Internet of Things (IoT) is the interconnection of heterogeneous smart devices through the Internet with diverse application areas. The huge number of smart devices and the complexity of networks has made it impossible to secure the data and communication between devices. Various conventional security controls are insufficient to prevent numerous attacks against these information-rich devices. Along with enhancing existing approaches, a peripheral defence, Intrusion Detection System (IDS), proved efficient in most scenarios. However, conventional IDS approaches are unsuitable to mitigate continuously emerging zero-day attacks. Intelligent mechanisms that can detect unfamiliar intrusions seems a prospective solution. This article explores popular attacks against IoT architecture and its relevant defence mechanisms to identify an appropriate protective measure for different networking practices and attack categories. Besides, a security framework for IoT architecture is provided with a list of security enhancement techniques.

中文翻译：

---

物联网设备抵御网络攻击的安全框架

物联网 (IoT) 是异构智能设备通过互联网与不同应用领域的互联。大量的智能设备和网络的复杂性使得设备之间的数据和通信的安全变得不可能。各种传统的安全控制不足以防止针对这些信息丰富的设备的大量攻击。除了增强现有方法外，外围防御入侵检测系统 (IDS) 在大多数情况下都被证明是有效的。然而，传统的 IDS 方法不适合缓解不断出现的零日攻击。可以检测陌生入侵的智能机制似乎是一个有前景的解决方案。本文探讨了针对物联网架构的流行攻击及其相关防御机制，以确定针对不同网络实践和攻击类别的适当保护措施。此外，物联网架构的安全框架提供了一系列安全增强技术。