Mitigating IoT Threats Using Secure System Architecture and Device Integrity Checks

The Internet of Things (IoT) has revolutionised modern life but introduces serious security concerns, particularly data privacy breaches. This paper examines two major IoT threats—SILEX malware and the Mirai Botnet—highlighting how weak authentication, insecure remote access, outdated firmware, and infrequent vulnerability scanning enabled large-scale attacks. To address these vulnerabilities, we propose a Zero Trust-based secure system incorporating technologies such as FIDO2 for passwordless authentication, SSH and Just-In-Time (JIT) access for secure remote control, and Trusted Platform Module (TPM) for system integrity verification. The system also includes routine vulnerability scans, network segmentation, centralised monitoring, and automated firmware updates to minimise exposure. While implementation challenges include compatibility, configuration complexity, and cost, the system significantly reduces the risk of attacks and enhances regulatory compliance with frameworks like GDPR and NIST SP 800-213. By strengthening user privacy and infrastructure resilience, our approach provides a comprehensive solution to evolving IoT security threats.