A Network-Aware Internet-Wide Scan for Security Maximization of IPv6-Enabled WLAN IoT Devices

Research output: Contribution to journalArticlepeer-review

21 Citations (Scopus)


Despite unprecedented advancements, wireless local area network (WLAN) technologies for the Internet of Things (IoT), such as IEEE 802.11ah (i.e., WiFi-HaLow), are prone to serious security threats, owing to their constrained computational and memory resources, which limit the use of heavyweight intrusion protection and security protocols. To address this problem, security administrators (sec-admins) must perform regular and comprehensive vulnerability assessments of IoT devices. An Internet-wide port scan (IWPS) is the initial step. However, the medium access control mechanism of IEEE 802.11ah, designed specifically for heterogeneous IoT traffic and low-power operations, can degrade network performance in the case of traditional port-scan traffic. Moreover, Internet-security (IPSec) protocol support is mandatory for IPv6-enabled IoT devices to ensure data confidentiality, integrity, and availability. Although the objective of a port scan is to improve IoT security, the resultant network performance can adversely affect IPSec services. Therefore, in this study, we optimize the IWPS to maximize the IoT security over IEEE 802.11ah WLAN. To this end, we propose novel mathematical models to evaluate IoT security based on port-scan network performance and IPsec services, which derives an optimal scan rate for sec-admins. The effectiveness of the proposed framework is verified by comprehensive numerical analysis, which shows that our approach minimizes the risk to IoT devices while probing them at an optimal scan rate.

Original languageEnglish
Article number9298846
Pages (from-to)8411-8422
Number of pages12
JournalIEEE Internet of Things Journal
Issue number10
Publication statusPublished - 2021 May 15


  • IEEE 80211ah networks
  • Internet of Things (IoT)
  • IoT security
  • IoT vulnerability assessment
  • port scan


Dive into the research topics of 'A Network-Aware Internet-Wide Scan for Security Maximization of IPv6-Enabled WLAN IoT Devices'. Together they form a unique fingerprint.

Cite this