Abstract
In the early 2000s, the Internet meant being able to connect different communication devices, whereas the focus in the last few years has been on connecting ‘things’ to the Internet. Although there is no distinct classification for these devices and things on the Internet, the Internet of Things (IoT) ecosystem primarily consists of a complex network of devices, sensors, and things. These ‘things’ are controlled by humans and utilize the existing cloud infrastructure. These devices provide facilities and benefits to make our lives comfortable. IoT domains include smart homes, healthcare, manufacturing, smart wearables, smart cities, smart grids, industrial IoT, connected vehicles, and smart retail. Different IoT models involve human-to-IoT, IoTto-IoT, and IoT-to-traditional system architectures. In most scenarios, the architecture ends up connecting to the unsecured Internet. This has thrown open several critical issues leading to cybersecurity attacks on IoT devices. IoT communications, protocols, or architecture have never been conceptualized to handle the new age of cybersecurity attacks. IoT devices have limited computing, storage, networks, and memory. In this research, the authors present a unique IoT attack framework named IAF, focusing on the impact of IoT attacks on IoT applications and service levels. The authors also propose an all-inclusive attack taxonomy classifying various attacks on IoT ecosystems.