Abstract

The Internet of Things (IoT) is a huge, global, distributed network of interlinked heterogeneous devices armed with embedded sensors, actuators and processors enabling them to connect to the internet, exchange data, communicate and interact seamlessly with one another in real time. It enjoys wide range of applications where it holds important data, hence becoming exposed to varying degrees of security and privacy threats which require careful architectural design to address. Consequently, we present in this paper a multi-layer security aware IoT architecture that aims to secure the entire system by providing security at all layers to ensure secure data collection, transfer, analysis, storage and usage. That is necessary because each layer of the IoT has vulnerabilities and a successful attack on any layer can have far-reaching impact on the whole system. We then proposed a novel security algorithm to protect the IoT system against Denial of Service (DoS) attacks at the application layer, the weakest link in IoT. The algorithm logs record of user activities and actions at given times of the day which it employs to regulate access and prevent DoS attacks. Finally, we evaluated our proposed approach against IoT security and privacy requirements, and it demonstrated better level of security.