A Review on Cyber Crimes on the Internet of

Things

Mohan Krishna Kagita*, Navod Thilakarathne, Thippa Reddy Gadekallu,

Praveen Kumar Reddy Maddikunta, and Saurabh Singh
1School of Computing and Mathematics,Charles Sturt University, Melbourne,
Australia.
2 Department of ICT, University of Colombo,Sri Lanka.
3 School of Information Technology and Engineering, Vellore Institute of Technology,

India.
4 Department of Industrial and System Engineering, Dongguk university, Seoul,

South Korea.
[email protected],[email protected],
[email protected],[email protected],[email protected]

Abstract. Internet of Things (IoT) devices are rapidly becoming uni-

versal. The success of IoT can’t be ignored in today’s scenario; along with
its attacks and threats on IoT devices and facilities are also increasing
day by day. Cyber-attacks become a part of IoT and affecting the life
and society of users, so steps must be taken to defend cyber seriously.
Cybercrimes threaten the infrastructure of governments and businesses
globally and can damage the users in innumerable ways. With the global
cybercrime damages predicted to cost up to 6 trillion dollars annually
on the global economy by cyber-crime. Estimated of 328 Million Dollar
annual losses with the cyber-attacks in Australia itself. Various steps are
taken to slow down these attacks but unfortunately not able to achieve
success properly. Therefor secure IoT is the need of this time and under-
standing of attacks and threats in IoT structure should be studied. The
reasons for cyber-attacks can be 1. Countries having week cyber securi-
ties,2. Cybercriminals use new technologies to attack. 3. Cybercrime is
possible with services and other business schemes. MSP (Managed Ser-
vice Providers) face different difficulties in fighting with Cyber-crime.
They have to ensure that customer’s security as well as their security
in terms of their servers, devices, and systems. Hence, they must use
effective, fast, and easily usable antivirus and anti-malware tools.

Keywords: Cyber-crimes, cyber-attacks, IoT, Smart Devices, IoT Ap-

plications, Smart Cities, Smart Homes, Smart office.

*
2 A Review on Cyber Crimes on the Internet of Things

1 Introduction

IoT (Internet of things) is developing very rapidly and it offers various types
of services that made it the fastest-growing technology with a big influence on
society and business infrastructures. IoT has become an integral part of hu-
man’s modern life like in education, every type of business, healthcare, stores
the sensitive data about companies and individuals, information about financial
transactions, development of the product, and its marketing[37] [49]. In IoT,
Transmission from connected devices has generated huge demand to concen-
trate on security as millions and billions of users perform sensitive transactions
on the internet. Cyber threats and attacks are rising daily in both complexity

Fig. 1. A high level of System Model of IoT

and numbers. Potential attackers are increasing with the growth in networks and
also the tools or methods they are using are becoming more effective, efficient,
 A Review on Cyber Crimes on the Internet of Things 3

and sophisticated[15]. Hence, to get the full potential of IoT, it is needed to

be protected from threats and attacks. Smart devices or technologies like a hot
spot, internet other IoT has entered in every part of the life of human beings,
and security is compromised[20].
These smart technologies indeed have many advantages to offer but still,
it has many loopholes that result in the possibility of cyber-attacks that will
cause huge damage to life and property. In today’s scenario, it becomes essential
that technologies with proper security systems should be adopted in the whole
ecosystem to finish the possibilities of hacking or fraud. 98% of all the IoT
devices traffic is un-encrypted, exposing personal and confidential data on the
network[27]. The most used IoT device in the bossiness and every day in the
office space is IP-Phones which has 44% of enterprise IoT Devices but has only
5% of security issues when compared to other IoT devices. Most security issues
are faced by cameras that have 33% of risk but only 5% of usage in the business
world[21][22].

Fig. 2. Industrial usage of IoT devices

As per the reports of Australia cybersecurity center, there has been one
reported incident for every 10 minutes, which costs Australian economies $328
million annual losses. The Top five Cybercrime types targeting Australians are
Identity theft, online fraud, and shopping scams, Bulk extortion, Online romance
scams, Wire-fraud, and business email compromise[26]. The period of December
2019 to June 2020 Agari data finds 68% of the identity-deception based attacks
aimed at impersonating a trusted individual or a brand. As per the reports
from Kaspersky estimate of 105 Million attacks on IoT devices are coming from
276,000 unique IP addresses. Cybercriminals uses network to infect smart devices
to conduct DDos attacks as a proxy services. 51% of health care devices attacked
4 A Review on Cyber Crimes on the Internet of Things

involves imaging devices[53]. New techniques , such like peer-to-peer command

and worm-like features for self-propagation, are used to infect vulnerable IoT
devices on same network[50].

Fig. 3. Email Fraud and Identity Deception Trends by Agari

2 LITERATURE REVIEW

Yang Lu and Li Da Xu, (2019) explore that IoT (Internet of things) mod-
ernized the network globally including smart equipment, Humans, intelligent
objects, and information. IoT provides an opportunity to increase integrity, con-
fidentiality, accessibility, and availability. Internets of things are still on the de-
veloping stage and contain many issues that are necessary to be solved[1]. System
security is a base for expansion in IoT. In this study, cybersecurity is studied
thoroughly. The main focus is on the protection and integration of various smart
devices and technologies in information communication. This study helps other
researchers and experts who want to do researches in IoT in the future can get
useful information[39]. The study shows the research of cybersecurity on IoT,
taxonomy, and architecture of IoT cybersecurity, strategies, and other trends in
research and challenges.
Hilt, S.; Kropotov, V.; Merces, F.; Rosario, M. and Sancho, D.
(2017) deliberate that IoT is influencing every field of today’s society. The on-
going progress of IoT becomes the temptation for cybercriminals[2]. Various
 A Review on Cyber Crimes on the Internet of Things 5

studies are done on how criminals can attack IoT and what impact will it laid
on. In this research IoT cyber-crime underground is selected to collect ideas
about the current fears from different minds that consider them. 5 underground
groups are analyzed which are categorized based on the language used in discus-
sions among community i.e. English, Spanish, Portuguese, Russian and Spanish.
Many research and tutorials are gathered on the method of hacking, exploitation
of vulnerability but no symbol of any intensive determination from the crimi-
nal’s clusters to enormous damage of IoT Structures are found. Cybercriminals
are usually inspired by financial profit and until now there are few ways of mak-
ing money from the attack on IoT. New devices are invented by cybercriminals
with which they find new ways to infect and make a lot of money with these
infections.
Dr. Venckauskas, A.; Dr. Damasevicius, R.; Dr. Jusas, V.; Dr. Told-
inas, J.; Rudzika, D. and Dregvaite, G. (2015), found that IoT can be de-
scribed as a physical system of world wide web that unites all types of physical
things on the internet. The Internet of things is quite complex[3]. The big size,
scope, and vast physical distribution of IoT make it difficult to protect it from
threats and attacks of cybercrimes[38]. Limitations of the Internet of Things like
low power add a contribution to the problems by prohibited the usage of high se-
curity but techniques of resource greedy cryptography[23]. IoT provides a stage
for cyber-crimes. Hackers or attackers take benefit of a low level of understand-
ing among users of IoT technologies and safety measures to cheat them. New
methods for digital forensics in IoT should be increased as the number of threats
and attacks of existing and futuristic will increase day by day. New technologies
and new strategies are continuously developing that create new challenges for
digital forensics. IoT has a large amount of information. Huge scope, a large
number of data, diverse nature of the Internet of things, methods in which infor-
mation is shared, combines and handled need the inventions of new strategies by
the digital forensic examinations. It is found that traditional forensic methods
used in investigating cyber-crimes that are not effective at all, as new tools and
devices are developed by cybercriminals to defraud the user on IoT[32].
Abomhara, M. and Koien, G. M. (2015) found that in the field of IoT
security, still lots of work to be done by merchants and end-users. It is necessary
to find out the imitations of IoT security as the internet on things is growing
so fast. Threats and attacks of IoT infrastructure should be thoroughly stud-
ied along with the consequences of these threats and attacks against IoT[4]. It
is advised that effective security devices for controlling access, authentication,
manage identity, flexible faith management structure should be taken care of at
the starting of the development of the product. This research is useful for the
researchers who study the field of security by helping in finding the mains prob-
lems insecurity of IoT and provide a clear understanding of threats and attacks
and the factors instigating from various organizations or intelligence agencies.
This research helps in better clarity on various threats and their factors inventing
from various burglars such as intelligence and organizations[28]. The procedure
of finding threats and vulnerabilities is important to make healthy and com-
6 A Review on Cyber Crimes on the Internet of Things

pletely secured IoT and make sure that the security solution is secure enough to
protect from malicious attacks.
J. Iqbal and B. M. Beigh,( 2017), explore that as the use of the inter-
net is increasing in the world, cyber-crime is also increasing at the same pace,
particularly in India[5]. IoT covers vast areas all over the world in the same
way Cyber-crime is not bound to a specific geographical area. So, these crimes
can’t be controlled by local laws. Cyber laws in the context of India are still
in the early developing stage. India has done many bilateral agreements related
to Cyber-crime such as the agreement with Russia, a basic agreement with the
US, and a framework cyber agreement with Israel to modernize it cyber space.
But scope of these bilateral agreements is limited, ineffective and insufficient
to deal cyber-crime. This research found that India should make multilateral
treaty that blends its laws on common criminal policy and deal to reduce cyber-
crimes at global level with international co- operation. This treaty will help in
framing active regulations and strong analytical methods, which result in increas-
ing internationally co-operation to control cyber-crime[45]. Budapest convention
council of Europe on cybercrime is one of the multilateral international treaties
that deal with international co-operation for fighting cyber-crimes globally. India
should also join this Budapest Convention as US and Israel also whom India has
bilateral agreement are already part of this cyber- crime convention.
Sarmah, A.; Sarmah, R. and Baruah, A. J. (2017) found that with the
development of new technologies are increasing; it also led to increase in crimes
related to IoT[6]. Cyber-crime is actually a threat to people, so it is necessary
to take steps to protect IoT from cyber-crimes for welfare of society, cultural
and countries security aspect. Indian government has passed an IT act, 2000 to
control cybercrimes issues. Cyber-crime is not bounded to any particular geo-
graphical area. It passes national boundaries on internet and creates legal and
technical difficulties in investigation and accusing the crimes. Hence it is neces-
sary that proper action should be taken to control cyber- crimes internationally.
Proper cooperation and coordination among various countries are necessary to
fight against cybercrimes. The main objective of this study is to create aware-
ness among common people about Cyber-crime. It is important that users who
become the victim of cyber-crime should come forward and report s file against
cyber criminals so that strict actions can be taken against them and an example
can be set for future cyber criminals.
MS. Anisha(2017) argue that main reasons of cyber-crime is technology
and dangerous infrastructure of Internet of Things (IoT). As the ratio of users
on IoT is increasing, it leads to increase risks of different types of cyber-crimes.
Crimes are unpredictable due to development of new technologies. Crimes based
on technologies are increasing day by day and it is necessary that these are solved
on the priority basis[7]. Cyber-crimes are not limited to computers only, elec-
tronic devices such as telecommunication tools, financial transaction machines
etc. IoT is diversified in nature that makes it difficult to find out the problems
of cyber security that results in unawareness on issues of security. It is suggested
that free advertisements and workshops can be organized to generate awareness
 A Review on Cyber Crimes on the Internet of Things 7

among users with the help of NGO’S and government. Cybercrimes issues and
threats should be acknowledged from the grassroots level i.e. institutes, schools,
colleges, computer centers etc. Indian government has taken many effective steps
to control cybercrimes like Information technology act, 2000 has been passed.
But a fixed cyber law is not effective in cyber-crime context as IoT has a vast
and diversified nature and new type of crimes keeps on inventing. So, it is nec-
essary that cyber law keep close eyes on cybercrime and updated its law and
regulations accordingly.
Husamuddin, M.; Qayyum, M. (2017), explore that Internet of things
are developing as an important technology. Information’s transferred with RFID
tags or sensors include sensitive data which should be secure from unauthorized
access. There is no security in between 2 nodes of Internet of things commu-
nication and security of IoT should not be negotiated[8]. To get more secure
communication it is necessary that IoT should have services like end to end
environments, real time access control, protection of critical infrastructure and
encryption. It is difficult to think or stay ahead of the cyber-criminal. It can be
expected in future that smart equipment’s will include privacy security which
will help users to perform more tasks conveniently by using IOT. With improved
privacy, information protected methods and ethical practices, IoT will gain the
trust and faith of users in this connected world.
Marion, N. E. (2010) argues that the Council of Europe’s (CoE) Agreement
on Cybercrime is studied as representative mechanisms. This research shows
that the Agreement includes the features of figurative policy like comforting the
users that proper action taken to control cyber-crime, educate the users about
cyber-crime, and act as a warning for those who commit cybercrimes. It leads to
the serious consequences in IoT[9]. Crimes related to computers are not bound
to any particular nation while it is an international matter. Countries should
co-operate and make synchronized laws to have control on cybercrimes. The
Coe treaty is such an important step towards cybercrime control globally. As
Cybercrimes scope is very wide hence it is difficult to have proper control on
it. In development of this treaty, representatives from different countries discuss
and argue on the acts committed on internet and define the actions that can be
taken to fight against cyber- crimes[33]. A reliable international method is used
to control cybercrimes that include co-operation in law execution agencies and
investigating offence. The finding shows that the effectiveness of CEO Treaty is
questionable as resolutions made in this treaty are actually figurative like issues
related to privacy, powers of investigators and it’s kind of difficult to enforce co-
operation among countries. There are many loopholes in this treaty that result in
criminals to continue commit crimes. To have more effective and efficient treaty
it is required that more and more countries sign this treaty and make national
laws and keep on updating the laws as per new types of crimes.
Moitra, S. D (2005), explore in this research that there are various con-
cerns that are very important for the development of policies related to cy-
ber crimes[10]. Various concerns or issues are categorized in 5 questions that
are 1.Criminals, 2.Crimes, 3.Occurrence of cyber-crime, 4.Effect on victims and
8 A Review on Cyber Crimes on the Internet of Things

5.Response of society. It is also discussed in this research that why each con-
cern is important in making policies. Europe Council enrolled its Agreement on
Cybercrime in 2001, and various initiatives are launched by European Union
to control cybercrime. Standardization and co-ordination that is necessary for
common classification of cyber-crime is also discuss in this study. Hacker behav-
ior, victim response, legal activity and criminal justice policies are some of the
features that are to be studied thoroughly before making rules and regulations
in cyber law. It is necessary to study cyber-crime further as new problems may
occur in future and new types of cyber-crimes may appear, although policies
still exist in various countries like in US, Agreement on Cybercrime (EU), Infor-
mation technology act 2000 but up gradation is needed on timely basis. Finding
shows that reliable information is to be collected and evaluated before develop-
ing new policies. Suggestions given in this research can help those countries as
well which are still on development stage of making policies. This research has
some limitations like it is limited to only some salient features and lots of other
factors are still left.

Oriwoh, E.; Sant, P. and Epiphaniou, G. (2013) introduce some guide-

line principles for vendors, consumers, governments and law makers who use or
work on IoT (Internet of Things)[11]. Usually new technologies and new appli-
cations of prevailing technologies show future prospects and appropriate uses
where it can be used. Security concern importance in development of any tech-
nologies in IoT at early stage is acknowledged by various researchers. Laws are
already in existence and new laws also provide guidance to the users of IoT and
ensure that there should be no fraud or breach in usage of technologies; if it is
detected then proper action should be taken to scold the offender[47]. Hence it is
important that appropriate principles for guidance should be done to introduce
the laws to the interesting users.

Maung, T. M.; Thwin, M. M. S. (2017), found that new challenges in

forensic of cyber-crimes develop with new and latest operating systems[12]. On
one side these new versions of Windows make the things easy for users and on
the other possibilities of new crimes arise. Cyber-crime forensics investigations
are not new arena and, but it is necessary that it keep updated its methods
to catch cyber criminals. Computer forensics experts make cyber-crime investi-
gations based on Quality, effectiveness, legal obligations and flexible. Objective
of investigation must be customized, expertise, systematic and comprehensive
enough that the process of investigation complete in less time and relevant in-
formation can be gathered and investigated accordingly[44]. Digital evidence in
cyber-crime means the digital data that shows crime has committed and there
is a relation between victim and crime or criminal and crime. IT Security is very
difficult in this digital world as these exposed to various threats and malware’s
like viruses, spies, worms and Trojans affect IoT almost on daily basis[40]. This
re- search shows various solutions that can be used systematically to get sound
evidence forensically. These solutions help and support in collecting evident in-
formation in various forensic areas like cloud, static, and social network[25]. The
 A Review on Cyber Crimes on the Internet of Things 9

main objective of this study is to find an appropriate solution for the country
Myanmar.

3 TYPES OF CYBER ATTACKS ON IoT DEVICES

3.1 Physical Attacks:
Physical attack s can happen when an IoT device is accessed physically. This
kind of attack can be performed by the same company employee who has access
to the IoT device.

3.2 Encryption Attacks:

Encryption attack can be done when the IoT device is un-encrypted, attacker
can sniff the data with the help of an intruder. Encryption attacks strike at the
heart of your algorithmic system. Hackers analyze and deduce your encryption
keys, to figure out how you create those algorithms. Once the encryption keys
are unlocked, cyber-assailants can install their own algorithms and take control
of your system.

3.3 DoS (Denial of Service) Attack:

This kind of attack may not steal the data from services like websites[24]. Attack-
ers target service with a large number of botnets sending thousands of requests
to the service and making them crash, which makes services unavailable.

3.4 Firmware Hijacking :

Firmware kind of attacks can be done when an IoT device is not updated up
today. Attackers can hijack the device and download malicious software. Com-
puters contain a lot of firmware, all of which is potentially vulnerable to hacking.

3.5 Botnet Attack:

A Botnet attack is which can be done when an IoT device is turned into remotely
controlled bots, which can be used as a part of the botnet. Botnets can connect
to the network and transfer the private and sensitive data. Two types of Botnet
attacks a) The Mirai botnet b) The PBot malware

3.6 Man-in-the-Middle Attack:

A man-in-the-middle attack can be done when a hacker breather the communica-
tion between two systems. By spying on communication between two parties[17].
There are 7 types of Man-in-the-middle attack a) IP spoofing b) DNS spoofing
c) HTTPS spoofing d) SSL hijacking e) Email hijacking f) Wi-Fi eavesdropping
g) Stealing browser cookies
10 A Review on Cyber Crimes on the Internet of Things

3.7 Ransomware Attack:

Ransomware is a type of attacks when a hacker encrypts the data and lock down
the access. Then the hacker sells the decryption for his price. This kind of attack
will disrupt daily business[51]. Types of Ransomware attack a) Scareware b)
Screen lockers c) Encrypting ransomware.

3.8 Eavesdropping Attack:

Eavesdropping is a kind of attack when a hacker intercepts network traffic to
get access to sensitive and private data via a weekend connection between an
IoT device and a server[35]. Eavesdropping attack can prevent by using personal
firewall, keeping antivirus software updated, and using a virtual private network.

3.9 Privilege Escalation Attack:

In this particular kind of attack the hacker looks for an IoT device bugs to gain
access. In this attack, the use their newly gained privileges to deploy malware.
hacker exploits a bug, design flow, or configuration error in an application or
operating system to gain elevated access to the resources that should normally
be unavailable to the third person.

3.10 Brute Force Password Attack:

In the attack, the hacker uses password hashing or password cracker software’s to
hit the server with the possible tries. Until the hacker gets the correct credentials.
Hacker uses trail-and error method to guess Login credentials, encryption keys,
or finding hidden web pages. Types of Brute force attacks: a) Simple brute force
attacks. b) Dictionary attacks c) Hybrid brute force attacks d) Reverse brute
force attacks e) Credential stuffing

4 SMART HOME AND IT’S SUBSYSTEMS

Smart homes are equipped with advanced automated internet connected devices
which makes your life much easier like Multimedia kits, Automatic door and
window operators, smart home appliances etc., but on the side of the coin, If
one of the device of your smart home is vulnerable and unencrypted your data
will be on Network like Google dorks, Shodan which the hackers first place to
search[13]. The smart home appliances are mostly with three important enti-
ties: Physical Components, communication system and intelligent information
processing. Which makes the most sophisticated smart home devices.
Adopting IoT Technology into our house will raise more security concerns and
challengers, because the IoT based smart home devices are highly vulnerable to
attack as compared to other devices[36]. If the Smart home device is attacked and
compromised the potential to invade the user’s privacy and steal the personal
information and can be monitored as well[14].
 A Review on Cyber Crimes on the Internet of Things 11

Fig. 4. Smart Home and Subsystems

5 CHALLENGES FOR THE CURRENT

APPROACHES

5.1 Testing Drawbacks:

Due to insufficient testing and updating of current IoT devices i.e., Approx. 30
billion devices present connected to the internet, which makes the IoT devices
vulnerable to cyber-attacks. Some IoT manufacturers offers firmware updates
but unfortunately due to lack of automatic updates according to the zeroth day
hacks, These Devices exposed to internet and prone by the hackers[43].

5.2 Default Passwords:

According to some the government reports that advised to the manufactures

against selling the IoT devices with default credentials (admin / password)[46].
Weak passwords and default passwords of IoT devices are Identified as the most
vulnerable devices with password hacking and brute-forcing.

5.3 IoT Ransomware:

The ransomware depends on encryption to lock out completely different users

with different devices and platforms[34]. The ransomware could potentially pro-
tect the device from attack but eventually hacker can seal some personal data
with the malware.
12 A Review on Cyber Crimes on the Internet of Things

5.4 IoT AI and Automation:

The amount of data gathered by the sensors and IoT Is becoming enormous
day by day. AI tools and Automation are already been used in shifting massive
information form network to network. However, using this AI tools for make
autonomous decisions can affect Millions of functions across infrastructure such
as like healthcare, transport etc., [29] [48].

5.5 Botnet Attacks:

When a hacker creates a collection of malware infected botnet and sends thou-
sands of requests per second and brings down the target is called as botnet
attack[16]. A single IoT device infected with malicious code or malware sone
not possess any real threat[19]. When the hacker uses DDoS attacks using thou-
sands of IP cameras, home routers, Smart devices were infected and directed
with bringing down the DSN provider platforms like Netflix, GitHub etc., [42].

6 RECOMMENDATIONS FOR CYBER HYGIENE OF

IoT DEVICES

Installing updated firmware as soon as possible, where the manufacture released

all the patches for the vulnerability’s found in previous version of the device[52].
By updating the firmware one can be protected from the attacks by bugs from
older versions of the software. It is recommended to change the pre-installed
password or manufacture default passwords which makes your device default
password attacks. Always reboot the device when you thin the device acting
strange or when noticed suspicious activity[18]. It might help in getting rid of
existing malware. keeping access to IoT device restricted by a local VPN can be
protects from attacks.

7 CONCLUSION

IoT becomes the most important for every human being in this connected world.
IoT (internet of things) make the world so small. Every human being is connected
with each other by using internet. Lots of transactions are done over IoT and
chances of crimes have increases. Crimes in cyber space are not bound to a par-
ticular location or country, its scope is very wide[30]. Risks related to Cyber-
attacks can’t be ignored so while adopting IoT on regular basis it is important
to take adequate measures. Simple steps that can be done by users to get safe
can be by installing software protection firewall, anti-viruses, anti- malware etc.
Awareness should be spread regarding the types of cyber-crimes in IoT and how
it can be avoided. Various international treaties are executed to control cyber-
crimes. Current Multilateral and local legal devices and national laws include
different concept and content, and their coverage of criminalizing, investigation
 A Review on Cyber Crimes on the Internet of Things 13

powers and methods, digital evidence, risk and regulations, and control and co-
operation internationally[36]. These treaties are different in different geographic
scope like multilateral or regional and its applicability. These differences cause
obstacles in identification, examination and taking action against cyber- crimi-
nals and taking preventive measures in cyber-crime. So, it is concluded that a
common, cooperative, and flexible international treaties should be formed be-
tween the countries so that the same laws are followed everywhere on IoT and
there is no confusion. Strict punishments should be imposed on cyber criminals
so that potential criminals left the idea to do any crime. It should ensure that
laws formed must be followed properly and restrictions if any applied on internet
access and content should not be neglected[31]. These laws should be according
to the law and rights of humans[41]. Challenge is generated due to the scope
and effect of cyber laws in different countries like the content on the internet
is acceptable in one country while the same content is illegal in other countries
than it is difficult to make common global laws.

References

1. Yang Lu and Li Da Xu, (2019) Internet of Things (IoT) Cybersecurity Research: A

Review of Current Research Topics, IEEE Internet of Things Journal ,Volume: 6 ,
Issue: 2 , pp- 2103 – 2115.
2. Hilt, S.; Kropotov, V.; Merces, F.; Rosario, M. and Sancho, D. (2017) The Internet
of Things in the Cybercrime underground, Trend Micro Research,pp-1-46
3. Dr. Venckauskas, A.; Dr. Damasevicius,R.; Dr. Jusas, V.; Dr. Toldinas, J.; Rudzika,
D.and Dregvaite, G. (2015), A Review Of Cyber-Crime In Internet Of Things: Tech-
nologies, Investigation Methods And Digital Forensics, International Journal Of En-
gineering Sciences Research Technology, Venckauskas, 4(10):Pp-460-477
4. Abomhara, M. and Koien, G. M. (2015) Cyber Security and the Internet of Things:
Vulnerabilities, Threats, Intruders and Attacks, Journal of Cyber Security, Vol. 4,
65–88.
5. J. Iqbal and B. M. Beigh,( 2017),Cybercrime in India: Trends and Chal- lenges,
International Journal of Innovations Advancement in Computer Science, Volume 6,
Issue 12,pp-187-196.
6. Sarmah, A.; Sarmah, R. and Baruah, A. J. (2017),A brief study on Cyber Crime
and Cyber Law’s of India, International Research Journal of Engineering and Tech-
nology, Volume: 04 Issue: 06, pp-1633- 1641
7. MS. Anisha (2017)Awareness And Strategy To Prevent Cybercrimes: An Indian
Perspective, Indian Journal Of Applied Research, Volume - 7 — Issue – 4, Pp-114-
116.
8. Husamuddin, M.; Qayyum, M. (2017), Internet of Things :A Study on Security
and Privacy Threats, : The 2nd International Conference on Anti-Cyber Crimes
(ICACC) organized by IEEE.
9. Marion, N. E. (2010) The Council of Europe’s Cyber Crime Treaty: An exercise in
Symbolic Legislation. International Journal of Cyber Criminology, Vol. 4 Issue 12,
pp-699–712.
10. Moitra, S. (2005). Developing Policies for Cyber crime, European Journal of Crime,
Criminal Law and Criminal Justice, 13(3), 435-464.
14 A Review on Cyber Crimes on the Internet of Things

11. Oriwoh, E.; Sant, P. and Epiphaniou, G. (2013) Guidelines for Internet of Things
deployment approaches – The Thing Commandments, The 4th International Con-
ference on Emerging Ubiquitous Systems and Pervasive Networks, pp-122- 131
12. Maung, T. M.; Thwin, M. M. S. (2017), Proposed Effective Solution for Cybercrime
Investigation in Myanmar, The International Journal Of Engineering And Science,
Volume – 6, Issue-1, PP 01-07
13. Anthi, E., Williams, L., S�lowi nska, M., Theodorakopoulos, G., Bur- nap, P. (2019).
A Supervised Intrusion Detection System for Smart Home IoT devices. IEEE Inter-
net of Things Journal.
14. P. Radanliev, D. C. De Roure, J. R. C. Nurse, P. Burnap, E. Anthi, U. Ani, L.
Maddox, O. Santos, and R. M. Montalvo, “Cyber risk from IoT technologies in the
supply chain – discussion on supply chains decision support system for the digital
economy,” Oxford, 2019.
15. K. Carruthers, “Internet of Things and Beyond: Cyber-Physical Systems- IEEE
Internet of Things,” IEEE Internet of Things, Newsletter, 2014, 2016.
16. Lipman Paul, “New Reaper IoT Botnet Leaves 378 Million IoT Devices Potentially
Vulnerable to Hacking,” 2017.
17. K. Savage, “IoT Devices Are Hacking Your Data amp; Stealing Your Privacy -
Infographic,” 2017.
18. J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of things (IoT): A
vision, architectural elements, and future directions,” Future Generation Computer
Systems, vol. 29, no. 7, pp. 1645–1660, 2013.
19. Schiefer, M. (2015, May). Smart Home Definition and Security Threats. In IT Secu-
rity incident Management IT Forensics (IMF), 2015 Ninth International Conference
on (pp. 114-118). IEEE.
20. Tong, J., Sun, W., Wang, L. (2013, May). An information flow security model for
home area network of smart grid. In Cyber Technology in Automation, Control and
Intelligent Systems (CYBER), 2013 IEEE 3rd Annual International Conference on
(pp. 456-461). IEEE.
21. Padyab, A. M., Paivarinta, T., Harnesk, D. (2014, January). Genre- Based Assess-
ment of Information and Knowledge Security Risks. In System Sciences (HICSS),
2014 47th Hawaii International Conference on (pp. 3442-3451). IEEE.
22. McCune, J. M., Perrig, A., Reiter, M. K. (2005, May). Seeing-is- believing: Using
camera phones for human-verifiable authentication. In Security and privacy, 2005
IEEE symposium on (pp. 110-124). IEEE.
23. Madakam, S., Ramaswamy, R., Tripathi, S. (2015). Internet of Things (IoT): A
Literature Review. Journal of Computer and Communications, 3(05), 164.
24. A. D. Wood and J. A. Stankovic, “Denial of Service in Sensor Networks”, IEEE
Computer, vol. 35, no. 10, pp. 54–62, 2002.
25. D. G. Holmberg, “BACnet Wide Area Network Security Threat Assessment”, Tech-
nical report, National Institute of Standards and Technology, 2003.
26. Ch, R., Gadekallu, T. R., Abidi, M. H., Al-Ahmari, A. (2020). Computational
System to Classify Cyber Crime Offenses Using Machine Learning. Sustainability,
12(10), 4087.
27. Maddikunta, P. K. R., Srivastava, G., Gadekallu, T. R., Deepa, N., Boopathy, P.
(2020). Predictive model for battery life in IoT networks. IET Intelligent Transport
Systems.
28. RM, S. P., Maddikunta, P. K. R., Parimala, M., Koppu, S., Reddy, T., Chowdhary,
C. L., Alazab, M. (2020). An effective feature engineering for DNN using hybrid
PCA-GWO for intrusion detection in IoMT architecture. Computer Communica-
tions.
 A Review on Cyber Crimes on the Internet of Things 15

29. Deepa, N., Prabadevi, B., Maddikunta, P. K., Gadekallu, T. R., Baker, T., Khan,
M. A., Tariq, U. (2020). An AI based intelligent system for healthcare analysis using
Ridge Adaline Stochastic Gradient Descent Classifier. Journal of Supercomputing.
30. Maddikunta, P. K. R., Gadekallu, T. R., Kaluri, R., Srivastava, G., Parizi, R. M.,
Khan, M. S. (2020). Green communication in IoT networks using a hybrid
optimization algorithm. Computer Communications.
31. RM, S. P., Bhattacharya, S., Maddikunta, P. K. R., Somayaji, S. R. K., Laksh-
manna, K., Kaluri, R., ... Gadekallu, T. R. (2020). Load balancing of energy cloud
using wind driven and firefly algorithms in internet of everything. Journal of Parallel
and Distributed Computing.
32. Iwendi, C., Jalil, Z., Javed, A. R., Reddy, T., Kaluri, R., Srivastava, G., Jo, O.
(2020). KeySplitWatermark: Zero Watermarking Algorithm for Software Protection
Against Cyber-Attacks. IEEE Access, 8, 72650-72660.
33. Numan, M., Subhan, F., Khan, W. Z., Hakak, S., Haider, S., Reddy, G. T., ...
Alazab, M. (2020). A systematic review on clone node detection in static wireless
sensor networks. IEEE Access, 8, 65450-65461.
34. Patel, H., Singh Rajput, D., Thippa Reddy, G., Iwendi, C., Kashif Bashir, A., Jo,
O. (2020). A review on classification of imbalanced data for wireless sensor networks.
International Journal of Distributed Sensor Networks, 16(4), 1550147720916404.
35. Reddy, T., RM, S. P., Parimala, M., Chowdhary, C. L., Hakak, S., Khan, W. Z.
(2020). A deep neural networks based model for uninterrupted marine environment
monitoring. Computer Communications.
36. Iwendi, C., Maddikunta, P. K. R., Gadekallu, T. R., Lakshmanna, K., Bashir, A. K.,
Piran, M. J. (2020). A metaheuristic optimization approach for energy efficiency in
the IoT networks. Software: Practice and Experience.
37. Bhattacharya, S., Kaluri, R., Singh, S., Alazab, M., Tariq, U. (2020). A Novel PCA-
Firefly based XGBoost classification model for Intrusion Detection in Net- works
using GPU. Electronics, 9(2), 219.
38. Azab, A., Layton, R., Alazab, M., Oliver, J. (2014, November). Mining malware to
detect variants. In 2014 Fifth Cybercrime and Trustworthy Computing Conference
(pp. 44-53). IEEE.
39. Alazab, M., Layton, R., Broadhurst, R., Bouhours, B. (2013, November). Malicious
spam emails developments and authorship attribution. In 2013 Fourth Cybercrime
and Trustworthy Computing Workshop (pp. 58-68). IEEE.
40. Alazab, M., Venkatraman, S., Watters, P., Alazab, M. (2013). Information se-
curity governance: the art of detecting hidden malware. In IT security governance
innovations: theory and research (pp. 293-315). IGI Global.
41. Farivar, F., Haghighi, M. S., Jolfaei, A., Alazab, M. (2019). Artificial Intelligence
for Detection, Estimation, and Compensation of Malicious Attacks in Nonlinear
Cyber-Physical Systems and Industrial IoT. IEEE transactions on industrial infor-
matics, 16(4), 2716-2725.
42. Azab, A., Alazab, M., Aiash, M. (2016, August). Machine learning based botnet
identification traffic. In 2016 IEEE Trustcom/BigDataSE/ISPA (pp. 1788-1794).
IEEE.
43. Alazab, M., Huda, S., Abawajy, J., Islam, R., Yearwood, J., Venkatraman, S.,
Broadhurst, R. (2014). A hybrid wrapper-filter approach for malware detection.
Journal of networks, 9(11), 2878-2891.
44. Garg, S., Singh, A., Batra, S., Kumar, N., Yang, L. T. (2018). UAV-empowered
edge computing environment for cyber-threat detection in smart vehicles. IEEE
Network, 32(3), 42-51.
16 A Review on Cyber Crimes on the Internet of Things

45. Bali, R. S., Kumar, N. (2016). Secure clustering for efficient data dissemination in
vehicular cyber–physical systems. Future Generation Computer Systems, 56, 476-
492.
46. Chaudhary, R., Kumar, N., Zeadally, S. (2017). Network service chaining in fog and
cloud computing for the 5G environment: Data management and security challenges.
IEEE Communications Magazine, 55(11), 114-122.
47. Singh, A., Maheshwari, M., Kumar, N. (2011, April). Security and trust manage-
ment in MANET. In International Conference on Advances in Information Technol-
ogy and Mobile Communication (pp. 384-387). Springer, Berlin, Heidelberg.
48. Vora, J., Italiya, P., Tanwar, S., Tyagi, S., Kumar, N., Obaidat, M. S., Hsiao, K.
F. (2018, July). Ensuring privacy and security in E-health records. In 2018 Interna-
tional conference on computer, information and telecommunication systems (CITS)
(pp. 1-5). IEEE.
49. Hathaliya, J. J., Tanwar, S., Tyagi, S., Kumar, N. (2019). Securing electronics
healthcare records in healthcare 4.0: a biometric-based approach. Computers Elec-
trical Engineering, 76, 398-410.
50. Krishnasamy, L., Dhanaraj, R. K., Ganesh Gopal, D., Reddy Gadekallu, T.,
Aboudaif, M. K., Abouel Nasr, E. (2020). A Heuristic Angular Clustering Frame-
work for Secured Statistical Data Aggregation in Sensor Networks. Sensors, 20(17),
4937.
51. Mohan Vijay (2018). AN UPDATED NEW SECURITY ARCHITECTURE FOR
IOT NETWORK BASED ON SOFTWARE-DEFINED NETWORKING (SDN).
IRJCS:: International Research Journal of Computer Science, Volume V, 77-81.
52. Krishna Kagita, M. (2019). Security and Privacy Issues for Business Intelligence in
a loT. In Proceedings of 12th International Conference on Global Security, Safety
and Sustainability, ICGS3 2019 [8688023]
53. Krishna Kagita, M. and M. Varalakshmi, 2020. A detailed study of security and
privacy of Internet of Things (IoT). International Journal of Computer Science and
Network, 9 (3): 109–113.
54. Navod Neranjan Thilakarathne, Mohan Krishna Kagita, Dr. Thippa Reddy
Gadekallu. (2020). The Role of the Internet of Things in Health Care: A Systematic
and Comprehensive Study. International Journal of Engineering and Management
Research, 10(4), 145-159.