Design and implementation of a multi-layered security platform for IoT device management

Wong, Zhi Lin and Abdul Rahman, Siti Husna and Zainuddin, Ahmad Anwar (2025) Design and implementation of a multi-layered security platform for IoT device management. In: The 9th International Conference on Information Technology, 12-14 November 2025, Thailand.

PDF - Published Version
Restricted to Repository staff only
Download (673kB) | Request a copy

Official URL: https://ieeexplore.ieee.org/document/11276117

Abstract

The rapid proliferation of Internet of Things (IoT) devices has introduced substantial challenges related to security, scalability, and centralized management particularly within open-source ecosystems. This study presents the design and implementation of an open-source IoT Device Management Platform enhanced with a multi-layered security architecture. The platform incorporates Time-Based One-Time Password (TOTP) authentication and real-time push notifications to strengthen user verification and access control. Additional protective measures, such as frontend input validation and backend rate-limiting middleware, are integrated to defend against common web-based attacks, including brute-force and denial-of-service attempts. Built on a Django backend and Vue.js frontend, the system offers an efficient and user-friendly interface for real-time device monitoring and control. Performance and security evaluations, including stress testing under high concurrency, confirm the platform’s robustness, responsiveness, and resistance to abuse. As an open-source initiative, the system promotes community-driven development and extensibility. Future enhancements will explore the integration of CAPTCHA, real-time alerting, anomaly detection, and broader protocol support to further advance secure IoT management practices.

Item Type:	Proceeding Paper (Other)
Uncontrolled Keywords:	Internet of Things (IoT), IoT security, IoT device management, Multi-layered security, access control
Subjects:	T Technology > T Technology (General) > T10.5 Communication of technical information
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button):	Kulliyyah of Information and Communication Technology > Department of Computer Science Kulliyyah of Information and Communication Technology > Department of Computer Science Kulliyyah of Information and Communication Technology Kulliyyah of Information and Communication Technology
Depositing User:	Ts.Dr. Ahmad Anwar Zainuddin
Date Deposited:	03 Feb 2026 09:02
Last Modified:	03 Feb 2026 09:02
Queue Number:	2026-01-Q1913
URI:	http://irep.iium.edu.my/id/eprint/127172

Actions (login required)

View Item

Download Statistics

Downloads

Downloads per month over past year