Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology.

中文翻译：

---

物联网安全：漏洞、攻击与对策

无线传感器网络 (WSN) 是最有前途的第三个千年技术之一，在我们周围的环境中具有广泛的应用。在各种应用中广泛采用 WSN 背后的原因是它们具有非常吸引人的特性，例如低生产成本、低安装成本、无人值守的网络运行、自主和长时间运行。通过在传感器节点中引入互联网接入能力和在联网设备中引入传感能力，WSN 已经开始与物联网 (IoT) 融合。因此，物联网提供了对 WSN 收集的大量数据的访问权限。因此，物联网的安全性应该首先保护 WSN，而不是其他组件。然而，由于没有物理防线，即 没有专用的基础设施（如网关）来观察和观察网络中的流动信息，WSN 和物联网的安全性是科学界的一个大问题。更具体地说，对于 CIA（机密性、完整性、可用性）至关重要的应用领域，WSN 和新兴的物联网技术可能构成攻击者的开放途径。此外，最近 WSN 与物联网的集成和协作将在安全方面带来新的挑战和问题。因此，对于使用这些系统的个人以及管理这些网络的安全管理员来说，这将是一场噩梦。因此，本文详细介绍了针对 WSN 和 IoT 的安全攻击，以及预防、检测和缓解这些攻击的技术。在本文中，攻击主要分为两部分，针对 WSN 和 IoT 的大多数或所有类型的攻击都在该保护伞下进行了调查：“被动攻击”和“主动攻击”。了解这些攻击及其相关的防御机制将有助于为物联网技术的扩散和公众接受铺平道路。