sustainability Review State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions Ritika Raj Krishna 1 , Aanchal Priyadarshini 1 , Amitkumar V. Jha 1 , Bhargav Appasani 1 , Avireni Srinivasulu 2 and Nicu Bizon 3,4, *   Citation: Krishna, R.R.; Priyadarshini, A.; Jha, A.V.; Appasani, B.; Srinivasulu, A.; Bizon, N. State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions. Sustainability 2021, 13, 9463. https:// doi.org/10.3390/su13169463 Academic Editor: Zubair Baig Received: 30 May 2021 Accepted: 18 August 2021 Published: 23 August 2021 Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affil- iations. Copyright: © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/). 1 School of Electronics Engineering, Kalinga Institute of Industrial Technology, Bhubaneswar 751024, India; ritikaraj11a@gmail.com (R.R.K.); aanchal233100@gmail.com (A.P.); amit.jhafet@kiit.ac.in (A.V.J.); bhargav.appasanifet@kiit.ac.in (B.A.) 2 Department of Electronics and Communication Engineering, K. R. Mangalam University, Gurugram 122103, India; avireni@ieee.org 3 Faculty of Electronics, Communication and Computers, University of Pitesti, 110040 Pitesti, Romania 4 Doctoral School, Polytechnic University of Bucharest, 313 Splaiul Independentei, 060042 Bucharest, Romania * Correspondence: nicu.bizon@upit.ro Abstract: The Internet of Things (IoT) plays a vital role in interconnecting physical and virtual objects that are embedded with sensors, software, and other technologies intending to connect and exchange data with devices and systems around the globe over the Internet. With a multitude of features to offer, IoT is a boon to mankind, but just as two sides of a coin, the technology, with its lack of securing information, may result in a big bane. It is estimated that by the year 2030, there will be nearly 25.44 billion IoT devices connected worldwide. Due to the unprecedented growth, IoT is endangered by numerous attacks, impairments, and misuses due to challenges such as resource limitations, heterogeneity, lack of standardization, architecture, etc. It is known that almost 98% of IoT traffic is not encrypted, exposing confidential and personal information on the network. To implement such a technology inthe near future, a comprehensive implementation of security, privacy, authentication, and recovery is required. Therefore, in this paper, the comprehensive taxonomy of security and threats within the IoT paradigm is discussed. We also provide insightful findings, presumptions, and outcomes of the challenges to assist IoT developers to address risks and security flaws for better protection. A five-layer and a seven-layer IoT architecture are presented in addition to the existing three-layer architecture. The communication standards and the protocols, along with the threats and attacks corresponding to these three architectures, are discussed. In addition, the impact of different threats and attacks along with their detection, mitigation, and prevention are comprehensively presented. The state-of-the-art solutions to enhance security features in IoT devices are proposed based on Blockchain (BC) technology, Fog Computing (FC), Edge Computing (EC), and Machine Learning (ML), along with some open research problems. Keywords: Internet of Things; security; threats; privacy; vulnerabilities; Blockchain 1. Introduction We live in a time when technology is an essential requirement for all humans, and the evidence is the increased dependence on technology in almost every aspect of our lives. Today’s world is evolving with the rapidly growing Internet of Things (IoT)-based application [1]. The rise of the IoT has been a glorious phenomenon in recent years. The physical and virtual objects implanted with sensors, software, and other technologies are interlinked together in IoT [2]. It envisages communicating and sharing data with other devices and systems worldwide over the Internet. Further, IoT is like an array of network-enabled devices that exclude traditional computers such as laptops and servers. IoT has sprawled everywhere, starting from the healthcare sector to the big industries. It is now implantable, wearable, and portable, resulting in a pervasive and interactive Sustainability 2021, 13, 9463. https://doi.org/10.3390/su13169463 https://www.mdpi.com/journal/sustainability