data consistency, accuracy, and an IoT device or network. These attacks can include various
validity throughout its workflow. Integrity measures protect activities, such as stealing sensitive information, disrupting
IoT systems from unauthorized dissemination, destruction, or damaging the device’s functionality, or using the device
or alteration of messages. By ensuring data integrity, IoT as a platform for further attacks against other devices or
systems can mitigate the risks associated with unauthorized networks [47]. Attack categories are shown in Figure 5.
modifications, tampering, or corruption of messages, main-
taining the trustworthiness and reliability of the transmitted A. ATTACK TYPES
data [42], [43]. This section explains the different attack types in application
layer.
3) AVAILABILITY
Availability ensures that services and networks continue to 1) ACTIVE ATTACK
operate without interruption in IoT systems, even in the event An active attack in the context of the Internet of Things is
of errors or malicious activity [74]. In addition to putting a form of attack in which the attacker actively intervenes in
security measures in place, creating a fault management the communication between IoT networks or devices with the
plan is necessary to achieve availability. The identification, intention of changing or interfering with the system’s regular
isolation, and eventual rectification of anomalous network operation. In an active attack, the attacker frequently attempts
conditions or faults are all part of this process. By effectively to alter the content of messages being transferred between
managing faults, IoT systems can promptly identify and IoT devices, insert false messages, or intercept messages
address any disruptions or abnormalities, minimizing their in order to obtain unauthorised access to sensitive data.
impact on the overall availability of services and network Active attacks can be more dangerous than passive attacks
operations [44]. because the attacker has the ability to directly manipulate
the system. Example Man-in-the-middle (MitM) attacks,
4) AUTHENTICATION AND AUTHORIZATION where an attacker intercepts and modifies communication
Ensuring proper authentication and access control is one between IoT devices. Replay attacks, where an attacker
of the fundamental requirements for any communication records and then replays legitimate messages to impersonate
system, including IoT networks. It guarantees that authorized an authorized user [48].
users, such as patients and physicians in a smart healthcare
system, or authorized devices, such as nodes and aggregators, 2) PASSIVE ATTACK
can gain access to specific resources or perform certain A passive attack in IoT refers to a type of attack where
actions within the IoT network [45]. By implementing robust an attacker eavesdrops on the communication between IoT
authentication mechanisms and access control policies, IoT devices or networks without actively modifying or disrupting
systems can enforce restrictions and permissions, ensuring the system. Example Sniffing attacks, where an attacker uses
that only authorized entities can utilize the network’s services software or hardware to intercept and monitor network traffic.
and access the available resources. This helps protect against Traffic analysis attacks, where an attacker analyzes patterns
unauthorized access and misuse of IoT network resources, in network traffic to gather information about the system [49].
maintaining the security and integrity of the system.
B. ATTACK AREA
5) PRIVACY Attackers can take advantage of specific weaknesses at each
Privacy in IoT environments is closely associated with tier of the IoT architecture. In order to defend IoT devices
individuals and their data, particularly personal or sensitive against assaults, it’s critical to install security measures at
data, emphasizing the importance of safeguarding data from each tier.
unauthorized exploitation, access, or unexpected use [46]. Attacks on IoT can be categorized based on the different
In IoT systems, where numerous devices are connected layers of the IoT architecture, some common categories of
to the internet for data transmission to other devices attacks based on layers are:

VOLUME 12, 2024 186965

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 5. Categories of attacks in IoT based on types, area and effects.

1) PHYSICAL LAYER ATTACKS/PERCEPTION LAYER ATTACKS the perception layer is delivered to the computing unit by
These attacks target the physical components of the IoT the network layer for additional processing. The use of
device, including sensors, actuators, and other hardware. numerous IoT devices to attack this layer is quite likely
Example tampering with sensors to provide false data, [13]. Web-based phishing attacks target several IoT devices
interfering with wireless signals, and disrupting the power in an effort to take over some of them, at the very least.
supply [50]. Since this layer is made up of physical nodes The attacker sets up a fake homepage that looks just like an
like sensors and actuators that perceive the environment and authentic website and deceives the victim into visiting it. The
react to changes or user demands. These nodes generate attacker gathers important information, such as passwords,
resources that is sensor data, which are then delivered to after the victim hits on the phoney website [55]. In an IoT
application nodes via the network and middleware layers network, a Distributed Denial-of-service (DDoS) attack aims
[51]. Sensors perceive their surroundings, whereas actuators to disrupt server availability by saturating the communication
operate as controllers, taking action based on the data they channel with fake requests from dispersed IoT devices [56].
collect. Sensors, also known as nodes, are subject to node Wormholes and Sinkholes are examples of routing attacks
capturing attacks, in which an attacker captures or replaces where the attacker attempts to reroute traffic to another path
the node with a malicious node. The attacker can inject by gaining access to nodes [57].
malicious or fake code into these nodes via an over-the-air
firmware or software update, resulting in Malicious code 3) APPLICATION LAYER ATTACKS
injection or False data injection attacks [52]. In this layer, The software programmes that are installed on the IoT
side channel attacks is based on laser, power consumption, device are part of the application layer. Application layer
and time are possible. In an open environment nodes are attacks include malware attacks, SQL injection attacks, and
exposed to eavesdropping assaults during data transmission cross-site scripting (XSS) attacks. This layer is capable
or other events [53]. IoT devices have limited power, which of meeting customer demands for high-quality intelligent
attackers take advantage of by depleting the power supply services. [58]. Privacy and data theft are major concerns since
and creating Sleep deprivation. The security process on this layer interacts directly with end users. The application
IoT devices is typically activated after booting, allowing an layer is where smart applications for smart cities, homes,
attacker to initiate an attack during boot time. In this layer, the healthcare, and other areas are found. [15]. Like other
researcher is particularly interested in object management, layers, this layer is also affected by the Malicious code
object identification, and security [54]. Other examples are injection attack. The intruder might upload infected nodes by
Node Injection, RF Jamming, Tag Cloning, Battery Drainage, well-familiar vulnerabilities taking it out to fetcher software
Physical Damage, Exhaustion Side Channel,botnets, sleep injection [59].A service interruption attack disrupts services,
deprivation attack etc. making it comparable to a denial of service assault. When an
attack occurs, certain users have the special right to provide
2) NETWORK LAYER ATTACKS authorised users access, but if this access is compromised,
Data is routed between devices on various networks by the entire system may be attacked. As a result, one of
the network layer. Denial-of-service, routing, and flooding the main issues at the application layer is access control
assaults are examples of network layer attacks. Data from attack. [59]. With the use of sniffing tools, an attacker sniffs

186966 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

network traffic data, and in this attack, confidential data is various means, such as exploiting vulnerabilities in the
compromised. [60]. device’s software or tricking users into downloading
1) Spyware attacks Spyware attacks in IoT devices occur and installing malware Once injected, the malicious
at the application layer and involve malware that is code can execute a range of actions, such as stealing
specifically designed to collect data from the device or data, modifying or deleting data, or taking control of
monitor the user’s activities. Spyware can be installed the device. In IoT devices, code injection attacks can be
on IoT devices through a variety of methods, such particularly harmful since they can affect the device’s
as phishing emails, social engineering attacks, or by critical functions, such as controlling machinery or
exploiting vulnerabilities in the device’s software or monitoring patients’ health. To protect IoT devices
firmware. Once installed, spyware can collect a range from code injection attacks in the application layer, it is
of data from the IoT device, such as user credentials, important to regularly update software and firmware to
sensitive data, or browsing history. The collected data address known vulnerabilities [65].
is then transmitted to the attacker’s server for analysis 6) Message forging attack Message forging attack in
or exploitation [61]. the IoT application layer involves an attacker creating
2) Virus and malware attacks Virus and malware attacks a fake message or data packet to mislead or deceive
in the IoT application layer involve malicious software the IoT device. This attack can occur through various
that is designed to infect and compromise the IoT means, such as exploiting vulnerabilities in the device’s
device’s software or operating system. These attacks communication protocols or manipulating data packets
can occur through various means, including down- in transit. Once the fake message or data packet is
loading and installing malicious software, clicking on received by the IoT device, it may execute unintended
malicious links, or opening infected email attachments. actions, such as granting unauthorized access or
Once installed, viruses and malware can execute a executing malicious code. To protect IoT devices from
range of malicious activities, such as stealing sensitive message forging attacks in the application layer, it is
data, modifying or deleting data, or taking control of the important to use encryption to secure data transmitted
device. In IoT devices, these attacks can be especially between devices and to implement measures such as
damaging since they can affect the device’s critical message authentication codes and digital signatures to
functions, such as controlling machinery or monitoring verify the authenticity of incoming messages [66].
patients’ health. To protect IoT devices from virus and 7) Brute force attack Brute force attack in the IoT
malware attacks in the application layer, it is important application layer involves an attacker attempting to
to regularly update software and firmware to address gain access to the IoT device or its data by trying every
known vulnerabilities [62]. possible password or encryption key until the correct
3) Flooding attack Flooding attack in the IoT application one is found. This attack can occur through various
layer involves overwhelming the device with a large means, such as exploiting vulnerabilities in the device’s
number of requests or data packets, causing it to login system or using software tools to automate the
become unresponsive or crash. The attacker achieves password guessing process. Brute force attacks can be
this by sending a large number of requests or data particularly harmful since they can allow the attacker
packets to the IoT device, which it cannot handle due to to gain access to sensitive data or control the IoT
limited resources or processing power. To protect IoT device. For example, an attacker could use a brute force
devices from flooding attacks in the application layer, attack to gain access to a smart home’s security system,
it is important to implement security measures such as allowing them to enter the home undetected. o protect
rate limiting and traffic filtering to detect and block IoT devices from brute force attacks in the application
malicious traffic [63]. layer, it is important to use strong passwords and
4) Spoofing attack Spoofing attack in the IoT application encryption keys that are not easily guessable [67].
layer involves an attacker impersonating a legitimate 8) Access control attack Access control attack in the IoT
user or device to gain unauthorized access to the application layer involves an attacker bypassing the
system or data. This attack can occur in various device’s access controls to gain unauthorized access
ways, such as through phishing emails, fake websites, to the system or data. This attack can occur through
or by exploiting vulnerabilities in the device’s software various means, such as exploiting vulnerabilities in
To protect IoT devices from spoofing attacks in the device’s authentication system or using social
the application layer, it is important to implement engineering techniques to trick users into granting
strong authentication measures such as multi-factor access. Once the attacker gains unauthorized access,
authentication and digital certificates [64]. they may be able to execute a range of actions, such
5) Code injection attack Code injection attack in the as stealing data, modifying or deleting data, or taking
IoT application layer involves an attacker injecting control of the device. To protect IoT devices from
malicious code into the device’s software or application access control attacks in the application layer, it is
to modify its behavior. This attack can occur through important to implement strong authentication measures

VOLUME 12, 2024 186967

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

such as multi-factor authentication and digital access or disclosure. In IoT systems, sensitive data might
certificates [68]. include personal information, login credentials, or propri-
9) Sniffing attack Sniffing attack in the IoT application etary information related to the functioning of the system.
layer involves an attacker intercepting and capturing To ensure confidentiality, various security measures can be
network traffic between IoT devices to steal sensitive implemented, such as encryption, access control, Secure
information, such as usernames, passwords, or other communication protocols: The use of secure communication
confidential data. This attack can occur through various protocols, such as SSL/TLS etc [49].
means, such as using software tools to capture network
traffic or exploiting vulnerabilities in the device’s 2) INTEGRITY
communication protocols. Once the attacker captures It refers to the protection of data transmitted between IoT
the network traffic, they can analyze it to extract devices or stored in the cloud from unauthorized modification
sensitive information or modify it to execute malicious or tampering. data integrity is critical to ensuring that the
actions. To protect IoT devices from sniffing attacks in system functions as intended and that data is reliable and
the application layer, it is important to use encryption accurate. To ensure data integrity, various security measures
to secure data transmitted between devices and to can be implemented, such as message authentication, data
regularly update software and firmware to address validation etc [73].
known vulnerabilities in the device’s communication
protocols [69]. 3) AVAILABILTY
10) Intersection attack Intersection attack in the IoT It refers to the ability of IoT devices and cloud-based services
application layer involves an attacker intercepting and to function as intended and to provide reliable access to data
modifying data packets that are transmitted between when needed.In IoT systems, data availability is critical to
IoT devices to manipulate the behavior of the devices ensuring that the system can be used when needed and that
or to obtain unauthorized access to sensitive data. data is accessible and reliable. To ensure data availability,
This attack can occur through various means, such various security measures can be implemented like Disaster
as exploiting vulnerabilities in the device’s commu- recovery, load balancing etc [74].
nication protocols or using software tools to modify
data packets. To protect IoT devices from intersection 4) AUTHORIZATION AND AUTHENTICATION
attacks in the application layer, it is important to use They refer to the mechanisms that control access to IoT
encryption to secure data transmitted between devices devices and the data stored within them. Authentication is the
and to regularly update software and firmware to method of authenticating persons or devices trying to access
address known vulnerabilities in the device’s commu- an IoT system. This is typically achieved through the use of
nication protocols [55]. passwords, biometric etc. According to the permissions of
the authenticated user or device, authorization is the process
4) MULTILAYER ATTACK of providing or refusing access to resources inside the IoT
A variety of attacks exist that do not happen in a single system. [75].
layer. Such attacks can take place simultaneously in several
layers. A multilayer attack in the IoT application layer is a 5) PRIVACY
sophisticated type of attack that combines different attack It refers to the protection of personal information and the right
techniques across multiple layers of the IoT architecture to of individuals to control the collection, use, and disclosure
achieve a specific malicious goal. The goal of a multilayer of their personal data. privacy is a significant concern as
attack can range from stealing sensitive data to taking control these systems collect vast amounts of data about individuals,
of IoT devices or disrupting their operations [70]. Crypt- including their personal habits, behaviors, and preferences.
analysis attack deal with cyphertext and attempt to break the To ensure privacy in IoT systems, various security measures
encryption key required to decrypt the orginal data. To get can be implemented such as Data minimization, User consent
the plain text, the attackers need to find the encryption and control etc [76].
key. Cipher-text only attacks, plain-text known attacks,
chosen plaint-text attacks, chosen cipher-text attacks, and V. SECURITY IN IoT APPLICATIONS
man-in-the-middle attacks are all instances of crypt-analysis Security in IoT applications is necessary to protect the
assaults [71]. DDoS assaults are a sort of denial-of-service interconnected devices, data, and systems from potential
attack in which the attacker attempts to bring a network to a threats and vulnerabilities. IoT applications involve a vast
standstill and prevent legitimate users from accessing it [72]. network of interconnected devices that collect, transmit, and
process sensitive data, making them potential targets for
C. EFFECTS OF ATTACK cyberattacks. Security measures are essential to safeguard
1) CONFIDENTIALITY against unauthorized access, data breaches, tampering, and
It refers to the protection of sensitive data transmitted other malicious activities that can compromise the integrity,
between IoT devices or stored in the cloud from unauthorized privacy, and availability of IoT systems.

186968 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

In this study we have mentioned main seven applications and analyzed the data to create solution maps by using
used in IoT as shown in Figure 6, and surveyed the security predictive analytics. These maps are used to monitor the
solutions that authors produced. pollution in the city and deviate the routing path when the
pollution exceeds thresholds, reducing the concentration of
air pollutants.
Peneti et al. [81] introduced a blockchain-based grey
wolf optimized modular neural network method to han-
dle security and privacy. The three layers are created:
construction, translation, and application, and To address
security and privacy, user-authenticated based blocks were
developed. In order to manage latency and computing
resource utilisation in smart applications, an optimised neural
network is used.The simulation outcomes demonstrate that
the suggested approach guarantees low latency and high
security with 99.12% accuracy.
Hussain et al. [82] authors first verified a security solution
proposed by wazid et al. for the internet of drones application
and showed that their method could not control traceability
attacks. Hence author proposed a novel approach to overcome
a problem in the existing process. An improved scheme with
the current system is proposed to add security features to
avoid unknown attacks. The proposed method security is
verified with formal BAN logic. The experimental result
shows that the proposed method completes a security circle
FIGURE 6. Main seven IoT applications considered for this study. with a slightly high computational time.
Farahat et al. [83] described protecting citizen data
by securing WiFi data transmission while encrypting and
A. SMART CITY encoding data before transmission, decryption, and decoding
Modern information and communication technology advance- data at the destination side. They further proposed a system to
ments, the emergence of smart cities as a new paradigm authenticate users to access data. The proposed approach first
has been witnessed, aiming to increase amenities and compresses the data using a run-length encoding technique
residents’ quality of life while dynamically optimising and then encrypts it using the AES method. Then data
resources in cities [77].Numerous elements make up ‘‘smart is decrypted and decoded to get the original data at the
cities,’’ including diverse networks, large-scale databases, destination.
and sophisticated data centres. for the collection, transfer, Esposito et al. [84] proposed a blockchain-based solution
storage, and intelligent processing of real-time information. for the management of identity and authorization policy
New applications and services can be offered by smart and has integration with the content of FIWARE. Further
cities to enhance citizens39; daily life, such as decision- suggested solution approaches the security policies stored
making, energy consumption, transportation, healthcare, and in the block structure of blockchains. Compared with the
education. However, security and privacy issues continue to current centralized and federated storage solutions, the
require careful attention despite the potential vision of smart proposed solution results prove efficient regarding latency
cities [78]. and throughput in security-related information. Future work
Alazab et al. [79] proposed a trust-based IoT cloud involves developing policy checkers and validating the
computing method to choose trustworthy partners for quality policies.
improvement in the IoT edge network of smart architecture. Lv et al. [85] discussed the emerging technology Long
A choice recommendation technique for smart devices Range (LoRa), and the performance of wireless commu-
is presented. The trust management’s dependability and nication is analyzed. Authors show that LoRa technology
endurance technique are examined using the evolutionary can improve security in a smart city. Proposed a REBEB,
concept of games and the Lyapunov concept. Through a new backoff algorithm, and its results are the same
the experimental results, the proposed method proves 97% as experimental backoff algorithms regarding throughput
accuarcy in prompting multi-intelligent gadget collaboration. analysis. The proposed algorithm focuses more on fairness,
Toma et al. [80] authors addressed IoT security issues in and its fairness is more than 0.4 in different nodes; if
communication channels between gateways and the cloud. the number of nodes is less, then the fairness is better.
Proposed a robust solution that adheres to best practices and Evaluated in MATLAB and proves significant improvement
standards for reliable security. The solution is also interpreted in throughput and signal noise ratio. In the future can

VOLUME 12, 2024 186969

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

consider this work to improve other technologies and signal trained on these extracted features. The effectiveness of the
characteristics’ reliability. technique is assessed and compared using a dataset obtained
Badii et al. [86] presented a snap4city architecture with from a sophisticated water distribution system. The results
a security solution. The proposed solution addresses full demonstrate the effectiveness of the suggested approach
stack security, which ranges from IoT devices, IoT edge, and in detecting attacks with high accuracy. Furthermore, the
IoT applications on the cloud and on-premises. Integrated methodology surpasses the classification model that lacks the
security solutions are presented by using data analytics and feature learning step.
dashboards. The sanp4city architecture described in this work Bawany and Shamsi [91] presents the definition of the
complies with high-security levels. The future of this work is threat model and security needs for applications in smart
comprised of identifying the new specific requirements. cities. It proposes the architecture of the SEAL framework,
Altuyan et al. [87] present a comprehensive framework for which aims to provide an effective and agile solution
maintaining data integrity in smart cities, covering the entire for detecting and mitigating DDoS attacks. Additionally,
data lifecycle from source to consumer. This architecture is an application-specific security criterion is introduced, uti-
built upon blockchain, fog computing, and secret sharing, lizing adaptive threshold levels for DDoS attack detection.
emphasizing security and resilience. It includes detailed The paper further includes the design and implementation of
descriptions of framework components and their application the D-Defense, A-Defense, and C-Defense modules, which
in smart healthcare, ensuring data confidentiality during detect and mitigate attacks at different levels. To satisfy
node transmission. Blockchain’s capabilities are highlighted the control plane’s needs for resilience, scalability, and
for managing sensitive data and handling coordination performance, a load balancing algorithm is suggested and
challenges posed by massive IoT device data generation. put into practise. The SEAL architecture has undergone
Reference [88] a novel approach is proposed for evaluating extensive testing that show its usefulness in identifying DDoS
IoT security features in Smart Cities using model-based attack.
methods. This approach automates the extraction of test cases Reference [92] authors aims to address three key areas of
from formal specifications of the system or its environment. smart cities, namely smart mobility, smart living, and security
Central to the framework are Attack Trees and Price Timed provision, through the development of three nature-inspired
Automata, which formalize potential attack methods and solutions. The suggested solutions include ant colony-based
compute results using the UPPAAL platform. The test gen- intrusion detection systems for security, moth flame electric
eration process utilizes input from timed automata products, management for smart living, and dragon clustering mobility
with abstract tests converted into the standardized TTCN- in the Internet of Things. These answers are generated from
3 specification and execution language. A cloud-based ant colony optimisation, dragonfly optimisation, and moth
architecture is recommended for ensuring test execution and flame optimisation methods. A simulation is conducted to
collecting generated verdicts efficiently. evaluate the performance of these proposed solutions. The
Geisari et al. [89] To address the above problems, incorporation of nature-inspired solutions in tackling the
a three-module system named ‘‘Ontology-Based Privacy- challenges of smart cities presents an opportunity for future
Preserving’’ (OBPP) is suggested. An ontology, a data researchers to explore innovative approaches in this field.
storage model, is included in the first module to handle Shen et al. [93] proposed the Active and Traceable
the heterogeneity issue and ensure the privacy of IoT Trust-Based Data Collection (ATTDC) scheme for IoT,
device data. Semantic reasoning rules, part of the second focusing on passive trust data collection. Key contributions
module, are focused on identifying anomalous patterns include an active trust framework using UAVs for rapid
while also addressing service quality. The third module sensor node trust assessment via piggybacking. They also
has a privacy rules manager that dynamically modifies the introduce a traceable trust method where nodes transmit data
privacy behaviours of the devices to address the issues with digital signatures to identify suspicious nodes based
with privacy preservation in IoT devices. The approach’s on routing paths. This reduces acquisition costs. An ant
higher performance is proven when compared to existing colony algorithm optimizes UAV flight paths to enhance node
methods through extensive simulations on a synthetic smart credibility evaluation. Experimental results confirm ATTDC
city dataset, while also offering affordability and resilience accelerates and improves trust identification in sensor nodes
against information leakages. As a result, this approach has for reliable data collection.
the potential for wide application in smart cities.
Elsaeidy et al. [90] a system for detecting intrusions B. SMART HEALTH CARE
in smart cities is proposed, which utilizes Restricted Healthcare stands out as one of the most significant
Boltzmann Machines (RBMs). RBMs are employed due application areas for the Internet of Things (IoT), offer-
to their capability to understand detailed characteristics ing numerous opportunities for mobile and remote health
from unprocessed data in an unsupervised manner and monitoring. However, in IoT-based healthcare applications,
handle the representation of real data generated by smart privacy and security become major concerns due to the
meters and sensors. Subsequently, various classifiers are wireless nature of most devices and their communications.

186970 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 6. Summary of literature on security in smart city application.

VOLUME 12, 2024 186971

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 6. (Continued.) Summary of literature on security in smart city application.

TABLE 7. Summary of evaluation of literature considered in smart city applications.

The interaction of healthcare sensors, actuators, patients, connect to wireless networks, which are highly vulnerable
and carers requires reliable and secure data exchange. Due to threats. Consequently, these systems experience various
to resource limitations, security level requirements, and the attacks, including Attacks that disrupt services include Denial
system design of IoT-based healthcare systems, traditional of Service (DoS), Fingerprint and Timing-based Snooping,
security techniques like currently available cryptographic Router, Select and Forwarding, Sensor, and Replay attacks.
solutions, secure protocols, and privacy assurance are not It takes creative methods and specialised solutions that take
appropriate [94]. Smart health monitoring systems typically into consideration the distinctive qualities and constraints of

186972 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

the healthcare IoT ecosystem to address these security issues tool called IoTFlock, which enables researchers to create an
in IoT-based healthcare [95]. IoT use-case consisting of standard and malicious IoT devices
Rani et al. [96] proposed an intelligent IoT-based and generate traffic. Additionally, an open-source utility is
framework to present remote healthcare services. Various provided in the framework to convert the captured traffic
system entities are interconnected using Iot, and distributed generated by IoT-Flock into an IoT dataset. This framework
database management system is deployed to ensure faster developed an IoT healthcare dataset comprising regular and
data availability and secure data transfer for patients and IoT attack traffic. Various machine learning techniques were
healthcare applications. Blockchain technology is used to applied to detect cyber-attacks and safeguard the healthcare
provide more security for patients’ health care details. The system from such attacks. The proposed framework is
suggested approach is tested with actual clinical data results expected to facilitate the development of context-aware IoT
discussed in detail regarding the delay and processing time security solutions, particularly for sensitive use cases such as
and achieves better accuracy. Further, enhance this method the IoT healthcare environment. At last, the authors tested
to increase the processing time in blockchain networks to six ML classifiers with the generated dataset, and the results
minimize uncertainty by using more efficient AI techniques. show that the random forest method achieves more accuracy
Refaee et al. [97] a secure and scalable healthcare data of 99.51% and precession of 99.7%.
transmission framework in IoT is proposed in this paper, Kore and patil [100] presented a unique lightweight
based on an optimized routing protocol. The framework col- cross-layer trust computing technique for MIMA attacker
lects health information from different IoT devices, including detection. This strategy handles the load balancing and
sensors and wearable technology. strategies for data reduction energy imbalance issues. The detection of MIMA attackers in
and cleaning transmission are initially used to preprocess the network is accomplished by conducting cross-layer trust
the raw data. K-nearest neighbor (KNN) imputation is calculation of each node utilising sensor node characteristics
then performed, and principal component analysis (PCA) across several levels, such as network, physical, and MAC
is used as well to reduce the data’s dimensions. Features layers. To determine if a sensor node is an attacker, the
are extracted from the preprocessed data using modified threshold value is compared to the aggregate trust value
local binary patterns (MLBP). The fuzzy dynamic trust-based of each sensor node. Results from simulations show that
RPL (FDT-RPL) protocol is a low-power, lossy network IC-MADS offers superior defence against MIMA assaults
protocol that combines the fuzzy dynamic trust-based RPL with less overhead and energy usage.
algorithm with the butter ant optimisation (BAO) algorithm Balasamy et al. [101] authors focused on integrating IoT
to increase the overall security of data transfer. The algorithm devices in the medical field to improve patient-centered care.
is used in a smart healthcare system, and by contrasting However, the most challenging issue in healthcare services
it with conventional methods, its performance is evaluated. is ensuring the security of the data generated and collected
Healthcare data transfer is made safe and scalable by the by these devices. This chapter’s major goal is to create a
suggested routing system. framework for protecting IoT data produced in the healthcare
Kore and Patil [98] CLCSR protocol introduces a novel industry. The end-to-end communication capabilities and
approach for secure routing, attack detection, and privacy low-cost implementation of the security procedures in the
in data transfer. It features two layers: a cross-layer proba- IoT environment are required. The suggested architecture
bility model enhances network performance by identifying increases efficiency by achieving high throughput with little
multi-layer security threats and improving attack detection delay.
and Cluster Head (CH) selection. The second layer focuses on Sarosh et al. [102] in order to increase the security of
preserving privacy for medical information and user identity the cloud-based cryptosystem, Secret Sharing (SS) is also
using lightweight Elliptic Curve Cryptography (ECC) for used to create cypher pictures that are entirely noise-like.
authentication and authorization. The protocol employs It is particularly desired for IoT-based systems that the shares
hybrid encryption with 256-bit ECC public keys and signa- created by the system be minimal and use less resources,
ture verification to secure sensitive data. Relay node selection like as storage space and transmission bandwidth. It has
is optimized based on cross-layer probabilities to minimize been confirmed that the cryptosystem has significant key
data loss during transmission. Simulation results using NS2 sensitivity and is extremely secure against assaults and
demonstrate that CLCSR outperforms existing protocols interference.
in throughput, packet delivery ratio, energy consumption, Zaman et al. [103] This study suggests a holochain-based
routing overhead, and cryptography time. Future research security and privacy-preserving architecture for IoT health-
will explore strategies for handling different types of attackers care systems. The framework resolves the scalability issue
and integrating AI methods for optimal CH selection. and is especially appropriate for IoT applications with lim-
Hussain et al. [99] presented a framework for developing ited resources. The suggested holochain-based framework’s
context-aware security solutions in the IoT domain to identify average time complexity is provided in below Eq. (1)
malicious traffic in IoT use cases. The proposed framework
includes a newly developed open-source IoT data generator ωHolochain ∈ (m ∗ (log(n) + C)) (1)

VOLUME 12, 2024 186973

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

where n is the number of nodes, m is the transactions, C. SMART HOME

and c is the complexity parameter. Thorough analysis and Smart Home also called Home Automation Systems, Con-
performance results have demonstrated that the holo-chain- nected Homes, or Domotics, represent a class of the most
based IoT healthcare solution outperforms blockchain-based prevailing Internet of Things (IoT)-based systems. The
solutions regarding resource requirements while ensuring smart home environment has garnered significant interest
appropriate privacy and security. from academia and industry in recent times. While offering
Alabdulatif at al. [104] A thorough analysis of current numerous conveniences to home users, the smart home also
security issues and solutions in the context of smart healthcare introduces various risks that pose threats to both user security
is done. In addition, a case study for analysing malware and privacy. Many comprehensive approach has been survyed
and network assaults on wearable devices is put forth by providing an overview of smart homes, considering per-
that uses blockchain technology and artificial intelligence spectives from both academic research and industry practices
(AI). The suggested architecture is assessed using a vari- and broader perspective enables a deeper understanding of
ety of performance criteria, including dynamic malware the security and privacy challenges associated with smart
analysis, blockchain scalability, and accuracy. Finally, some homes [108], [109].
unresolved problems and research difficulties relating to Dutta et al. [110] The attribute-based access control
intelligent healthcare systems are emphasised. concept is now being used as the foundation for the
Newaz et al. [105] the novel security framework called planned Privacy through AnomaLy-detection System (PALS)
HealthGuard is proposed using machine learning techniques system. This system employs Semantic Web technologies to
for detecting malicious activity in a smart home system execute dynamic reasoning over sensed data (attributes) and
(SHS). To distinguish between legitimate and harmful context-driven rules, resulting in access control choices. This
operations, HealthGuard monitors the vital signs of numerous system extracts physical context from sensed data (attributes).
linked devices within the SHS and analyses changes in In order to create access control choices, the system considers
bodily processes. HealthGuard uses the Artificial Neural the user context, data gathered by the cloud service provider,
Network, Decision Tree, Random Forest, and k-Nearest and the kind of device. Additionally, a sub-system that
Neighbour machine learning-based detection approaches detects intrusions into smart home systems using network and
to spot dangerous activity. Twelve benign occurrences, behavioural data complements the system’s access control
encompassing both typical user actions and events caused choices. The combined strategy aims to spot signs of an
by diseases, were covered by data acquired from eight smart assault on a smart home system and reduce any possible data
medical devices for the framework’s training. A thorough breaches brought on by such attacks.
examination of HealthGuard’s performance against three Yu et al. [111] In the study, a smart home security
separate malicious threats shows its usefulness as a security analysis system was created and put into use. The technology
framework for SHS, with accuracy of 91. successfully identified and countered any contactless assaults
Sharma et al. [106] a novel decentralized application is that smart homes could experience. The traffic collection
proposed that utilizes a blockchain-based IoT system for module, traffic analysis module, system detection module,
the healthcare sector. The proposed application generates a and warning notification module made up the majority of
unique identification number for each medical certificate and the system. Its impact on home network performance was
implements the Proof of Work (PoW) consensus algorithm to found to be minimal. The proposed solution can better
create new blocks within the blockchain network. To ensure resolve the conflict between the security needs for smart
security and privacy of the generated medical certificates, home networks and the performance constraints of individual
the proposed application controls unauthorized or illegal devices. The open-source malware Mirai is employed to
access and employs hash algorithms to store medical data mimic the proposed system. The future work of this system
or certificates as blocks within the blockchain network. involves developing ML algorithms to identify abnormal
This approach helps prevent fraudulent activity within the traffic.
healthcare system. Saxena et al. [112] analyze the DDoS attacks in the smart
Taloba et al. [107] the evaluation of multimedia data home network and describe types of DDoS attacks and tools
processing in IoT healthcare systems is conducted in this used in the smart home networks. The authors proposed
paper, which proposes a robust healthcare architecture a defense technique for DDoS attacks which consists of
based on blockchain technologies. The individual activity topological defense, Game theory, fusion-based defense, and
captured by IoT devices is stored within the Blockchain to sequential defense scheme. The experiment is carried out by
ensure confidentiality and visibility between patients and using 24 nodes with an open-source tool called Wireshark
intermediaries, as well as to track all pathway behaviors. The and the results depict that the proposed technique has better
suggested framework builds upon the Blockchain movement accuracy than existing approaches.
to uphold the protection and integrity of patient records, Ammi et al. [113] proposed a novel approach employing a
ensure document availability, and facilitate the delivery hybrid hyper ledger fabric and hyper ledger for safe smart
process between providers and clients. home systems. The solution solves the observed security

186974 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 8. Summary of literature on security in smart health care applications.

flaws in popular blockchain implementation strategies. The characteristics to those from the hyper ledger composer,
suggested architecture consists of four layers: a layer for which enables a tailored, purpose-built solution that satisfies
smart homes, a layer for Hyperledger fabric and composer, the security criteria for IoT-based smart homes, is a crucial
and a layer for cloud storage. The mapping of smart home component of the suggested solution.

VOLUME 12, 2024 186975

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 9. Summary of evaluation of literature considered in smart health care applications.

Park et al. [114] presented a scenario of sensor data patterns to improve intruder detection accuracy and reduce
leakages through the vulnerability of smart home appli- false alarms. The system prototype includes an ESP32
cations. Further suggests risk management methods, grade security camera, PIR motion sensor, ESP8266 board, relay
classification, and clustering based on the proposed scenario, module, and DHT11 sensor for weather monitoring. Exper-
in addition, proposed a mixture model to express semantic imental results demonstrate a 99.8% accuracy in human
results regarding situation awareness. The suggested method motion pattern classification using a CNN model.
enables decision-making with semantic perspectives. Bhardwaj et al. [117] to safeguard the smart home
El Jaouhari et al. [115] proposed a layered smart home environment, the authors focus on IoT device firmware.
structure where security is a major concern at the application Presented a security methodology to analyze and investigate
level. All traffic data flow is encrypted between all differ- IoT firmware, revealing sensitive data. Also put out an idea
ent components. This proposed structure provides energy to analyze IoT real-time datasets using keywords.
management and health care management services. Further Shi et al. [118] the security range of IoT technology utilized
introduced practical healthcare service to allow occupants in smart home security is initially introduced in this paper,
to monitor vital signs for health care and to provide remote followed by the introduction of Zigbee, which is a typical
consultations from doctors to home. Energy consumption is communication network in IoT. Subsequently, the sensors
monitored and managed by using intelligent energy services. employed in environmental monitoring and intelligent door
Later a user interface is implemented to visualize the locks in IoT are also presented.
data exchange inside the home in a secure home. At last, Khan et al. [119] This study presents a resource-efficient
designed to send alerts to doctors when an abnormality is blockchain-based IoT security and privacy solution. A unique
detected, an android application is implemented to send such instance of Deep Extreme Learning Machine (DELM) and
notifications. the use of computing resources in a typical IoT setting,
Taiwo et al. [116] presented a smart home automation such as smart homes, enable the solution. The suggested
system that monitors outside environments, controls home method entails safeguarding the Blockchain-based Smart
appliances, and detects activities indoors and outdoors. Home Architecture by carefully assessing its dependability
A deep learning model categorizes and recognizes motion with regard to crucial security goals of privacy, integrity, and

186976 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

accessibility. Additionally, simulated outcomes are shown to schemes studied. The authors have identified the limitations
highlight that this method’s overheads (in terms of distribu- of existing research through meticulous comparative analysis.
tion, processing time, and energy usage) are insignificant in Furthermore, a thorough examination of the literature has
comparison to the protection and privacy benefits it offers. revealed the security goals that previous research has aimed
Iqbal et al. [120] for SDN-based smart homes, a novel secu- to achieve and has identified new opportunities for future
rity architecture that protects privacy is presented. An anony- research, particularly in the area of artificial intelligence.
mous lightweight authentication mechanism (ALAM) is Ferrag et al. [126] in order to improve cyber security
created using the fundamental tenets of the suggested security in Agriculture 4.0, a detailed evaluation and analysis of
architecture. The protocol’s security features are thoroughly intrusion detection systems is undertaken in this research.
examined utilising formal techniques like Burrows Abadi- Particularly, the criteria used to assess the effectiveness of
Needham (BAN) Logic and ProVerif, in addition to informal intrusion detection systems and the numerous cyber security
security study. Finally, the scheme undergoes performance risks that Agriculture 4.0 confronts are looked at. Following
evaluation and proves that the proposed work performance that, several intrusion detection systems are compared,
better. with an emphasis on cutting-edge technologies including
Allifah et al. [121] A novel methodology is proposed in cloud computing, fog computing, network virtualization,
this paper to systematically construct Rankings of consumer autonomous tractors, drones, the internet of things, industrial
electronics security. Any security assessment study’s data agriculture, and smart grids.
may be used to apply the technique. Along with a thorough Shyamala et al. [127] presented an architecture for smart
analysis of security flaws in consumer smart home IoT agriculture by merging IoT and blockchain. The nodes in
devices, previous attempts to use the Analytic Hierarchy the used blockchain receive the information from the IoT
Process (AHP) to prioritise security concerns are explored. nodes that are used for the smart agriculture process. A smoke
For each category of consumer gadget, relative security fire detector node is installed to detect the smoke fire in
scores are determined using the AHP methodology. the agriculture field near the water motor and power supply
Reference [122] a blockchain method is proposed for transformer. The smoke fire control node is designed to act
securing data within an IoT architecture. Based on its as a miner and to maintain all blockchain transactions. The
scalability, versatility, and increased throughput capabilities, smoke fire control node collects transaction details and access
EOS Blockchain is the best option. A suggested design and monitors each transaction’s status.
illustrates the idea of a smart house built on a blockchain. Suciu et al. [128] this paper seeks to showcase how
In order to create the IoT ecosystem for the smart home, the demands of IoT applications in agriculture can be met
sensors, Arduino, and Raspberry Pi are used. To guarantee through the processing of Big Data and the implementation
data confidentiality and integrity, data from the sensors is of decentralized cloud operations. It also aims to highlight the
captured and safely stored in the EOS blockchain. Raspberry role of smart farming in enhancing operational efficiency and
Pi is utilized as a client to interact with the developed security for farmers.Adcon Remote Telemetry Units (RTUs),
blockchain system. Software as a Service (SaaS), and Platform as a Service
(PaaS), which are represented by Grafana and the influxDB
D. SMART AGRICULTURE database, are the foundation of the suggested design.
The smart agriculture to improve global food security and Song et al. [129] paper presents FPDP, a Flexible Privacy-
minimize agricultures environmental impact is significant. Preserving Data Publishing Scheme for Smart Agriculture.
However, for this potential to be fully realized, it is crucial With the increasing use of data-driven technologies in
to protect these technologies from cyber-attacks. The current agriculture, privacy concerns arise when sharing sensitive
landscape demonstrates a substantial presence of cyber information. FPDP addresses these concerns by employ-
threats and attacks in this domain. Such attacks can result in ing data anonymization techniques, personalized privacy
severe disruptions to global markets, particularly impacting preferences, and a comprehensive architecture for data
the economies of developing nations that heavily rely on the preprocessing, privacy protection, publishing, and query
agriculture industry. Therefore, safeguarding Smart farming processing.
and technologies is imperative to mitigate these risks and Reference [130] This study presents a system for cloud-
ensure their positive contribution to food security and enabled smart-farm security monitoring that efficiently tracks
sustainable agricultural practices [123], [124]. sensor abnormalities and device status while thwarting
Vangala et al. [125] presents a comprehensive review of security intrusions via behavioural patterns. The system
the current literature on the use of blockchain technology for also has a blockchain-based smart-contract application to
information security. The authors have examined the latest safely store security anomaly data and proactively respond
developments in this field and have proposed a generalized to similar assaults in neighbouring farms. The Arduino
security architecture based on blockchain that meets the Sensor Kit, ESP32, AWS cloud, and Ethereum Rinkeby
core requirements of smart agriculture. In addition, the Test Network were used to create the framework prototype.
authors have conducted a detailed cost analysis of the various To provide prompt monitoring and reaction to security

VOLUME 12, 2024 186977

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 10. Summary of literature on security in smart home applications.

events, network latency was assessed. The examination of the IEC 62443 security standard. The authors identify the unique
framework’s performance indicates its capacity to identify security challenges faced by smart agriculture and adapt
security abnormalities in real-time and notify other farm the standard’s requirements to optimize security attributes
nodes to keep them informed of the circumstance. for agricultural IoT devices. Through experiments and
Abdelkader et al. [131] proposes an approach to enhance evaluations, they validate the effectiveness of the optimized
the security of IoT devices in smart agriculture using the security attributes in mitigating threats and improving system

186978 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 11. Summary of evaluation of literature considered in smart home applications.

security. The research contributes to strengthening the overall robustness of the proposed scheme is formally evaluated
security of IoT-based systems in smart agriculture, ensuring using the probabilistic Random-Oracle-Model (ROR) to
data integrity and privacy while addressing cyber threats. provide evidence of its strength. Furthermore, the scheme
Jalpur et al. [132] introduce an IoT system prototype is simulated using the widely accepted AVISPA tool to
for implementing secure smart agriculture. The authors demonstrate its security capabilities. Performance analysis of
address security challenges by leveraging IoT technolo- the scheme indicates that, in addition to its robust security, the
gies and implementing security measures. The prototype proposed scheme exhibits higher efficiency in terms of com-
incorporates various devices and components, including putation and communication overhead compared to existing
sensors, gateways, a cloud platform, and a user interface. schemes. These aforementioned characteristics render the
Experiments and evaluations demonstrate the feasibility and proposed scheme suitable for practical implementation in
functionality of the prototype, validating its effectiveness in real-world environments.
enabling secure and efficient smart agriculture operations. Itoo et al. [135] provided a framework for essential
The research contributes to the development of reliable and agreements for smart agricultural monitoring systems that
secure IoT solutions for agriculture, enhancing practices and protects privacy and is effective. Security is provided by the
sustainability in the field. framework using hash function and elliptic curve encryption.
Bothe et al. [133] introduce a new method for secure It provides defence against a range of security assaults and
user authentication in IoT-based smart farming systems. The makes secure communication between smart farm monitoring
authors propose using RFID technology to enable continuous equipment possible. BAN logic is used to show the precision
and transparent authentication without burdening the farm of the suggested protocol for mutual authentication and key
operators. The system utilizes RFID tags attached to personal exchange, and the Scyther security verification tool is used
objects, allowing farm operators to be authenticated based on to mimic the encrypted framework’s security. Using the ROR
their physical proximity to the IoT devices on the farm. The paradigm, the suggested system’s security is formalised.
paper presents a detailed architecture, communication proto- Nashwan et al. [136] The Diffie-Hellman key agreement
cols, and security measures for the RFID-assisted authenti- is used in this research to develop a secure authentication
cation system. Experiments conducted in a real-world smart technique for smart IoT irrigation systems employing WSNs.
farming environment demonstrate the system’s accuracy in The system uses one-way hash and Diffie-Hellman crypto-
dynamic scenarios. The proposed system offers enhanced graphic algorithms to deliver crucial security services, such
security, reduced authentication overhead, and improved user as fast data speeds and resilience to known attacks. Using the
experience, making it a valuable contribution to the field of Burrows-Abadi-Needham (BAN) logic model, the suggested
IoT-based smart farming. technique is formally verified. The resistance analysis of
Rangwani et al. [134] introduces a privacy-preserving, the scheme is described while taking into account several
efficient, and secure remote user authentication scheme assault possibilities. The concept is further examined in
for agricultural Wireless Sensor Networks (WSNs). The terms of running-time expenses, intercommunication, and

VOLUME 12, 2024 186979

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

storage size. Due to its suitable efficiency considerations, The scheme ensures secure mutual authentication, employing
the suggested technique therefore acts as both a secure the well-established BAN logic formal method.
authentication mechanism and a useful design for smart IoT
irrigation systems.
Alyahya et al. [137] presents the Cyber Secured Frame- E. SMART VEHICLES
work for Smart Agriculture (CSFSA), which introduces an Smart vehicles are networked and provide their owners,
innovative authentication scheme for IoT devices in the transportation agencies, automakers, and service providers
agricultural sector. By utilizing the Constrained Application a variety of cutting-edge services. However, these smart
Protocol (CoAP), the CSFSA ensures the integrity and automobiles are vulnerable to a number of security and
authenticity of data, effectively safeguarding against cyber privacy issues, including remote vehicle hijacking and
threats. The framework was evaluated through simulations GPS tracking. In the context of the Internet of Things
using the Contiki NG simulation tool, demonstrating notable (IoT) in vehicles, a vast amount of data is stored in the
reductions in packet size, communication overhead, and cloud, and any unauthorized modification to this data can
power consumption. Additionally, the proposed CSFSA potentially lead to significant road accidents. To address these
exhibits computational efficiency and resilience against concerns, the emerging technology of blockchain offers a
various cyber attacks such as replay attacks, Denial of promising solution by leveraging decentralization and smart
Service (DoS) attacks, and resource exhaustion. Overall, this contracts for enhanced security. Implementing blockchain
framework provides a reliable and secure solution for smart in vehicular IoT systems can effectively mitigate security
agriculture, significantly contributing to the advancement of risks and safeguard the confidentiality and integrity of data
secure and sustainable agricultural practices. [142], [143].
Arshad et al. [138] Using a secure access control Gupta et al. [144] introduces an attribute-based access
system based on private blockchain technology, a unique control (ABAC) system for cloud-enabled industrial smart
remote authentication strategy for agricultural monitoring vehicles. The authors address the need for secure access
is developed. The plan is put into action with the help control mechanisms in this context and propose ABAC as a
of hyper ledger cello tools and is authorised by private solution. ABAC offers fine-grained access control based on
blockchain access control (PBAC) algorithms. An analysis of attributes associated with users, resources, and environmental
the scheme’s security and privacy often uses a random oracle conditions. The paper presents a detailed architecture for the
model. The suggested protocol is also guaranteed to be safe ABAC system, highlighting its components and communi-
and able to withstand many forms of harmful assaults. The cation protocols. The benefits of ABAC include improved
suggested approach is also seen to be appropriate for practical access control granularity and flexibility, while challenges
applications since it enables the prevention of all varieties of such as attribute management are addressed.
security assaults. Maanak [145] explores the use of dynamic groups and
Vangala et al. [139] a blockchain-based smart contract attribute-based access control (ABAC) in smart car environ-
system is used to create a new authenticated key agreement ments. The authors highlight the limitations of traditional
method. It allows device-to-device (D2D) and device-to- access control models and propose dynamic groups and
gateway (D2G) mutual authentication and key agreement ABAC as more flexible and scalable alternatives. Dynamic
between IoT devices and the gateway node (GWN). Blocks groups allow for the creation of temporary groups based
are created by edge servers utilising authenticated IoT device on contextual attributes, while ABAC leverages attributes
data that is delivered to the cloud server (CS) through GWNs. to make fine-grained access decisions. The paper dis-
Through a peer-to-peer (P2P) CSs network, a smart contract- cusses implementation details, including the architecture
based consensus mechanism enables block insertion and and efficient attribute retrieval mechanisms. A case study
verification. A thorough security study, including formal demonstrates the effectiveness of the proposed approach in
verification, is performed on the suggested scheme to a smart car scenario. Combining dynamic groups, and ABAC
guarantee its resilience. improves security and privacy in smart car ecosystems.
Hassan et al. [140] An identity-based authentication Vega et al. [146] introduces a smart parking system that
scheme for IoT-enabled agriculture is proposed in this article. utilizes the SPIN-V sensor. This sensor combines visual data
To achieve cost-effectiveness, the utilization of hyperelliptic processing and IoT technologies to optimize parking space
curve cryptography (HECC) is employed. The computational utilization and enhance the parking experience. The SPIN-V
cost and communication overhead of the proposed scheme are sensor uses a camera and image processing algorithms to
superior to those of existing authentication schemes, while detect the presence or absence of vehicles in real time. This
also providing enhanced security, as determined through a information is then communicated to a centralized system,
comprehensive performance and security analysis. allowing drivers to access real-time parking availability
Khalid et al. [141] a new authentication scheme is proposed information through a mobile app or web interface.
for agriculture professionals, based on a multi-gateway com- Chattopadhyay et al. [147] emphasizes the significance of
munication model, with support for the Society 5.0 environ- incorporating security measures throughout the design and
ment through the utilization of a fuzzy extractor algorithm. development process of autonomous vehicles. The authors

186980 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 12. Summary of literature on security in smart agriculture.

address the unique security challenges posed by autonomous robust communication security. Case studies are presented to
vehicles and propose a security-by-design approach. This illustrate security vulnerabilities and attacks in autonomous
approach involves considering security aspects in hardware, vehicles.
software, and communication layers. The paper discusses Rathod et al. [148] proposes a blockchain-driven intelligent
techniques such as secure bootstrapping, secure software scheme that integrates the Internet of Things (IoT) with
updates, intrusion detection systems, and secure communica- beyond 5G networks to enhance public safety systems. The
tion protocols. The authors highlight the importance of secure scheme addresses security and privacy challenges by utilizing
hardware design, secure software development practices, and blockchain technology for data integrity and transparency.

VOLUME 12, 2024 186981

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 13. Summary of evaluation of literature considered in smart agriculture applications.

By leveraging the capabilities of beyond 5G networks, such Ghosh et al. [150] presents an integrated approach for
as high data rates and low latency, the scheme enables threat analysis in the perception system of autonomous
real-time communication and response in public safety sce- vehicles. The authors address the critical need for identifying
narios. The architecture includes IoT devices, a blockchain and mitigating potential threats that can affect the percep-
network, edge computing, and AI-based analytics. Benefits tion capabilities of autonomous vehicles. They propose a
of the proposed scheme include improved security, privacy comprehensive framework that combines various techniques,
preservation, scalability, and real-time responsiveness. Over- including deep learning, sensor fusion, and real-time analysis,
all, this approach presents a comprehensive solution for to detect and analyze threats in the perception system. The
enhancing public safety infrastructure through the integra- framework aims to enhance the safety and reliability of
tion of blockchain, beyond 5G networks, and intelligent autonomous vehicles by identifying and responding to threats
analytics. such as sensor faults, adversarial attacks, and environmental
Banafshehvaragh et al. [149] focuses on the detection of changes. The authors emphasize the importance of robust
intrusions, anomalies, and attacks in smart vehicles. The threat analysis for ensuring the secure and efficient operation
authors address the security concerns associated with modern of autonomous vehicles in real-world scenarios.
vehicles’ increasing connectivity and complexity. They Zhang et al. [151] introduces an extensible and effec-
propose a framework for detecting and mitigating threats in tive anonymous batch authentication scheme designed for
smart vehicles by combining various techniques, including smart vehicular networks. The authors address the secu-
machine learning, anomaly detection, and behavior analysis. rity and privacy challenges associated with authentication
The framework utilizes data collected from multiple sensors in vehicular networks and propose a novel scheme that
and sources within the vehicle to identify abnormal behavior provides anonymity and efficiency. The scheme employs a
and potential attacks. The authors highlight the importance of batch authentication approach, allowing multiple vehicles
effective intrusion detection systems in ensuring the security to authenticate simultaneously, thereby reducing the authen-
and safety of smart vehicles, ultimately enhancing the overall tication overhead. It incorporates cryptography techniques,
security of transportation systems. such as symmetric key encryption and signature generation,

186982 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

to ensure secure and anonymous communication between identities, and mitigate security threats. Comprehensive
vehicles and infrastructure. The authors highlight the exten- evaluation and experimental results demonstrate the scheme’s
sibility of the scheme, making it adaptable to different effectiveness in addressing the unique security challenges
authentication requirements and scalable to accommodate of BANs in smart vehicle environments, thereby enhancing
a large number of vehicles. The proposed scheme offers overall network security in this context.
enhanced security and privacy protection in smart vehicular Madaan et al. [156] In this article, the state of the
networks, contributing to the development of secure and smart car interaction grid is expected, and methods for
efficient transportation systems. building a blockchain-based system among smart vehicles are
Smys et al. [152] recommended approach to block suggested. There are several application cases for blockchain
requests from third parties while granting access to particular in connected cars that are covered, along with how motorised
users. In order to monitor the state of the vehicle without businesses and educational institutions are continuing to
jeopardising the in-car network, data is also exchanged develop this technology. In smart automobiles, blockchain
between the roadside devices and the vehicle. Only cars is depicted as a public distributed ledger that may record
having a validated and trustworthy record will be allowed transactions between two organisations. The adoption and
to exchange messages inside the blockchain network in application of blockchain technology in several businesses
order to ensure legitimate and authentic communication. and facilities, however, present difficulties. This essay’s goal
Through qualitative arguments, it has been determined that is to outline the challenges to effectively implementing
the proposed work demonstrates resilience against identified blockchain technologies in businesses.
attacks. Similarly, quantitative experiments indicate that this Terzi et al. [157] introduces a permissioned consor-
methodology exhibits compatibility with storage size and tium Blockchain (BC) architecture integrating public per-
provide enough response time in situations that are practical. missioned Self-Sovereign Identities (SSI). This approach
Results from simulations show that the proposed work has decentralizes authentication and authorization processes,
a good impact on vehicle forensics, trust management, and mitigating single points of failure. SSI provides identities
network security. to IoT devices, granting full control to individuals, busi-
Oham et al. [153] a Blockchain-based Framework for nesses, or intelligent vehicles. Advanced zero-knowledge
Securing Smart Vehicles (B-FERL) is proposed, using proof (ZKP) cryptographic algorithms ensure efficiency and
permissioned blockchain to restrict information access within scalability while protecting sensitive data. This combina-
the connected car network. It employs challenge-response tion facilitates trusted environments for automating vehicle
data exchanges between vehicles and roadside devices to emissions certification in compliance with standards. The
monitor vehicle network integrity. Only vehicles with verified integration of Hyperledger Indy (HLI) SSI with Hyperledger
blockchain records can communicate, ensuring authentic Fabric (HLF) network is detailed, highlighting processes for
and valid messaging. B-FERL’s resilience against attacks entity authentication and authorization.
is qualitatively demonstrated, supported by quantitative Wazid et al. [158] a public blockchain-based secure
analyses showing adequate reaction time and storage capacity communication framework for Intelligent Transportation
in simulations. B-FERL addresses critical aspects of vehicle Systems (PBSCF-ITS) is proposed. PBSCF-ITS ensures
ecosystem security, including trust management, vehicle access control and key management for communication
forensics, and secure vehicular networks. between vehicles, vehicle-to-roadside units, and roadside
Gupta et al. [154] presented a technique that resolves units to cloud servers. The security of PBSCF-ITS is analyzed
authentication and security issues in Intelligent Transporta- to demonstrate its resilience against various types of potential
tion Systems (ITS) by utilizing lightweight cryptography and attacks. Additionally, PBSCF-ITS is compared with other
graph-based machine learning. To offer authentication and competing schemes to evaluate its performance, revealing its
security for smart cars in the ITS, our solution uses the ideas superiority over existing solutions. Furthermore, a pragmatic
of identity-based authentication approach and graph-based study of PBSCF-ITS is conducted to assess its impact on
machine learning. Through the authentication of smart various network-related performance parameters, such as the
vehicles in the ITS and the identification of different cyber number of mined blocks and transactions per block.
threats, the proposed method significantly contributes to the Ahmad et al. [159] explains how to counter relay attacks
advancement of the intelligent transportation communication on passive keyless entry and start (PKES) devices using a
environment. combination of machine learning approaches. The suggested
Wang et al. [155] propose a security scheme tailored technique makes use of driving data for driver identification
for Body Area Networks (BANs) compatible with smart and key fob features for precise PKES system profiling. The
vehicles. The scheme focuses on ensuring data confiden- programme starts by looking for relay attacks; if none are
tiality, integrity, and authenticity during transmission and found, it then unlocks the car and gathers driving data. The
reception. It incorporates advanced cryptographic techniques, driver’s reported identification is then confirmed using neural
efficient authentication mechanisms, and anomaly detection networks. Using a three-month log of a PKES system, the
to establish secure communication channels, verify device efficiency of the approach in identifying relayed messages

VOLUME 12, 2024 186983

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

is assessed by contrasting Decision Tree, SVM, and KNN to make accurate demand forecasts and dynamically adjust
methods. The test results demonstrate an impressive accuracy energy usage. Additionally, the authors address security
rate of 99.8%. Driver identification is achieved using a concerns by integrating anomaly detection mechanisms to
Long Short-Term Memory (LSTM) recurrent neural network, identify potential threats and mitigate cyber-attacks. The
trained on real-world driving data collected from various proposed solution contributes to enhancing the efficiency,
routes and traffic conditions. reliability, and security of smart grid operations, paving
the way for sustainable and resilient energy management
F. SMART GRID systems.
The communication infrastructure of the electrical power Bera et al. [165] presents a novel access control protocol
system is crucially dependent on the smart grid. It is that leverages blockchain technology for enhancing security
sometimes referred to as the ‘‘next-generation energy sys- in IoT-enabled smart grid systems. The authors propose a
tem’’ and represents an avant-garde and progressive method decentralized and tamper-resistant approach to managing
of power grid design. One of its key features is the access rights and permissions within the smart grid infrastruc-
integration of two-way data communication within the power ture. By utilizing blockchain’s immutable ledger and smart
grid, enabling improved reliability and efficiency for future contracts, the protocol ensures transparent and secure access
energy systems. Additionally, it facilitates the integration control for IoT devices and users.
of distributed renewable sources and demand response Ferrag et al. [166] introduces an innovative framework
mechanisms. However, the smart grid is a vast and intricate called DeepCoin that combines deep learning and blockchain
network consisting of millions of interconnected devices. technology for energy exchange in smart grids. The authors
Consequently, such complex networks inherently possess propose a decentralized and secure approach to facilitate
numerous security concerns and vulnerabilities [160], [161]. efficient energy trading among participants in the smart grid
Yin et al. [162] presents a comprehensive framework for ecosystem. Deep learning models are employed to predict
enhancing the security of IoT-based smart grids using an energy demand and supply patterns, enabling optimal energy
intrusion detection system (IDS). The authors emphasize allocation and pricing. The blockchain-based architecture
the growing vulnerability of smart grids to cyber threats ensures transparency, immutability, and trust in the energy
and propose an IDS-based approach to monitor and detect exchange process.
potential intrusions and anomalies. The paper discusses key Alkhiari et al. [167] presents a novel approach to enhance
components of the framework, including data collection, the security of edge-enabled smart grid networks using
preprocessing, feature extraction, and intrusion detection blockchain, quantum key distribution (SQKD), and intrusion
techniques. It evaluates the performance of the IDS through detection systems (IDS). The authors propose a decentralized
experiments in a simulated smart grid environment and high- and secure architecture that combines the benefits of
lights its effectiveness in real-time detection and response blockchain technology for immutable transaction records,
to cyber threats. Overall, the paper offers practical insights SQKD for secure key distribution, and IDS for detecting
and solutions to bolster the cyber security of IoT-based smart and mitigating potential intrusions. The paper discusses the
grids. design and implementation of the proposed framework, high-
Shreshta et al. [163] presents a methodology for security lighting its ability to enhance the confidentiality, integrity,
classification specifically tailored for smart grid infrastruc- and availability of data in smart grid networks.
tures. The authors address the need for a systematic approach Srinivas et al. [168] presents an innovative scheme for
to assess and classify the security of smart grid systems. The secure and anonymous key exchange in IoT-enabled smart
proposed methodology enables the identification and classi- grid systems. The authors propose a protocol that combines
fication of security threats, vulnerabilities, and assets within anonymous signatures and authenticated key exchange tech-
the smart grid context. It provides a structured framework niques to ensure confidentiality, integrity, and authenticity
for evaluating security risks and determining appropriate of communication in the smart grid. The scheme protects
security measures based on the criticality and impact of each the privacy of users by providing anonymity during the
component. The paper contributes to enhancing the security key exchange process, preventing unauthorized access and
of smart grid infrastructures by offering a methodology that eavesdropping. The paper discusses the design, implementa-
aids in understanding, prioritizing, and mitigating security tion, and evaluation of the proposed scheme, demonstrating
risks effectively. its effectiveness in enhancing the security and privacy of
Babar et al. [164] introduces a novel approach for demand IoT-enabled smart grid systems. The research contributes to
side management in IoT-enabled smart grids that emphasizes the field by offering an advanced solution to address the
security and resilience. The authors propose a machine unique security challenges in the smart grid context.
learning-based engine that effectively manages energy con- Li et al. [169] presents a novel approach using secure
sumption by predicting and optimizing demand patterns federated deep learning to detect false data injection attacks
while considering security aspects. The engine leverages in smart grids. It proposes a decentralized framework that
historical data and real-time information from IoT devices combines deep learning and federated learning techniques

186984 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 14. Summary of literature on security in smart vehicles applications.

to mitigate the impact of malicious data injections while threats. This research significantly advances smart grid
preserving data privacy. By training models locally on security by leveraging federated deep learning for robust
grid nodes and sharing only model updates, sensitive data protection and scalability
remains protected. The study discusses the framework’s Matousek et al. [170] For the purpose of ICS/SCADA
design, implementation, and evaluation, demonstrating its protocol monitoring, a unique system is presented. To allow
effectiveness in enhancing smart grid security against cyber thorough analysis of ICS communication, the system

VOLUME 12, 2024 186985

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 15. Summary of evaluation of literature considered in smart vehicles applications.

combines IP flows and extracts application layer data from Reference [173] introduces a novel approach using
ICS packet headers. The system is able to recognise both reinforcement learning for a multi-stage game between
typical security assaults and unexpected dangers by applying attackers and defenders in the context of critical infrastructure
statistically based approaches and probabilistic automata protection. Unlike one-shot games, where attackers make
to create communication profiles. The suggested method single, isolated attacks, this approach allows attackers to learn
is used to IEC 60870-5-104 communication to validate and adapt their strategies over multiple stages. The defender
its efficacy, indicating its successful implementation and selects lines to protect, aiming to minimize cascading
potential advantages for improving protocol monitoring for failures like transmission line interruptions or generation
ICS/SCADA systems. loss. Feedback from each stage, such as line outage data,
Grammatikis et al. [171] introduces the Secure and informs the attacker’s next move. Performance evaluations
PrivatE smArt gRid (SPEAR) SIEM, which is specifically on the WW 6 bus and IEEE 39 bus systems demonstrate
designed for addressing security challenges in the Smart the effectiveness of this multistage strategy compared to one-
Grid (SG). The main focus of this work is to design and shot attacks, highlighting its importance in enhancing system
implement a SIEM system capable of detecting, normalizing, resilience against cyber threats.
and correlating cyberattacks and anomalies across various Atalay and Angin [174] a digital twins based approach
SG application-layer protocols. Notably, the performance is being proposed to address the existing absence of stan-
evaluation of the SPEAR SIEM is conducted using real dards for security evaluation in smart grids. This approach
data collected from four authentic SG use cases, including encompasses the complete life cycle of a smart grid and
a hydropower plant, a substation, a power plant, and a involves creating an accurate model of the physical grid to
smart home. The results obtained from these real-world prevent service disruptions that may result from conducting
scenarios provide substantial evidence of the effectiveness of security tests on the actual grid. By using a digital twins
the SPEAR SIEM in accurately identifying and responding based approach, the development of standardized models for
to security threats within the SG environment. continuous and comprehensive penetration testing of smart
Umair et al. [172] In the present context, a strong grids can be facilitated.
and secure digital text watermarking method for Microsoft Lei et al. [175] the drawbacks of the traditional power
Word documents is suggested. The technique ensures high cloud paradigm are addressed in this paper by introducing
probability extraction of the watermark, demonstrating edge computing between terminals and the cloud. Further-
its robustness, imperceptibility, and increased capacity.The more, a deep reinforcement learning algorithm based on the
effectiveness of the suggested technology is compared to that edge computing paradigm of multiagent deep deterministic
of earlier text watermarking methods. Peak signal-to-noise policy gradient (MADDPG) is proposed. The smart grids’
ratio of 33.65 and similarity rate of 99.42 demonstrate the SSA is analyzed by considering the minimum detection error
imperceptibility of the suggested method. The secret message rate and the minimum processing cost. The performance
is expanded from 0.2 to 1.24 kilobytes in size. evaluations demonstrate that faster convergence and the

186986 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

achievement of the optimal goal, which is providing real-time Li et al. [182] proposes a multi-convolutional neural net-
protection for smart grids, can be accomplished with the work (multi-CNN) fusion technique for intrusion detection
algorithm under this paradigm. using deep learning. It segments feature data into four
Sengan et al. [176] This research emphasises the integrity sections based on correlation and converts it into grayscale
of fake data cyber-attacks in the physical layers of smart graphs for processing. By employing CNN and flow data
grids. The idea of True Data Integrity, which uses an visualization, the technique identifies the most effective
agent-based model to offer an attack exposure measure, solution for intrusion detection. Experimental results on
is the paper’s first original contribution. The research then the NSL-KDD dataset demonstrate the model’s high accu-
focuses on using an Agent-based method to decentralise Data racy and simplicity in classification, surpassing traditional
Integrity Security inside the system. Finally, state-of-the- machine learning and other deep learning methods in both
art supervised deep-learning models are used to empirically binary and multiclass scenarios. This advancement signifi-
assess and compare the productivity and efficiency of the cantly enhances data security in industrial IoT applications.
proposed modelling strategies. The experiments’ findings Al-Hawawreh and Sitnikova [183] Brown-IIoTbed,
show that using the Artificial Feed-forward Network for a brand-new general end-to-end IIoT security testbed with
replay cyberattacks improves false data detection accuracy to an emphasis on brownfield installations, is suggested. Free
98.19%. open-source software and inexpensive hardware are used
to create the Brown-IIoTbed. To demonstrate the viability
G. INDUSTRIAL IoT of the Brown-IIoTbed, a variety of security risks based on
In relation to the Industrial Internet of Things (IIoT), the STRIDE model are explored and evaluated, along with
companies face significant challenges, with cybersecurity the demonstration of security evasion/reverse shell backdoor
being a primary concern. The IIoT entails networking and against router/firewall. An example of malicious payload
communication among smart devices, machines, computers, hunting and intelligence as a proactive defence method
and individuals [177]. In this interconnected industrial (early detection) is provided, along with machine learning
environment, it is crucial for personnel to be well-informed algorithms for intrusion detection. A thorough examination
about cybersecurity issues to proactively prevent or minimize and comparison of current testbeds with the Brown-IIoTbed
cybersecurity incidents and protect corporate data from is given.
breaches. Building resilience against cyber-attacks becomes George and Thampi [184] Proposed a graphical represen-
a critical objective for companies. Furthermore, the COVID- tation of multi-stage and multi-host threats on targets using
19 pandemic has amplified the importance of cybersecurity chained IIoT network vulnerabilities. The introduction of
awareness, particularly due to the surge in smart working methods allows for the extraction of security-related parame-
arrangements [178], [179]. ters from the graph. Based on the probability of successful
Zhao et al. [180] proposes a reliable authentication method exploitation of the vulnerability, a probabilistic metric is
based on biological information, utilizing the complete applied to the associated edge in the graph. This makes it
local binary pattern (CLPB) and the statistical local binary possible to compute the total threat posed by each attack
pattern (SLPB) to describe local vein texture characteristics. path. The elimination of attack pathways with short hop-
Additionally, auxiliary information such as contrast energy lengths, the elimination of hotspots, and the selective removal
and frequency domain information are incorporated to of high-risk attack paths are among the risk mitigation
interpret the finger vein. The recognition of finger vein techniques suggested. To assess the security-related aspects
images for identity authentication is achieved by measuring of an IIoT network, a plausible scenario is provided. The
the distance between the features of the registration image and alternatives provided by the suggested risk mitigation tactics
the test image. Experimental evaluations conducted on the make it easier to find workable ways to increase security.
SDUMLA-FV database and FV-USM database demonstrate Tariq et al. [185] this article explores the integration of
the high recognition accuracy achieved by the method. robots, big data analytics, and qualitative danger assessments
Shi et al. [181] Through the use of high-order features from historical databases for comprehensive risk analysis in
and creative data augmentation techniques, a deep abnormal industries. It introduces a novel endpoint protection system
network traffic detection model (DANTD) is suggested for utilizing HAZOP and convolutional neural network meth-
increasing IIoT security. To extract important high-order ods for autonomous vulnerability assessment. This system
characteristics, the DANTD model uses a deep convolutional significantly enhances security by preventing data breaches,
autoencoder, which improves its representativeness. The denial of service (DoS) attacks, and malware detection
DANTD model then uses generative adversarial networks as through autonomous network management, continuous soft-
data augmentation techniques to enrich the anomalous data, ware monitoring, data-driven insights, and integrated content
allowing the model to fully take into account the information filtering. In the context of Industrial Internet of Things
of the data distribution. Comprehensive tests performed on (IIoT), a unique computational approach evaluates cyber
actual IIoT datasets are used to verify the efficacy of the risks using IoT-specific control variables. The approach,
DANTD model. incorporating firmware-driven emulation, optimizes breach

VOLUME 12, 2024 186987

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 16. Summary of literature on security in smart grid applications.

rates, enhances incident detection, and secures sensitive data estimate a reward function from the perspective of the
effectively. adversary. The adversary then targets the Deep Q Network
Reference [186] an edge computing server’s DRL-based (DQN)-based controller using the estimated reward function.
controller is first created to offer automated control in The effects of the two assaults under consideration are
an IIoT scenario. Then, with a focus on two different assessed by simulation, which reveals that as the control
attack types—function-based assaults that may be launched model’s accuracy increases, so do the attacks’ success
during the training phase and performance-based attacks that rates. Additionally, while detailing many potential future
can be launched after the training phase—the malevolent research avenues to improve the security of machine learning
behaviours of adversaries are examined. The goal is to applications in IIoT systems, the tradeoffs between control
evaluate how insecure DRL-based controllers may affect performance and security performance of DRL-based IIoT
security. By watching system trajectories while being under controllers are highlighted.
the command of trained DRL-based controllers, maximum Reference [187] In order to abstract different industrial
entropy Inverse Reinforcement Learning (IRL) is used to IoT situations into a uniform model, this study examines the

186988 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 17. Summary of evaluation of literature considered in smart grid application.

logic and needs of each one. A security system based on the and exploration, is a step in the process of pixel selection
conditional proxy re-encryption primitive is created to detect utilising the HHO-based technique. This objective function
and prevent the potential attacks on the various industrial IoT directs the choice of the best encoding vector, allowing the
platforms. Unauthorised access to data is avoided by using secret data to be converted into an encoded form produced by
the suggested system. The experimental findings show that the HHO method. The effectiveness of the suggested strategy
the functionality and security criteria may be met with little is evaluated by a number of trials in terms of visual quality,
overhead, and the security and performance of the method are payload capacity, and assault resilience.
also analysed.
Reference [188] an analysis is conducted on the configura-
VI. PROTOCOLS OF IoT APPLICATION LAYER
tion and characteristics of the power control systems network,
IoT devices use various communication protocols to connect
which serves as an application area for industrial IoT tech-
and exchange data between the devices. At the application
nology. Additionally, a testbed environment is constructed to
layer, there are two major classes of IoT protocols as shown
validate the security technology and perform experiments to
in the Figure 7: message-passing protocols and service
verify the effectiveness of the security measures for the power
discovery protocols [12], [17]. Since MQTT and CoAP are
control system and the suitability of the testbed. The proposed
most used protocols and more research works are carried out,
testbed aims to enable the seamless integration of new
we have given the priority to these two protocols while doing
security technologies into critical industrial infrastructure,
this survey.
ensuring their stability and enhancing the overall security and
stability of the system.
Reference [189] The use of digital picture steganography A. MESSAGE PASSING PROTOCOLS
to provide covert communication and secure data transfer Message passing protocols, as the name suggests, enable
in the IIoT environment is presented in this research as the communication between IoT devices by passing messages
HHOIWT approach. The process requires employing Harris between them. These protocols define the structure and
Hawks Optimisation (HHO), a powerful metaheuristic opti- format of the messages exchanged between devices. The most
misation algorithm, to incorporate hidden data inside cover commonly used message passing protocols in IoT are MQTT
pictures. With the use of integer wavelet transformations, (Message Queuing Telemetry Transport), SNMQTT (MQTT
this approach selectively detects picture pixels that may be for sensor networks), AMQP(Advanced Message Queuing
used to mask some of the hidden data. The assessment of an Protocol), DDS( Data Distribution Service) and RESTFul
objective function, which includes two phases: exploitation (REpresentational State Transfer) [190].

VOLUME 12, 2024 186989

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 8. Publish subscribe model of MQTT.

FIGURE 7. Category of application layer protocols.

3) Header with Variable Length: This field is a MQTT
message that is optional. In order to carry more control
Regarding security in message-passing protocols, some information.
security services like encryption, authentication, and autho- 4) Payload: The application data is contained in this
rization exist, but there are no built-in security solutions in field [193].
service discovery protocols. Although security mechanisms Some related works concentrated on security using the
are in place, there is still a need to investigate security flaws MQTT protocol, which is described below.
in the design of application layer protocols. It is important to Masdani and Darlis [194] In this paper a MQTT protocol
note that security services are not automatically enabled and was compared with CoAP that can save power, function
must be explicitly activated by protocol developers [5]. effectively on unstable networks, and maintain security
is required to create a sustainable and power-efficient
gadget. Every time the ESP8266 board sent a message to
1) MQTT
the relevant server for each protocol in an interval, the
MQTT is a lightweight messaging protocol designed for
current consumption in each protocol was measured to
low-power devices and unreliable networks to transmit
make a comparison. Shunt resistor approach is used for the
messages. It uses a publish-subscribe model as shown in
measurement.
Figure 8, a publisher sends messages to a broker, and
Rold et al. [195] this paper thoroughly analyzes the
subscribers receive messages from the broker. MQTT is
MQTT-SN protocol and outlines its drawbacks. To accom-
widely used in IoT applications because it is highly scalable,
plish this, seven various extremely heterogeneous attacks
efficient, and easy to implement.[mm1]. MQTT runs over
were created and put to the test, analysing the various security
the transport control (TCP/IP) protocol. Using the concept of
effects they may have on an actual MQTT-SN network as
topics, the broker controls all communication flow between
well as its functionality. A threat detector was used in an IoT
publishers and subscribers [191], [192]. MQTT provides
devices and recognise previously unmodeled threats. They
different QoS such as QoS-0, QoS-1, QoS-2.
proposed a countermeasures to lessen the impact of these
• QoS-0 - The messages are transmitted to the broker attacks.Tthe use of threat detector results with an F1 score
immediately, and no acknowledgement is necessary. of 0.9963.
• QoS-1 - This ensures that the messages are sent to the Luoto and Systä [196] authors demonstrate how mes-
broker at least once, while they may possibly be sent sage queuing telemetry transport (MQTT), an IoT-specific
many more once. technology, may be used to construct systems created with
• QoS-2 - This makes sure that the broker only receives the a RESTful architecture. Their example case is a system
messages once. This uses the four-way handshake and for creating and deploying applications that may be used
has an impact on the protocol’s overall effectiveness. to remotely manage IoT devices. They conducted resource
MQTT packet structure consumption studies to compare the use of MQTT’s request-
1) Control Header: The control header is an 8-bit field that response protocol with HTTP in order to assess the suggested
is broken up into two subfields, correspondingly named solution. According to the findings, MQTT consumes less
Packet Type and Flags. There are 4 bits per subfield. memory and CPU time.
2) Packet Length: Indicates how many bytes are still in the Rahman et al. [197] a detailed analysis of security
transmission, including the variable-length header and issues related to data and devices is discussed in this
payload data. paper, along with a proposed enhanced security model to

186990 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 18. Summary of literature on security in Industrial IoT applications.

address these concerns. An improved version of the MQTT protocols’ features and capabilities and to evaluate their
protocol is suggested, which modifies and enhances the suitability for operation under constrained devices, while
existing protocol using Key/Cipher text Policy Attribute- considering security support and diverse network conditions,
Based Encryption(KP/CP-ABE) based on a lightweight in contrast to previous studies. The analysis focused on
Elliptic Curve cryptosystem. A multi-tier authentication bandwidth and CPU usage, as these factors translate to power
system for secure communication is also introduced and an consumption, which is critical for IoT devices with battery
additional security layer to prevent data theft. constraints. Realistic network scenarios were used in the
Seoane et al. [198] The performance of the two most analysis.
widely used protocols for the application layer, namely Detti et al. [199] a novel load-balancing strategy is
Constrained Application Protocol (CoAP) and Message proposed, which involves using multiple MQTT sessions
Queue Telemetry Transport (MQTT), was analyzed in per client to reduce inter-broker traffic. This strategy
this study. The aim of the analysis was to examine the can be implemented through a greedy algorithm. The

VOLUME 12, 2024 186991

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 19. Summary of evaluation of literature considered in Industrial IoT applications.

FIGURE 9. MQTT packet structure.

feasibility and effectiveness of the strategy for IoT and Iyer et al. [201] For two-stage MQTT protocol security,
social-network applications are demonstrated through simu- a unique architecture is suggested. The payload is first
lations and real measurements. The scaling penalty is reduced encrypted with a compact symmetric block cypher. Second,
to 10%. message authentication and data integrity are guaranteed
Rizzardi et al. [200] In the most well-known IoT-related using SPONGENT, a lightweight hash function. The nec-
protocols, including MQTT, CoAP, LoRaWAN, AMQP, essary subscribers are then made aware of the encrypted
RFID, ZigBee, and Sigfox, security aspects that are fre- communication and its hashed output. When compared to tra-
quently coupled with native functionality are examined in ditional asymmetric encryption, using lightweight symmetric
this study. The benefits and drawbacks of each protocol will encryption has a very low overhead. To accomplish security
be discussed in order to pinpoint unresolved problems and for this publish-subscribe protocol, the performance charac-
provide best practises for creating an effective and reliable teristics of many well-known lightweight cyphers, including
IoT network architecture. PRESENT, SIMON, SPECK, PRIDE, ROADRUNNER,

186992 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

MIDORI, and RECTANGLE, have also been assessed on a previous versions to support sensor network deployments
Raspberry Pi. better [193].
Buccafurri et al. [202] A unique OTP (one-time pass-
word) authentication mechanism for MQTT is put forth 3) AMQP
that creates a second-factor out-of-band channel using the
The Advanced Message Queuing Protocol (AMQP) is an
Ethereum blockchain. The concept makes use of Ethereum
open platform messaging standard utilized at the applica-
smart contracts to ensure user privacy, provide trust and
tion level to provide various message services, including
accountability, and enable the authentication of both local and
privacy, queuing, durability, and routing. AMQP ensures
distant devices.
reliable and consistent information exchange by employing
Malina et al. [203] This study presents a unique pub-
message passing primitives such as one-to-one, one-to-
lish/subscribe message-based security architecture for the
many, and exactly-once delivery. This protocol relies on
MQTT protocol. The goal is to improve Internet of Things
a stable transport protocol architecture, with middleware
services that respect users’ privacy. Three layers of security
acting as a gateway between applications and available
are offered by the suggested solution. The first level is
resources. It facilitates connections between institutions and
appropriate for brief data transfers of unaltered communica-
mechanisms across time and space [205].
tions. The second level improves data sources’ and receivers’
In the AMQP data transmission process, there are two main
privacy protection. With reciprocal authentication for all
steps: the message queue and the exchange queue. In the
parties, the third level ensures strong long-term security. The
message queue paradigm, messages are stored until they are
security framework uses simple cryptographic techniques
delivered to the intended recipient. In the exchange queue
that are appropriate for tiny, limited devices frequently
model, messages are transmitted in a suitable sequence.
employed in IoT use cases. Additionally, MQTT-specific
AMQP also supports a publish/subscribe communication
customization of the solution eliminates the need for extra
architecture in addition to point-to-point data transfer. Within
security costs.
AMQP, two types of messages exist: bare messages sent
Reference [204] This study reviews current methods for
by the sender and annotated messages available at the
securing communication channels, such TLS or symmetric
recipient [206]. However, it’s important to note that AMQP
encryption, and proposes a unique method for ensuring
requires comparatively higher bandwidth and does not
message confidentiality and integrity. The Keyed-Hash
guarantee resource discovery.
Message Authentication Code generation process is used
in the Value-to-Keyed-Hash Message Authentication Code
(Value-to-HMAC) mapping technique, which substitutes 4) DDS
signatures for encryption while sending messages. Although DNS-SD is a protocol that enables IoT devices to advertise
there are effective ways to encrypt communication between their services using the Domain Name System (DNS).
IoT devices, the article notes that not every device or It allows devices to advertise their services and capabilities
network architecture can bear the overhead and performance using DNS TXT records, which can be easily discovered by
hit associated with such protocols, much alone support other devices on the network. DNS-SD is widely used in IoT
them. In order to maximise efficiency while guaranteeing applications because it is platform-independent and easy to
that messages may only be read by the appropriate node, implement.
the Value-to-HMAC technique was developed. By using a Mauro et al. [207] proposed an application layer gateway,
single mechanism, the experimental technique shows how the called MiddleBridge, that translates Constrained Application
method achieves greater performance than a symmetric-key Layer Protocol (CoAP), Message Queuing, Queuing Teleme-
encryption algorithm while maintaining the secrecy and try Transport Protocol (MQTT), Data Distribution Service
integrity of information. (DDS), and Websockets messages into HTTP. Because all
servers are contained inside its code, MiddleBridge may be
installed on any computer having a Java virtual machine,
2) SNMQTT allowing IoT devices to effortlessly communicate data to any
The MQTT-SN (MQTT for Sensor Networks) is a variation of REST endpoint. With the suggested method, devices may
the MQTT protocol designed specifically for wireless sensor send a shorter message to a middleman (MiddleBridge), who
networks. It is developed to cater to the requirements of would reconstruct it and send it to middleware, cutting down
resource-constrained devices, emphasizing low cost, open- on the amount of time a device needs to transfer data.
source implementation, reliability, and simplicity. MQTT-SN Solpan and Kucuk [208] examined the DDS-XRCE
is optimized for the unique characteristics and limitations of standard’s operational mechanism and assess its performance
sensor networks, such as limited power, memory, and pro- in this paper. Three DDS-XRCE installations that happened
cessing capabilities. It enables efficient communication and as a result of the kind of receiver and sender, the path that
data exchange between sensors and gateways in a wireless packets take, and the protocols utilized are used as test cases.
network environment. The current version of MQTT-SN is Switching stream modes, transport profiles, and restricting
v.5.0, which includes enhancements and improvements over packet deliveries were used to create the test environment.

VOLUME 12, 2024 186993

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

For performance evaluation latency, throughput, and packet 3) Acknowledgement: This message is a repetition of the
loss were considered and the results showed that DDS- CON message.
XRCE standard is deemed suitable for Internet of Things 4) Reset: This means that some context was lacking
applications. when the confirmable message was received. This
circumstance often arises when a reboot occurs and the
5) RESTful receiving node’s status is unknown.
RESTful stands for Representational State Transfer and
is used for building web services. It defines a set of Sender will, confirmable (CON)The message type of the
constraints that need to be followed to create a RESTful request and response messages is represented by the code.
web service. RESTful services use HTTP methods like GET, CoAP retrieves, updates, creates, and deletes messages using
POST, PUT, and DELETE to perform CRUD (Create, Read, the GET (1), POST (2), PUT (3), and DELETE (4) message
Update, Delete) operations on resources. These resources types, accordingly. The message ID is used to identify the
are identified by URIs (Uniform Resource Identifiers). In an kind of communication sent by the CoAP node that sent it.
IoT application, the devices can use HTTP requests to send Concurrent requests are differentiated using the token field.
sensor data to servers, retrieve commands, or update device The CoAP node’s token must be exclusive to the current
configurations. The server can respond with HTTP responses source and destination pair [200].
that contain data, instructions, or status codes. For example, Bansal and Kumar [210] this paper presents an enhanced
a temperature sensor can use a HTTP GET request to retrieve CoAP named RCoAP to address the limitations of CoAP to
the current temperature from a server. The server can respond achieve an efficient IoT network. Unlike existing protocols
containing the temperature value. that operate on instantaneous Round-Trip Time (RTT) in
Luigi et al. [209] the author developed an approach that IoT, it also makes use of CoAP options, payload, and node
represents a significant advancement towards a systematic distance for defining the network state in a better way. The
and managed process for creating adequate security measures current CoAP message format is used in the design of RCoAP,
for REST-based service platforms and applications. The and the message options and payload are used to record
adopted methodology for authentication has demonstrated communication parameters. Cooja and Contiki are used to
the practical usability of the approach. Then, the REST-ful replicate the RCoAP method. According to the findings, the
protocols HTTP and CoAP have been created using the implemented RCoAP performs better than the CoAP in terms
provided general REST message authentication system. of the determined performance matrices.
Xu et al. [211] to enable heterogeneous connection in
B. SERVICE DISCOVERY PROTOCOLS Internet of Things networks, the author suggests the design
Service discovery protocols, on the other hand, enable IoT and implementation of a knowledge-based edge computing
devices to discover and connect to other devices or services on system. They proposed a framework, EdgeX is employed
the network. These protocols allow devices to advertise their as the edge computing platform, while Hypertext Transfer
services and capabilities, making it easier for other devices to and Constrained Application Protocols are used as the
find and interact with them. The most commonly used service communication protocols. The results, it was observed that
discovery protocols in IoT are DNS-SD (DNS-based Service connecting with an IoT device through the CoAP is more
Discovery) and UPnP (Universal Plug and Play) [190]. stable and faster.
Kodali et al. [212] the author showcases the implementa-
1) CoAP tion of home automation that includes security and measures
CoAP is a protocol designed specifically for IoT devices with ambient temperature using CoAP protocol. A CoAP server
limited resources and constrained networks. It is based on helps in updating data for cloud storage and local network
the REST (Representational State Transfer) architecture and access. The data is updated for further analysis in the
supports request-response communication between devices cloud, and the status of the devices at home is obtained.
shown in Figure 10. CoAP is similar to HTTP, but it is Implementation of Home Automation Using CoAP protocol
designed for use in low-power devices, making it ideal for has a great impact when compared to other protocols.
IoT applications. Khalil et al. [213] to improve CoAP security, the authors
CoAP messaging format Version field is 2 bits, which uses an security strategy protocol named TACACS+. This
contains information on the CoAP message’s version. approach deals with access control, authentication, and
Confirmable (0), Non-Confirmable (1), Acknowledgement accounting. Implemention was done using a mobile phone,
(2), and Reset (3) are among the message kinds used by a Raspberry Pi,TI SensorTag and a WeMo switch. The
CoAP. method for resource discovery in an IoT setting strengthens
1) Confirmable (CON): The sender will get notification COAP security. The author considered performance metrices
from the server or receiver that the messages have been such as CPU usage, time computation, latency, energy
received. consumption, and traffic exchange between a client and a
2) Non-Confirmable (NON): The sender won’t receive a server. The results shows that the proposed security strategy
confirmation from the server or receiver. has a low cost in terms of performance indices.

186994 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 10. Request response model of Coap.

FIGURE 11. Coap message format.

Diego et al. [214] paper examines the advantages of The effects of switching between the two communication
using the security decoupling method known as IoTsafe technologies are also covered. For the desired multimodal
in conjunction with the constrained application protocol communication, a viable end-to-end architecture is proposed.
(CoAP). The findings demonstrates that this implementation A prototype implementation of this architecture is used to do
is feasible, which enables IoT device applications and server a thorough analysis of handover and the delay it causes.
software to use an insecure version of CoAP (without DTLS) Sanaa et al. [216] The issues of two main application layer
while seamlessly entrusting security concerns to IoTsafe protocols used for Vehicular and infrastructure communica-
without requiring the inclusion of any additional specific tion is identified in this paper among the most well-known
features in their design. protocols in the automotive industry is MQTT and CoAP.
Basu et al. [215] This study examines the pairing A solution using elliptic curve cryptography is reviewed
of Narrow Band IoT (NB-IoT) and Bluetooth Low and implemented into the two protocols to fix privacy and
Energy (BLE) as communication possibilities for an communication problems with low energy consumption.
IoT device running a protocol stack called Lightweight Tiburski et al. [217] The performance, overhead, and
Machine to Machine/Constrained Application Protocol handshake issues of the DTLS protocol from CoAP in
(LwM2M/CoAP). The difficulties presented by various Fog-to-Fog communications were evaluated in this paper,
protocol stack options, including various transfer modes (IP specifically in the context of operating in RANs. The results
versus non-IP), the application of Static Context Header of the tests conducted indicated that DTLS from CoAP
Compression (SCHC) techniques, and Datagram Transport is appropriate for Fog-to-Fog communications utilizing
Layer Security (DTLS) security modes, are examined. HSPA+ and LTE as radio access networks.

VOLUME 12, 2024 186995

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

Ayoub et al. [218] a lightweight Mutual authentication retrieve content on behalf of upstream servers, resulting in
protocol based on constrained application protocol (CoAP) improved response times [221]. HTTP is developed within
is proposed as a suitable option for IoT devices compared the internet protocol suite framework. It primarily uses
to HTTP. The proposed protocol utilizes elliptic curve the reliable transport layer protocol, Transmission Control
cryptography to ensure secure data transmission between the Protocol (TCP), which ensures the dependable delivery of
Cloud and the devices. To verify the effectiveness of the large data. TCP’s reliability advantage is beneficial when
proposed scheme, the AVISPA tool was employed. strict latency limits are not imposed. However, in resource-
Palma et al. [219] the integration of very high frequency restricted nodes that constantly transmit small amounts of
(VHF) communications, a commonly available maritime data, establishing a TCP connection for each request creates
radio-technology, with protocols utilized in the Internet of unnecessary overhead and increases latency. Nonetheless,
Things (IoT) is proposed. This is achieved by implementing HTTP has the flexibility to utilize unreliable protocols such
the Internet Protocol version 6 (IPv6) over a low-power wire- as User Datagram Protocol (UDP). HTTP is an extensible
less personal area networks and the constrained application and straightforward protocol. Its client-server structure,
protocol (CoAP) to ensure interoperability between existing combined with the ease of adding headers, allows HTTP to
maritime systems and the Internet. An experimental setup evolve alongside the extended capabilities of the internet and
was evaluated under various settings and configurations while the web.
also providing an analytical assessment of the reliability
of the solutions. The results confirmed the feasibility of E. WebSocket
using IoT protocols over a VHF link and demonstrate the WebSocket is a full-duplex, bidirectional, low-latency, and
superior performance of this approach compared to IPv4- asynchronous protocol designed for continuous data trans-
based solutions. mission between two devices over a single TCP channel.
It draws inspiration from HTTP but incorporates advance-
C. XMPP ments to enable real-time, event-driven communication in
Decentralized Client-Server (DCS) is a method of instant IoT applications. Unlike traditional request-response or
messaging used by the XMPP protocol. DCS separates the PubSub communication patterns, WebSocket allows for the
server and client developers. The role of the client developer initiation of a session without requiring a specific request-
is to increase users responsibility and server developer’s response exchange. Overall, WebSocket provides a reliable
responsibility is to ensure scalability and reliability. and efficient means of bi-directional communication between
Gupta et al. [220] proposed web based application has devices, making it well-suited for real-time IoT applications.
all the services that a small organization might need and
also provides a scope for growth and improvements by using VII. PERFORMANCE METRICS AND PARAMETERS
XMPP protocol. The simplicity of the component used makes This section describes major performance metrics and
it easier to use and maintain. parameters used in IoT application layer security responding
to RQ5.
1) Precision: It represents the proportion of correctly
D. HTTP
predicted attacks, also known as true positives (TP),
HTTP (HyperText Transfer Protocol) is a protocol respon-
in relation to the total predicted results, which include
sible for the collaboration and distribution of information
both true positives and false positives (FP). Mathemat-
within a system. It serves as the foundation for commu-
ically, precision is defined by the following equation
nication in the World Wide Web, relying on hyperlinked
Eq. (2) [99].
documents that contain hyperlinks providing users with
access to other resources. Communication between clients TP
and servers occurs through the exchange of HTTP requests Precision = (2)
(TP + FP)
and responses. It is the primary client/server model used
in the current internet web and is highly compatible with 2) Recall: It measures the ratio of correctly predicted
the infrastructure commonly used by developers. HTTP attacks (TP) to the actual occurrences of attacks,
operates on a request/response model within the client/server which include both true positives and false negatives
computing system. In this model, clients send HTTP request (FN). Mathematically, recall is expressed as ashown in
messages to servers, which then present the requested Eq. (3) [99].
resources (such as HTML files) or perform specific functions.
Subsequently, the server sends an HTTP response message TN
back to the client, containing status data about the request Recall = ∗ 100 (3)
(TN + FN)
along with the requested content in the message body. The
protocol aims to enhance communication between clients 3) Accuracy: The accuracy is a measure of the proportion
and servers by leveraging intermediate network elements. of accurate predictions compared to the total number of
For example, high-traffic websites utilize cache servers to samples. It can be mathematically represented as shown

186996 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 20. Summary of literature used in MQTT and Coap protocols.

in Eq. (4) [99]. and attack traffic in a test set. Mathematically, the
TP + TN F1-score can be expressed as the harmonic mean of
Accuarcy = ∗ 100 (4) precision and recall. It is represented in Eq. (5) [99].
TP + FN + TN + FP
4) F1-score: The F1-score is a metric that combines
precision and recall into a single value. It provides a Precision ∗ Recall
F1score = 2 ∗ (5)
measure of the accuracy of predictions for both normal Precision + Recall

VOLUME 12, 2024 186997

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 21. Parameters used in existing IoT application security solutions.

5) Average throughput: It is a total number of packet where P is a total number of received packets, T 1 is
delivered per second or total number of packets simulation start time and T 2 is simulation stop time.
delivered per second. Throughput in kbos can be 6) Average energy consumption: The average energy
expressed as shown in Eq. 6 [100]. consumption of the entire network is determined by
measuring the remaining consumed energy of all
P 8 nodes at the end of the simulation. The total energy
Throughput = ( )∗( ) (6)
2
T −T 1 1000 consumption can be reffered as computed as shown in

186998 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 22. Parameters used in existing IoT application security solutions.

Eq. (7) [100]. where Einitial

i and Econsumed
i is initial and consumed
energy of ith node and N is total number of nodes [100].
N
X The average energy consumption is
Total energy consumption = Einitial
i − Econsumed
i
i=1 Total energy consumption
(7) Eavg = (8)
N

VOLUME 12, 2024 186999

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 23. Parameters used in existing IoT application security solutions.

7) Packet delivery ratio: It is defined as a ratio network [100].

of total number of received packets at destination Pr
divided by total number of generated packets in a PDR = ∗ 100 (9)
Pg
187000 VOLUME 12, 2024
N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 24. Parameters used in existing IoT application security solutions.

FIGURE 12. Distribution of literature based on IoT applications.

where, Pr and Pg is packet recieved at destination and VIII. PERFORMANCE EVALUATION

packet generated respectively. In this section, the existing literatures are validated. These
8) Communicational overhead: It is referred as a total include the application distribution, evaluation types, tech-
number of routing packets to the toatl number of data nology used and also include the details of data sets used
packets received [100]. in existing literature’s to test or develop the proposed
9) Response time: It is a time a pcket takes to reach a work.
destination and the corresponding acknowledgement or In general, responding from RQ6, Figure 12 shows the
response return back to the source. number of articles classified into IoT applications. 15.3% of
10) Delay: It is a amount of time a packet takes to reach papers from samrt city application, 12.3% articles are from
from source to destination. smart health care, 13.3% articles from smart home, 17.3%

VOLUME 12, 2024 187001

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 25. Most cited papers in IoT applications security.

FIGURE 13. Performance evaluation of security in IoT applications.

FIGURE 14. Evaluation type of existing papers in IoT applications security.

are from smart agriculture, 16.3% from smart vehicles, 15.3% literature are from smart agriculture and least articles are from
are from smart grid and 10.2% are from industrial IoT. More smart health care.

187002 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 26. Summary of the datasets used in literature.

VOLUME 12, 2024 187003

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 15. Performance evaluation of IoT applications in terms of evaluation type and technology used in IoT application security.

Response to RQ7, results illustrated in Figure 13 demon- Table 26 lists the details of data sets used in the existing
strate that the validation of the proposed security solutions literature’s. We can say that as ML and AI algorithms used
is carried out primarily by simulation and then testbed. to secure the IoT applications, data set plays a vital role in
For illustration, 55% used simulation, 35% used testbed training, testing and developing the proposed works.
experimentation, and 10% used other evaluation method.
Regarding RQ8, Figure 14 depicts the distribution of other IX. CHALLENGES AND FUTURE DIRECTIONS
technologies used for security solutions in IoT applications. According to (RQ11), There are many researchers are
There are many technologies authors used to give solutions working on security in application layer and many technology
for security issues in IoT applications, we have listed only and research works are produced to over come these.
main technologies. In that block chain is used in 26.53% challenges in IoT application layer security. Many issues and
literature, artificial intelligence is used in 19.38% which challenges are still exists and some of the main challenges of
includes all machine learning and deep learning techniques, IoT application layer security is listed below.
8.16% articles used cloud computing and 45.91% of authors 1) Heterogeneity: The heterogeneity challenge in IoT
used their own technologies. application layer security refers to the diverse nature
As response to RQ9, Figure 15 shows the number of of devices and technologies within the IoT ecosystem.
articles distributed based on evaluation type and technology It encompasses variations in hardware, operating
used in IoT application security. Figure 16 represents the Year systems, communication protocols, and security capa-
wise performance evaluation of security in IoT applications bilities across different IoT devices. This hetero-
with respect to key requirements. Regarding RQ10, Table 25 geneity poses challenges for establishing consistent
represents the most cited articles from most prevalent articles. and standardized security measures. Security solu-
Which means most cited articles in IoT application layer tions need to be adaptable to different device types
applications, and protocol security. and configurations, requiring flexible approaches to

187004 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

FIGURE 16. Year wise performance evaluation of security in IoT applications with respect to key requirements.

address vulnerabilities and threats. Interoperability practices, security implementations can be inconsistent
issues may arise when attempting to integrate and and vulnerable to breaches. It becomes challeng-
manage security across heterogeneous devices. Fur- ing to define a common set of security measures
thermore, the diversity adds complexity to vulnerability and protocols. Standardization initiatives are essen-
management, patching, and updates, making it essen- tial to establish and promote best practices, frame-
tial to adopt scalable and efficient security practices works, and certifications specifically tailored for the
that can accommodate the heterogeneity of IoT IoT application layer. By implementing standardized
applications. security practices, the IoT ecosystem can achieve
2) Resource-constrained devices: The challenge of greater interoperability and enhance overall security
resource-constrained devices in IoT application layer effectiveness.
security stems from the limited computational power, 4) Outdated and un-updated devices: The challenge of
memory, and energy resources available to many IoT dealing with outdated and un-updated devices in IoT
devices. These limitations make it difficult to imple- application layer security occurs when there are legacy
ment robust security mechanisms without compromis- devices or devices that have not received necessary
ing device performance and battery life. It requires security updates or patches. Such devices become
finding a balance between security and resource more susceptible to security breaches and exploitation
efficiency. Innovative approaches, such as hardware of known vulnerabilities. With the emergence of
acceleration, lightweight encryption algorithms, and new security threats, these devices may lack the
optimized security protocols, are needed to address the required defenses to protect against them. Securing
challenge. Security solutions must be tailored to meet a heterogeneous mix of outdated and un-updated
the specific constraints of resource-constrained devices devices becomes complex as it requires finding a
while still providing effective protection for the IoT balance between security measures and risk mitigation.
application layer. Upgrading or replacing legacy devices and ensuring
3) Lack of standardized security practices: The absence regular security updates are essential for maintaining
of standardized security practices in IoT application a secure IoT application layer.
layer security presents a challenge in establish- 5) Data confidentiality and user consent: The challenge
ing consistent and reliable security across various of data confidentiality and user consent in IoT appli-
IoT devices and deployments. Without standardized cation layer security involves ensuring the privacy of

VOLUME 12, 2024 187005

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 27. Table 26 continuation.

data and obtaining proper user consent. IoT devices from tampering, unauthorized access, and firmware-
gather and process significant amounts of personal level attacks.
and sensitive data, leading to concerns about how 3) Machine learning and anomaly detection: The appli-
this data is protected. It is essential to implement cation of machine learning algorithms and anomaly
robust encryption and access controls to maintain data detection techniques can enhance IoT security by
confidentiality. Additionally, obtaining explicit and identifying and mitigating abnormal behavior and
informed consent from users regarding data collection, potential threats in real-time.
storage, and usage is crucial to meet privacy regulations 4) Blockchain for security: Blockchain technology
and ethical considerations. Striking a balance between shows promise in enhancing security in the IoT
data privacy and user consent while enabling the application layer. It can provide decentralized identity
functionality of IoT applications necessitates careful management, secure data sharing, and tamper-proof
consideration and strong security measures. audit trails, improving trust, and mitigating vulnerabil-
ities.
To over come still existing challenges in IoT application
5) Edge computing security: As more processing and
layer security there are some future Directions mentioned
data storage occur at the edge of the network, ensuring
below:
robust security measures at the edge devices and
1) Standardization and regulation: Efforts to establish gateways becomes crucial. Secure edge computing
standardized security frameworks, protocols, and certi- architectures, encryption techniques, and secure data
fications specific to the IoT application layer will help transfer protocols will be essential in future IoT
ensure consistent and reliable security practices across security.
devices and deployments. 6) Collaboration and information sharing: Increased
2) Enhanced device security: Advancements in hard- collaboration among stakeholders, including device
ware security modules (HSMs), secure boot mecha- manufacturers, developers, researchers, and reg-
nisms, and trusted execution environments will provide ulatory bodies, is crucial for sharing security
stronger device-level security, protecting IoT devices best practices, vulnerability disclosures, and threat

187006 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 28. Summary of literature used in MQTT and Coap protocols.

intelligence to proactively address emerging security By addressing these challenges and focusing on future
challenges. directions, the IoT application layer can achieve enhanced

VOLUME 12, 2024 187007

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

TABLE 28. (Continued.) Summary of literature used in MQTT and Coap protocols.

security, enabling the realization of the full potential of IoT and year wise distribution of papers interms of applications
while ensuring the privacy, integrity, and availability of IoT and key requirements. Table 25 (RQ10) shows the most cited
devices and services. papers and challenges and as response to the (RQ11), future
directions of security in IoT application layer is listed in
X. CONCLUSION
Section IX.
This systematic mapping study aims to providing an overview
In summary, security plays an important role in IoT
of the existing security solutions employed in IoT application
application layer in over coming issues and challenges of
layer. Out of the 221 articles reviewed, a total of 123 articles
IoT security since the number of IoT applications are rapidly
were chosen as most relevant studies. The selected articles are
increasing every year. This study benefits in both academia
predominantly sourced from various reputable journals and
and industry research because it contains challenges and
conference proceedings.
future directions of security in IoT application layer in
Throughout the process of conducting the mapping study,
Section IX that need further attention in IoT application
articles published from 2018 to the latest revision period
layer and brief explanation of all existing security solutions.
in 2023 (till the submission period) were carefully chosen
Since this survey’s primary emphasis is on security in IoT
for analysis. With respect to (RQ1), majority of articles
application layer, the future study can consider
published in IEEE Xplore. Year wise distribution of literature
•All attacks solutions irrespective of a domain as a major
(RQ2) shows that articles are increasing in recent years
sections and evaluating each method using simulation.
and can see researchers have interest in IoT application
•Analyze the simulators used in IoT application layer
layer security field. As response to (RQ3) relevant articles
security.
distributed in terms of publisher and publications are
mentioned in Table 3 and Table 4. Regarding (RQ4),
REFERENCES
Section IV describes the different types of attacks in IoT
[1] L. Atzori, A. Iera, and G. Morabito, ‘‘The Internet of Things: A survey,’’
application layer. The most prevalent performance metrics Comput. Netw., vol. 54, no. 15, pp. 2787–2805, Oct. 2010.
and parameters (RQ5) are listed in Section VIII. Regarding [2] J. Shreyas, D. Chouhan, A. R. Akshatha, P. K. Udayaprasad, and D. Kumar,
(RQ6) and (RQ7) smart agriculture (17.3%) have more ‘‘Selection of optimal path for the communication of multimedia data
in Internet of Things,’’ in Proc. 6th Int. Conf. Adv. Comput. Com-
articles and majority of articles uses simulation to evaluate mun. Syst. (ICACCS), Mar. 2020, pp. 477–481.
the proposed work. Regarding, (RQ8) 45.91% Authors used [3] N. N. Srinidhi, E. Nagarjun, and S. M. D. Kumar, ‘‘Hybrid algorithm for
their own methods to give the solutions to give security in IoT efficient node and path in opportunistic IoT network,’’ J. Inf. Technol. Man-
application layer. Regarding (RQ9)Figure 15 and Figure 16 age., vol. 13, pp. 68–91, Apr. 2021.
[4] Number of IoT Connected Devices Worldwide From 2019 to
shows the distribution of most relevant articles in Iot 2030. Accessed: Sep. 2023. [Online]. Available: https://www.statista.
applications interms of etchnology used and evaluation type com/statistics/1183457/iot-connected-devices-worldwide/

187008 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

[5] M. Abbasi, M. Plaza-Hernández, J. Prieto, and J. M. Corchado, ‘‘Security [26] J. Chen, C. Touati, and Q. Zhu, ‘‘Optimal secure two-layer IoT network
in the Internet of Things application layer: Requirements, threats, and design,’’ IEEE Trans. Control Netw. Syst., vol. 7, no. 1, pp. 398–409,
solutions,’’ IEEE Access, vol. 10, pp. 97197–97216, 2022. Mar. 2020.
[6] C. N. Pruthvi, H. S. Vimala, and J. Shreyas, ‘‘A systematic survey [27] M. B. M. Noor and W. H. Hassan, ‘‘Current research on Internet of
on content caching in ICN and ICN-IoT: Challenges, approaches and Things (IoT) security: A survey,’’ Comput. Netw., vol. 148, pp. 283–294,
strategies,’’ Comput. Netw., vol. 233, Sep. 2023, Art. no. 109896. Jan. 2019.
[7] D. Swessi and H. Idoudi, ‘‘A survey on Internet-of-Things security: Threats [28] F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, ‘‘Internet of
and emerging countermeasures,’’ Wireless Pers. Commun., vol. 124, no. 2, Things security: A survey,’’ J. Netw. Comput. Appl., vol. 88, pp. 10–28,
pp. 1557–1592, May 2022. Jun. 2017.
[8] N. N. Srinidhi, E. Nagarjun, J. Shreyas, S. M. D. Kumar, and D. Chouhan, [29] A. E. Omolara, A. Alabdulatif, O. I. Abiodun, M. Alawida, A. Alabdulatif,
‘‘Ensuring fault tolerant connectivity in IoT networks,’’ in Computer W. H. Alshoura, and H. Arshad, ‘‘The Internet of Things security: A
Communication, Networking and IoT, V. Bhateja, S. C. Satapathy, survey encompassing unexplored areas and new insights,’’ Comput. Secur.,
C. M. Travieso-Gonzalez, and W. Flores-Fuentes, Eds., Singapore: vol. 112, Jan. 2022, Art. no. 102494.
Springer, 2021, pp. 391–400. [30] D. E. Kouicem, A. Bouabdallah, and H. Lakhlef, ‘‘Internet of Things
[9] H. HaddadPajouh, A. Dehghantanha, R. M. Parizi, M. Aledhari, and security: A top-down survey,’’ Comput. Netw., vol. 141, pp. 199–221,
H. Karimipour, ‘‘A survey on Internet of Things security: Require- Aug. 2018.
ments, challenges, and solutions,’’ Internet Things, vol. 14, Jun. 2021, [31] A. Canito, K. Aleid, I. Praça, J. Corchado, and G. Marreiros, ‘‘An ontology
Art. no. 100129. to promote interoperability between cyber-physical security systems in
[10] A. Shahraki, M. Abbasi, and Ø. Haugen, ‘‘Boosting algorithms for network critical infrastructures,’’ in Proc. IEEE 6th Int. Conf. Comput. Com-
intrusion detection: A comparative evaluation of real AdaBoost, gentle mun. (ICCC), Dec. 2020, pp. 553–560.
AdaBoost and modest AdaBoost,’’ Eng. Appl. Artif. Intell., vol. 94, [32] S. Zhu, S. Yang, X. Gou, Y. Xu, T. Zhang, and Y. Wan, ‘‘Survey of testing
Sep. 2020, Art. no. 103770. methods and testbed development concerning Internet of Things,’’ Wireless
[11] S. Rizvi, A. Kurtz, J. Pfeffer, and M. Rizvi, ‘‘Securing the Internet Pers. Commun., vol. 123, no. 1, pp. 165–194, Mar. 2022.
of Things (IoT): A security taxonomy for IoT,’’ in Proc. 17th IEEE [33] F. Al-Turjman, H. Zahmatkesh, and R. Shahroze, ‘‘An overview of security
Int. Conf. Trust, Secur. Privacy Comput. Communications/ 12th IEEE and privacy in smart cities’ IoT communications,’’ Trans. Emerg. Telecom-
Int. Conf. Big Data Sci. Eng. (TrustCom/BigDataSE), Aug. 2018, mun. Technol., vol. 33, no. 3, p. e3677, Mar. 2022.
pp. 163–168. [34] M. Salimitari, M. Chatterjee, and Y. P. Fallah, ‘‘A survey on consensus
[12] D. Johnson and M. Ketel, ‘‘IoT: Application protocols and security,’’ methods in blockchain for resource-constrained IoT networks,’’ Internet
Int. J. Comput. Netw. Inf. Secur., vol. 11, no. 4, pp. 1–8, Apr. 2019. Things, vol. 11, Sep. 2020, Art. no. 100212.
[13] H. Mrabet, S. Belguith, A. Alhomoud, and A. Jemai, ‘‘A survey of IoT [35] H. Singh, J. Bhutani, S. Pandit, and D. Kumar, ‘‘Congestion aware
security based on a layered architecture of sensing and data analysis,’’ algorithm using fuzzy logic to find an optimal routing path for IoT
Sensors, vol. 20, no. 13, p. 3625, Jun. 2020. networks,’’ in Proc. Int. Conf. Comput. Intell. Knowl. Economy (ICCIKE),
[14] G. Nebbione and M. C. Calzarossa, ‘‘Security of IoT application layer Dec. 2019, pp. 141–145.
protocols: Challenges and findings,’’ Future Internet, vol. 12, no. 3, p. 55, [36] S. A. Haider, M. N. Adil, and M. Zhao, ‘‘Optimization of secure wireless
Mar. 2020. communications for IoT networks in the presence of eavesdroppers,’’
[15] A. Tewari and B. B. Gupta, ‘‘Security, privacy and trust of different layers Comput. Commun., vol. 154, pp. 119–128, Mar. 2020.
in Internet-of-Things (IoTs) framework,’’ Future Gener. Comput. Syst., [37] Z. Xiong, Y. Zhang, N. C. Luong, D. Niyato, P. Wang, and N. Guizani,
vol. 108, pp. 909–920, Jul. 2020. ‘‘The best of both worlds: A general architecture for data management
[16] J. Ferdows, S. K. T. Mehedi, A. S. M. D. Hossain, A. A. M. Shamim, and in blockchain-enabled Internet-of-Things,’’ IEEE Netw., vol. 34, no. 1,
G. M. R. I. Rasiq, ‘‘A comprehensive study of IoT application layer secu- pp. 166–173, Jan. 2020.
rity management,’’ in Proc. IEEE Int. Conf. Innov. Technol. (INOCON), [38] X. Luo, L. Yin, C. Li, C. Wang, F. Fang, C. Zhu, and Z. Tian,
Nov. 2020, pp. 1–7. ‘‘A lightweight privacy-preserving communication protocol for heteroge-
[17] P. K. Donta, S. N. Srirama, T. Amgoth, and C. S. R. Annavarapu, ‘‘Survey neous IoT environment,’’ IEEE Access, vol. 8, pp. 67192–67204, 2020.
on recent advances in IoT application layer protocols and machine learning [39] F. Alshehri and G. Muhammad, ‘‘A comprehensive survey of the Internet
scope for research directions,’’ Digit. Commun. Netw., vol. 8, no. 5, of Things (IoT) and AI-based smart healthcare,’’ IEEE Access, vol. 9,
pp. 727–744, Oct. 2022. pp. 3660–3678, 2021.
[18] N. Tripathi and N. Hubballi, ‘‘Application layer denial-of-service attacks [40] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar,
and defense mechanisms: A survey,’’ ACM Comput. Surv., vol. 54, no. 4, ‘‘A survey on IoT security: Application areas, security threats, and solution
pp. 1–33, May 2022. architectures,’’ IEEE Access, vol. 7, pp. 82721–82743, 2019.
[19] N. Mishra and S. Pandya, ‘‘Internet of Things applications, security [41] F. Al-Turjman and S. Alturjman, ‘‘Confidential smart-sensing framework
challenges, attacks, intrusion detection, and future visions: A systematic in the IoT era,’’ J. Supercomput., vol. 74, no. 10, pp. 5187–5198, Oct. 2018.
review,’’ IEEE Access, vol. 9, pp. 59353–59377, 2021. [42] C. Machado and A. A. Medeiros Fröhlich, ‘‘IoT data integrity verification
[20] K. S. Sudha and N. Jeyanthi, ‘‘A review on privacy requirements and appli- for cyber-physical systems using blockchain,’’ in Proc. IEEE 21st
cation layer security in Internet of Things (IoT),’’ Cybern. Inf. Technol., Int. Symp. Real-Time Distrib. Comput. (ISORC), May 2018, pp. 83–90.
vol. 21, no. 3, pp. 50–72, Sep. 2021. [43] M. R. Poornima, H. S. Vimala, and J. Shreyas, ‘‘Holistic survey on energy
[21] M. Adil, M. A. Jan, Y. Liu, H. Abulkasim, A. Farouk, and H. Song, aware routing techniques for IoT applications,’’ J. Netw. Comput. Appl.,
‘‘A systematic survey: Security threats to UAV-aided IoT applications, vol. 213, Apr. 2023, Art. no. 103584.
taxonomy, current challenges and requirements with future research direc- [44] S. Pal, M. Hitchens, T. Rabehaja, and S. Mukhopadhyay, ‘‘Security
tions,’’ IEEE Trans. Intell. Transp. Syst., vol. 24, no. 2, pp. 1437–1455, requirements for the Internet of Things: A systematic approach,’’ Sensors,
Feb. 2023. vol. 20, no. 20, p. 5897, Oct. 2020.
[22] H. Ahmadvand, C. Lal, H. Hemmati, M. Sookhak, and M. Conti, ‘‘Privacy- [45] M. T. Ahvanooey, M. X. Zhu, Q. Li, W. Mazurczyk, K. R. Choo,
preserving and security in SDN-based IoT: A survey,’’ IEEE Access, B. B. Gupta, and M. Conti, ‘‘Modern authentication schemes in
vol. 11, pp. 44772–44786, 2023. smartphones and IoT devices: An empirical survey,’’ IEEE Internet Things
[23] A. Abdelmaboud, D. N. A. Jawawi, I. Ghani, A. Elsafi, and B. Kitchenham, J., vol. 9, no. 10, pp. 7639–7663, May 2022.
‘‘Quality of service approaches in cloud computing: A systematic mapping [46] A. A. A. Sen, F. A. Eassa, K. Jambi, and M. Yamin, ‘‘Preserving privacy
study,’’ J. Syst. Softw., vol. 101, pp. 159–179, Mar. 2015. in Internet of Things: A survey,’’ Int. J. Inf. Technol., vol. 10, pp. 189–200,
[24] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, May 2018.
‘‘Internet of Things: A survey on enabling technologies, protocols, and [47] M. Keerthika and D. Shanmugapriya, ‘‘Wireless sensor networks:
applications,’’ IEEE Commun. Surveys Tuts., vol. 17, no. 4, pp. 2347–2376, Active and passive attacks—Vulnerabilities and countermeasures,’’ Global
4th Quart., 2015. Transitions Proc., vol. 2, no. 2, pp. 362–367, Nov. 2021.
[25] A. Nauman, Y. A. Qadri, M. Amjad, Y. B. Zikria, M. K. Afzal, and [48] H. Damghani, L. Damghani, H. Hosseinian, and R. Sharifi, ‘‘Classification
S. W. Kim, ‘‘Multimedia Internet of Things: A comprehensive survey,’’ of attacks on IoT,’’ in Proc. 4th Int. Conf. Combinatorics, Cryptogr.,
IEEE Access, vol. 8, pp. 8202–8250, 2020. Comput. Sci. Comput., 2019, pp. 245–255.

VOLUME 12, 2024 187009

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

[49] M. Safkhani and N. Bagheri, ‘‘Passive secret disclosure attack on [72] J. Halladay, D. Cullen, N. Briner, J. Warren, K. Fye, R. Basnet, J. Bergen,
an ultralightweight authentication protocol for Internet of Things,’’ and T. Doleck, ‘‘Detection and characterization of DDoS attacks using
J. Supercomput., vol. 73, no. 8, pp. 3579–3585, Aug. 2017. time-based features,’’ IEEE Access, vol. 10, pp. 49794–49807, 2022.
[50] M. M. Nasralla, I. García-Magariño, and J. Lloret, ‘‘Defenses against [73] S. Bhattacharjee, M. Salimitari, M. Chatterjee, K. Kwiat, and C. Kamhoua,
perception-layer attacks on IoT smart furniture for impaired people,’’ IEEE ‘‘Preserving data integrity in IoT networks under opportunistic data
Access, vol. 8, pp. 119795–119805, 2020. manipulation,’’ in Proc. IEEE 15th Int. Conf. Dependable, Auto-
[51] M. U. Chowdhury, R. Doss, B. Ray, S. Rajasegarar, and S. Chowdhury, nomic Secure Comput., 15th Int. Conf. Pervasive Intell. Comput.,
‘‘IoT insider attack-survey,’’ in Proc. Int. Conf. Smart Grid Internet Things, 3rd Int. Conf Big Data Intell. Comput. Cyber Sci. Technol. Congr.
TaiChung, Taiwan. Cham, Switzerland: Springer, 2019, pp. 28–41. (DASC/PiCom/DataCom/CyberSciTech), Nov. 2017, pp. 446–453.
[52] S. M. S. Bhanu, ‘‘A survey on code injection attacks in mobile cloud [74] T. A. Nguyen, D. Min, and E. Choi, ‘‘A hierarchical modeling and
computing environment,’’ in Proc. 8th Int. Conf. Cloud Comput., Data analysis framework for availability and security quantification of IoT
Sci. Eng. (Confluence), Jan. 2018, pp. 1–6. infrastructures,’’ Electronics, vol. 9, no. 1, p. 155, Jan. 2020.
[53] K. O. A. Alimi, K. Ouahada, A. M. Abu-Mahfouz, and S. Rimer, ‘‘A survey [75] K. I. Ahmed, M. Tahir, M. H. Habaebi, S. L. Lau, and A. Ahad, ‘‘Machine
on the security of low power wide area networks: Threats, challenges, and learning for authentication and authorization in IoT: Taxonomy, challenges
potential solutions,’’ Sensors, vol. 20, no. 20, p. 5800, Oct. 2020. and future research direction,’’ Sensors, vol. 21, no. 15, p. 5122, Jul. 2021.
[54] S. N. Swamy and S. R. Kota, ‘‘An empirical study on system [76] P. M. Chanal and M. S. Kakkasageri, ‘‘Security and privacy in IoT:
level aspects of Internet of Things (IoT),’’ IEEE Access, vol. 8, A survey,’’ Wireless Pers. Commun., vol. 115, no. 2, pp. 1667–1693,
pp. 188082–188134, 2020. Nov. 2020.
[55] K. Nirmal, B. Janet, and R. Kumar, ‘‘Analyzing and eliminating phishing [77] F. Z. Chentouf and S. Bouchkaren, ‘‘Security and privacy in smart city:
threats in IoT, network and other web applications using iterative A secure e-voting system based on blockchain,’’ Int. J. Electr. Com-
intersection,’’ Peer-Peer Netw. Appl., vol. 14, no. 4, pp. 2327–2339, put. Eng., vol. 13, no. 2, p. 1848, Apr. 2023.
Jul. 2021. [78] H. N. AlEisa, ‘‘Future smart communication networks: A survey of
[56] R. Vishwakarma and A. K. Jain, ‘‘A survey of DDoS attacking techniques security issues in developing a smart city,’’ Int. J. Comput. Sci. Netw. Secur.,
and defence mechanisms in the IoT network,’’ Telecommun. Syst., vol. 73, vol. 22, no. 2, p. 139, 2022.
no. 1, pp. 3–25, Jan. 2020.
[79] M. Alazab, G. Manogaran, and C. E. Montenegro-Marin, ‘‘Trust manage-
[57] A. Raoof, A. Matrawy, and C.-H. Lung, ‘‘Enhancing routing security in ment for Internet of Things using cloud computing and security in smart
IoT: Performance evaluation of RPL’s secure mode under attacks,’’ IEEE cities,’’ Cluster Comput., vol. 25, no. 3, pp. 1765–1777, Jun. 2022.
Internet Things J., vol. 7, no. 12, pp. 11536–11546, Dec. 2020.
[80] C. Toma, A. Alexandru, M. Popa, and A. Zamfiroiu, ‘‘IoT solution for
[58] M. Frustaci, P. Pace, G. Aloi, and G. Fortino, ‘‘Evaluating critical security smart cities’ pollution monitoring and the security challenges,’’ Sensors,
issues of the IoT world: Present and future challenges,’’ IEEE Internet vol. 19, no. 15, p. 3401, Aug. 2019.
Things J., vol. 5, no. 4, pp. 2483–2495, Aug. 2018.
[81] S. Peneti, M. S. Kumar, S. Kallam, R. Patan, V. Bhaskar, and M. Ramachan-
[59] B. Ahlawat, A. Sangwan, and V. Sindhu, ‘‘IoT system model, challenges
dran, ‘‘BDN-GWMNN: Internet of Things (IoT) enabled secure smart city
and threats,’’ Int. J. Sci. Technol. Res., vol. 9, no. 3, pp. 6771–6776, 2020.
applications,’’ Wireless Pers. Commun., vol. 119, no. 3, pp. 2469–2485,
[60] B. Prabadevi and N. Jeyanthi, ‘‘A review on various sniffing attacks and its Aug. 2021.
mitigation techniques,’’ Indonesian J. Electr. Eng. Comput. Sci., vol. 12,
[82] S. Hussain, K. Mahmood, M. K. Khan, C.-M. Chen, B. A. Alzahrani, and
no. 3, p. 1117, Dec. 2018.
S. A. Chaudhry, ‘‘Designing secure and lightweight user access to drone for
[61] S. Elmalaki, B.-J. Ho, M. Alzantot, Y. Shoukry, and M. Srivastava, smart city surveillance,’’ Comput. Standards Interface, vol. 80, Mar. 2022,
‘‘SpyCon: Adaptation based spyware in human-in-the-loop IoT,’’ in Art. no. 103566.
Proc. IEEE Secur. Privacy Workshops (SPW), May 2019, pp. 163–168.
[83] I. S. Farahat, A. S. Tolba, M. Elhoseny, and W. Eladrosy, ‘‘Data security
[62] A. Al-Marghilani, ‘‘Comprehensive analysis of IoT malware evasion
and challenges in smart cities,’’ in Security in Smart Cities: Models,
techniques,’’ Eng., Technol. Appl. Sci. Res., vol. 11, no. 4, pp. 7495–7500,
Applications, and Challenges. Springer, 2019, pp. 117–142.
Aug. 2021.
[84] C. Esposito, M. Ficco, and B. B. Gupta, ‘‘Blockchain-based authentication
[63] S. Evmorfos, G. Vlachodimitropoulos, N. Bakalos, and E. Gelenbe, ‘‘Neu-
and authorization for smart city applications,’’ Inf. Process. Manage.,
ral network architectures for the detection of SYN flood attacks in IoT
vol. 58, no. 2, Mar. 2021, Art. no. 102468.
systems,’’ in Proc. 13th ACM Int. Conf. Pervasive Technol. Rel. Assistive
Environ., Jun. 2020, pp. 1–4. [85] Z. Lv, L. Qiao, A. Kumar Singh, and Q. Wang, ‘‘AI-empowered IoT
security for smart cities,’’ ACM Trans. Internet Technol., vol. 21, no. 4,
[64] F. Khan, A. A. Al-Atawi, A. Alomari, A. Alsirhani, M. M. Alshahrani,
pp. 1–21, Nov. 2021.
J. Khan, and Y. Lee, ‘‘Development of a model for spoofing attacks in
Internet of Things,’’ Mathematics, vol. 10, no. 19, p. 3686, Oct. 2022. [86] C. Badii, P. Bellini, A. Difino, and P. Nesi, ‘‘Smart city IoT platform
[65] T. Gaber, A. El-Ghamry, and A. E. Hassanien, ‘‘Injection attack detection respecting GDPR privacy and security aspects,’’ IEEE Access, vol. 8,
using machine learning for smart IoT applications,’’ Phys. Commun., pp. 23601–23623, 2020.
vol. 52, Jun. 2022, Art. no. 101685. [87] M. Altulyan, L. Yao, S. S. Kanhere, X. Wang, and C. Huang, ‘‘A unified
[66] Z. Tan, B. Ding, J. Zhao, Y. Guo, and S. Lu, ‘‘Breaking cellular IoT framework for data integrity protection in people-centric smart cities,’’
with forged data-plane signaling: Attacks and countermeasure,’’ ACM Multimedia Tools Appl., vol. 79, nos. 7–8, pp. 4989–5002, Feb. 2020.
Trans. Sensor Netw., vol. 18, no. 4, pp. 1–26, Nov. 2022. [88] M. Krichen and R. Alroobaea, ‘‘A new model-based framework for
[67] M. M. Raikar and S. M. Meena, ‘‘SSH brute force attack mitigation in testing security of IoT systems in smart cities using attack trees and
Internet of Things (IoT) network : An edge device security measure,’’ price timed automata,’’ in Proc. 14th Int. Conf. Eval. Novel Approaches
in Proc. 2nd Int. Conf. Secure Cyber Comput. Commun. (ICSCCC), Softw. Eng., 2019, pp. 570–577.
May 2021, pp. 72–77. [89] M. Gheisari, H. E. Najafabadi, J. A. Alzubi, J. Gao, G. Wang, A. A. Abbasi,
[68] H. Yan, Y. Wang, C. Jia, J. Li, Y. Xiang, and W. Pedrycz, ‘‘IoT-FBAC: and A. Castiglione, ‘‘OBPP: An ontology-based framework for privacy-
Function-based access control scheme using identity-based encryption in preserving in IoT-based smart city,’’ Future Gener. Comput. Syst., vol. 123,
IoT,’’ Future Gener. Comput. Syst., vol. 95, pp. 344–353, Jun. 2019. pp. 1–13, Oct. 2021.
[69] P. Kamble and A. Gawade, ‘‘Digitalization of healthcare with IoT and [90] A. Elsaeidy, K. S. Munasinghe, D. Sharma, and A. Jamalipour, ‘‘Intru-
cryptographic encryption against DOS attacks,’’ in Proc. Int. Conf. Con- sion detection in smart cities using restricted Boltzmann machines,’’
temp. Comput. Informat. (IC3I), Dec. 2019, pp. 69–73. J. Netw. Comput. Appl., vol. 135, pp. 76–83, Jun. 2019.
[70] H. A. Khattak, M. A. Shah, S. Khan, I. Ali, and M. Imran, ‘‘Perception [91] N. Z. Bawany and J. A. Shamsi, ‘‘SEAL: SDN based secure and agile
layer security in Internet of Things,’’ Future Gener. Comput. Syst., vol. 100, framework for protecting smart city applications from DDoS attacks,’’
pp. 144–164, Nov. 2019. J. Netw. Comput. Appl., vol. 145, Nov. 2019, Art. no. 102381.
[71] S. Babar, A. Stango, N. Prasad, J. Sen, and R. Prasad, ‘‘Proposed [92] K. N. Qureshi, A. Ahmad, F. Piccialli, G. Casolla, and G. Jeon,
embedded security framework for Internet of Things (IoT),’’ in Proc. 2nd ‘‘Nature-inspired algorithm-based secure data dissemination framework
Int. Conf. Wireless Commun., Veh. Technol., Inf. Theory Aerosp. Elec- for smart city networks,’’ Neural Comput. Appl., vol. 33, pp. 10637–10656,
tron. Syst. Technol. (Wireless VITAE), Feb. 2011, pp. 1–5. Apr. 2020.

187010 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

[93] M. Shen, A. Liu, G. Huang, N. N. Xiong, and H. Lu, ‘‘ATTDC: An active [114] M. Park, H. Oh, and K. Lee, ‘‘Security risk measurement for information
and traceable trust data collection scheme for industrial security in smart leakage in IoT-based smart homes from a situational awareness perspec-
cities,’’ IEEE Internet Things J., vol. 8, no. 8, pp. 6437–6453, Apr. 2021. tive,’’ Sensors, vol. 19, no. 9, p. 2148, May 2019.
[94] R. Somasundaram and M. Thirugnanam, ‘‘Review of security challenges [115] S. E. Jaouhari, E. J. Palacios-Garcia, A. Anvari-Moghaddam, and
in healthcare Internet of Things,’’ Wireless Netw., vol. 27, no. 8, A. Bouabdallah, ‘‘Integrated management of energy, wellbeing and health
pp. 5503–5509, Nov. 2021. in the next generation of smart homes,’’ Sensors, vol. 19, no. 3, p. 481,
[95] M. Ali Tunc, E. Gures, and I. Shayea, ‘‘A survey on IoT smart healthcare: Jan. 2019.
Emerging technologies, applications, challenges, and future trends,’’ 2021, [116] O. Taiwo, A. E. Ezugwu, O. N. Oyelade, and M. S. Almutairi, ‘‘Enhanced
arXiv:2109.02042. intelligent smart home control and security system based on deep
learning model,’’ Wireless Commun. Mobile Comput., vol. 2022, pp. 1–22,
[96] S. Rani, M. Chauhan, A. Kataria, and A. Khang, ‘‘IoT equipped
Jan. 2022.
intelligent distributed framework for smart healthcare systems,’’ 2021,
[117] A. Bhardwaj, K. Kaushik, M. Alshehri, A. A.-B. Mohamed, and
arXiv:2110.04997.
I. Keshta, ‘‘ISF: Security analysis and assessment of smart home IoT-based
[97] E. Refaee, S. Parveen, K. M. J. Begum, F. Parveen, M. C. Raja, S. K. Gupta, firmware,’’ ACM Trans. Sensor Netw., Jan. 2023.
and S. Krishnan, ‘‘Secure and scalable healthcare data transmission [118] G. Shi, ‘‘Development of Internet of Things in the field of smart home
in IoT based on optimized routing protocols for mobile computing security,’’ in Proc. SHS Web Conf., vol. 155, 2023, p. 3007.
applications,’’ Wireless Commun. Mobile Comput., vol. 2022, no. 1, 2022, [119] M. A. Khan, S. Abbas, A. Rehman, Y. Saeed, A. Zeb, M. I. Uddin,
Art. no. 5665408. N. Nasser, and A. Ali, ‘‘A machine learning approach for blockchain-based
[98] A. Kore and S. Patil, ‘‘Cross layered cryptography based secure routing smart home networks security,’’ IEEE Netw., vol. 35, no. 3, pp. 223–229,
for IoT-enabled smart healthcare system,’’ Wireless Netw., vol. 28, no. 1, May 2021.
pp. 287–301, Jan. 2022. [120] W. Iqbal, H. Abbas, P. Deng, J. Wan, B. Rauf, Y. Abbas, and
[99] F. Hussain, S. G. Abbas, G. A. Shah, I. M. Pires, U. U. Fayyaz, F. Shahzad, I. Rashid, ‘‘ALAM: Anonymous lightweight authentication mechanism
N. M. Garcia, and E. Zdravevski, ‘‘A framework for malicious traffic for SDN-enabled smart homes,’’ IEEE Internet Things J., vol. 8, no. 12,
detection in IoT healthcare environment,’’ Sensors, vol. 21, no. 9, p. 3025, pp. 9622–9633, Jun. 2021.
Apr. 2021. [121] N. M. Allifah and I. A. Zualkernan, ‘‘Ranking security of IoT-based smart
[100] A. Kore and S. Patil, ‘‘IC-MADS: IoT enabled cross layer man-in- home consumer devices,’’ IEEE Access, vol. 10, pp. 18352–18369, 2022.
middle attack detection system for smart healthcare application,’’ Wireless [122] A. Tchagna Kouanou, C. Tchito Tchapga, M. Sone Ekonde, V. Monthe,
Pers. Commun., vol. 113, no. 2, pp. 727–746, Jul. 2020. B. A. Mezatio, J. Manga, G. R. Simo, and Y. Muhozam, ‘‘Securing data in
[101] K. Balasamy, N. Krishnaraj, J. Ramprasath, and P. Ramprakash, an Internet of Things network using blockchain technology: Smart home
‘‘A secure framework for protecting clinical data in medical IoT case,’’ Social Netw. Comput. Sci., vol. 3, no. 2, p. 167, Mar. 2022.
environment,’’ in Smart Healthcare System Design: Security and Privacy [123] A. Yazdinejad, B. Zolfaghari, A. Azmoodeh, A. Dehghantanha,
Aspects. Wiley, 2022, pp. 203–234. H. Karimipour, E. Fraser, A. G. Green, C. Russell, and E. Duncan,
‘‘A review on security of smart farming and precision agriculture: Security
[102] P. Sarosh, S. A. Parah, G. M. Bhat, and K. Muhammad, ‘‘A security
aspects, attacks, threats and countermeasures,’’ Appl. Sci., vol. 11, no. 16,
management framework for big data in smart healthcare,’’ Big Data Res.,
p. 7518, Aug. 2021.
vol. 25, Jul. 2021, Art. no. 100225.
[124] A. Vangala, A. K. Das, V. Chamola, V. Korotaev, and J. J. P. C. Rodrigues,
[103] S. Zaman, M. R. A. Khandaker, R. T. Khan, F. Tariq, and K.-K. Wong,
‘‘Security in IoT-enabled smart agriculture: Architecture, security solu-
‘‘Thinking out of the blocks: Holochain for distributed security in IoT
tions and challenges,’’ Cluster Comput., vol. 26, no. 2, pp. 879–902,
healthcare,’’ IEEE Access, vol. 10, pp. 37064–37081, 2022.
Apr. 2023.
[104] A. Alabdulatif, I. Khalil, and M. Saidur Rahman, ‘‘Security of [125] A. Vangala, A. K. Das, N. Kumar, and M. Alazab, ‘‘Smart secure
blockchain and AI-empowered smart healthcare: Application-based anal- sensing for IoT-based agriculture: Blockchain perspective,’’ IEEE Sensors
ysis,’’ Appl. Sci., vol. 12, no. 21, p. 11039, Oct. 2022. J., vol. 21, no. 16, pp. 17591–17607, Aug. 2021.
[105] A. I. Newaz, A. K. Sikder, M. A. Rahman, and A. S. Uluagac, [126] M. A. Ferrag, L. Shu, O. Friha, and X. Yang, ‘‘Cyber security intrusion
‘‘HealthGuard: A machine learning-based security framework for smart detection for agriculture 4.0: Machine learning-based solutions, datasets,
healthcare systems,’’ in Proc. 6th Int. Conf. Social Netw. Anal., Man- and future directions,’’ IEEE/CAA J. Autom. Sinica, vol. 9, no. 3,
age. Secur. (SNAMS), Oct. 2019, pp. 389–396. pp. 407–436, Mar. 2022.
[106] P. Sharma, S. Namasudra, R. G. Crespo, J. Parra-Fuente, and [127] M. S. Devi, R. Suguna, A. S. Joshi, and R. A. Bagate, ‘‘Design of IoT
M. C. Trivedi, ‘‘EHDHE: Enhancing security of healthcare documents blockchain based smart agriculture for enlightening safety and security,’’
in IoT-enabled digital healthcare ecosystems using blockchain,’’ Inf. Sci., in Proc. Int. Conf. Emerging Technol. Comput. Eng., Jaipur, India. Cham,
vol. 629, pp. 703–718, Jun. 2023. Switzerland: Springer, 2019, pp. 7–19.
[107] A. I. Taloba, A. Elhadad, A. Rayan, R. M. A. El-Aziz, M. Salem, [128] G. Suciu, C.-I. Istrate, and M.-C. Ditu, ‘‘Secure smart agriculture
A. A. Alzahrani, F. S. Alharithi, and C. Park, ‘‘A blockchain-based hybrid monitoring technique through isolation,’’ in Proc. Global IoT Summit
platform for multimedia data processing in IoT-healthcare,’’ Alexandria (GIoTS), Jun. 2019, pp. 1–5.
Eng. J., vol. 65, pp. 263–274, Feb. 2023. [129] J. Song, Q. Zhong, W. Wang, C. Su, Z. Tan, and Y. Liu, ‘‘FPDP: Flexible
[108] B. Hammi, S. Zeadally, R. Khatoun, and J. Nebhen, ‘‘Survey on smart privacy-preserving data publishing scheme for smart agriculture,’’ IEEE
homes: Vulnerabilities, risks, and countermeasures,’’ Comput. Secur., Sensors J., vol. 21, no. 16, pp. 17430–17438, Aug. 2021.
vol. 117, May 2022, Art. no. 102677. [130] R. Chaganti, V. Varadarajan, V. S. Gorantla, T. R. Gadekallu, and V. Ravi,
[109] A. C. Jose and R. Malekian, ‘‘Improving smart home security: Integrating ‘‘Blockchain-based cloud-enabled security monitoring using Internet of
logical sensing into smart home,’’ IEEE Sensors J., vol. 17, no. 13, Things in smart agriculture,’’ Future Internet, vol. 14, no. 9, p. 250,
pp. 4269–4286, Jul. 2017. Aug. 2022.
[131] A. M. Shaaban, S. Chlup, N. El-Araby, and C. Schmittner, ‘‘Towards
[110] S. Dutta, S. S. L. Chukkapalli, M. Sulgekar, S. Krithivasan, P. K. Das, and
optimized security attributes for IoT devices in smart agriculture based
A. Joshi, ‘‘Context sensitive access control in smart home environments,’’
on the IEC 62443 security standard,’’ Appl. Sci., vol. 12, no. 11, p. 5653,
in Proc. IEEE 6th Int. Conf. Big Data Secur. Cloud (BigDataSe-
Jun. 2022.
curity) Int. Conf. High Perform. Smart Comput., (HPSC) IEEE Int. [132] M. S. Jalpur, M. M. Gedam, D. R. Lolage, and D. N. Ansari,
Conf. Intell. Data Secur. (IDS), May 2020, pp. 35–41. ‘‘An IoT system prototype for implementation of secure smart agriculture,’’
[111] R. Yu, X. Zhang, and M. Zhang, ‘‘Smart home security analysis system Int. J. Sci. Res. Comput. Sci., Eng. Inf. Technol., vol. 8, pp. 237–242,
based on the Internet of Things,’’ in Proc. IEEE 2nd Int. Conf. Big Data, Apr. 2022.
Artif. Intell. Internet Things Eng. (ICBAIE), Mar. 2021, pp. 596–599. [133] A. Bothe, J. Bauer, and N. Aschenbruck, ‘‘RFID-assisted continu-
[112] U. Saxena, J. Sodhi, and Y. Singh, ‘‘An analysis of DDoS attacks in ous user authentication for IoT-based smart farming,’’ in Proc. IEEE
a smart home networks,’’ in Proc. 10th Int. Conf. Cloud Comput., Data Int. Conf. RFID Technol. Appl. (RFID-TA), Sep. 2019, pp. 505–510.
Sci. Eng. (Confluence), Jan. 2020, pp. 272–276. [134] D. Rangwani, D. Sadhukhan, S. Ray, M. K. Khan, and M. Dasgupta,
[113] M. Ammi, S. Alarabi, and E. Benkhelifa, ‘‘Customized blockchain-based ‘‘An improved privacy preserving remote user authentication scheme for
architecture for secure smart home for lightweight IoT,’’ Inf. Process. Man- agricultural wireless sensor network,’’ Trans. Emerg. Telecommun. Tech-
age., vol. 58, no. 3, May 2021, Art. no. 102482. nol., vol. 32, no. 3, p. e4218, Mar. 2021.

VOLUME 12, 2024 187011

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

[135] S. Itoo, A. A. Khan, M. Ahmad, and M. J. Idrisi, ‘‘A secure [156] G. Madaan, B. Bhushan, and R. Kumar, ‘‘Blockchain-based cyberthreat
and privacy-preserving lightweight authentication and key exchange mitigation systems for smart vehicles and industrial automation,’’ in
algorithm for smart agriculture monitoring system,’’ IEEE Access, vol. 11, Multimedia Technologies in the Internet of Things Environment. Springer,
pp. 56875–56890, 2023. 2021, pp. 13–32.
[136] S. Nashwan, ‘‘Secure authentication scheme using Diffie–Hellman key [157] S. Terzi, C. Savvaidis, K. Votis, D. Tzovaras, and I. Stamelos, ‘‘Securing
agreement for smart IoT irrigation systems,’’ Electronics, vol. 11, no. 2, emission data of smart vehicles with blockchain and self-sovereign
p. 188, Jan. 2022. identities,’’ in Proc. IEEE Int. Conf. Blockchain (Blockchain), Nov. 2020,
[137] S. Alyahya, W. U. Khan, S. Ahmed, S. N. K. Marwat, and S. Habib, pp. 462–469.
‘‘Cyber secure framework for smart agriculture: Robust and tamper- [158] M. Wazid, B. Bera, A. K. Das, S. P. Mohanty, and M. Jo, ‘‘Fortifying
resistant authentication scheme for IoT devices,’’ Electronics, vol. 11, smart transportation security through public blockchain,’’ IEEE Internet
no. 6, p. 963, Mar. 2022. Things J., vol. 9, no. 17, pp. 16532–16545, Sep. 2022.
[138] J. Arshad, M. A. B. Siddique, Z. Zulfiqar, A. Khokhar, S. Salim, [159] U. Ahmad, H. Song, A. Bilal, M. Alazab, and A. Jolfaei, ‘‘Securing smart
T. Younas, A. U. Rehman, and A. Asad, ‘‘A novel remote user authenti- vehicles from relay attacks using machine learning,’’ J. Supercomput.,
cation scheme by using private blockchain-based secure access control for vol. 76, no. 4, pp. 2665–2682, Apr. 2020.
agriculture monitoring,’’ in Proc. Int. Conf. Eng. Emerg. Technol. (ICEET), [160] T. Bhatt, C. Kotwal, and N. Chaubey, ‘‘Survey on smart grid: Threats, vul-
Feb. 2020, pp. 1–9. nerabilities and security protocol,’’ Int. J. Electron., Elect. Comput. Syst.,
[139] A. Vangala, A. K. Sutrala, A. K. Das, and M. Jo, ‘‘Smart contract-based vol. 6, no. 9, pp. 340–348, 2017.
blockchain-envisioned authentication scheme for smart farming,’’ IEEE [161] M. K. Hasan, A. A. Habib, Z. Shukur, F. Ibrahim, S. Islam, and
Internet Things J., vol. 8, no. 13, pp. 10792–10806, Jul. 2021. M. A. Razzaque, ‘‘Review on cyber-physical and cyber-security system
[140] B. Hassan, A. A. AlSanad, I. Ullah, N. U. Amin, M. A. Khan, M. I. Uddin, in smart grid: Standards, protocols, constraints, and recommendations,’’
and J. M.-T. Wu, ‘‘A cost effective identity-based authentication scheme J. Netw. Comput. Appl., vol. 209, Jan. 2023, Art. no. 103540.
for Internet of Things-enabled agriculture,’’ Wireless Commun. Mobile [162] X. C. Yin, Z. G. Liu, L. Nkenyereye, and B. Ndibanje, ‘‘Toward an applied
Comput., vol. 2022, pp. 1–12, Apr. 2022. cyber security solution in IoT-based smart grids: An intrusion detection
[141] H. Khalid, S. J. Hashim, S. M. S. Ahmad, F. Hashim, and system approach,’’ Sensors, vol. 19, no. 22, p. 4952, Nov. 2019.
M. A. Chaudhary, ‘‘Robust multi-gateway authentication scheme for [163] M. Shrestha, C. Johansen, J. Noll, and D. Roverso, ‘‘A methodol-
agriculture wireless sensor network in society 5.0 smart communities,’’ ogy for security classification applied to smart grid infrastructures,’’
Agriculture, vol. 11, no. 10, p. 1020, Oct. 2021. Int. J. Crit. Infrastruct. Protection, vol. 28, Mar. 2020, Art. no. 100342.
[142] A. L. Shrivastava and R. K. Dwivedi, ‘‘A secure design of the [164] M. Babar, M. U. Tariq, and M. A. Jan, ‘‘Secure and resilient demand side
smart vehicular IoT system using blockchain technology,’’ in Proc. 9th management engine using machine learning for IoT-enabled smart grid,’’
Int. Conf. Comput. Sustain. Global Develop. (INDIACom), Mar. 2022, Sustain. Cities Soc., vol. 62, Nov. 2020, Art. no. 102370.
pp. 616–620.
[165] B. Bera, S. Saha, A. K. Das, and A. V. Vasilakos, ‘‘Designing blockchain-
[143] J. P. Hubaux, S. Capkun, and J. Luo, ‘‘The security and privacy of smart based access control protocol in IoT-enabled smart-grid system,’’ IEEE
vehicles,’’ IEEE Secur. Privacy Mag., vol. 2, no. 3, pp. 49–55, May 2004. Internet Things J., vol. 8, no. 7, pp. 5744–5761, Apr. 2021.
[144] M. Gupta, F. M. Awaysheh, J. Benson, M. Alazab, F. Patwa, and
[166] M. A. Ferrag and L. Maglaras, ‘‘DeepCoin: A novel deep learning and
R. Sandhu, ‘‘An attribute-based access control for cloud enabled industrial
blockchain-based energy exchange framework for smart grids,’’ IEEE
smart vehicles,’’ IEEE Trans. Ind. Informat., vol. 17, no. 6, pp. 4288–4297,
Trans. Eng. Manag., vol. 67, no. 4, pp. 1285–1297, Nov. 2020.
Jun. 2021.
[145] M. Gupta, J. Benson, F. Patwa, and R. Sandhu, ‘‘Dynamic groups and [167] A. Musaed Alkhiari, S. Mishra, and M. AlShehri, ‘‘Blockchain-
attribute-based access control for next-generation smart cars,’’ in Proc. 9th based SQKD and IDS in edge enabled smart grid network,’’ Comput.,
ACM Conf. Data Appl. Secur. Privacy, vol. 11, Mar. 2019, pp. 61–72. Mater. Continua, vol. 70, no. 2, pp. 2149–2169, 2022.
[146] L. F. Luque-Vega, D. A. Michel-Torres, E. Lopez-Neri, M. A. Carlos- [168] J. Srinivas, A. K. Das, X. Li, M. K. Khan, and M. Jo, ‘‘Designing anony-
Mancilla, and L. E. González-Jiménez, ‘‘IoT smart parking system based mous signature-based authenticated key exchange scheme for Internet of
on the visual-aided smart vehicle presence sensor: SPIN-V,’’ Sensors, Things-enabled smart grid systems,’’ IEEE Trans. Ind. Informat., vol. 17,
vol. 20, no. 5, p. 1476, Mar. 2020. no. 7, pp. 4425–4436, Jul. 2021.
[147] A. Chattopadhyay, K.-Y. Lam, and Y. Tavva, ‘‘Autonomous vehicle: [169] Y. Li, X. Wei, Y. Li, Z. Dong, and M. Shahidehpour, ‘‘Detection of
Security by design,’’ IEEE Trans. Intell. Transp. Syst., vol. 22, no. 11, false data injection attacks in smart grid: A secure federated deep learning
pp. 7015–7029, Nov. 2021. approach,’’ IEEE Trans. Smart Grid, vol. 13, no. 6, pp. 4862–4872,
[148] T. Rathod, N. Jadav, S. Tanwar, R. Sharma, A. Tolba, M. Raboaca, Nov. 2022.
V. Marina, and W. Said, ‘‘Blockchain-driven intelligent scheme for IoT- [170] P. Matoušek, O. Ryšavý, M. Grégr, and V. Havlena, ‘‘Flow based
based public safety system beyond 5G networks,’’ Sensors, vol. 23, no. 2, monitoring of ICS communication in the smart grid,’’ J. Inf. Secur. Appl.,
p. 969, Jan. 2023. vol. 54, Oct. 2020, Art. no. 102535.
[149] S. T. Banafshehvaragh and A. M. Rahmani, ‘‘Intrusion, anomaly, and [171] P. Radoglou-Grammatikis, P. Sarigiannidis, E. Iturbe, E. Rios,
attack detection in smart vehicles,’’ Microprocessors Microsyst., vol. 96, S. Martinez, A. Sarigiannidis, G. Eftathopoulos, Y. Spyridis, A. Sesis,
Feb. 2023, Art. no. 104726. N. Vakakis, D. Tzovaras, E. Kafetzakis, I. Giannoulakis, M. Tzifas,
[150] S. Ghosh, A. Zaboli, J. Hong, and J. Kwon, ‘‘An integrated approach of A. Giannakoulias, M. Angelopoulos, and F. Ramos, ‘‘SPEAR SIEM:
threat analysis for autonomous vehicles perception system,’’ IEEE Access, A security information and event management system for the smart grid,’’
vol. 11, pp. 14752–14777, 2023. Comput. Netw., vol. 193, Jul. 2021, Art. no. 108008.
[151] J. Zhang, H. Zhong, J. Cui, Y. Xu, and L. Liu, ‘‘An extensible and effective [172] U. Khadam, M. M. Iqbal, S. Saeed, S. H. Dar, A. Ahmad, and
anonymous batch authentication scheme for smart vehicular networks,’’ M. Ahmad, ‘‘Advanced security and privacy technique for digital text in
IEEE Internet Things J., vol. 7, no. 4, pp. 3462–3473, Apr. 2020. smart grid communications,’’ Comput. Electr. Eng., vol. 93, Jul. 2021,
[152] H. Wang, ‘‘Security enhancement in smart vehicle using blockchain- Art. no. 107205.
based architectural framework,’’ J. Artif. Intell. Capsule Netw., vol. 3, no. 2, [173] Z. Ni and S. Paul, ‘‘A multistage game in smart grid security: A
pp. 90–100, Jun. 2021. reinforcement learning solution,’’ IEEE Trans. Neural Netw. Learn. Syst.,
[153] C. Oham, R. A. Michelin, R. Jurdak, S. S. Kanhere, and S. Jha, vol. 30, no. 9, pp. 2684–2695, Sep. 2019.
‘‘B-FERL: Blockchain based framework for securing smart vehicles,’’ [174] M. Atalay and P. Angin, ‘‘A digital twins approach to smart grid security
Inf. Process. Manage., vol. 58, no. 1, Jan. 2021, Art. no. 102426. testing and standardization,’’ in Proc. IEEE Int. Workshop Metrology for
[154] B. B. Gupta, A. Gaurav, E. C. Marín, and W. Alhalabi, ‘‘Novel graph- Ind. 4.0 IoT, Jun. 2020, pp. 435–440.
based machine learning technique to secure smart vehicles in intelligent [175] W. Lei, H. Wen, J. Wu, and W. Hou, ‘‘MADDPG-based security
transportation systems,’’ IEEE Trans. Intell. Transp. Syst., vol. 24, no. 8, situational awareness for smart grid with intelligent edge,’’ Appl. Sci.,
pp. 8483–8491, May 2022. vol. 11, no. 7, p. 3101, Mar. 2021.
[155] J. Wang, K. Han, A. Alexandridis, Z. Zilic, Y. Pang, W. Wu, S. Din, and [176] S. Sengan, P. Velayutham, and L. Ravi, ‘‘Detection of false data cyber-
G. Jeon, ‘‘A novel security scheme for body area networks compatible with attacks for the assessment of security in smart grid using deep learning,’’
smart vehicles,’’ Comput. Netw., vol. 143, pp. 74–81, Oct. 2018. Comput. Electr. Eng., vol. 93, Jul. 2021, Art. no. 107211.

187012 VOLUME 12, 2024

N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

[177] J. Shreyas, B. Kavitha, P. K. Udayaprasad, and D. Kumar S. M., [200] A. Rizzardi, S. Sicari, and A. Coen-Porisini, ‘‘Analysis on functionalities
‘‘Optimized routing technique for adaptive data transmission in industrial and security features of Internet of Things related protocols,’’ Wireless
IoT,’’ in Proc. 15th Int. Conf. Inf. Process. (ICINPRO), Dec. 2019, pp. 1–6. Netw., vol. 28, no. 7, pp. 2857–2887, Oct. 2022.
[178] A. Corallo, M. Lazoi, M. Lezzi, and A. Luperto, ‘‘Cybersecurity [201] S. Iyer, G. V. Bansod, and S. Garg, ‘‘Implementation and evaluation of
awareness in the context of the industrial Internet of Things: A systematic lightweight ciphers in MQTT environment,’’ in Proc. Int. Conf. Electr.,
literature review,’’ Comput. Ind., vol. 137, May 2022, Art. no. 103614. Electron., Commun., Comput., Optim. Techn. (ICEECCOT), Dec. 2018,
[179] R. L. Kumar, F. Khan, S. Kadry, and S. Rho, ‘‘A survey on blockchain pp. 276–281.
for industrial Internet of Things,’’ Alexandria Eng. J., vol. 61, no. 8, [202] F. Buccafurri, V. De Angelis, and R. Nardone, ‘‘Securing MQTT by
pp. 6001–6022, 2022. blockchain-based OTP authentication,’’ Sensors, vol. 20, no. 7, p. 2002,
[180] Y. Zhao, J. Yang, Y. Bao, and H. Song, ‘‘Trustworthy authorization Apr. 2020.
method for security in industrial Internet of Things,’’ Ad Hoc Netw., [203] L. Malina, G. Srivastava, P. Dzurenda, J. Hajny, and R. Fujdiak,
vol. 121, Oct. 2021, Art. no. 102607. ‘‘A secure publish/subscribe protocol for Internet of Things,’’ in Proc. 14th
[181] G. Shi, X. Shen, F. Xiao, and Y. He, ‘‘DANTD: A deep abnormal Int. Conf. Availability, Rel. Secur., Aug. 2019, pp. 1–10.
network traffic detection model for security of industrial Internet of Things [204] D. Dinculeană and X. Cheng, ‘‘Vulnerabilities and limitations of MQTT
using high-order features,’’ IEEE Internet Things J., vol. 10, no. 24, protocol used between IoT devices,’’ Appl. Sci., vol. 9, no. 5, p. 848,
pp. 21143–21153, Mar. 2023. Feb. 2019.
[182] Y. Li, Y. Xu, Z. Liu, H. Hou, Y. Zheng, Y. Xin, Y. Zhao, and L. Cui, [205] C. A. Garcia, J. E. Naranjo, and M. V. Garcia, ‘‘Analysis of AMQP
‘‘Robust detection for network intrusion of industrial IoT based on multi- for industrial Internet of Things based on low-cost automation,’’ in
CNN fusion,’’ Measurement, vol. 154, Mar. 2020, Art. no. 107450. Proc. Brazilian Technol. Symp. Cham, Switzerland: Springer, 2019,
[183] M. Al-Hawawreh and E. Sitnikova, ‘‘Developing a security testbed for pp. 235–244.
industrial Internet of Things,’’ IEEE Internet Things J., vol. 8, no. 7, [206] M. Milon Islam, S. Nooruddin, F. Karray, and G. Muhammad,
pp. 5558–5573, Apr. 2021. ‘‘Internet of Things device capabilities, architectures, protocols, and smart
[184] G. George and S. M. Thampi, ‘‘A graph-based security framework for applications in healthcare domain: A review,’’ 2022, arXiv:2204.05921.
securing industrial IoT networks from vulnerability exploitations,’’ IEEE [207] M. A. A. da Cruz, J. J. P. C. Rodrigues, P. Lorenz, P. Solic, J. Al-Muhtadi,
Access, vol. 6, pp. 43586–43601, 2018. and V. H. C. Albuquerque, ‘‘A proposal for bridging application layer
[185] U. Tariq, A. O. Aseeri, M. S. Alkatheiri, and Y. Zhuang, ‘‘Context-aware protocols to HTTP on IoT solutions,’’ Future Gener. Comput. Syst., vol. 97,
autonomous security assertion for industrial IoT,’’ IEEE Access, vol. 8, pp. 145–152, Aug. 2019.
pp. 191785–191794, 2020. [208] S. Solpan and K. Kucuk, ‘‘DDS-XRCE standard performance evaluation
[186] X. Liu, W. Yu, F. Liang, D. Griffith, and N. Golmie, ‘‘On deep of different communication scenarios in IoT technologies,’’ EAI Endorsed
reinforcement learning security for industrial Internet of Things,’’ Com- Trans. Internet Things, vol. 8, no. 4, p. e1, Nov. 2022.
put. Commun., vol. 168, pp. 20–32, Feb. 2021. [209] L. Lo Iacono, H. V. Nguyen, and P. L. Gorski, ‘‘On the need for a
[187] L. Fang, H. Zhang, M. Li, C. Ge, L. Liu, and Z. Liu, ‘‘A secure and fine- general REST-security framework,’’ Future Internet, vol. 11, no. 3, p. 56,
grained scheme for data security in industrial IoT platforms for smart city,’’ Feb. 2019.
IEEE Internet Things J., vol. 7, no. 9, pp. 7982–7990, Sep. 2020. [210] S. Bansal and D. Kumar, ‘‘A reliable CoAP protocol for IoT communica-
[188] S. Lee, S. Lee, H. Yoo, S. Kwon, and T. Shon, ‘‘Design and tion,’’ Rep., 2022.
implementation of cybersecurity testbed for industrial IoT systems,’’ [211] R. Xu, W. Jin, and D. H. Kim, ‘‘Knowledge-based edge computing
J. Supercomput., vol. 74, no. 9, pp. 4506–4520, Sep. 2018. framework based on CoAP and HTTP for enabling heterogeneous
[189] M. Hassaballah, M. A. Hameed, A. I. Awad, and K. Muhammad, ‘‘A novel connectivity,’’ Pers. Ubiquitous Comput., vol. 26, no. 2, pp. 329–344,
image steganography method for industrial Internet of Things security,’’ Apr. 2022.
IEEE Trans. Ind. Informat., vol. 17, no. 11, pp. 7743–7751, Nov. 2021. [212] R. K. Kodali, B. Y. K. Yogi, G. N. S. Sai, and J. H. Domma,
[190] M. O. Qays, I. Ahmad, A. Abu-Siada, M. L. Hossain, and F. Yasmin, ‘‘Key ‘‘Implementation of home automation using CoAP,’’ in Proc. IEEE Region
communication technologies, applications, protocols and future guides 10 Conf., Oct. 2018, pp. 1214–1218.
for IoT-assisted smart grid systems: A review,’’ Energy Rep., vol. 9, [213] K. Khalil, K. Elgazzar, A. Abdelgawad, and M. Bayoumi, ‘‘A security
pp. 2440–2452, Dec. 2023. approach for CoAP-based Internet of Things resource discovery,’’ in
[191] Z. Chen, Z. Cheng, W. Luo, J. Ao, Y. Liu, K. Sheng, and L. Chen, Proc. IEEE 6th World Forum Internet Things (WF-IoT), Jun. 2020, pp. 1–6.
‘‘FSMFA: Efficient firmware-secure multi-factor authentication protocol [214] J. D. de Hoz Diego, J. Saldana, J. Fernández-Navajas, and J. Ruiz-Mas,
for IoT devices,’’ Internet Things, vol. 21, Apr. 2023, Art. no. 100685. ‘‘Decoupling security from applications in CoAP-based IoT devices,’’
[192] E. B. Sanjuan, I. A. Cardiel, J. A. Cerrada, and C. Cerrada, ‘‘Message IEEE Internet Things J., vol. 7, no. 1, pp. 467–476, Jan. 2020.
queuing telemetry transport (MQTT) security: A cryptographic smart card [215] S. S. Basu, J. Haxhibeqiri, M. Baert, B. Moons, A. Karaagac,
approach,’’ IEEE Access, vol. 8, pp. 115051–115062, 2020. P. Crombez, P. Camerlynck, and J. Hoebeke, ‘‘An end-to-end LwM2M-
[193] C. Bayılmış, M. A. Ebleme, Ü. Çavuşoğlu, K. Küçük, and A. Sevin, based communication architecture for multimodal NB-IoT/BLE devices,’’
‘‘A survey on communication protocols and performance evaluations for Sensors, vol. 20, no. 8, p. 2239, Apr. 2020.
Internet of Things,’’ Digit. Commun. Netw., vol. 8, no. 6, pp. 1094–1104, [216] S. E. Aidi, A. Bajit, A. Barodi, H. Chaoui, and A. Tamtaoui,
Dec. 2022. ‘‘An optimized security vehicular Internet of Things -IoT-Application layer
[194] M. V. Masdani and D. Darlis, ‘‘A comprehensive study on MQTT as a protocols MQTT and COAP based on cryptographic elliptic-curve,’’ in
low power protocol for Internet of Things application,’’ IOP Conf. Ser., Proc. IEEE 2nd Int. Conf. Electron., Control, Optim. Comput. Sci. (ICE-
Mater. Sci. Eng., vol. 434, Dec. 2018, Art. no. 012274. COCS), Dec. 2020, pp. 1–6.
[195] J. Roldán-Gómez, J. Carrillo-Mondéjar, J. M. Castelo Gómez, and [217] R. T. Tiburski, E. de Matos, and F. Hessel, ‘‘Evaluating the DTLS
S. Ruiz-Villafranca, ‘‘Security analysis of the MQTT-SN protocol for the protocol from CoAP in fog-to-fog communications,’’ in Proc. IEEE
Internet of Things,’’ Appl. Sci., vol. 12, no. 21, p. 10991, Oct. 2022. Int. Conf. Service-Oriented Syst. Eng. (SOSE), Apr. 2019, pp. 90–905.
[196] A. Luoto and K. Systä, ‘‘Fighting network restrictions of request-response [218] A. Ayoub, R. Najat, and A. Jaafar, ‘‘A lightweight secure
pattern with MQTT,’’ IET Softw., vol. 12, no. 5, pp. 410–417, Oct. 2018. CoAP for IoT-cloud paradigm using elliptic-curve cryptography,’’
[197] A. Rahman, S. Roy, M. S. Kaiser, and Md. S. Islam, ‘‘A lightweight multi- Indonesian J. Electr. Eng. Comput. Sci., vol. 20, no. 3, p. 1460,
tier S-MQTT framework to secure communication between low-end IoT Dec. 2020.
nodes,’’ in Proc. 5th Int. Conf. Netw., Syst. Secur. (NSysS), Dec. 2018, [219] D. Palma, ‘‘Enabling the maritime Internet of Things: CoAP and
pp. 1–6. 6LoWPAN performance over VHF links,’’ IEEE Internet Things J., vol. 5,
[198] V. Seoane, C. Garcia-Rubio, F. Almenares, and C. Campo, ‘‘Performance no. 6, pp. 5205–5212, Dec. 2018.
evaluation of CoAP and MQTT with security support for IoT environ- [220] D. Gupta, J. Shivankar, and S. Gugulothu, ‘‘Instant messaging using
ments,’’ Comput. Netw., vol. 197, Oct. 2021, Art. no. 108338. xmpp,’’ J. Phys., Conf. Ser., vol. 1913, no. 1, May 2021, Art. no. 012126.
[199] A. Detti, L. Funari, and N. Blefari-Melazzi, ‘‘Sub-linear scalabil- [221] H. G. Hamid and Z. T. Alisa, ‘‘A survey on IoT application layer
ity of MQTT clusters in topic-based publish-subscribe applications,’’ protocols,’’ Indonesian J. Electr. Eng. Comput. Sci., vol. 21, no. 3, p. 1663,
IEEE Trans. Netw. Service Manage., vol. 17, no. 3, pp. 1954–1968, Mar. 2021.
Sep. 2020.

VOLUME 12, 2024 187013

 N. Sharmila Kumari et al.: Holistic Survey on Security in IoT Application Layer: Attacks, Protocols, and Applications

N. SHARMILA KUMARI (Member, IEEE) C. N. PRUTHVI (Member, IEEE) received the

received the Bachelor of Engineering degree B.E. degree from Visvesvaraya Technological
in information science and engineering from University, in 2017, and the M.Tech. degree from
the Dr. T. Thimmaiah Institute of Technology, Bangalore University, Bengaluru, India, in 2019,
Visvesvaraya Technological University, Belagavi, where she is currently pursuing the Ph.D. degree
in 2008, and the Master of Technology degree in computer science with the University of Visves-
in computer science and engineering from the varaya College of Engineering (UVCE, IIT Model
Cambridge Institute of Technology, Visvesvaraya College). She is also an Assistant Professor with
Technological University, in 2013. She is currently the Department of Computer Science and Engi-
pursuing the Ph.D. degree in computer science neering, Dayananda Sagar College of Engineering,
with the University of Visvesvaraya College of Engineering (UVCE, IIT Bengaluru. She is involved in research and teaching B.E. and M.Tech.
Model College), Bangalore University, Bengaluru, India. She has 15 years students in computer science and engineering students and has over three
of teaching experience. Her current research interests include the Internet years of teaching experience. Her research interests include cloud computing,
of Things, with a focus on security techniques, networks security, artificial the Internet of Things, ICN networks, the ICN-IoT caching, and artificial
intelligence, and deep learning. intelligence.

J. SHREYAS (Member, IEEE) received the B.E.

and M.Tech. degrees in computer science and engi-
neering from Visvesvaraya Technological Univer-
sity and the Ph.D. degree in computer science
and engineering and in the Internet of Things
and artificial intelligence from the Department of
Computer Science and Engineering, University of
Visvesvaraya College of Engineering (UVCE, IIT
Model College), Bangalore University, Bengaluru,
in 2021. He is currently an Assistant Professor
with the Department of Information Technology, Manipal Institute of
Technology Bengaluru, Manipal Academy of Higher Education, Manipal,
India. He is involved in research, and teaching B.E. and M.Tech. students
of computer science and engineering and he has more than eight years
H. S. VIMALA received the Ph.D. degree in of research, academia, and industrial experience. He has published more
image processing and in computer science and than 60 papers in international journals, including Elsevier, Springer, and
engineering. She is currently a Professor and Inderscience, and international conferences, which are indexed by SCI and
the Chairperson of the Department of Computer Scopus. He has filed, published and registered various patents. His current
Science and Engineering, University of Visves- research interests include sensor networks, the Artificial Intelligence of
varaya College of Engineering (UVCE, IIT Model Things, swarm intelligence, and machine learning. He has received two
College), Bangalore University, Bengaluru. She best paper awards in Hong Kong and Dubai each during international
has published nine papers in international/national conferences. He has served as a reviewer for various reputed journals,
journals and conferences. She is involved in including Nature, IEEE, Elsevier, Springer, and Johnny Wiley publishers
research and teaching B.E., M.Tech., and Ph.D. and international conferences. He also served as a guest editor, an editorial
students of computer science and engineering and she guided more than member, the session chair, and a technical committee member for various
150 research projects for UG/PG students. She has 35 years of teaching journals and conferences. He has delivered many keynote/invited talks at
experience with the Department of Computer Science and Engineering, international conferences and chaired technical sessions worldwide. He is
UVCE, where she is also guiding seven research scholars. She is the a valued member of professional bodies, such as ACM, ISTE, and IAENG,
co-author of five books and published one book. Her research interests contributing to the academic community in various capacities.
include image processing, sensor networks, and the Internet of Things.

187014 VOLUME 12, 2024