Standardization, vision and framework design.
A robust machine-learning-based IoT security system must consider the IoT cyber threat environment. Security features must therefore be designed and refined. A data-conditionality-reduction technique is essential because security features and the IoT data they are associated with have a direct impact on machine-learning-based security models [ 40 ]. “Feature engineering” refers to the process of developing and refining security features. This term is used when discussing the development of security models using machine learning. It may be challenging to accurately classify cyber dangers given the potential for irrelevant data in today’s IoT security datasets. If you use this kind of security model to make predictions, you could run into problems including high processing costs, excessive variation, the need to build the model, and a lack of generalization. Therefore, if an IoT security model with high-dimensional datasets comprise the right number of security features based on their impact or significance, it might be less stressful to design [ 39 ].
However, the Internet of Things raises security concerns because there are so many devices that can communicate to each other using different protocols. Internet of Things devices cannot be made safer because they do not have enough processing power. This means that the ways we currently protect IoT networks need to be greatly improved. In the last few years, security studies have paid a lot more attention to machine learning models. There may be a need for security for IoT systems because these devices regularly produce huge amounts of data that can be used to train machine learning algorithms [ 40 ]. New product components are developed using feature selection and principal component analysis, which together account for the majority of the significant data. These new brand elements could be useful for creating a machine-learning-based IoT security model [ 41 ]. Table 3 shows the dataset used for cybersecurity.
Datasets in the domain of cybersecurity.
Datasets | References | Datasets | References |
---|---|---|---|
NSL-KDD | [ ] | Enron Spam | [ ] |
UNSW-NB15 | [ ] | Spam Assassin | [ ] |
DARPA | [ ] | Ling Spam | [ ] |
C.A.I.D.A. | [ ] | D.G.A. | [ ] |
ISOT’10 | [ ] | Malware Genome project | [ ] |
ISCX’12 | [ ] | Virus Share | [ ] |
CTU-13 | [ ] | Virus Total | [ ] |
C.I.C.I.D.S. | [ ] | Comodo | [ ] |
As the internet revolution continues, an increasing number of everyday objects and industrial tools begin to function as “smart” devices. Traditional data security and protection techniques are unlikely to work on IoT networks. The addition of new services to IoT networks introduces new security flaws. The goal of the IoT is to connect a wide network of various devices so that clamping software can be used to significantly improve people’s lives. IoT devices come in a variety of shapes and sizes, and they can perform a wide range of functions, necessitating the use of a wide range of hardware and software. A network of billions of connected computers makes up the IoT [ 58 ]. It also refers to the vast amount, rapid rate of change, and organization of data derived from the real world. The term “IoT” describes a network of devices capable of two-way data communication. As a result, any time and any place can be connected to an IoT network [ 59 ]. Theft of cookies, cross-site scripting, structured query language injection, session hijacking, and distributed denial of service attacks are all possible on connected IoT devices. DDoS assaults are especially dangerous for large, self-managed IoT networks [ 1 ]. IoT devices are temporary; thus, network configuration needs to be dynamic and flexible. Utilizing nearby devices, ad hoc networks can make communication over shorter distances easier. Proximity is described as how an IoT-enabled object responds and acts in relation to its actual surroundings [ 60 ]. Networks for industrial IoT encounter many difficulties. It is critical to have wireless connections that are speedy and reliable. Applications that call for low latency and high reliability connections include tracking, surgical equipment, and production on a production line [ 17 ]. An IoT device is a piece of hardware with a sensor that can send information to a remote location over the Internet. A complicated system must be built with the least amount of time, money, and effort possible because there are so many sensors involved in its operation [ 61 ]. Patient information is sensitive and valuable, making data security crucial in industries such as healthcare. Numerous IoT applications must make intelligent decisions in real time based on the preferences of the user [ 62 ].
Future-generation wireless networks must be reliable and self-sufficient. The individual’s use of technology in their daily lives is changing as a result of the IoT. Machine learning techniques are used by the Internet of Things to increase the effectiveness and independence of the network. Deep learning (DL) is a computationally costly and challenging machine learning (ML) technique. It is difficult to come up with strategies for combining deep learning technologies with IoT infrastructure to enhance the general performance of IoT applications. A range of methods that achieve a balance between computing costs and performance are needed for the next generation of IoT networks [ 63 ]. Machine learning techniques have quickly advanced, and they are presently used in a wide range of academic advancements [ 64 ]. For instance, they are carefully evaluated in a variety of sectors, including the cement business. Although cement enterprises in developing countries make a significant amount of money through the sale of valuable resources, they still face a number of difficulties. Optimization in machine learning has grown to be a significant topic of study in recent years. Using the FDH model, the set of production possibilities can be built in any way [ 65 ]. An innovative three-layer data-mining filtering pre-process for clustering techniques has been suggested by experts. It makes use of machine learning to increase accuracy and filter out irrelevant features and data. These stages of preparation were designed to reduce redundant information and improve precision. Finally, we are aware of the top business, best performance model and the most precise algorithm. The FDH model consistently performs at the highest possible degree of efficiency when compared to other suggested models [ 66 ]. Out of the three suggested filtering techniques, only the k-means algorithm consistently yields the best results. Second and third place, respectively, went to the model’s BCC and CCR. One of the most widespread technologies in modern society is the Internet of Things, which has a significant impact on people’s personal, professional, and financial lives. There is a lot of hope that the Internet of Things, both now and in the future, will enhance people’s lives in a variety of environments, from urban infrastructure to classrooms [ 67 ]. Automation, consumer comfort, and productivity have all risen as a result of these developments. Yet, threats and assaults have a big impact on the way intelligent Internet of Things applications perform. The quantity and complexity of threats to the Internet of Things have increased, and conventional approaches for protecting it have not been able to keep up [ 68 ]. The security system of the Internet of Things of the future must be dynamically updated so it is up to date for it to operate effectively. Artificial intelligence (AI), in particular machine learning and deep learning techniques, are required to make this viable. The author of [ 69 ] contrasted various approaches in order to identify the most effective one. We showed that this might be carried out interactively and how the model could be solved by switching the GDEA dual model to the MOLP. To solve the GDEA and identify the MPS within the bounds of each DMU’s efficiency, one may use this link as the foundation for an interactive MOLP technique. By fusing the STEM and DM methodologies, the GDEA dual model was able to demonstrate the preferences of the DM. In institutions for stroke care, the max-ordering method was applied to investigate the relationship between the GDEA dual model and the MOLP [ 67 ], which is a practical approach to securing IoT devices is machine learning. One of the most advanced AI techniques, machine learning, performs effectively in massively networked environments without explicit programming. The system may be trained to recognize and respond to various threats using machine learning techniques [ 13 ]. In this scenario, the majority of attacks might be stopped early on. Additionally, it appears that ML approaches may be useful for spotting new threats and putting strategic defenses in place. Machine learning algorithms may be employed in the future to create security standards for IoT devices, making them more dependable and user-friendly than they are now [ 25 ]. IDS’s effectiveness has led to a rise in popularity in recent years. Identification of people who do not belong in a particular location is the main purpose of an IDS [ 70 ]. Every host that tries to join the Internet of Things without authorization is considered an invader. IDS has not been studied enough. IDS on the IoT uses ML/DL in a variety of ways. Nonetheless, it struggles to deal with difficult problems. In addition, you can only apply these tactics for select types of blows, and they are not extremely accurate [ 40 ]. Right now, one of the biggest problems with the Internet of Things is that we do not fully comprehend how apps use data. This study introduces SAINT, a novel static taint analysis tool that locates weak data flows in IoT programmers. SAINT transforms the source code of an Internet of Things application into a lifecycle model. The access points, user inputs, events, and actions of the program are represented by this model. We then watch the information flow between sensitive inputs and final outputs in the washbasin while performing complete static analysis. Both the general SmartThings market and our specially created IOTBENCH application corpus were used to evaluate SAINT. In order to establish the value of SAINT and understand how the market normally functions, initial research focused on the SmartThings sector [ 71 ]. The second analysis used the IOTBENCH app corpus from the first one. Our analysis revealed that the great majority of currently accessible apps convey sensitive data, and that our system is capable of detecting taint sources and sinks. The outcomes of these tests also showed that our technology is able to identify the origin and final destination of contamination. This paper’s main focus is on architectural difficulties because they are the root cause of IoT’s poor performance and utility [ 72 ]. There are many problems and reasons to be worried. Communication, data management, zero-entropy systems, scalability, massive data collection, real-time data processing, security and privacy, interoperability, a lack of standardization, etc., are just a few of the problems that need to be solved. There were 20 billion connected things in 2014, and it was anticipated that this number would increase to 30 billion by 2020. These connections can be used in countless ways. The devices may have features in common, but they are made by different companies and run on different operating systems. Hadoop has trouble dealing with data sources that might carry out comparable operations but have wildly dissimilar data formats [ 71 ]. This lack of consistent standardization is summarized by the phrase “The Internet of Things May Never Speak a Single Language”. The lack of standardized protocols is now the greatest challenge in the path of the Internet of Things, according to a recent survey by Light Reading. This barrier needs to be removed because it prevents the growth of IoT interoperability. Technology progress, data standards, and wireless protocols have all been covered. Companies regularly create their own standards, which leads to incompatible technology [ 73 ]. One of the most important elements affecting people’s daily lives and well-being at work is “worker safety”. Studies that have been published in scholarly journals have shown that knowing that they are working in an environment where they are less likely to be in an accident improves employees’ emotions and well-being. It is crucial that all workplaces have proper safety precautions for their employees and operators, even though the industrial sector is the most dangerous for workers. No matter how frequent or unusual a job may be, it must always be protected in order to safeguard the workers’ health and safety. There are no published solutions that can also monitor and advise people during unusual or dangerous jobs, even if a range of technologies already meet these needs during “normal” operations (e.g., maintenance). The Internet of Things and other real-time applications and services, such as video surveillance systems, are growing quickly, showing the growing importance of technology in our daily lives. The Internet of Things and Industry 4.0 could help identify maintenance problems that have been noticed but not resolved. Fog devices are now processing a sizable percentage of IoT application processing thanks to the development of fog computing [ 74 ]. However, if fog nodes are underpowered, the device’s reliability may suffer and IoT apps will not be able to function. Many clear issues with read/write operations and unsafe edge settings must be addressed. Scalable fault-predictive proactive techniques are necessary to improve dependability. These algorithms should be capable of determining whether fog machines are not powered enough to work. The use of a recurrent neural network to predict proactive problems in fog devices when there are not enough resources is suggested in this research. The method makes use of a new rule-based network policy for computing, memory, and power, as well as an entirely theoretical long short-term memory. An LSTM network is used in the planned CRP to ascertain why the project failed due to a lack of finance. The proposed conceptual design also includes fault monitors and failure detectors. They guard against fog nodes failing to provide services to IoT applications. The accuracy of predictions on training data was 95.16 percent and on testing data, it was 98.69 percent when LSTM and the CRP network policy technique were coupled. Prior to this, machine learning and deep learning techniques were incomparable. This study uses vibration and acoustic emission sensor data to produce analyzable scalograms. To identify whether wavelet functions were useful, we used the RWE criterion. Further Sin GAN scalograms were produced, and a number of picture quality metrics were then retrieved and used to build feature vectors [ 75 ]. The experimental data required to train the LSTM model used to predict tool wear were insufficient. The feature vector was used to train the bidirectional, stacked, and vanilla LSTM models. We looked at five performance indicators, including root-mean-square error, mean square error, mean absolute error, and adjusted root-mean-square error to assess how effectively LSTM models can predict tool wear. The MAE, RMSE, and MSE were the lowest, with values of 0.005, 0.016, and 0.0002, respectively, despite the high values of R2 and Adj. It was discovered that the vibration signal’s R2 value was 0.997%. The findings show that the stacked LSTM model outperforms other LSTM models in predicting tool wear [ 76 ].
3.1. research method.
The literature on IoT security studies has grown in recent years as more and more academics have developed an interest in the field. With the use of the AND OR search operators, we were able to find a vast amount of information that was relevant to topics, such as IoT, machine learning, deep learning, threats, cyberattacks, and vulnerabilities. We also included other terms, such as “blockchain”, “healthcare”, and “Data Mining. ML and DL”, in our search for a solution to the issue of IoT security breaches.
The IoT and machine learning approaches were used as a keyword string to find publications in databases from the IEEE, Springer, Scopus, Google Scholar, A.C.M., Science Direct, and Wiley. These works include research on machine learning categorization, IoT security, and the integration of health systems. Papers that were first chosen for review were peer-reviewed before being published. To better understand how machine learning works and how it might be used to improve IoT security, this research explored publications that concentrate on machine-learning-based approaches. After the initial search, any papers found were discarded. We only looked at a few articles because the review aimed to set standards for machine learning research criteria and methodology. The committee did not even read the additional recommendations.
The research query process is shown in Table 4 and Figure 5 .
Search query.
Research query process.
Phase | Process | Selection Criteria | IEEE | Scopus | Willey | Google Scholar | Sprinkle | Science Direct | Total |
---|---|---|---|---|---|---|---|---|---|
1 | Searching | Keywords | 80 | 30 | 20 | 70 | 40 | 40 | 280 |
2 | Searching | Title | 75 | 25 | 15 | 65 | 30 | 30 | 240 |
4 | Further Screening | Introduction and Conclusion | 65 | 15 | 10 | 50 | 25 | 25 | 190 |
5 | Evolution | Complete Articles | 60 | 10 | 5 | 40 | 20 | 20 | 155 |
Table 5 shows the year-wise selection of papers.
Year-wise selection of papers.
Publication Year | No of Papers |
---|---|
2014 | 03 |
2015 | 03 |
2016 | 04 |
2017 | 05 |
2018 | 11 |
2019 | 17 |
2020 | 15 |
2021 | 33 |
2022 | 47 |
2023 | 08 |
Figure 6 shows the year-wise article selection.
Year-wise article selection.
The research questions of the study are as follows:
3.4.1. iot attacks on surface areas.
We look at several possible attack paths for IoT systems and applications in the following sections. There are the following applications in particular: One of the most common entry methods for hackers is through IoT devices. Memory, firmware, physical interfaces, web interfaces, and network resources are only a few of the IoT systems’ many weak points. Hackers may obtain access through faulty parts, vulnerable update systems, and dangerous factory settings, to name a few. IoT devices may be attacked through the communication channels they use [ 77 ]. The protocols used by IoT systems may not be secure, which would put the plan in danger. IoT devices are vulnerable to network threats, including spoofing and denial of service. Security flaws in web applications and other IoT device software could provide unauthorized users access to the system. For instance, hackers might spread malicious firmware upgrades or steal user credentials using web applications [ 78 ].
To highlight the security issues that affect the overall architecture of the IoT system, we summarize the IoT attack surface parts in this section. Different IoT concepts have been created by several academics and think tanks. A typical IoT design has three levels: perception, network, and application. However, it turns out that the support or middleware layer levels are vital because they must process data and draw wise conclusions [ 79 ]. A design for the IoT may contain a network layer and a support layer depending on its planned use. Many academic studies have also looked at how cloud computing might be used for the back-end architecture of the IoT [ 80 ]. Figure 7 shows the security challenges of IoT.
Security Challenges of IoT [ 81 , 82 ].
A conventional IoT design consists of three layers: the application layer, the network layer, and the perception layer [ 83 ]. However, the support or middleware layer between the network and application layers becomes more important as the significance of data processing and intelligent decision making rises. Multiple layers, including a network layer and a support layer, may be present in IoT systems. Cloud computing has been used as the underlying support layer in numerous studies of IoT systems.
Various sensors and other devices make up the perception layer, sometimes called the sensing layer. This layer’s storage, processing, memory, and communication capabilities are limited. The main methods this layer secures in the IoT network are node authentication, weak encryption, and access control [ 84 ]. Attacks and crimes against the perceiving layer’s privacy are too common in the real world. One approach to conduct this is to take control of a node. Malicious code usage, data injection, replay assaults, and side-channel attacks are other techniques. For example, if an attacker takes over a node, it will stop sending valid network data and may even stop using the IoT security program. It is possible that the IoT application will not operate as planned if it receives terrible data or is compromised by malicious code injection. A technique called eavesdropping, also called sniffing or snooping, allows an attacker to intercept and look through data being exchanged between two devices [ 85 ], as shown in Table 6 . A replay attack in an IoT network could be defined as repeatedly falsifying, changing, or reusing the identities of related items. If an attacker has the required time and data encryption keys, they can execute a timing attack. There are a lot more ways than just direct node attacks for vital information to circulate [ 86 ].
Attacks and countermeasures on physical layer.
Layer | Types of Attacks | Description | Security Countermeasures |
---|---|---|---|
Physical | Eavesdropping | Infer information sent by IoT devices via network. | Faraday cage. |
Cyber-physical | Physically attacking a device. | Use of fault-detection algorithm to identify the faulty nodes. | |
RFID Tracking | To disable tags, modify their contents, or imitate them. | Faraday cage. |
The main goals of this layer are compatibility, privacy, and secrecy. At this layer, it is expected that criminal activities, including phishing, distributed denial-of-service attacks, attacks on data transit, routing attacks, identity authentication, and encryption, will occur [ 87 ]. This layer of the IoT is especially vulnerable to phishing attacks, which aim to obtain sensitive information such as passwords and login credentials. When an attacker or unauthorized user gains access to the IoT network while IoT apps gather and transfer sensitive data, this is characterized as an access attack, also known as a continuous advanced threat. Table 7 shows the attack and countermeasures on the data communication layer.
The attack and countermeasures on data communication layer.
Layer | Attacks | Description | Security Countermeasures |
---|---|---|---|
Data and Cloud services | Poisoning | Input of incorrect training data/labels to decrease the accuracy of classification/clustering process. | Data sanitization. |
Evasion | Generating an adversarial sample leading to evade system from detection spam and malware. | Retraining learning models by classifier designers with adversarial samples. | |
Impersonate | Unauthorized access based on deep neural network DNN algorithm. | Defensive distillation on DNN. | |
Inversion | Gathering information about ML models to compromise the data privacy. | Differential privacy (DP) technique and data encryption. |
The most frequent and harmful kinds of network attacks are DoS and DDoS attacks. They use up network resources and compromise the operation of services. Malicious actors can also change routing channels’ routes when transmitting data by routing attacks, such as holes and worms [ 88 ].
Distributed computing solutions have been used to replace centralized cloud environments in a variety of cases, with good results in terms of performance and response time. All sent data should now be checked for accuracy, concision, and secrecy.
When someone inside a network purposefully alters or steals data or information, this is known as a malicious inside attack [ 89 ]. By inserting malicious SQL queries into the code, SQL injection attacks are used to steal data from user services in the real world. When damage to one virtual machine spreads to another, this is a virtualization attack. With the help of cloud malware injection, a hacker can take over a cloud service, install malicious code, or even create a fake virtual machine. There could be significant consequences if attacks are so powerful that cloud infrastructure is incredibly frustrated [ 90 ]. Table 8 shows the attack and countermeasures on the support layer.
The attack and countermeasures on support layer.
Layer | Types of Attacks | Description | Security Countermeasures |
---|---|---|---|
Transport | TCP flooding | Sending many packets through TCP protocol to stop or to reduce his activities. | A classifier based on SVM to detect and prevent DDoS TCP flooding attack. |
UDP flooding | Sending many packets through UDP protocol to stop or to reduce his activities. | A flow-based detection schema on router using a state machine and a hashing table. | |
TCP SYN flooding | Tentative to open an externally connection without respecting to the TCP handshake procedure. | SYN-Cookies consist on coding client SYN message to change the state in the server side. | |
Network/ protocol | Man-in-the-middle | Violate the confidentiality and integrity in data transfer. | Intrusion-detection system (IDS) and virtual private network (VPN). |
DDoS | Making network resource unavailable for its intended use. | Ingress/Egress filtering, D-WARD, Hop Count Filtering and SYN-Cookies. | |
Replay | Manipulate the message stream and reorder the data packets. | Timeliness of Message. |
Defining and maintaining IoT applications, including their interactions with specific clients, fall under the scope of the application layer. One way to use IoT services is through a user interface. A computer, a smartphone, or any other Internet-enabled smart device could serve as an interface. The data that the middleware layer process is used by the application layer [ 91 ]. This holds for a wide range of application categories, including applications for smart homes, smart cities, industry, construction, and health. The security needs of an application may change depending on how it functions. When sending information on climate change forecasts as opposed to when conducting online banking, it is acceptable to expect a better level of security. The application layer must address various security challenges, such as attacks on access control, malicious code, programming, data leaks, service interruptions, application vulnerabilities, and software flaws [ 92 ]. Table 9 shows the attack and countermeasures on the application layer.
The attack and countermeasures on the application layer.
Layer | Types of Attacks | Description | Security Countermeasures |
---|---|---|---|
Application | Malware | Gain access to IoT device by using a default Telnet or SSH account. | Disabling/changing default account of Telnet and SSH account. |
IRC Telnet | Forcing Telnet port to infect LINUX operating system of IoT device. | Disabling Telnet port number. | |
Injection | Untrusted data are sent to an interpreter as part of a command or query. | Input validation control. |
Attacks that interrupt service, commonly referred to as “Distributed Denial of Service (DoS)” attacks, stop users from using IoT apps by sending a flood of requests to servers or networks. Threat actors could use sniffer software to monitor data being transmitted by IoT apps. Attacks that gain unauthorized access can seriously harm a system quickly by preventing users from using IoT-related services and wiping data [ 93 ].
Each layer of an IoT system may be vulnerable to different security flaws and attacks, as was already mentioned. Furthermore, there is a severe risk of unknown vulnerabilities. One must conduct a thorough investigation to find these hacks. Understanding artificial intelligence, especially machine learning and deep learning architectures and techniques, is an effective way to safeguard the system regarding IoT security. Figure 8 shows the layers and function of IoT architecture.
Layered Architecture [ 66 ].
IoT devices can use AI technologies, such as machine learning and deep learning, to act correctly after learning from the data they gather. It is feasible to detect significant security event trends in IoT data using learning models, which frequently include rules, procedures, or complex “transfer functions” [ 94 ].
This enables DL and ML, which are entirely different, to function in real time over IoT networks. This shows how data-driven IoT security intelligence models could be created using ML and DL. IoT security data can be used to learn new things via classification and regression analysis, clustering, rule-based techniques, feature optimization, and DL with ANN, such as the M.N.L.P.N., C.N., and recurrent networks [ 95 ]. The following section covers the use of ML and DL to increase the security of IoT products. A machine-learning-based IoT security architecture is shown in Figure 9 .
A machine learning security framework for IoT systems [ 96 ].
Regression and classification techniques are well known and frequently used in IoT machine security. Predicting the outcome of discrete values or categories, such as anomaly, average, or attacks, is a standard definition of classification problems [ 97 ]. Regression is the technique of predicting a continuous or quantitative event, such as the effects of an attack. IoT security concerns include identifying intrusions and attacks, analyzing malware, and spotting fraud, as illustrated in Table 10 .
Some ML techniques to handle various IoT security concerns.
Techniques | References |
---|---|
K-nearest neighbors | [ ] |
SVM | [ ] |
NB | [ ] |
AB | [ ] |
Logistic regression | [ ] |
D.T. | [ ] |
Intrude Tree | [ ] |
Behave D.T. | [ ] |
The uses of such techniques are presented as follows:
Regression modeling, on the other hand, can be used to predict attacks or measure the severity of one. Worms, viruses, and another harmful software fall under this category [ 109 ]. Regression techniques, network packet characteristics, and quantitative security models that examine phishing over a specified period are examples of relevant models, as illustrated in Table 11 .
Summary of Classification and Regression Methods.
Algorithm | Complexity for Prediction | Advantages | Disadvantages | IoT Applications | |
---|---|---|---|---|---|
Classification | KNN | O (np) | Easy to update in online Setting. | Unsalable to large data sets. | Smart Citizen, Smart Tourism. |
Naive Bayes | O (p) | Fast and highly scalable. | Strong feature independence assumptions. | Smart Agriculture, Spam filtering, text categorization. | |
SVM | O (n sv p) | Good for unbalanced data. | The lack of transparency of results. | Real-time prediction: detection of intrusion, attacks, and malware. | |
Regression | Linear regression | O (p) | Processing under high rates | Very sensitive to outliers. | Energy applications, market prediction. |
SVR | Useful and flexible technique. | More complicated. | Intelligent transportation systems, Smart Weather. |
Clustering is a standard method of unsupervised learning used in machine learning to analyze IoT security data. It may group or cluster data points based on similarity or dissimilarity metrics of security data from IoT devices from various sources. As a result, clustering might make finding hidden patterns and structures in data easier, making it simpler to spot anomalies or attacks in the IoT. Various perspectives, such as partitioning, hierarchies, fuzzy theory, distribution, and grids, can be used to cluster data. Many well-known methods for classifying data include k-means, K-medoids, and the Gaussian mixture model [ 111 ]. These clustering methods could be used to fix several IoT issues as illustrated in Table 12 . An example of an algorithm used to profile unusual IoT device behavior is the k-means algorithm, which is one method that can be used to find outliers or noisy events is a dynamic threshold-based approach. Fuzzy clustering is frequently used to find IoT intrusions [ 112 ].
Summary of Clustering Techniques.
Algorithm | Complexity | Advantages | Disadvantages | IoT Applications | |
---|---|---|---|---|---|
Clustering | K-means | O (n2) | Very fast and highly scalable. | Difficult to predict the number of clusters (k-value). | Smart Cities, Smart Home, Smart Citizen, Intelligent Transport. |
DBSCAN | O (n2) | Fast and robust against outliers. | Performance is sensitive to the distance metric. | Smart Citizen, Smart Tourism. | |
Feed Forward Neural Network | O (n2) | Non-linearity and robustness. | Longer time for training. | Smart Health. |
Cybersecurity applications can more effectively find helpful information or intelligence in system log data by clustering. Clustering algorithms may be very helpful in resolving IoT security issues, such as identifying outliers, anomalies, signatures, fraud, and cyberattacks, by exposing previously hidden patterns and structures in IoT security data [ 113 ].
Older patterns are less likely to stand out and aid in the identification or prediction of IoT security issues than newer unfriendly behavior patterns. Selectivity analysis, which examines current practices, may be more beneficial in some cases than conventional data analysis. Another critical goal is to develop a security model for IoT devices that is based on how recently they have been used. Innovative, portable IoT device solutions that take new data trends into account are required as part of our learning-based research on IoT security [ 114 ].
By creating various links and patterns based on support and confidence values, rule-based procedures are easy to use and complicate the model. The problem might be lessened with a robust association model. A rule-learning technique that can be used to find trustworthy, non-redundant links between ideas is shown in our earlier work [ 115 ]. Policy rules in a plan define which network usage is allowed and which is not. Even cyberattacks with no known vulnerabilities can be stopped by security policy monitoring filters and protections based on rules [ 116 ].
In the current cyber threat environment, the development and optimization of security features are significant barriers to the success of an ML-based IoT security solution. Security characteristics and IoT data have a direct impact on ML-based security models, necessitating the use of a data-dimensionality-reduction technique. “Feature engineering” is the process of establishing and changing security features or variables so that machine-learning-based security models work properly. Today’s IoT security datasets may contain unused or irrelevant data, making simulation of cyberattacks and other challenges difficult [ 101 ]. The forecasting accuracy of a security model can be harmed by extreme variation, overfitting, expensive processing, and time-consuming model setup [ 93 ]. A high-dimensional dataset with many security attributes evaluated according to how important or relevant they are may make it easier to create an IoT security model [ 102 ]. Existing approaches include the correlation coefficient, the chi-squared test, and analysis of variance. Techniques for embedding information include regularization, Lasso, Ridge, Elastic Net, and tree-based feature importance [ 84 ]. Using feature selection and principal component analysis, it is possible to create new brand components that explain the most important data. As part of machine-learning-based security modeling, these enhanced signature properties may make it easier to manage large amounts of IoT security data, such as identifying anomalies in IoT network traffic [ 103 ].
Deep learning usually uses the multi-layer MLP, FFAN. The input layer, the hidden output layers, and the actual output layer are the three layers that make up the traditional M.L.P. design. An AI network links each node in a layer to a specific value in the layer below it. In the end, this number is associated with the layer below it. As the model is being built, MLP employs backpropagation to adjust the internal weight values [ 117 ]. This M.L.P. network is used to analyze the NSL-KDD dataset’s malware, explain the IoT parameters, detect malicious traffic coming from IoT devices, and create a model for intrusion detection [ 118 ]. The idea divides network data into secure data and unsecure data.
Another variety of artificial neural networks is the recurrent neural network. A directed graph representing time is constructed from the connections between the nodes. In the R.N.N. model, neural feed-forward networks are used. It looks at its internal state, or memory, to determine how long different input sequences last. IoT security, natural language processing, and speech recognition can all benefit from the RNN model’s capabilities to manage sequential data effectively [ 119 ]. IoT devices that are connected provide a lot of sequential data, including information that changes over time and network traffic flows. Recurrent connections in neural networks can uncover potential defense vulnerabilities when a threat’s communication patterns change over time. This is because it has a powerful model for predicting time series because of its long short-term Memory, which allows it to remember what it has been told in the past. For example, it is possible to identify and categorize dangerous applications and detect intrusions using an L.S.T.M.-model-based recurrent network [ 120 ]. It can also be used for further security-related tasks.
The detection and prevention of malware, spoofing, and computer virus attacks across a wide range of IoT devices can be made using a variety of deep learning models and hybrid network models [ 121 ]. One type of deep learning model that could be used to protect IoT devices is a DBN-based security model [ 122 ]. The authors looked at multiple approaches to in-depth learning. Additionally, they were referred to as unique features for jobs requiring human help and generative for those requiring none. Additionally, hybrid systems may be used if the data quality calls for it [ 123 ]. Data-driven security analytics in the context of the IoT can, therefore, greatly benefit from the above machine learning or deep learning methodologies, along with any lightweight modifications (as shown in Table 13 )
Summary of deep learning and machine learning algorithms [ 13 ].
Algorithm | Description |
---|---|
Naive Bayes | It is a collection of rules for grouping data into two or more categories. The term “naive” refers to the practice of calculating the probability of multiple hypothesis by making overly generalized claims. Because all the features are thought to be conditionally independent, determining their actual values is not necessary [ ]. |
K-Nearest Neighbor | It is an efficient and straightforward technique for identifying connections between fresh and old data elements in a collection. After the model has been trained and classified, the degree of similarity between incoming input and its k neighbors is calculated [ ]. |
K-Means Algorithm | The most used method is k-means clustering, which belongs to the unsupervised ML family. If the positive integer value of k is known, k-means clustering can sort or group devices according to them characteristics or parameters into k groups [ ]. |
Random Forest and Decision Tree | It limits a model by placing restrictions on the properties of the data. Then, predictions for a further interesting independent variable are made using this model. Classification and regression issues can be addressed with a decision tree. These trees can be used to split datasets into several branches, each branch representing a rule [ ]. |
Support Vector Machines | SVM is a technique to supervised machine learning that is simple to use and may be used for regression and classification. It can function in environments that really are binary and multi-class [ ]. It divides the supplied data into groups using n dimensions and n + 1 hyperplane. |
Recurrent Neural Networks | In order to address problems that cannot be resolved using conventional methods, this type of supervised learning involves the creation of a hierarchical network of decision-making components [ ]. The programmer builds a network where a specified number of inputs lead to a predefined number of outputs. The multi-layer perceptron, convolutional neural network, and recurrent neural network are three types of neural networks that have been proposed [ ]. |
Principal Component Analysis | Because it compresses data from several sources using an unsupervised manner, in huge datasets, it reduces the number of dimensions and extracts useful information as a set of “principal components” made up of unrelated variables. These components’ ranges are arranged from most variable to least variable, so the first component’s range contains the most variable data, and so forth. The parts that give the least data and variance can be removed to make things simpler [ ]. |
Q-Learning | It is used to schedule spectrum management and IoT security resources. As well as for IoT security, a reinforcement learning method used in the field of machine learning is called Q-learning. In real life, an agent discovers the results of its acts through repeated attempts. It assesses the reward following each action and changes states appropriately [ ]. There are rewards for good behavior and penalties for bad behavior. |
Deep Learning | It functions as a feed-forward neural network in which there are no connections between any of the neurons in each layer. For deep learning, several layers are used, each having a higher level of abstraction than the layer before it [ ]. One layer’s output is sent onto the next layer. |
As a result, through current and future research and development, we address the issues raised in this section and attempt to identify the best strategies for protecting IoT networks and devices. As a result, determining the best learning strategy for a specific IoT security scenario can be time consuming. This is conducted so that the results of various learning algorithms can differ depending on the quality of the input [ 84 ]. The model’s efficacy, precision, and labor requirements may be jeopardized if the incorrect learning method is used. Additionally, redundant IoT security data could lead to the gathering of irrelevant data and inaccurate conclusions. Machine learning or deep learning security models may not perform as well, be less accurate, or even be completely ineffective if the IoT data are incomplete in some way, such as by not being representative, being of poor quality, having irrelevant features, or being too small for training [ 134 ].
Here are a few possible future paths for study on IoT security:
Because of the way the IoT works, gathering security information can be difficult. A dynamic feature of the IoT known as heterogeneity was briefly discussed. It enables the routine collection of massive amounts of data from various sources. Data collection for IoT security is difficult. When working with IoT data, it is critical to understand the data collection process [ 62 ]. Statistics that are inaccurate or incomplete, outliers, and other flaws may jeopardize the security of the aging process or insufficient IoT devices [ 122 ]. The machine learning or deep learning methodology of IoT security has a significant impact on data quality and training availability, which has a significant impact on the IoT security model. IoT environments generate a lot of security data, which are hard to manage and clean up. Learning algorithms must be improved, or new data preparation techniques must be devised for them to be helpful in IoT security [ 135 ]. An effective IoT security solution must include the constraints or capabilities of IoT systems and devices. A device’s ability to store, compute, process, make decisions, and communicate must therefore be balanced with security. Therefore, choosing the best machine learning or deep learning algorithms requires extensive research [ 136 ]. In some cases, standard learning techniques might not work immediately with IoT devices due to the vast amount of repetitive processing. For example, the association rule learning approach may be used in a rule-based system to remove redundant IoT security data, making decision making challenging and ineffective [ 137 ].
Systems based on the IoT are having trouble because of poor management. The problem is that most of the time, software engineers try to figure out how to extract useful data from sensors [ 138 ]. They do not care how data are gathered, just that it is. It is easier for attackers to hack a system and steal sensitive user data when there is no guarantee. Developers must start concentrating on data acquisition as a result [ 139 ].
To communicate with other components of a network, each component needs to have its own identity. Therefore, a technique for dynamically identifying each network node with a special identification must exist [ 140 ]. When the IoT first started, IPv4 was used to give each networked device a special identifier. Because the number of Internet of Things devices is increasing, IPv6 is used to give each one a distinct name.
The idea of trust is important and complicated. It is also necessary to have scalability, dependability, strength, and availability. It goes above taking safety procedures. IoT apps ask their users for sensitive information with their permission. Therefore, a privacy guarantee is necessary. User data are protected and cannot be accessed without permission. Academics have suggested a range of strategies for improving both trust and privacy in scholarly writings. These strategies for protecting trust and privacy in IoT applications have been ineffective. These issues are currently at the forefront of research on the Internet of Things as a result [ 141 ].
Currently, billions of devices are connected to the web, forming what is known as the IoT. Huge volumes of information are being generated by these devices. IoT struggles with the transmission and processing of massive datasets. Therefore, such a system is essential in order to solve the problem of big data [ 142 ].
Information security implementation in the IoT is challenging. Users communicate private data to complete tasks. There are various possible opponents for user privacy. Therefore, security measures should be implemented to safeguard user data and discourage unauthorized access [ 143 ].
IoT devices must also be secure to use. Sensors keep an eye on the surroundings and send the information they gather to computers. Because there is no encounter measurement, the security of data storage devices cannot be guaranteed. As a result, there needs to be a way to stop unauthorized access to or monitoring of sensitive data [ 144 ].
User IDs can be verified using several different techniques. The most common approach is to use a login and password, but there are other options as well, such as an access card, retina scan, voice recognition, or fingerprints. Authorization can also be obtained through access control. It is a method of protecting a system by only allowing those who need access to use it. The system has become complex because it consists of so many nodes and components. The traditional methods of authentication and permission have failed in large-scale networks. Although concerns with authentication and authorization have been researched, they still need to be fixed. To solve these challenges, such an approach is necessary [ 145 ].
Man-in-the-middle and denial-of-service attacks are only two examples of the multiple ways the transport layer of a network can be used. An attack that prevents user’s access to the targeted system, device, or network resource is known as a denial-of-service attack [ 146 ]. A cyberattack known as “man-in-the-middle” occurs when an attacker pretends to be a third party and transmits and detects messages between two objectives who believe they are speaking directly to one another. Therefore, a set of protections must be put in place to guarantee the security of the network layer [ 147 ].
Therefore, it is challenging to create new, lightweight algorithms or procedures for IoT devices without first weighing the advantages and disadvantages of current teaching techniques [ 148 ].
Older patterns are less likely to stand out and aid in the identification or prediction of IoT security issues than newer unfriendly behavior patterns. Selectivity analysis, which examines current practices, may be more beneficial in some cases than conventional data analysis [ 136 ]. Another critical goal is to develop a security model for IoT devices that is based on how recently they have been used. Innovative, portable IoT device solutions that take new data trends into account are required. As part of our learning-based research on IoT security, we examined and evaluated the above study directions [ 149 ]. The security of the IoT can be improved by including context-aware computing; “context awareness” is a term used frequently in IoT computing to describe a system’s capacity to take in information about its surroundings and modify its behavior accordingly [ 150 ].
As a result, using chronological, geographical, individual, dependence, activity, the relationship between events or exchanges, and other contextual security data, it is possible to determine whether suspicious behavior occurs [ 151 ]. For example, a user may be able to connect to the network in the office but not when using public Wi-Fi. One area that could be investigated is how to create IoT security solutions that work in different contexts and adapt to them [ 152 ].
This research provides a comprehensive review of the literature on IoT security awareness. IoT model, IoT-based intelligent environments, and associated security challenges are some of the topics highlighted by machine learning solutions. In this work, we evaluated the knowledge base on IoT security intelligence. We investigated the IoT paradigm, IoT-based smart environments, security issues, and machine learning solutions to these problems. Identifying and protecting IoT devices and systems necessitates a thorough examination of IoT system architectures, as well as the cyberattacks that can break them down layer by layer. We investigated how various machine learning and deep learning technologies could be used to improve IoT security. If IoT security is to be effective, it must be built on machine learning or deep learning models that use data attributes. Before it can assist in making intelligent decisions, the system must have an effective learning algorithm based on the IoT security knowledge acquired and the application for which it is used. We also talked about potential directions and approaches for future research on teaching and learning. Because of these issues, there is room for new research in the field, and this is where the opportunity to develop effective strategies for continuously improving IoT security presents itself. We believe that our research on machine-learning- and deep-learning-based security solutions is a step in the right direction and will help other academics and practitioners find and implement IoT security solutions in the future.
The authors are thankful to reviewers and editors for their valuable comments to improve the quality of our manuscript.
This research received no external funding.
Conceptualization, T.M., H.H. and I.H.; methodology, T.M., H.H. and I.U.; software, T.M. and D.B.T., validation, T.M. and T.A.S. formal analysis, K.O. and T.M.; investigation, H.H., Y.Y.G. and T.M., resources, T.M., I.U. and Y.Y.G.; writing—original draft, T.M. and K.O.; writing—review and editing, T.M., T.A.S., D.B.T. and I.U. All authors have read and agreed to the published version of the manuscript.
Informed consent statement, data availability statement, conflicts of interest.
The authors declare no conflict of interest.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.
RSIS International
IOT Based Smart Security System
International Journal of Research and Scientific Innovation (IJRSI) | Volume V, Issue IV, April 2018 | ISSN 2321–2705
M. Bindu Priya 1 , V. Divya Mani 2 , D. Susmitha 3
1 Assistant Professor, Velagapudi Ramakrishna Siddhartha Engineering College, Vijayawada, Andhra Pradesh, India 2, 3 Student, Velagapudi Ramakrishna Siddhartha Engineering College, Vijayawada, Andhra Pradesh, India
Abstract: – The aim of this paper is to design and implement affordable, flexible and fast monitoring system using Raspberry pi. In recent years, there has been an increase in video surveillance systems in public and private environments due to a heightened sense of security like CCTV and RFID. There are several defects in the video surveillance systems such as picture is indistinct, complex structure, poor stability and lot of storage is needed to save information and surveillance and prices remain relatively high. The system design has motion and camera control. Due to live streaming there is a decrease in data storage and save investment cost.
Keywords:- Internet of things, Raspberry pi, pi camera
I. INTRODUCTION
The concept of Internet of Things (IOT) started with things which identify communication devices. The devices could be tracked, controlled or monitored using remote computersconnected through Internet. IOT extends the use of Internet providing the communication, and thus inter-network of the devices and physical objects, or „Things‟. The two prominent words in IOT are “internet” and “things”. Internet means a vast global network of connected servers, computers, tablets and mobiles using the internationally used protocols and connecting systems. Internet enables sending, receiving, or communicating of information. Thing in English has number of uses and meanings. Dictionary meaning of “Thing” is a term used to reference to a physical object, an action or idea, situation or activity, in case when we do not wish to be precise IOT.
The demand on video surveillance systems are rapidly increasing in the present day. One of the first things people will want to know about their surveillance system is whether or not they have the ability to connect to it over the internet for remote viewing. In the past, security systems had to be monitored by a guard who was locked away in a room all day watching the monitors to make sure that nothing would happen. The other option was to come back and review the footage but damage could have happened. Therefore, researchers and scientists had to come up with ways of overcoming that and thus improving security at large. Commercial spaces, universities, hospitals, casinos and ware houses require video capturing systems that have the ability to alert and record desired live video streaming of the intruder. The advancements in video surveillance technology have made it possible to view your remote security camera from any internet-enabled PC or smart phone from anywhere in the world.
Discover the world's research
COMMENTS
The study analyzes recent technologies, security, intelligent solutions, and vulnerabilities in IoT-based smart systems that utilize ML as a crucial technology to enhance IoT security.
main contributions of this paper: 1. The research presents a consolidated survey on IoT cloud architectur e, services, con-. figurations, and security models. Additionally, we classify IoT cloud ...
Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of domain-independent time-proven security knowledge and expertise. How are they useful for developing secure IoT-based smart systems? Are there architectures that support IoT security?
As an emerging technology, the Internet of Things (IoT) revolutionized the global network comprising of people, smart devices, intelligent objects, data, and information. The development of IoT is still in its infancy and many related issues need to be solved. IoT is a unified concept of embedding everything. IoT has a great chance to make the world a higher level of accessibility, integrity ...
IoT devices are incorporated into various products, ranging from ordinary household items to complex industrial appliances. Despite the increasing demand for IoT, security concerns have impeded its development. This article systematically reviews IoT security research, focusing on vulnerabilities, challenges, technologies, and future directions.
According to [4], the term IIoT is defined as a combination of intelligent and interconnected industrial nodes that are in place to obtain a maximum production rate, while the operational expenses are minimized through the adoption of real-time monitoring and efficient management of the industrial assets.The rise in the usage of IoT in various sectors and its associated benefits for industrial ...
Tahsien et al. [12] concentrated on Machine Learning-based security solutions for IoT systems, incorporating the most recent publications up to 2019. The authors initiated the discussion by introducing the layers of the IoT system and the various security challenges these layers confront, including different forms of cyber-attacks.
This paper proposed an IoT-Empowered smart cyber security framework called the Internet of Drones (IoDs), a drone-based network using machine learning and deep learning methods.
The Internet of Things (IoT) is increasingly becoming a part of our daily lives, raising significant concerns about future cybersecurity risks and the need for reliable solutions. This study conducts a comprehensive systematic literature review to examine the various challenges and attacks threatening IoT cybersecurity, as well as the proposed frameworks and solutions. Furthermore, it explores ...
Billions of gadgets are already online, making the IoT an essential aspect of daily life. However, the interconnected nature of IoT devices also leaves them open to cyber threats. The quantity and sophistication of cyber assaults aimed against Internet of Things (IoT) systems have skyrocketed in recent years. This paper proposes a next-generation cyber attack prediction framework for IoT systems.
Abstract. Smart digital systems with IoT capabilities are gaining popularity. It is, nonetheless, critical to address their security concerns. This study suggests an adaptive architecture-driven ...
Upon analyzing the data presented in Fig. 1, it becomes apparent that the number of articles and conference papers related to the keyword string Q1 "Cybersecurity or Vulnerab*" in IoT-based Smart Renewable Energy is significantly higher than those related to the keyword string Q2 and Q3 ("Cyber-attack or Cyber Threats"), respectively.Moreover, it can be observed that the number of published ...
Mahmood et al. [8] provided a comprehensive review of the cybersecurity challenges in blockchain technology. The authors identified and analyzed the various cybersecurity is-sues that arise in the context of blockchain technology, including attacks on smart contracts, privacy risks, and scalability challenges.
According to such a study, citizens' main concerns. are security and protection with 45%, data privacy with 25%, and transparency of services with 8%. The other concerns are. equal or below to 5 ...
The Internet of Things (IoT)-centric concepts like augmented reality, high-resolution video streaming, self-driven cars, smart environment, e-health care, etc. have a ubiquitous presence now. These applications require higher data-rates, large bandwidth, increased capacity, low latency and high throughput. In light of these emerging concepts, IoT has revolutionized the world by providing ...
architectures for IoT security and privacy. We are par-ticularly interested in how advanced patterns and archi-tectures are, and their approaches to address IoT security. ird, based on the results, we identify the gaps to sup-port security and privacy in modern IoT systems and propose further research to ll the gaps. e main contri -
In conclusion, the integration of AI and biometrics with applications in the IoT has resulted in enhanced security and privacy, offering advanced solutions to cyber vulnerabilities. The applications of these combined technologies span diverse sectors, from healthcare to smart homes, with a promising future scope.
This paper will focus on the security aspects of modern technologies such as communication networks [8], mobile devices [9], the internet of things (IoT) [10], and cyber-physical systems (CPS) [2,11].
Additionally, a case study is presented, implementing an Ethereum-based blockchain system in a smart IoT environment, which offers practical implications and real-world application. However, it is important to note that while blockchain technology can enhance security, it also has its own limitations and challenges.
The Internet of Things (IoT) paradigm refers to a system of billions of Internet-enabled smart devices interconnected with each other. This study attempts to evaluate access control restrictions in smart devices through a penetration test of a lightweight IoT device such as a smartbulb. Very often, lightweight firmware for such devices become the foundation for other products in the market ...
A robust machine-learning-based IoT security system must consider the IoT cyber threat environment. Security features must therefore be designed and refined. A data-conditionality-reduction technique is essential because security features and the IoT data they are associated with have a direct impact on machine-learning-based security models ...
A Proposed Model of IoT Security Management System Based on A study of Internet of Things (IoT) Security October 2018 International Journal of Scientific and Engineering Research 9(9):1227-1244
Challenges of smart city technologies include the complexity of integrating diverse systems and technologies, ensuring interoperability and scalability, addressing privacy concerns related to data collection and usage, and managing cybersecurity risks (Clim et al., 2022). As smart cities become increasingly reliant on digital infrastructure and ...
IOT Based Smart Security System. IOT Based Smart Security System: The aim of this paper is to design and implement affordable, flexible and fast monitoring system using Raspberry pi. In recent years, there has been an increase in video surveillance systems in public and private environments due to a heightened sense of security like CCTV and RFID.
Here are so me of the key el ements that are typically included in the. security architecture of smart cities: 1. Cybersecurity technologies: These include technologies such as firewalls ...