Three Layer Architecture in the Internet of Things. An Examination of Specifications and Security Threats

September 8th, 2020

In this article, we’ll take a look at different layered architectures of the IoT and discuss security from the perspective of those layers. At the same time, we’ll review a series of mechanisms that claim to provide solutions to such security issues. Lastly, we’ll suggest a new layered architecture specifically designed to overcome these problems.

The Internet of Things, or IoT, might be one of the fastest-growing avenues in modern technology. At the same time, it is one of the most widely misunderstood. Broadly defined, the Internet of Things facilitates communication between various machines and other objects, allowing them to coordinate with one another to perform a wide variety of functions. 

Among other things, the IoT has evolved into an enabler for intelligent devices used in many aspects of our society, including our homes, hospitals, office buildings, etc. That said, the fast development of the IoT amid growing cybersecurity problems have led to widespread concern regarding a world of interconnected devices and user privacy. 

Three-Layer IoT Architecture

The most basic architecture associated with the IoT is known as a “three-layered” architecture. Introduced in the early stages of research into this topic, it consists of the perception, network, and application layers.

  • The Perception Layer – This is the physical layer. It has sensors for finding and gathering information about an environment, including the ability to identify other smart objects.
  • The Network Layer – This layer is responsible for actually connecting to other smart objects, including servers, network devices, and more. It can also transmit and process sensor data. 
  • The Application Layer – This layer is responsible for actually providing application-specific services to the user. It does so by defining ways for the IoT to be deployed, such as in smart homes or smart cars. 

The three-layer architecture outlined above defines much of what you can find on the Internet of Things. That said, it does not provide suitable insight into researching the IoT. This is a big reason behind proposing some other layered architectures instead. 

Three-Layer IoT Architecture

Five-Layer IoT Architecture  

Our Five-Layer Architecture model forms a layered network comprised of perception, transport, processing, application, and business. In this model, the roles of the application and perception layers do not change. The three remaining layers, however, operate as follows: 

  • The Transport Layer – This layer is responsible for transferring sensor data from the perception layer to the processing layer. It utilizes a variety of networks, such as RFID, Bluetooth, and 3G, to do so.
  • The Processing Layer – This is more commonly known as the “middleware layer.” It is responsible for storing, analyzing, and processing the data it receives from the transport layer. At the same time, it can manage and provide various services to the lower layers, employing technologies ranging from cloud computing to big data processing modules.
  • The Business Layer – This layer is designed to effectively manage the whole IoT system. This includes everything from applications to user privacy to business and profit models. 
Five-Layer IoT Architecture

A Closer Look at Three-Layer IoT Architecture 

In order to have a detailed discussion about three-layer IoT Architecture, its benefits, pros, and cons, it’s important to go further than our initial identification of the associated parts. In this section, we’ll do just that. 

The Perception Layer 

Also known as the sensor layer, this layer acts much like a person’s eyes, nose or ears would. It is responsible for identifying objects and collecting information from them using RFID, 2-D barcodes, and other types of sensors. Data collected by these sensors can include everything from motion and location info to changes in the air or environment. These sensors are a popular target among attackers, whose goal is often to replace them with a sensor of their own. 

Common security threats associated with the perception layer include: 

  • Eavesdropping – This is an unauthorized attack that takes place in real-time. During this attack, private communications such as phone calls, text messages, video conferences, and faxes are seized by the attacker. This data is ultimately intercepted over a network, which may or may not is secured.
  • Node Capture – This is one of many harmful attacks that can affect the perception layer of IoT devices. Through node capture, an attacker can gain full control over a key node, such as a gateway node. This allows the attacker to leak a variety of communications between the sender and receiver while gaining access to information stored in the device’s memory. 
  • Fake Node and Malicious – This is when an attacker adds a node to a system that is designed to input fake data. This attack aims to stop the node from transmitting real information, consuming energy from authentic nodes, and potentially destroying the network. 
  • Replay Attack – Also referred to as a “playback attack,” this is where an attacker eavesdrops on a conversation between a sender and receiver and steals information from the sender. They then send this information to the victim in an attempt to prove their authenticity or as “proof” of their identity. Once they’ve assumed the real sender’s identity, they can then entice the recipient to perform any number of actions. 
  • Timing Attack – This is particularly effective against devices that have weak computing capabilities. It allows an attacker to identify vulnerabilities in the system, bypassing it in order to steal information. To do so, they observe how long it takes the system to respond to a specific input, queries, or algorithms. 
The Perception Layer

The Network Layer

Also commonly referred to as the “transmission layer,” the network layer acts as a sort of bridge between the application and perception layers. Typically, it carries and/or transmits data collected by the sensors via wired or wireless means. It is also responsible for connecting the various “smart” items, networks, and network devices to one another. This causes it to suffer from many security issues related to information authentication and integrity.

Common security threats associated with the network layer include: 

  • Denial of Service (DoS) Attack – DoS attacks attempt to prevent users from accessing their devices or other network resources. It is most often accomplished by flooding targeted devices with so many requests that it becomes impossible for users to actually filter them.
  • Main-in-The-Middle (MiTM) Attack – MiTM attacks take place when a third party intercepts and then alters communications between a receiver and a sender, changing the messages to suit their own needs. This signifies a major security breach, as it allows the attacker to manipulate information in real-time. 
  • Storage Attack – A user’s information is usually only stored in the cloud or in various storage devices. Both of these can be attacked by outsiders, with users changing information at will. Data can also be replicated in order to facilitate any number of other attacks. 
  • Exploit Attack – This is where an attacker takes advantage of security weaknesses in a system, application, or hardware. The goal is most often to steal information stored on a specific network. 
The Network Layer

The Application Layer

The Application layer defines all of the applications that utilize IoT technology or in which the IoT is deployed. This includes smart homes, smart cities, etc. Its goal is to provide services to the various applications as demanded by the sensory information. The application layer suffers from various security issues, particularly in the cases of smart homes and smart offices. This is especially true of smart devices that have weak computational power and low storage capabilities. 

Common security threats associated with the application layer include: 

  • Cross-Site Scripting – This is an injection attack that enables a third party to insert a client-side script in a trusted site. This eventually allows the attacker to change the application’s contents according to their needs or to use the original data illegally. 
  • Malicious Code Attack – This is code embedded in software designed to cause damage to the system. It is extremely common and can often be blocked by antivirus or anti-malware programs. 


The Internet of Things (IoT) is quickly weaving itself into modern life all around the world. By connecting smart devices, applications, and other technology, it has the power to enhance our quality of life and automate a near-infinite number of interactions. 

Still, we hope this brief overview has properly outlined how layered architectures of IoT can be subject to specific, malicious attacks by third parties. Our goal is to simply remind leaders that, while the possibilities of the IoT are indeed exciting, proper precautions and security measures must be taken at all times. 

Moreover, it is important to consider new multi-layered architectures in order to design a more secure infrastructure for the IoT. Ultimately, it is our hope that we can encourage more users to address these problems and implement the necessary changes as soon as possible.

Have an idea for next IoT project? Need help with the architecture?