INTERNET OF THINGS SECURITY: AN EVALUATIVE STUDY ON VULNERABILITIES AND MITIGATION STRATEGIES
DOI:
https://doi.org/10.63330/aurumpub.019-004Keywords:
Internet of Things, Cybersecurity, Protocols, Vulnerabilities, MitigationAbstract
This study presents an evaluative approach to identifying vulnerabilities and mitigation strategies in Internet of Things (IoT) environments, considering the rapid expansion of connected devices and the lack of standardized security protocols. The methodology is exploratory, based on a systematic literature review from 2020 to 2025 and analysis of technical reports, applying criteria such as impact, frequency, and mitigation cost. The findings reveal that 75% of the vulnerabilities are linked to insufficient encryption and weak authentication in widely adopted protocols like MQTT and CoAP. Critical sectors such as healthcare and smart cities are disproportionately affected, with direct consequences for data privacy and service continuity. The study concludes that hybrid security strategies—integrating advanced encryption, intelligent intrusion detection, and security-by-design principles—are essential to enhance resilience in IoT systems. Future research should focus on embedded artificial intelligence models for real-time threat detection and the development of regulatory frameworks tailored to the specific challenges of connected devices.
Downloads
References
BELFANTE NETO, J. Estratégias de mitigação de riscos em redes IoT. Revista de Engenharia e Tecnologia Aplicada, v. 9, n. 2, p. 88–101, 2024.
BRASIL. Lei nº 13.709, de 14 de agosto de 2018. Lei Geral de Proteção de Dados Pessoais (LGPD). Diário Oficial da União, Brasília, 2018.
BRASIL. Ministério da Ciência, Tecnologia, Inovações e Comunicações. Plano Nacional de Internet das Coisas. Brasília: MCTIC, 2019.
CÂNDIDO, R. Blockchain aplicado à segurança em redes IoT. Revista de Computação Aplicada, v. 12, n. 1, p. 33–47, 2024.
GUBBI, J. et al. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, v. 29, n. 7, p. 1645–1660, 2013.
IETF. OSCORE and EDHOC Specifications. Internet Engineering Task Force, 2021.
ISO. ISO/IEC 27001: Information Security Management. International Organization for Standardization, 2013.
LAAROUSSI, A.; NOVO, O. Security analysis of CoAP protocol in constrained IoT environments. Journal of Network and Computer Applications, v. 174, p. 102887, 2021.
LIM, S. et al. AI-driven security for IoT systems: A systematic review. Journal of Cybersecurity, v. 9, n. 1, p. 1–18, 2023.
NIST. NISTIR 8259A: IoT Device Cybersecurity Capability Core Baseline. National Institute of Standards and Technology, 2020.
REZENDE, T. S. Inteligência Artificial na detecção de intrusões em IoT. Revista Brasileira de Informática na Educação, v. 30, n. 2, p. 112–129, 2025.
ROCHA, M. A. Vulnerabilidades em dispositivos IoT: uma análise crítica. Revista Brasileira de Segurança da Informação, v. 13, n. 1, p. 45–62, 2024.
SEOANE, J. A. et al. Comparative analysis of MQTT and CoAP protocols for IoT applications. Sensors, v. 21, n. 3, p. 1–18, 2021.
ZANELLA, A. et al. Internet of Things for Smart Cities. IEEE Internet of Things Journal, v. 1, n. 1, p. 22–32, 2014.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
