[Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

Securing IoT Devices: A Literature Survey with

Experimental Insights into Threat Detection and
Mitigation
Edi Marian TIMOFTE, Mihai DIMIAN, Adrian GRAUR, Alin Dan POTORAC,
Doru Gabriel BALAN, Daniel HRIȚCAN, Marcel PUȘCAȘU
Stefan cel Mare University of Suceava, 720229, Romania
edi.timofte@usm.ro

Abstract—This paper presents a comprehensive review of landscape, more and more sophisticated techniques of attack
techniques developed to secure Internet of Things (IoT) continue to accept. This trend requires continuing
infrastructures, motivated by the exponential growth of innovation among cyber security experts to remain informed
connected devices and their associated vulnerabilities. In
and proactive. The prevalence of attacks based on
addition to reviewing recent advances in the field, the paper
provides experimental validation of selected methods through ransomware, phishing and malware underlines the urgent
controlled simulations and real-world test scenarios. The need for customizable and intelligent defensive strategies
analysis covers encryption protocols, authentication capable of effectively facing such threats. The Internet
mechanisms, and artificial intelligence-based intrusion Security solution requires a holistic approach that exceeds
detection, emphasizing the effectiveness of layered defence the technical solution to include users' education and
strategies that include anomaly detection and real-time
responsible implementation procedures. For the construction
incident response. The study highlights both the technical
limitations of current IoT devices and the potential of adaptive of a safe and sustainable and sustainable IoT ecosystem,
security models when properly implemented. It also highlights collaborative framework-developers, service providers,
the importance of combining technical assurance with politicians and end users are necessary. Security must be
standardized risk management policies to increase system considered not only as a technological imperative, but also
resilience. By integrating theoretical knowledge with practical as a collective responsibility that supports the company's
experiments, the article contributes to the development of more
digital transformation.
robust and adaptive IoT security frameworks.
This paper is organized as follows: Section II presents a
Index Terms—security, intrusion detection, authentication, detailed review of recent studies, standards, and frameworks
encryption, data privacy. related to IoT security. Section III presents a set of
penetration testing techniques and controlled attack
I. INTRODUCTION simulations to evaluate vulnerabilities in IoT systems.
The integration of Internet of Things (IoT) in urban and Section IV focuses on incident detection and mitigation
industrial environments has fundamentally transformed how strategies, providing practical insights into system response.
we live and interact with our surroundings. IoT optimizes Section V outlines advanced protection technologies and
processes—from household thermostats to smart city implementation mechanisms, including open source code
sensors and industrial systems. At the same time, the and cloud solutions. Finally, Section VI concludes the study
accelerated deployment of such systems has expanded the by summarizing key findings, discussing existing
surface of cyber attack, thus undertaking new vulnerability limitations, and outlining future directions for securing IoT
into the interconnected IoT infrastructures. infrastructure.
Penetration between cyber security and IoT is not only a
technical problem, but also a socio -economic challenge. II. LITERATURE OVERVIEW
IoT violations can lead to exposure to sensitive data, The study in [1] examines security vulnerabilities in IoT-
disruption of basic services and significant erosion of public enabled smart homes—such as weak passwords, poor
trust in digital technology. As a result, securing the IoT encryption, and limited user awareness—and proposes a
device is the basic requirement to ensure the operating hierarchical management system tailored to layered IoT
reliability and integrity of the intelligent environment. The architectures. It highlights the need for revised, domain-
main challenge in IoT ecosystems is the natural complexity specific standards to address emerging threats.
of their safety architecture, which often prevents the A review of 80 ISO/IEC, 32 ETSI, and 37 other security
deployment of effective protective mechanisms. Many IoT standards, including seven NIST publications, reveals
devices are designed with cost efficiency and easy use, often significant gaps in addressing IoT-specific needs, especially
at the expense of security architecture. In addition, a in smart homes and smart cities. While adaptable, most
significant number of devices are working on obsolete traditional frameworks lack direct applicability to IoT
firmware or hardware that lacks the ability of early updates systems.
or patches, making them persistent exploitation goals. A Scalable IoT security data collection requires high-
single compromised node may jeopardize the stability of the performance technologies for capturing, transmitting, and
entire IoT network. In this rapidly developing terrible storing large volumes of data, enhanced by intelligent

Digital Object Identifier 10.4316/AECE.2025.02008

69
1582-7445 © 2025 AECE
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

processing algorithms. An extensible data modelling applications [6], [11].

approach supports effective monitoring and responsive A zero-trust security model has been proposed to counter
action across diverse IoT scenarios [2]. Advanced Persistent Threats (APTs) in LANs with IoT
The application of DD-WRT firmware to enhance the devices, using micro-segmentation and Next-Generation
security of SOHO routers is examined in [3], examines the Firewalls (NGFWs) to ensure context-aware access control
use of DD-WRT firmware to enhance SOHO router and prevent data exfiltration [12]. In parallel, the low
security, using the TP-Link Archer C7 as an example. It computational power and heterogeneous nature of IoT
focuses on advanced configurations with VPN and firewall systems require lightweight, adaptive security mechanisms
features to mitigate vulnerabilities and improve overall tailored to constrained environments. These solutions must
security. The study concludes that DD-WRT is a scalable operate efficiently across diverse platforms, supporting
solution for small and medium networks. secure communication without overloading device
Tests conducted with Kali Linux have shown that IoT resources. Designing scalable frameworks that combine
security cameras are highly vulnerable to remote context awareness with minimal overhead remains a key
exploitation—particularly to denial-of-service (DoS) and priority in modern IoT security [13].
Man-in-the-middle (MitM) attacks—due to the absence of Cryptographic data protection methods for IoT in
built-in security mechanisms Error! Reference source not healthcare are increasingly complemented by architectures
found.. To address such vulnerabilities, especially in next- such as 5G and SDN, which support network-wide security
generation networks, recent research explores physical-layer through specialized modules at multiple protocol layers
security using millimeter-wave (mmWave) communications [13-14].
and proposes machine learning-based anomaly detection via Some works advocate the integration of artificial
deep autoencoding, offering a scalable and efficient solution intelligence to avoid unauthorized access and manipulation
for resource-constrained IoT devices [5]. of data, while others emphasize the importance of resistance
Recent studies have explored the security challenges of through strong encryption and robust authentication
IoT systems operating with limited or obsolete hardware, mechanisms. In addition, the application of machine
emphasizing persistent malware risks and the lack of learning algorithms is explored not only for early forecasts
software-level safeguards. A secure execution framework of security threats, but also for their detection and
has been proposed for such environments, based on verified neutralization in real time in real time [15-17].
bytecode running in isolated software layers [6]. In parallel, A detailed analysis of IoT security and the dynamics of
the rapid adoption of IoT technologies in e-commerce and DDoS attacks on cyber-physical systems reveals that recent
retail has exposed these sectors to heightened risks such as advances in IoT devices have exacerbated existing
ransomware, data leakage, and unauthorized access, vulnerabilities. A comprehensive research framework is
underscoring the need for robust architectures and proposed to address these risks, emphasizing the urgency of
standardized security protocols to mitigate vulnerabilities in proactive defence strategies. The growing threat of botnet-
data-sensitive environments [7]. driven attacks - exemplified by incidents involving the Mirai
The studies in [8] and [9] highlight the need for robust malware - underscores the critical need to strengthen data
and privacy-aware authentication mechanisms in IoT collection infrastructure and improve protection mechanisms
environments, particularly within smart homes and personal across interconnected systems [18-19].
networks. These works propose solutions that preserve data
confidentiality while maintaining system functionality, III. PENETRATION TESTING AND ATTACK SIMULATION IN
emphasizing the importance of integrating security IOT ECOSYSTEMS
principles from the early stages of device development to Unlike the previously mentioned studies, in this paper the
ensure a balanced trade-off between privacy and usability. authors proposed several methods and techniques of
Security vulnerabilities in the healthcare sector highlight penetration testing for IoT, to help protect systems against
the need to adopt blockchain technology as an innovative future attacks. Providing a detailed description for each of
solution to protect confidential information and sensitive these methods will allow for the identification and correction
personal data. Given the rapidly increasing volume of of vulnerabilities, so that they are not exploited by malicious
medical records and transactions, blockchain offers a secure actors. This section will explore both the simplest and the
and immutable framework for managing and safeguarding most sophisticated attacks, which will enable us to better
such data. Solutions leveraging this technology are widely protect ourselves and respond effectively to emerging
acknowledged as effective approaches to strengthening technologies that are rapidly transforming the world.
privacy by enhancing the security of intelligent health Through controlled simulations and practical tests, this
information [10]. section will exemplify the importance of the preventive
At the same time, investigating the security challenges in aspect in the technological protection that surrounds us.
IoT systems provides proposed solutions at all levels of the Thus, implementing preventive security measures in IoT
IoT architecture, analysing the cybersecurity vulnerabilities networks can enhance resilience against the main categories
that arise due to the processing and storage capabilities of cyberattacks targeting these infrastructures. According to
inherent in IoT devices and, more specifically, the the diagram illustrated in Fig. 1, the existing vulnerabilities
significance of the authentication type as it is the essential in an IoT network are identified through the application of
security attribute. The paper provides an in-depth analysis of three test scenarios.
current security challenges and proposes applicable
solutions aimed at enhancing IoT security in various IoT

70
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

tampered values. This simulation helps assess system

robustness, detailed logging behaviour, and potential
automated security countermeasures triggered by abnormal
input.

Figure 1. Steps for securing IoT networks

Addressing the vulnerabilities identified through this

process enables the creation of an initial line of defence
against specific attacks targeting IoT networks.
A. Controlled Attack Scenarios on IoT Devices
The diagram in Fig. 2 shows a simulated cyberattack
performed in a controlled laboratory environment, focusing
on the integrity of the IoT sensor data. The IoT client sends
the authentic sensor value to the centralized IoT server. For
example, the client may send a valid temperature value of 22 Figure 3. False data injection code
°C. During the transmission, the attacker uses a Man-in-the-
To launch an attack on the data integrity of IoT devices,
middle technique to capture and modify the original data
we adopted a "false data injection" type of attack in a
and injects the forged values prior to delivery to the server.
controlled environment. In this situation, the attacker inserts
Specifically, the attacker manipulates sensor data-for
false or altered data into the sensor data collected, to deceive
example, changing the temperature from 22 °C to 45 °C-and
the decision-making processes or to disrupt normal
sends forged packets to the IoT server. The purpose of this
operations. The attack should make use of the tactics of
controlled simulation is to evaluate whether the existing
man- in-the-middle which allow interception and changing
security mechanisms in the IoT infrastructure can detect
of communication between IoT devices and the core
forged data, identify unauthorized sources, and take
infrastructure. To determine the effectiveness of the existing
appropriate defensive or corrective action in a timely
security measures, we will verify if the system detects the
manner. The resulting analysis provides fundamental
anomalies in sensor data, if can locate the unauthorized
insights into protocol-level defence optimization, anomaly
sources of the data and the system reacts quickly enough to
detection systems, and the overall resilience of the IoT
limit the impact of the attack. By doing this simulation, we
infrastructure against cyber-integrity violations.
can reap the benefit of assessing and enhancing security
protocols from observing how the system behaves in the
face of the deliberate manipulations of data, so that we may
have a foundation for further fortifying security mechanisms
against such type of vulnerabilities.
The script starts out by allowing the import of the socket
module that handles the networking communications. The
function send_fake_data is defined to handle the connection
to the server, sending the real data and then false ones. A
server connection is made using the IP address and port
number as well, along with this message is sent while the
data is being coded as bytes. The initial messaging of
normal temperature is executed through the system,
Figure 2. Sequence diagram representing a controlled Man-in-the-middle followed by another one with a counterfeited temperature. It
scenario targeting IoT sensor data
is imagined that this temperature could cause a wrong
To perform attacks like this associated with IoT networks, reaction in the carried-out server system. In the mentioned
we decided to create a more advanced Python script which piece of code, an aggressor could pick up the data on the
uses the socket library to send fake data to a server. This way to the server.
example will show a Man-in-the-middle type of attack B. System Response Testing
where the attacker impersonates the data before sending it to To understand how effectively our IoT infrastructure can
the server, which is illustrated in Fig. 3. withstand and mitigate such threats, we simulated a
The crafted data mimics typical sensor payloads, allowing controlled DDoS scenario using a Python-based script. The
for the evaluation of how a server processes unexpected or primary aim of this simulation is to intentionally generate

71
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

substantial network traffic toward the IoT server, thereby the robustness of real-time services under distributed attack
testing the server’s resilience and the effectiveness of its conditions.
traffic management mechanisms under stress conditions. This script uses socket and threading to perform a DDoS
Fig. 4 illustrates step-by-step how multiple simultaneous attack. The function flood server keeps on trying to connect
requests from the attacker can overload the server, providing to the server and sending a message that disrupts its
a clear visualization of the attack flow. functioning using multiple threads. Using threading, the
script initializes several threads to execute that run
simultaneously, each of which attempts to flood a server
with requests, resulting in the server slowing down or even
stopping the service being attacked. The number of threads
can be tuned to increase the attack's intensity, which would
simulate different levels of aggression.
C. Scenarios of Attack on Confidentiality
By simulating an attack on data protection in IoT systems,
we designed a script to create fake data breaches. This kind
of simulation is used to measure the effectiveness of security
measures that are meant to protect personal data against
non- authorized leaks. Through some techniques such as
Figure 4. Controlled DDoS attack scenario – Contextual overview
"sniffing" or data in transit interception, this simulation also
can point out the weaknesses in data encryption or in
To illustrate a Denial of Service (DDoS) attack in IoT communication session management. Also, we can assess
systems, a Python script was developed to simulate the abilities of the system to identify and respond to security
distributed flooding using the socket library. The attack incidents, which in turn provide insight into the data
targets systems with critical services, such as physical protection associated (related to) risks and protocol
access control and remote monitoring, by sending high- improvement demand. As a result, researchers will gain a
frequency fake requests to overload the server. Clients are better understanding of data protection risks and the
repeatedly connected through looping socket calls to create necessity of security protocol improvement. In this way we
sustained load, allowing evaluation of system behaviour can effectively determine the improvement solutions to the
under stress. This method tests service continuity and helps privacy protection strategies to prevent human error or
determine whether failover mechanisms activate as malicious disclosure of sensitive information, as is
intended. The scenario exposes potential vulnerabilities and illustrated in Fig. 6.
underscores the importance of implementing effective
DDoS mitigation strategies, as depicted in Fig. 5.

Figure 5. System response testing

This simulation not only evaluates system tolerance under

stress conditions, but also facilitates the identification of
latency spikes, packet loss behaviour, and potential service
degradation. By applying this method in a controlled Figure 6. Python code for simulating authentication attack
environment, it is possible to benchmark the resilience of
IoT-based infrastructures and assess the readiness of The script uses an API for authentication and accessing
implemented mitigation strategies. The insights gained are sensitive data through a GET HTTP request using a JWT
essential for refining incident response plans and improving token for authentication. After retrieving the data, the script

72
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

calculates the SHA-256 hash to verify their integrity, activities, thus encouraging a prompt counter-measure
comparing it to a hash received in the response header. This process to assure risk mitigation.
simulation demonstrates how an attacker with stolen
B. Impact Mitigation
credentials can get and validate data, highlighting the
importance of strong authentication and data integrity Mitigating the impact of security incidents in IoT
verifications to protect the privacy and integrity of sensitive networks is important to minimize losses and quickly restore
information. This reinforces the importance of secure token normal functionality. It involves processes containing
handling and continuous integrity verification in real-time specific actions capable of responding over time. Response
IoT applications. processes should include quickly identifying the sources of
an attack, isolating affected devices or network segments to
IV. EVALUATING INCIDENT RESPONSES mitigate the spread of damage, and applying security
patches or updates aimed at correcting exploited
In this section, we analyse the efficiency aspect of IoT
vulnerabilities.
systems to respond to security incidents, one of the
Additionally, these measures should be reinforced by
fundamental requirements for maintaining integrity and
structured incident response frameworks that incorporate
operational continuity. To evaluate these responses there is a
real-time monitoring and alerting systems. Such frameworks
need to establish exact criteria and put in place testing
enable timely decisions based on abnormal network
methodologies, which, in turn, will not only check the
behaviour, intrusion patterns, and device-level indicators.
detection capabilities but also establish the effectiveness of
Fig. 8 illustrates a typical containment and recovery scenario
the response mechanisms. Such a detailed process of
in a segmented IoT network, where automated policies
evaluation provides support for systems of crisis
isolate affected nodes and initiate service restoration
management, helping to reduce the impact of people's
procedures. These mechanisms are essential in distributed
safety, and at the same time to restore the normal
IoT environments, where delayed responses can result in
functioning in the shortest possible time.
cascading failures, data breaches, or prolonged service
A. Incident Detection disruption. Beyond minimizing operational downtime, they
To build an IoT network incident detection system, also support forensic analysis and long-term resilience
Python powered by the Scapy library was used. The network planning. Detailed event logging and structured mitigation
traffic monitoring technique was used to accomplish the task workflows enhance organizational preparedness and
in communication identifying the abnormal behaviours by improve threat prediction over time.
its traffic. This traffic analytics method uses the means of To demonstrate this, a Python script is proposed that
network analysis to figure out, collect, and perceive the simulates attack detection, device isolation, and remediation
nature (in detail) of every packet that passes through the actions, as illustrated in Fig. 8. The detect_attack function
network. This component is crucial for promptly detecting monitors log files for suspicious activity, triggering the
patterns in malware and virus behaviour that are outside of isolate_device routine, which blocks the source via iptables.
ordinary traffic, thereby alerting security loopholes or on- Finally, the apply_patch function represents the system's
going attacks, as shown in Fig. 7. automated response following the deployment of a security
fix.

Figure 7. Incident detection script

This script is built on Scapy which is a powerful library

for network packet manipulation and uses it to perform real-
time network traffic monitoring. For each intercepted
package meeting the specified filter criteria (TCP packets in
this case), the packet callback function is called. The script
checks if the packets are intended for '192.168.1.1' and if so,
it fires an alert for suspicious activity. This could include
numerous signals such as abnormally large traffic being sent
toward a specific node in the network, indicating a possible
DDoS attack or intrusion attempts. This detection
mechanism can quickly and accurately expose unauthorized Figure 8. Testing for incidents in the IoT network

73
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

C. IoT Network Security practical way of finding out and reporting the condition of a
device in an IoT network zoning.
Developing a Python script to access the IoT device
Within the IoT area, there are also situations where DD-
management web page to check security is extremely useful
WRT can be used, such as real-time traffic monitoring and
because it gives developers and system administrators the
anomaly detection which can signal hacking attempts or
ability to centrally and repeatedly evaluate security
compromised devices. Properly configuring DD-WRT to
measures in a controlled manner. Is the use of this script
prioritize traffic from critical devices while restricting
only to quickly and accurately detect and identify potential
access for less secure devices can effectively prevent
risks, or is it also to verify the effectiveness of current
approximately 80 % of common attacks targeting IoT
security responses and thus make it easier to continuously
networks [3].
adjust and improve protection strategies? In this way,
organizations can enforce strict adherence to security
V. PROTECTIVE MEASURE AND TECHNOLOGIES USED
standards and reduce cyber-attacks as little as possible,
which would increase the integrity and trust of systems that Security measures in Internet of Things (IoT)
would be attacked by IoT. environments typically focus on encrypting data collected
To mimic the security check-up mechanism of an IoT by sensor networks deployed in the field. When data is
device through a web interface, a GET request is sent to a accessed over public networks, data security issues may
specific administration page. This implies that the IoT arise as some data may be insufficiently encrypted and
device has what we call a web management page where the vulnerable to unauthorized access [20].
validity of security can be checked. For this, we will use the One of the solutions to fix these vulnerabilities is to use a
requests library to send the request and Beautiful Soup from Raspberry Pi device to create a VPN gateway, connecting
bs4 to parse the HTML response and extract some specific home networks with ISP networks, and enhancing security
information, as presented in Fig. 9. and scalability for household systems [21]. For this purpose,
several technologies will be used, which will be presented
below.
A. OPNsense
OPNsense interfaces are crucial for optimizing network
performance, enhancing security, and ensuring reliable
connectivity. The interface allows users to assign physical
ports, create virtual interfaces, and adjust settings for
effective traffic management. It also supports IPv4/IPv6
configurations and diagnostic tools to troubleshoot network
issues, helping users maximize OPNsense's capabilities and
build resilient networks [22].
OPNsense offers a range of features to enhance network
security and management such as: stateful firewall, traffic
shaping, VPN options, Intrusion Prevention System (IPS) or
SSL fingerprinting.
A stateful firewall is used to monitor network
connections, including TCP and UDP traffic, and organize
firewall rules by category, improving control and
organization for complex networks.
Traffic shaping is managed using pipes, queues, and
rules: pipes define bandwidth limitations, queues are
Figure 9. IoT security code
responsible for prioritizing traffic, and rules apply shaping
This method allows for automated inspection of the to specific flows, all functioning independently of firewall
device’s configuration parameters, enabling the detection of settings. The system also offers extensive VPN options,
potentially vulnerable settings exposed through the web including support for SSL VPNs, IPsec, and legacy
interface. protocols such as L2TP and PPTP. It accommodates both
Scratch initiates an HTTP GET request to the IoT device's Site-to-Site and road warrior configurations, and the
specific address, browsing a security status-administered inclusion of an OpenVPN client exporter facilitates rapid
page. By handling the HTML content, received by the client setup.
Beautiful Soup, the script will then proceed to search for an IPS functionality is provided via Suricata, enhanced by
element with a specific ID (security-status) to extract it and Netmap for high-performance deep packet inspection, which
display the security state. This example simply assumes that enables real-time mitigation of security threats.
the IoT device knows how to do this, that is, if the security Additionally, SSL fingerprinting capabilities allow the
status of the IoT device is visible. So, one of the ways you system to block SSL communication by terminating the SSL
can see it is through these example admin pages. The script key exchange during the initial connection attempt [3].
controls both the error cases, whether it concerns the access Fig. 10 shows a list of installed plugins in OPNsense,
to the web page or problems on the network. This way of accessible through the “System/Firmware/Plugins” tab in
handling the IoT security status-state is a simple and the left menu. OPNsense supports various plugins,

74
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

enhancing its functionality with features like intrusion B. ZeroTier

detection and prevention systems. The last plugin in the list, ZeroTier is a cutting-edge software-defined networking
ZeroTier (version 1.12.2), is central to the proposed solution (SDN) platform that enables flexible network connectivity.
and is regularly updated to address and optimize potential It allows users to create virtual networks like VPNs,
issues. connecting devices seamlessly, regardless of their physical
location. Acting as a virtual Ethernet switch, ZeroTier
unifies connections into a cohesive local network. It is
commonly used for secure, private, and easily configurable
networking in applications like remote work, IoT
management, and accessing resources within private
networks [23].
ZeroTier offers advanced capabilities such as network
virtualization that transforms global connectivity into a
Figure 10. OPNsense installed plugins
unified data center experience, peer-to-peer networking for
These plugins, including ZeroTier, are lightweight low-latency direct device communication, and 256-bit end-
software modules that extend core functionality and can be to-end encryption to ensure secure data transmission. It also
individually managed through the integrated package supports multi-cloud mesh infrastructure and Layer 2
system. Ethernet emulation, enabling traditional LAN features like
Fig. 11 displays the OPNsense authentication page, multipath, multicast, and bridging across globally
accessible from the "VPN" tab in the main menu. To begin, distributed devices [24].
the plugin must be enabled. Once enabled, a connection can The primary interface of ZeroTier, depicted in Fig. 14,
be established between the firewall and the ZeroTier private displays the networks established by users. In this instance,
network using the Network ID created in control panel. a single private network was created, and four nodes were
authorized within it.

Figure 11. ZeroTier authentication panel

Figure 14. ZeroTier dashboard with created networks

Fig. 12 illustrates the process of assigning an interface. As shown in Fig. 15, each node within the created
The ZeroTier plugin must be linked to an interface on network must be authorized by the account administrator.
OPNsense, and a gateway is automatically created along When a device with the ZeroTier client installed and
with the interface, providing access within the firewall. activated is enrolled, it appears in the node list. Each node is
assigned a unique address, which users can rename as
desired. Additionally, the node receives a local IP address
from predefined IP classes, which can be randomly assigned
during network creation or manually changed. The node also
retains the public IP address of the device where the client is
installed, displayed in the physical IP section.

Figure 12. OPNsense interface assignment to ZeroTier plugin

Fig. 13 shows the configuration for the interface

associated with the ZeroTier plugin. In this configuration, it
is mandatory to set the IPv4 that was associated with
OPNsense in the control panel of ZeroTier. This IP address
could be randomly associated with or chosen by the users.
Figure 15. ZeroTier list of authorized nodes

C. Raspberry Pi
ARM-based devices like the Raspberry Pi are ideal due to
their low power consumption, software compatibility with
ZeroTier, and ability to function as a wireless access point
within a private ZeroTier network. For remote deployments,
Figure 13. Setting up the interface IP address for the ZeroTier network such a setup could be paired with a GSM modem for

75
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

internet connectivity and a compact solar-battery system to and an autonomous database. Specifically, Oracle Cloud
ensure sustainable power. Infrastructure is used for Virtual Private Servers (VPS) with
Fig. 16 illustrates the wireless access point software a public IP that enables internet access and port forwarding.
installed on the Raspberry Pi, acting as a gateway that Additionally, Oracle stands out with its unique offering of a
efficiently provides access to the ZeroTier private network. completely free tier, providing two instances at no cost [26-
28].
Fig. 18 displays Oracle Cloud's dashboard for managing
cloud computing instances, where users can create, modify,
or terminate virtual servers. The instance was configured
with a minimal Ubuntu Server 22.04 image, chosen for its
broad compatibility and lightweight performance.

Figure 16. Raspberry Pi Wireless access point configuration

A Raspberry Pi serves as both a Wi-Fi access point and a

gateway to the ZeroTier private network. IoT sensors, which
often lack advanced connectivity options and rely on
wireless links due to hardware constraints, transmit data to
the gateway. Once connected, data travels through
ZeroTier’s encrypted tunnel to a firewall, which forwards it
securely to the IoT platform. End-to-end encryption ensures
protection from the field gateways to the firewall guarding
the IoT platform’s server.
The overall architecture and secure data flow between the Figure 18. VPS instances dashboard
IoT sensors, the Raspberry Pi gateway, the ZeroTier E. Docker and Portainer
encrypted tunnel, and the IoT platform is illustrated in Fig. Docker is a containerization platform that has contributed
17. This representation clarifies the role of each component to software development by enabling lightweight, efficient
and highlights the end-to-end encryption path within the execution environments. Launched in 2013, Docker
proposed solution. popularized containers—isolated processes that share the
host OS kernel, unlike resource-heavy virtual machines
(VMs), which require full OS copies. This design ensures
faster startup times, portability, and reduced overhead
compared to VMs [29].
Portainer is a web-based management tool for Docker and
Kubernetes environments that provides easy-to-use GUI to
simplify container deployment. Available in a free
Community Edition (Portainer-CE) and a paid Business
Edition (Portainer-EE), it eliminates reliance on command-
line interfaces. The Portainer server, deployable as a Docker
container or within Kubernetes clusters, serves as a central
Figure 17. Solution mechanism overview
hub for creating, deploying, and monitoring containers
D. Oracle Cloud across local or cloud infrastructures [30].
Oracle Cloud is a subscription-based public cloud Through its centralized interface, Portainer not only
platform offered by Oracle, utilizing Oracle Cloud streamlines container lifecycle management, but also
Infrastructure (OCI) across global data centers to provide a improves visibility into system performance and resource
range of services including servers, storage, networking, allocation. Its lightweight deployment model makes it an
applications, and data management. It supports various ideal solution for edge devices or constrained environments
deployment models such as dedicated, multi-cloud, hybrid where operational efficiency is critical.
cloud, and on-premises environments. Users can leverage Fig. 19 depicts the Portainer dashboard listing all active
Oracle Cloud for developing, deploying, automating, and Docker containers. The first entry in the list is the Nginx
managing workloads and enterprise applications [25]. The Proxy Manager container, which hosts the Nginx Proxy
platform offers Infrastructure as a Service, Platform as a Manager image. While manual installation without Portainer
Service, Software as a Service, and Desktop as a Service, all is possible, it is recommended to use Docker for
accessible via the Internet, and supports both virtualized deployment. Portainer’s intuitive interface minimizes
multi-tenant and bare-metal computing through a single configuration errors, particularly benefiting users with
API. Key features include machine learning, load balancing, limited Docker expertise.

76
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

G. CloudFlare
Cloudflare is a user-focused service designed to enhance
online experiences by making them faster and more secure
worldwide. While commonly known as a content delivery
network (CDN) provider, its capabilities extend far beyond
that. Cloudflare operates as an ecosystem that strengthens
the internet by addressing its weaknesses. Through its
comprehensive web infrastructure services, it boosts website
performance and safeguards them from potential threats.
Continuously evolving, Cloudflare has expanded into areas
like edge computing and domain registration, helping
transform the internet into a more robust and accessible
framework [31].
Fig. 22 illustrates the need to create an A record for each
subdomain linked to a host deployed in Nginx Proxy
Manager. All DNS records should point to the public IP of
the Oracle Cloud VPS, which has been blurred for security
reasons. To add an extra layer of security through the
Figure 19. Running container inside Portainer Cloudflare network, the proxy option was enabled for each
subdomain.
F. Nginx Proxy Manager
Nginx Proxy Manager (NPM) is an open-source tool that
simplifies reverse proxy setup, SSL certificate management,
and traffic routing through a user-friendly web interface.
Integrating Let’s Encrypt for automated certificate issuance,
NPM is ideal for home networks or small businesses seeking
to securely expose web services without advanced technical
expertise. Its features, such as SSL termination and domain- Figure 22. Cloudflare DNS records dashboard
based routing, make it a practical solution for hosting and
managing applications [1]. Fig. 23 illustrates the concept behind the proposed
Fig. 20 shows the proxy host dashboard, where local solution. The diagram shows how client traffic passes
services (HTTP/HTTPS) are mapped to custom domains, through multiple hops until reaching the local server hosting
and SSL certificates are automatically issued to ensure IoT platforms like ThingsBoard and Node-Red. The traffic
encrypted connections. is encrypted at each step, starting with SSL encryption
between the client and the cloud instance running Nginx
Proxy Manager. From the cloud to the local server, traffic is
further encrypted using the WireGuard protocol, which
underpins the Tailscale private network [32].

Figure 20. Proxy hosts dashboard

Fig. 21 shows the dashboard where SSL certificates can

be assigned to services deployed on proxy hosts. These
certificates can be specified individually for each host, or a
Wildcard certificate can be used to simplify the process by
Figure 23. Solution general diagram
covering all hosts with a single certificate. A Wildcard
certificate was chosen for convenience, making the solution
After using Nmap to gather information about the server
easier for users.
for potential compromise, a distributed denial of service
(DDoS) attack was launched. The tools used for the attack,
GoldenEye and Xerxes, are powerful and capable of
generating high traffic to overwhelm a server. However,
despite attempting to simulate traffic from thousands of
users to bring the server down, the attack was unsuccessful.
Cloudflare's protection proved highly effective, as even
when the same attack was directed at the public IP of the
Oracle Cloud VPS, it had no impact due to the built-in
Figure 21. SSL certificates dashboard DDoS protection systems [25].

77
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

H. Tailscale prevention systems. The plugin used, which forms the basis
Originally designed for developers working across of the solution, is again Tailscale.
different networks, Tailscale is a powerful tool that ensures
security on public Wi-Fi, simplifies device connectivity, and
removes file access barriers between work and home.
Despite being open-source software often linked to complex
installations and limited documentation, Tailscale stands out
with its intuitive interface. Setting it up is straightforward:
sign up for an account, install the client on all your devices
(laptops, desktops, smartphones, and tablets), and once
logged in, Tailscale creates a private network linking all
your devices, regardless of their physical location [1]. Figure 25. Pfsense package manager panel

Tailscale simplifies secure networking by creating

encrypted mesh VPNs based on the WireGuard protocol.
Integrated as a plugin in pfSense, it enables seamless peer-
to-peer connectivity across distributed devices without
complex firewall rules or manual configuration. This greatly
improves remote access and facilitates secure
communications within segmented IoT or enterprise
networks.
Fig. 26 shows the Tailscale authentication interface,
Figure 24. Tailscale dashboard with active devices
accessible via the “VPN” tab in the main menu. The first
Fig. 24 displays all devices authenticated within field specifies the address of the Tailscale control panel,
Tailscale's private network. Tailscale functions as an while the second requires an access key, partially blurred for
encrypted tunnel, securely connecting the local server security. This key is generated from the user’s account on
behind a Carrier-grade NAT and the VPS instance in the the official platform and enables secure connection to the
cloud. In the dashboard, the local server is tagged as private network.
"Subnets" because it grants access to the local network,
making it reachable from remote locations, such as cloud
infrastructure.
I. PfSense
PfSense is widely used as both an external and internal
firewall and router in small to medium-sized enterprise
environments. Externally, it safeguards internal networks
from outside threats through integrated Intrusion Detection
and Prevention Systems (IDS/IPS). Internally, it provides
network segmentation and protects critical resources.
Figure 26. Tailscale authentication panel
pfSense is also valued for its VPN connectivity, traffic
shaping, and advanced routing capabilities, and is trusted by After successfully connecting pfSense to the Tailscale
enterprises, academic institutions, governments, and NGOs main network, a route must be added, as shown in the Fig.
worldwide [33-34]. 27. This route typically associates a subnet within the
This tool delivers a robust set of features, including firewall with an interface that provides internet connectivity
LAN/WAN routing for internal and external network to all connected devices. In IoT environments, this could be
connectivity, VPN support to secure private and public an isolated interface that helps prevent compromising the
communications, and a captive portal for managing guest entire network managed by the firewall.
Wi-Fi access with public IP-based NAT. It also serves as a
perimeter firewall for LAN, WAN, and DMZ networks, a
DHCP/DNS server for centralised IP configuration using
both IPv4 and IPV 6, and a multi-WAN rooter with load
balancing an automatic failover to optimise internet
performance. Additionally, pfSense supports advanced port
forwarding and NAT, enabling secure assignment of public
addresses to internal devices while controlling inbound
access to network services.
Fig. 25 displays the package manager, accessible through
the "System" tab in the main menu of PfSense. The
application supports the installation of various plugins to
enhance its functionality, such as intrusion detection and
Figure 27. Tailscale subnet exposure

78
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

This approach is good security practice to enhance solutions. Equally important is the continuing training of
network protection. Thus, by using the combined Tailscale professionals in the latest security practices. Cybersecurity
and pfSense facilities on a network, Nmap scans will not education must address all stakeholders, from developers to
detect any open ports. And without open ports, an attacker end users, to support a culture of security in the digital
cannot determine the public IP address to attack later. world. Ongoing education programs raise awareness and
strengthen preparedness against cyber-attacks and become a
VI. CONCLUSION key element in the security strategy of any IoT-dependent
This study consolidates and extends current research organization.
efforts, highlighting the critical importance of IoT security
in ensuring the integrity, availability, and confidentiality of CONFLICT OF INTEREST
interconnected systems. By analysing various threat The authors declare that the research was conducted in the
scenarios and proposing practical mitigation techniques - absence of any commercial or financial relationships that
including penetration testing, secure communication could be construed as a potential conflict of interest.
protocols, and anomaly detection mechanisms - the paper
contributes to the development of robust and adaptive PUBLISHER’S NOTE
security frameworks tailored for modern IoT infrastructures. All claims expressed in this article are solely those of the
The findings emphasize the need for proactive cyber authors and do not necessarily represent those of their
security strategies that expect risks rather than respond to affiliated organizations, or those of the publisher, the editor
incidents. This urgency results from a lack of standardized and the reviewers. Any statements, claims, performances
safety frames and natural limitations of many IoT devices. and results are not guaranteed or endorsed by the publisher.
Therefore, effective protection requires basic guarantees in
combination with dynamic detection and real -time response REFERENCES
mechanisms. Implementation of these measures must be [1] N. Ammanagi, S. Kulkarni, R. Giri, A. P. S, B. Khati, ”Empowering
supported by continuous system monitoring and intelligent conventional systems: Transforming electronics into smart devices
filter techniques. through single-board computers and cloud-based IoT integration,” in
The limitations of this research are primarily associated 2024 IEEE 9th International Conference for Convergence in
Technology (I2CT, Pune, India, 2024, pp. 1-6.
with the heterogeneity of IoT environments, which pose doi:10.1109/I2CT61223.2024.10543287
challenges in terms of implementing and standardizing [2] ”IEEE/UL Standard for clinical internet of things (IoT) data and
security measures. The lack of dedicated standards further device interoperability with TIPPSS–Trust, identity, privacy,
protection, safety, and security,” IEEE Std 2933-2024UL, vol. l, pp.
amplifies these challenges. Additional constraints may come 1-274, Sep. 2024. doi:10.1109/IEEESTD.2024.10697446
from limited financial resources and insufficient [3] E. M. Timofte, D. Balan, ”Improving network security using DD-
professional training, especially when addressing complex WRT as a solution for SOHO routers,” in 2023 22nd RoEduNet
Conference: Networking in Education and Research (RoEduNet,
security solutions that require high-performance computing Craiova, Romania, 2023, pp. 1-5.
capabilities for real-time traffic analysis and filtering. doi:10.1109/RoEduNet60162.2023.10274916
As technology evolves, the increasing number of IoT [4] A. Mektepbaeva, A. Medarov, A. Kulmuratova, ”Analysis of
penetration testing methods for specific IoT device: IP camera,” in
devices integrated into networks makes security 2024 IEEE 4th International Conference on Smart Information
management an ongoing challenge. Each new device added Systems and Technologies (SIST, Astana, Kazakhstan, 2024, pp. 76-
introduces a potential point of vulnerability, whether 82. doi:10.1109/SIST61555.2024.10629431
[5] R. Joshi, A. Sharma, ”Compact size and high gain microstrip patch
through poorly protected user interfaces or software antenna design for mmWave 5G wireless communication,” in 2024
integrations. In this context, the development of new International Conference on Integrated Circuits and Communication
security standards becomes a priority. Systems (ICICACS, Raichur, India, 2024, pp. 1-4.
doi:10.1109/ICICACS60521.2024.10498315
Modern standards should be flexible and robust, able to
[6] M. Adam, M. Hammoudeh, R. Alrawashdeh, B. Alsulaimy, ”A
adapt quickly to new threats and incorporate best practices Survey on security, privacy, trust, and architectural challenges in IoT
and new technologies. These standards should not only systems,” in IEEE Access, vol. 12, 2024, pp. 57128-57149.
address security at the device level, but also the doi:10.1109/ACCESS.2024.3382709
[7] M. Datta, R. Raman, ”AI and ML in retail: IoT sensors and
interoperability of communications between devices and augmented reality for competitive strategies using IoT and linear
within cloud networks. Moreover, improving existing regression,” in 2024 International Conference on Intelligent and
protocols is also key in this regard. Innovative Technologies in Computing, Electrical and Electronics
(IITCEE, Bangalore, India, 2024, pp. 1-5.
Continuous network monitoring, the use of artificial doi:10.1109/IITCEE59897.2024.10467247
intelligence to detect anomalous behaviours, and the rapid [8] V. K. V. V. Bathalapalli, S. P. Mohanty, E. Kougianos, V. Iyer, B.
implementation of mitigation measures are all vital Rout, ”PMsec 2.0: A security-by-design solution for doctor’s dilemma
problem in smart healthcare,” in 2023 OITS International Conference
components of a proactive strategy. Implementing effective on Information Technology (OCIT, Raipur, India, 2023, pp. 456-461.
security in IoT Networks is not only a technical issue, but doi:10.1109/OCIT59427.2023.10430808
also a matter of organizational culture. Ongoing employee [9] H. Strohmier, J. R. Lowe, A. G. Rodriguez, M. M. Trammell,
”Security and privacy threats posed by IoT devices used by students
education on the importance of security, proper security on college campuses,” in 12th International Symposium on Digital
procedures and best practices should be the top priority for Forensics and Security (ISDFS, San Antonio, TX, USA, 2024, pp. 1-
any organization relying on IoT technology. 6. doi:10.1109/ISDFS60797.2024.10527253
[10] R. C. Molokwu, B. C. Molokwu, V. C. Molokwu, ”An overview of
Research in this area is essential to effectively solve the
blockchain-based application in internet of things (IoT),” in 2023
growing security problems of IoT. This includes not only IEEE International Conference on Systems, Man, and Cybernetics
the development of new security technologies, but also (SMC), Honolulu, Oahu, HI, USA, 2023, pp. 280-285.
efforts to cooperate to create innovative and efficient doi:10.1109/SMC53992.2023.10394258

79
 [Downloaded from www.aece.ro on Tuesday, September 02, 2025 at 16:15:38 (UTC) by 172.70.216.163. Redistribution subject to AECE license or copyright.]

Advances in Electrical and Computer Engineering Volume 25, Number 2, 2025

[11] J. Alsafran, W. Elmedany, M. S. Sharif, ”Solution of IoT security and Comput. Inform. IJICI, vol. 4, no. 1, Art. no. 1, Apr. 2025.
privacy challenges: A systematic literature review,” in Arab ICT doi:10.52940/ijici.v4i1.96
Conference (AICTC, Manama, Bahrain, 2024, pp. 145-154. [24] V. B. A. Pardosi, S. Sutariyani, M. Ikhsanudin, A. Naufal,
doi:10.1109/AICTC58357.2024.10735034 ”Addressing DNS propagation challenges with repurposed STBs,
[12] ”IEEE Standard for Blockchain-Based Zero-Trust Framework for the ZeroTier networking, and indonesian ISP integration,” J. Intell. Syst.
Internet of Things (IoT),” IEEE Std 3219-2023, vol. l, pp. 1-26, Apr. Inf. Technol., vol. 1, no. 2, Art. no. 2, Jul. 2024.
2024. doi:10.1109/IEEESTD.2024.10531234 doi:10.61971/jisit.v1i2.46
[13] S. Barrett, B. Boswell, G. Dorai, ”Exploring the vulnerabilities of IoT [25] D.-F. Hriţcan, D. Balan, ”Exposing IoT Platforms securely and
devices: A comprehensive analysis of Mirai and Bashlite attack anonymously behind CGNAT,” in 2024 23rd RoEduNet Conference:
vectors,” in 2023 10th International Conference on Internet of Things: Networking in Education and Research (RoEduNet, Sep. 2024, pp. 1–
Systems, Management and Security (IOTSMS, San Antonio, TX, 4. doi:10.1109/RoEduNet64292.2024.10722287
USA, 2023, pp. 125-132. doi:10.1109/IOTSMS59855.2023.10325725 [26] A. Susanto, A. H. Fathulloh, Nuryasin, A. Fitriyani, ”Comparative
[14] A. Rakshe, N. Dongre, ”Survey on security protocols for IoT,” in analysis of key management service performance on AWS, Google
2024 IEEE 9th International Conference for Convergence in Cloud, and Oracle Cloud with performance testing,” in 2023 11th
Technology (I2CT, Pune, India, 2024, pp. 1-5. International Conference on Cyber and IT Service Management
doi:10.1109/I2CT61223.2024.10544115 (CITSM), Nov. 2023, pp. 1–6.
[15] G. Neelakantam, ”Prediction model for suicidal behavior disorder risk doi:10.1109/CITSM60085.2023.10455569
analysis by correlating cyber and real world data,” in 2024 [27] I. Ali, J. Li, J. Chen, Y. Chen, S. Ullah, A. Wakeel, ”Preserving
International Conference on Emerging Techniques in Computational location privacy of IoT devices in heterogeneous edge computing
Intelligence (ICETCI, Hyderabad, India, 2024, pp. 223-229. architecture through deniability-based authentication,” in IEEE
doi:10.1109/ICETCI62771.2024.10704210 Transactions on Consumer Electronics.
[16] A. V. Vardhan, S. Mohanty, M. Pradhan, ”A lightweight blockchain- doi:10.1109/TCE.2025.3544271
enabled authentication scheme for securing internet of drones [28] P. Vaish, N. Anand, G. Sharma, ”Dealing heavy IoT systems with
devices,” in 2024 IEEE International Conference on Smart Power hybrid cloud platform,” in 2022 IEEE Conference on Interdisciplinary
Control and Renewable Energy (ICSPCRE), Rourkela, India, 2024, Approaches in Technology and Management for Social Innovation
pp. 1-6. doi:10.1109/ICSPCRE62303.2024.10674933 (IATMSI, Gwalior, India, 2022, pp. 1-4.
[17] S. Nanthini, U. Jain, R. Arora, R. Bhatia, K. Sutaria, H. Patil, ”Virtual doi:10.1109/IATMSI56455.2022.10119415
twin analytics: Advancing IoT security through AI-powered software [29] F. B. Fava et al., ”Assessing the performance of docker in docker
informatics,” in 2024 First International Conference on Software, containers for microservice-based architectures,” in 2024 32nd
Systems and Information Technology (SSITCON, Tumkur, India, Euromicro International Conference on Parallel, Distributed and
2024, pp. 1-8. doi:10.1109/SSITCON62437.2024.10796819 Network-Based Processing (PDP), Mar. 2024, pp. 137–142.
[18] M. Snehi, A. Bhandari, ”IoT-based DDoS on cyber physical systems: doi:10.1109/PDP62718.2024.00026
Research challenges, datasets and future prospects,” in 2022 IEEE [30] W. M. C. J. T. Kithulwatta, K. P. N. Jayasena, B. T. G. S. Kumara, R.
International IOT, Electronics and Mechatronics Conference M. K. T. Rathnayaka, ”Docker containerized infrastructure
(IEMTRONICS, Toronto, ON, Canada, 2022, pp. 1-8. orchestration with portainer container-native approach,” in 2022 3rd
doi:10.1109/IEMTRONICS55184.2022.9795708 International Conference for Emerging Technology (INCET), May
[19] P. P. Pawar, D. Kumar, R. Krupa, P. K. Pareek, H. M. Manoj, K. S. 2022, pp. 1–6. doi:10.1109/INCET54531.2022.9825257
Deepika, ”SINN based federated learning model for intrusion [31] J. D. Dzaky, J. A. Saputra, N. N. Singale, H. A. Saputri, A. C. Sari,
detection with blockchain technology in digital forensic,” in 2024 ”Improving DNS server resilience against DDoS attacks through
International Conference on Data Science and Network Security anycast routing,” in 2024 6th International Conference on Cybernetics
(ICDSNS, Tiptur, India, 2024, pp. 01-07. and Intelligent System (ICORIS), Nov. 2024, pp. 1–6.
doi:10.1109/ICDSNS62112.2024.10691050 doi:10.1109/ICORIS63540.2024.10903731
[20] J. R. Raj, S. Srinivasulu, ”Design of IoT based VPN gateway for [32] D.-F. Hrițcan, D. Balan, ”Using tailscale and PfSense for security and
Home network,” in 2022 International Conference on Electronics and anonymity of iot environments,” in 2024 International Conference on
Renewable Systems (ICEARS), Tuticorin, India, 2022, pp. 561-564. Development and Application Systems (DAS, May 2024, pp. 91–94.
doi:10.1109/ICEARS53579.2022.9751838 doi:10.1109/DAS61944.2024.10541192
[21] D.-F. Hriţcan, A. Graur, D. Balan, ”Securing IoT environments using [33] M. Soltane, A. Gasmi, ”Network attack detection in the pfsense
ZeroTier and OPNsense,” in 2024 23rd RoEduNet Conference: firewall via deep learning,” in 2024 IEEE International Multi-
Networking in Education and Research (RoEduNet, Sep. 2024, pp. 1– Conference on Smart Systems & Green Process (IMC-SSGP), Djerba,
4. doi:10.1109/RoEduNet64292.2024.10722755 Tunisia, 2024, pp. 1-6. doi:10.1109/IMC-SSGP63352.2024.10919795
[22] C. K. N. S. A. C. K. M. Rafee, N. S. M. Usop, ”Towards secure local [34] H. İş, ”A comprehensive analysis of NGFWs for cyber-physical
area network (LAN) using opnsense firewall,” Malays. J. Comput. system security after the crowdstrike incident,” in 2024 Global
Appl. Math., vol. 6, no. 1, Art. no. 1, Mar. 2023. Energy Conference (GEC, Batman, Turkiye, 2024, pp. 12-20.
doi:10.37231/myjcam.2023.6.1.85 doi:10.1109/GEC61857.2024.10881876
[23] J. S. Majid, ”Building a firewall and intrusion detection system dased
network security system using opnsense tools,” Iraqi J. Intell.

80