Analysis of attacks on components of IoT systems and cybersecurity technologies Nadiia M. Lobanchykovaa , Ihor A. Pilkevychb and Oleksandr Korchenkoc a Zhytomyr Polytechnic State University, 103 Chudnivsyka Str., Zhytomyr, 10005, Ukraine b S.P. Korolev Zhytomyr Military Institute, 22 Mira Ave., Zhytomyr, 10004, Ukraine c University of Bielsko-Biala, Willowa 2, 43-300 Bielsko-Biała, Poland Abstract This article presents the results of IoT analysis, methods and ways of their protection, prospects of using edge computing to minimize traffic transmission, decentralization of decision-making systems, and information protection. A detailed analysis of attacks on IoT system components was carried out and protection recommendations were developed. Keywords Internet of Things, IoT, edge computing, cybersecurity, attack, protection 1. Introduction In the last few years, the Internet of Things (IoT) systems has been widely developed and implemented. The Internet of Things market research notes a steady and rapid increase in the number of such devices every year. If analysts currently estimate the number of active IoT devices at 21 billion, in a few years their number will exceed 50 billion [1, 2]. Due to the development and widespread introduction of IoT technologies, information security experts are concerned about their level of protection [3, 4, 5, 6, 7]. According to them, the huge number of poorly protected Internet devices gives new opportunities to cybercriminals. Yes, there are already known cases of breakage of several IoT systems. This task is especially relevant when using these tools at critical infrastructure. New technologies and new tools are creating new types of cyber threats. Many companies today have introduced their protection models, which are constantly trying to standardize, correlate and implement. The development of information technology makes its adjustments in the field of informa- tion security. Therefore, the advent and edge of computing technologies allow solving several QuaInT 2021: Workshop on the Quantum Information Technologies, April 11, 2021, Zhytomyr, Ukraine doors 2021: Edge Computing Workshop, April 11, 2021, Zhytomyr, Ukraine " lobanchikovanadia@gmail.com (N.M. Lobanchykova); igor.pilkevich@meta.ua (I.A. Pilkevych); agkorchenko@gmail.com (O. Korchenko) ~ https://ztu.edu.ua/ua/structure/faculties/fikt/ (N.M. Lobanchykova); https://scholar.google.com.ua/citations?user=UK3h53oAAAAJ (I.A. Pilkevych); http://www.kinf.ath.bielsko.pl/pl/oleksandr-korchenko (O. Korchenko)  0000-0003-4010-0308 (N.M. Lobanchykova); 0000-0001-5064-3272 (I.A. Pilkevych); 0000-0003-3376-0631 (O. Korchenko) © 2021 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). CEUR Workshop Proceedings http://ceur-ws.org ISSN 1613-0073 CEUR Workshop Proceedings (CEUR-WS.org) cybersecurity problems. The main trend of edge computing is remote monitoring and data processing directly on IoT devices. The main advantage of this approach is the minimization of processing time and decision-making due to the absence of the need to transfer all data to a data center (data center) or cloud. The combination of IoT and edge computing is a promising area and can be used in industry, hospitals, climate control systems, and “smart” buildings, in the management of the infrastructure of the city or region, in trade and logistics networks [8]. Of particular interest is the use of edge computing for network security monitoring and access control systems. This technology is quite effective in preventing certain types of at- tacks and the spread of malicious software. Also, performing calculations immediately after receiving a signal allows you to decide whether to generate an alarm, move the “object” to quarantine, isolate, if necessary, several IoT devices to prevent network compromise or system failure. The widespread introduction of IoT devices creates large amounts of information that are increasingly difficult to transfer to a data center or cloud, process and store them, so the use of edge computing is a necessity for many areas of the digital society. The study of traffic minimization technologies, data storage, resources, and security in IoT using edge computing is a crucial task today for the development of digital society and the entry of humanity into the fourth industrial revolution (Industry 4.0) [9]. 2. Theoretical background The analysis of works [1, 2, 10] confirms the relevance of research in the field of IoT, which is associated with the benefits of these devices and technologies, as well as the transition of mankind to the use of Industry 4.0. In [1, 2, 3], the authors note the incredibly rapid pace of IoT implementation in various areas of the digital society. Immerman [1] testifies that at the beginning of the implementation of IoT, sensors sent data to the cloud, where they were processed, analyzed, and stored, and making management decisions. As the number of devices increased exponentially, the load on both the data channels and the storage cloud (trillions of gigabytes) increased, so the use of edge computing became a necessity, not a whim. The author notes that the use of edge computing and cloud technologies together is possible, and in some cases necessary, especially in industry. Edge computing is the most important component of IoT, which helps reduce latency and increase the reliability of deployed systems [1]. In [2] the models of IoT architecture are presented, the need for IoT protection is determined, the results of research on the construction of information protection systems for IoT devices, including shared and centralized, conducted simulation load depending on the number of devices. Security issues are quite relevant and aimed at the comprehensive protection of information. Thus, Blyler [3] focuses on the complexity of IoT protection and presents eight key security technologies: network security, authentication, encryption, security attack, security analytics, and threat forecasting, interface protection, delivery mechanisms. Prospects for implementation and threats facing IoT systems are presented in [4, 5, 6, 10, 11, 12]. The analysis of these works confirm the relevance of security issues, areas of protection, and the main conceptual approaches to security. Loud cyberattacks have occurred more than once and the number of hacker attacks is growing [7, 13, 14, 15]. The urgency of the problem is underscored by incidents, the loss of capital from which is measured in billions of dollars. 84 Figure 1: IoT security environment In total, HP experts have identified about 25 different vulnerabilities in each of the studied devices and their mobile and cloud components [13]. The conclusion of HP experts is disap- pointing: a secure IoT system does not exist today. The particular danger to the Internet of Things is hidden in the context of the spread of targeted attacks. It is only necessary for in- truders to show interest in anyone, and our helpers from the world of IoT turn into traitors, openly open access to the world of their owners. Because the issue is extremely acute, companies that develop equipment, communications, network devices, software, and cybersecurity companies are looking for means to protect IoT devices [15]. One of the leading companies in the development of security in IoT is Cisco Systems, which played a leading role in the development of the IoT model at the World IoT Forum, developed the IoT security framework, which became a useful addition to the reference model [13]. Figure 1 shows the security environment associated with the logical structure of the IoT. The Cisco IoT model is a simplified version of the World IoT Forum model. Figure 1 shows specific functional areas of security on top of the four levels of the IoT model. The Cisco doc- ument also proposes an IoT security concept that defines the components of the IoT security feature, covering all levels: authentication, authorization, network policy and security analyt- ics. Humanity’s entry into the Industry 4.0 [10] creates new challenges and opportunities for Ukraine. The new cyber threats are associated with the widespread use of Industry 4.0 tech- nology, which can have catastrophic consequences when attacking regime facilities. This task is especially relevant in the organization of temporary protection of the perimeter of the regime object when there are limited resources, adverse weather conditions, and unforeseen terrain. Portable devices account for the largest number of attacks, and the use of wireless commu- nication technologies between system elements creates the preconditions for a cyber-attack on the system. According to [4, 5, 6, 10, 11, 12], unauthorized access is most often carried out 85 by hackers through entry points (access) to the corporate network or used to launch a DDoS attack. Given the large number of sensors connected to the system, the use of wireless net- works, cloud services, etc. does not provide a reliable perimeter of cybersecurity of the object. Another area is the theft of confidential user data (companies). The powerful potential of cy- ber threats has the technology of machine learning and the use of artificial intelligence systems through dual-purpose (the algorithms used can both counteract cyber-attacks and create them). New technologies create new cyber threats, which can be resisted only with the use of new information technologies. Global statistics compiled by Cisco in 2017 [10] show: • vulnerabilities (“holes”) in modern security systems allow up to 65% of cyber incidents, • human factor – critical (if we scale it to the number and complexity of cyber threats) reduction of the level of literacy of users – up to 48% of incidents, • 55% of organizations are unable to establish the cause of the incident, • the average time to establish such a cause in the modern informational security and cybersecurity industry is 100 days. Leading companies and specialists implement multi-level comprehensive protection systems based on the use of the latest technical tools, qualified personnel, control procedures, admin- istrative regulations with strict compliance with them. In such systems, the emphasis is on setting up early warning systems that monitor the operation of IT equipment in real-time, no- tify administrators in the event of any abnormal activity, allow timely detection of attacks, as well as analyze potential threats. The criteria for the stability of such a defense system are the ability to respond to attacks in a timely and adequate manner and to restore the operation of the object with minimal losses [10]. 3. Results Our research system is a wireless IoT system, the hardware of which can be divided into the following elements [3, 4, 11, 6, 12]: 1. communication subsystem (wireless communication in the sensor network, includes a radio receiver), 2. computing subsystem (data processing, node functionality), 3. sensor subsystem (network connection with the “outside world”), 4. power subsystem. Tasks facing the system to the hardware: • low electricity consumption, • the ability to work with a large number of nodes at relatively short distances, • relatively low cost, 86 Cisco Architecture 7 Collaboration and Process 6 Application 7 5 Data Abstraction 6 5 4 Data Accumulation 4 3 Edge(Fog) Computing 3 2 2 Connectivity 1 1 Physical Devices and Controllers Figure 2: Cisco IoT Architecture • work autonomously and without maintenance, • have a camouflage effect, • be resistant to the environment. We choose the 7-level architecture of IoT systems, proposed by Cisco (figure 2). Given the fact that sensor networks are vulnerable to many attacks, the issue of cybersecurity is especially relevant in the implementation of IoT systems to protect the perimeter of the regime object. We assume that it is necessary to carry out temporary protection of the perimeter during the transportation of cargo/person/reconnaissance operation. Created using Cisco Packet Tracer simulation of one protection zone of the IoT perimeter security system is presented in figure 3. This scheme contains a set of devices used to create a zone of the temporary perimeter security system. Also performed modeling of a typical fire alarm system of a separate room on the example of a garage (figure 4). The set of devices is typical. The constructed computer models, figures 3 and 4 allow us to research to identify potential cyber threats and develop recommendations for the protection of IoT components. The results of modeling and countering cyberattacks will be presented in future studies. Modeling of systems allowed to determine that the main areas that need attention from cybersecurity are: • communication security, • protection of the devices themselves, • control over the operation of devices, • control of network interaction. 87 Figure 3: Cluster protection zone As a result of research and analysis of the most likely attacks on simulated systems, the following classification of attacks is proposed (figure 5): • Denial-of-Service (DoS) (𝐷): – physical level (𝐻 ): ∗ obstacle attack (𝐻1 ) ∗ attack of interference in the IoT system (𝐻2 ) – channel level (𝐶): ∗ collision attack (𝐶1 ) • attacks on routing protocols (𝑅): – “Black Hole” attack (𝑅1 ) – selective forwarding attack (𝑅2 ) – “Rapid onslaught” attack (𝑅3 ) – “Funnel” attack (𝑅4 ) 88 Figure 4: Scheme of fire alarm system of a separate room on the example of a garage – Sybil attack (𝑅5 ) – “wormholes” attack (𝑅6 ) – flood attack (𝑅7 ) • attacks at the transport level (𝑇 ): – avalanche attack (𝑇1 ) – desynchronization attack (𝑇2 ) • attacks on data aggregation (𝐺); • privacy attacks (𝑃). Attacks can be represented in the form of open classification groups. 𝐷 = 𝐻 ⋃ 𝐶 – a set of attacks that lead to denials of service, involves combining sets of attacks at the physical and channel level. Many attacks that lead to denials of service at the physical level: 𝑛 𝐻 = ⋃ 𝐻𝑖 𝑖=1 89 Figure 5: Attacks on IoT system components The set of attacks that lead to denial of service link-level: 𝑧 𝐶 = ⋃ 𝐶𝑘 𝑘=1 The set of attacks on routing protocols: 90 𝑠 𝑅 = ⋃ 𝑅𝑣 𝑣=1 The open classification grouping of transport layer attacks is presented in the form of a set: 𝑙 𝑇 = ⋃ 𝑇𝛼 𝛼=1 The set of attacks on data aggregation is represented as follows: 𝑚 𝐺 = ⋃ 𝐺𝑗 𝑗=1 The set of attacks on privacy: 𝛿 𝑃 = ⋃ 𝑃𝛾 𝛾 =1 In general, attacks can be represented as a union of all classification groups: 𝐴 = 𝐷⋃𝑅⋃𝑇 ⋃𝐺 ⋃𝑃 Let’s analyze each attack that is part of the classification group. DoS attack on the physical level. A DoS attack is characterized by an attempt by an enemy to stop a network or destroy a network security service. In an IoT system, a DoS attack can occur at different levels of the protocol stack, can affect several levels simultaneously, and use the interaction between them. DoS attack at the physical level can be carried out by interfering with the radio frequencies on which the system operates. In such an attack, one attacking node may disconnect all or part of the network (for example, blocking data transmission). An attack on the IoT system’s detection of a sensor (in our case, a sensor/camera around the perimeter of a security object) and an attempt to physically access it is critical to our system. In this case, an attacker can destroy the device, try to replace the data, access sensitive information (including cryptographic keys), use the device to log on to the network. DoS channel level attack. DoS collision attack at the channel level is usually aimed at de- pleting the resources of nodes. This attack affects the packet transmission process, causing exponential delay and packet retransmission procedures in some MAC protocols. Thus, when a large number of bits are damaged in a packet, the node will try to use error correction codes to recover the damaged bits, thus wasting limited energy resources. Another example of such an attack is a “collision” at the end of the frame, which leads to the retransmission of the entire packet. Another embodiment of the attacks inherent in the IEEE 802.11 protocols may be the generation of an RTS message to a base station or neighboring node, which will lead to the processing of this message and generate a CTS message, followed by waiting for signal recep- tion, and all other nodes stop transmitting data to receiving node for the time specified in the RTS message. Handshake methods can also be implemented. Let us analyze attacks on routing protocols. The known Black Hole attack aims to use a routing protocol to redirect packets from or to the target node through a specific node. This 91 attack can be used to drop packets or a “middle man” (a method of compromising a commu- nication channel in which an attacker, by joining a channel between counterparties, interferes with the transmission protocol by deleting or modifying information). Another type of attack is a selective forwarding attack, which is similar to a Black Hole attack, but in this attack will be rejected packets that meet certain criteria, not all. When implementing the “Rapid Pressure” attack, the procedure of opening the route at the request of routing protocols is used. The malicious node generates and transmits a route re- quest to its neighbors, and as a result, the node is more likely to be part of the selected route between the source and destination. The “Funnel” attack is characterized by the fact that the attacker tries to either compromise the node, or place its own in the path of as many networks flows as possible, and the latter then begins to act on the type of funnel – collecting all the traffic of the sensor network. In protocols that use broadcast, the attacker, listening to the channel, informs neighbors that he “knows” the shortest route to the base station. Once it has managed to stand between the transmitting sensor node and the base station, it can perform any action with the data packets coming to it. Sybil attack is characterized by the fact that the attacker tries to compromise the existing node, or connect your own with several pseudo-identifiers and thus pretending to be several nodes at once. Thus, neighboring nodes may perceive it as “their own”. Such attacks are used to disrupt the mechanism of distributed storage, routing mechanisms, data aggregation mechanisms, voting mechanisms in the network. A wormhole attack poses a serious threat to the security of sensor networks because it does not require compromising the sensor node. For example, an attacker listens to a channel, re- ceives a broadcast to request a route from the base station, and forwards it to the nearest neighbor. The node that received this message will consider it the parent, that is, the one clos- est to it, although this is not the case. The attack is based on creating a special path between two or more network nodes to transmit intercepted packets, and the nodes will think that they transmit packets by the shortest path. One type of attack is a flood attack (HELLO flood attack). The peculiarity of this attack is the attempt to transmit to the network many optional messages that will deprive the network of various resources (computing power, channel capacity, energy resources). Having a high- frequency radio transmitter with sufficient computing power, the attacker sends Hello packets of many nodes of the sensor network. Upon receipt of this message, the nodes perceive the compromised node as a neighbor and include the received address of the sender in the mailing list. In this way, the attacker gains access to data sent from the nodes. Transport layer functions include the delivery of packets (TCP) and datagrams (UDP) from sender to recipient. Attacks at the transport level are aimed at analyzing the regularity of traffic and sending parallel duplicates of messages in other ways used at this level. Given the fact that most transport protocols support sensitive information and are therefore vulnerable to memory depletion, an avalanche attack attacker makes new connection requests each time increasing the amount of confidential information in the attacking node, gradually leading to the node becomes faulty (failure of the node from further connections) due to resource depletion) and uses this shortcoming. Another typical attack of this level is the desynchronization attack, because of which an attacker tries to break the connection between two working nodes in the network, repeatedly 92 forging messages to them. In particular, transport layer protocols can use sequence numbers to track successfully received packets, identify packet loss, and detect copies. Attacker-generated packets can use these sequence numbers to reassure the node that packets have been lost and to provoke retransmission, which can have the effect of depleting the resource and filling the data channel when valid information does not arrive at the database or arrives with a delay. Attacks on data aggregation are aimed at changing the behavior of the network. Data aggre- gation and merging procedures are used in networks where the location of typical sensors is close to each other. Such procedures are used to combine multiple data to eliminate redundant information. To save resources, this is positive, but it is dangerous from the point of view of cybersecurity. Thus, the calculation of simple mathematical functions (minimum, maximum, average, sum) used in aggregation in the presence of a single malicious node or the replacement of real data from sensors can change the behavior of the network in part or completely. Privacy attacks are aimed at capturing information collected by sensors and can be imple- mented by listening to the network, analyzing traffic, and/or capturing the node. This is espe- cially true for those networks that do not use data encryption. 3.1. Recommendations for counteracting attacks on components of the IoT system Resist DoS attacks at the physical level. IEEE 802.11 (Broadband) standards use frequency hopping. In this case, the interference transmitter must “know” the sequence of hopping or create interference with a larger frequency band. It is proposed to use spectrum expansion technology to protect against such attacks. The transmission of such a signal will be similar to noise, which will reduce the risk of intentional interference with the information signal. Besides, when the signal disappears from any part of the network or node, network element, DSS should generate an alarm on the unit. Nodes that have detected an interference attack must send a short message to their “neighbors” and the base station about the attack on the network. In this case, if the message “does not reach” the base station from the attacked node, it is likely to receive an alarm message from the node that was not attacked. To counteract IoT intrusion attacks, each sensor used in the system must be equipped with a tamper (a miniature button on the board of the device that is squeezed when opening the case or disconnecting it from the mounting location). When the tamper is triggered, the hub sends push-messages and SMS to all users of the security system (if there are such messages in the devices to be used), as well as the transmission of the message to the base station. Besides, it is desirable to provide software that when the tamper is triggered during “arm- ing”, all data stored on the device was destroyed automatically. To avoid detecting sensors, they should be placed in hidden places, but suitable for their installation, use materials that are resistant to external influences. Sensors and cameras have their range, so when placing such devices should take into account this figure and install them with an overlap to avoid insen- sitivity. If installed correctly, the sensor will detect the danger and send an alarm to the base station until the attacker approaches it. The proposed system uses an RFID tag to identify a person. The decision support system provides a situation where the RFID tag and motion sensor is activated, but we do not receive a signal from the camcorder. This situation may indicate that the tag was “removed” or “replaced” 93 and the motion sensor detected movement, but attackers could disable the camera to avoid being identified as violators. This set of parameters will generate an alarm on the unit. To counter a DoS attack at the channel layer, there is authentication to verify that the node generating the message is authorized on the network in combination with encryption. In our case, we use the WPA2-PSK authentication standard with an AES encryption type. Given the energy limit, the use of asymmetric encryption becomes impossible in such systems. The main disadvantage of using symmetric encryption is the problem of key distribution. When using a symmetric cryptographic scheme, it is necessary to ensure the reliable and secure installation of shared cryptographic keys between two nodes before they can exchange data. Key installation and management techniques should be suitable for use with hundreds and thousands of nodes. Another way to improve security is to install an RFID tag on all devices on the network and conduct a combined (two-factor) node authentication procedure. It is proposed to use blockchain technology to protect against interference with the program code and substitution of sensors. This technology is a distributed database that is potentially available to everyone. Thanks to the use of blockchain technology, it is possible to counteract fraud, manage identification, transactions, verify the status of elements of various systems, and ensure data integrity. Combining blockchain and Internet of Things technologies can solve several security issues, namely: tracking sensor data measurements and preventing duplication of any other malicious data; authentication and secure data transmission. Cryptography is proposed to protect against eavesdropping, injection, and packet modifica- tion. To counter aggregation attacks, it is proposed to use aggregation delay and authentication methods. To prevent routing attacks, we use channel-level encryption and authentication using a global public key. Sybil attacks can be prevented by verifying the identity of the sensor nodes (using a shared symmetric key from a trusted base station) and limiting the number of neighbors that the node may have. In this way, the compromised node will only be able to contact trusted neighbors. You can counter a funnel attack using a geo-routing protocol, in which traffic “naturally” directed to the physical location of the base station is difficult to redirect to create a funnel. The proposed system uses static sensors that require one-time authentication in the network. Edge computing in information security systems can be used to counter several considered attacks and is the subject of further research. The use of clusters of security systems, IoT clus- ters in combination with edge computing creates new approaches to technologies for building secure IoT with decentralized data processing. The list of attacks is an open classification group that can be supplemented and expanded. The implementation of IoT clusters in combination with edge computing requires further research. They need to develop a cluster model and mathematical software for IoT systems in combi- nation with edge computing to minimize information processing and decision-making time. 94 4. Conclusions The analysis allowed us to generalize cyber threats to the components of IoT systems. As a result, it is determined that the largest number of attacks occur on network nodes, and the use of wireless communication technologies between the elements of the system creates the preconditions for a cyber-attack on the system. It is determined that today multi-stage complex protection systems are being implemented, based on the use of the latest technical means, qualified personnel, control procedures, admin- istrative regulations with their strict observance. The analysis of attacks allowed determining their list and exploring the features of imple- mentation. As a result of the analysis and generalization, recommendations for counteracting attacks on the components of the IoT system have been developed. References [1] G. Immerman, The importance of edge computing for the iot, 2020. URL: https://www. machinemetrics.com/blog/edge-computing-iot. [2] S. Khomich, A. Fedosiuk, M. Kulikovsky, Research of system of iot devices information security, Digital technologies 18 (2015) 166–171. [3] J. Blyler, 8 critical iot security technologies, 2020. URL: https://www.electronicdesign. com/industrial-automation/article/21805420/8-critical-iot-security-technologies. [4] Q. Jing, A. V. Vasilakos, J. Wan, J. Lu, D. Qiu, Security of the internet of things: perspectives and challenges, Wireless Networks 20 (2014) 2481–2501. doi:10.1007/ s11276-014-0761-7. [5] D. Kuznetsov, L. Ryabchina, Information security of the internet of things systems, Bul- letin of Kryvyi Rih National University 49 (2019) 80–83. [6] O. Turanska, Development of methods of information protection in wireless sensor net- works: master’s thesis, Master’s thesis, NTU of Ukraine "KPI named after Igor Sikorsky", 2018. [7] C. Systems, The internet of things reference model, 2014. URL: http://cdn.iotwf.com/ resources/71/IoT_Reference_Model_White_Paper_June_4_2014.pdf. [8] A. Herts, I. Tsidylo, N. Herts, L. Barna, S.-I. Mazur, Photosynq - cloud platform powered by iot devices, E3S Web of Conferences 166 (2020). doi:10.1051/e3sconf/202016605001. [9] S. Shokaliuk, Y. Bohunenko, I. Lovianova, M. Shyshkina, Technologies of distance learn- ing for programming basics on the principles of integrated development of key compe- tences, CEUR Workshop Proceedings 2643 (2020) 548–562. [10] S. Gnatyuk, Cybersecurity in the context of the fourth industrial revolution (industry 4.0): challenges and opportunities for ukraine, 2019. URL: https://niss.gov.ua/doslidzhennya/ informaciyni-strategii/kiberbezpeka-v-umovakh-rozgortannya-chetvertoi-promislovoi. [11] A. Vovk, Methods of information security IoT, Master’s thesis, NTU of Ukraine "KPI named after Igor Sikorsky", 2018. [12] O. Korchenko, M. Alexander, R. Odarchenko, A. Nadzhi, O. Petrenko, Analysis of threats 95 and mechanisms for information security in sensor networks, Information protection 1 (2016) 48–56. [13] H. Packard, Hp study reveals 70 percent of internet of things devices vulnerable to attack, 2020. URL: https://www8.hp.com/us/en/hp-news/press-release.html?id=1744676. [14] J. Frahim, C. Pignataro, J. Apcar, M. Morrow, Securing the Internet of Things: A Pro- posed Framework, 2015. URL: http://web.archive.org/web/20210323170935/https://tools. cisco.com/security/center/resources/secure_iot_proposed_framework. [15] M. G. dos Santos, D. Ameyed, F. Petrillo, F. Jaafar, M. Cheriet, Internet of things architec- tures: A comparative study, 2020. URL: https://arxiv.org/pdf/2004.12936.pdf. 96