Enhancing End-to-End Communication Security in IoT Devices Through Application Layer Protocol

• Published in: Information and Software Technologies Vol. 1665; pp. 148 - 159
• Main Authors: Zahid, Rimsha, Anwar, Muhammad Waseem, Azam, Farooque, Amjad, Anam, Mukhtar, Danish
• Format: Book Chapter Conference Proceeding
• Language: English
• Published: Switzerland Springer International Publishing AG 2022; Springer International Publishing
• Series: Communications in Computer and Information Science
• Subjects: Accident prevention; AES; Application layer protocol; Application layer protocols; Application programming interfaces (API); Communications security; Control and management; Cryptography; Data privacy; Denial-of-service attack; Encryption in internet of thing; Encryption in IoT; End-to-End communication; Hardware components; Internet of Things; Internet protocols; Network security; Remote control; Security; Security issues; Security systems; Software elements
• ISBN: 9783031163012; 303116301X
• ISSN: 1865-0929; 1865-0937
• DOI: 10.1007/978-3-031-16302-9_11

The Internet of Things (IoT) has combined the hardware components with software elements by providing users with remote control and management facilities. From safety-critical systems to security devices and industrial appliances, every appliance makes use of IoTs. Whereas security issues such as SQL injections, Denial of Service/Distributed Denial of Service (DOS/DDOS) attacks, the forged transmission of messages, or man in the middle (MITM) are major security threats among smart devices. Any purging of data causes privacy issues while the subsequent assessments made using modified information are also erroneous. This security hole needs comprehensive non-cryptographic data-security techniques and frameworks which would help developers in creating secure systems on heterogeneous devices. Algorithms like blowfish and Data Encryption Standard (DES) do not have the uniquity which AES does, making them more vulnerable to attack this research paper focuses on the communication security issues in IoT systems. We have proposed an End-to-End Encryption using AES in IoT (EAES-IoT). Validation of the proposed algorithm has been done in a case study of the Smart Voice Pathology Monitoring System (SVPMS) by sending the encoded data to the application layer through Application Programming Interface (API). We compared results to ensure the authenticity of the data and they were found promising. Data access is provided only to authorized individuals by providing a shared key for decryption of the alphanumeric string of data shared between devices. The proposed algorithm will provide future directions to meet security challenges in the IoT.