A Taxonomy of Machine Learning based Intrusion Detection Systems for the Internet of Things: A Survey

The Internet of Things is an emerging technology that integrates the Internet and physical smart objects. This technology currently is used in many areas of human life, including education, agriculture, medicine, military and industrial processes, and trade. Integrating real-world objects with the Internet can pose security threats to many of our day-to-day activities. Intrusion detection systems (IDS) can be used in this technology as one of the security methods. In intrusion detection systems, early and correct detection (with high accuracy) of intrusions is considered very important. In this research, game theory is used to develop the performance of intrusion detection systems. In the proposed method, the attacker infiltration mode and the behavior of the intrusion detection system as a two-player and nonparticipatory dynamic game are completely analyzed and Nash equilibrium solution is used to create specific subgames. During the simulation performed using MATLAB software, various parameters were examined using the definitions of game theory and Nash equilibrium to extract the parameters that had the most accurate detection results. The results obtained from the simulation of the proposed method showed that the use of intrusion detection systems in the Internet of Things based on cloud-fog can be very effective in identifying attacks with the least amount of errors in this network.

Download Full-text

A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges

Cybersecurity ◽

10.1186/s42400-021-00077-7 ◽

2021 ◽

Vol 4 (1) ◽

Author(s):

Ansam Khraisat ◽

Ammar Alazab

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Communication Systems ◽

Intrusion Detection Systems ◽

The Internet ◽

Detection Systems ◽

Advantages And Disadvantages ◽

Deployment Strategy ◽

The Internet Of Things ◽

Validation Strategy

AbstractThe Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack on the end nodes. To this end, Numerous IoT intrusion detection Systems (IDS) have been proposed in the literature to tackle attacks on the IoT ecosystem, which can be broadly classified based on detection technique, validation strategy, and deployment strategy. This survey paper presents a comprehensive review of contemporary IoT IDS and an overview of techniques, deployment Strategy, validation strategy and datasets that are commonly applied for building IDS. We also review how existing IoT IDS detect intrusive attacks and secure communications on the IoT. It also presents the classification of IoT attacks and discusses future research challenges to counter such IoT attacks to make IoT more secure. These purposes help IoT security researchers by uniting, contrasting, and compiling scattered research efforts. Consequently, we provide a unique IoT IDS taxonomy, which sheds light on IoT IDS techniques, their advantages and disadvantages, IoT attacks that exploit IoT communication systems, corresponding advanced IDS and detection capabilities to detect IoT attacks.

Download Full-text

An Intrusion Detection System for the Internet of Things Based on Machine Learning: Review and Challenges

Symmetry ◽

10.3390/sym13061011 ◽

2021 ◽

Vol 13 (6) ◽

pp. 1011

Author(s):

Ahmed Adnan ◽

Abdullah Muhammed ◽

Abdul Azim Abd Ghani ◽

Azizol Abdullah ◽

Fahrul Hakim

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Concept Drift ◽

The Internet ◽

Ongoing Research ◽

Active Research ◽

The Internet Of Things

An intrusion detection system (IDS) is an active research topic and is regarded as one of the important applications of machine learning. An IDS is a classifier that predicts the class of input records associated with certain types of attacks. In this article, we present a review of IDSs from the perspective of machine learning. We present the three main challenges of an IDS, in general, and of an IDS for the Internet of Things (IoT), in particular, namely concept drift, high dimensionality, and computational complexity. Studies on solving each challenge and the direction of ongoing research are addressed. In addition, in this paper, we dedicate a separate section for presenting datasets of an IDS. In particular, three main datasets, namely KDD99, NSL, and Kyoto, are presented. This article concludes that three elements of concept drift, high-dimensional awareness, and computational awareness that are symmetric in their effect and need to be addressed in the neural network (NN)-based model for an IDS in the IoT.

Download Full-text

Intrusion Detection System Through Advance Machine Learning for the Internet of Things Networks

IT Professional ◽

10.1109/mitp.2020.2992710 ◽

2021 ◽

Vol 23 (2) ◽

pp. 58-64

Author(s):

Tanzila Saba ◽

Tariq Sadad ◽

Amjad Rehman ◽

Zahid Mehmood ◽

Qaisar Javaid

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

The Internet ◽

The Internet Of Things

Download Full-text

Intrusion detection based on machine learning in the internet of things, attacks and counter measures

The Journal of Supercomputing ◽

10.1007/s11227-021-04188-3 ◽

2022 ◽

Author(s):

Eid Rehman ◽

Muhammad Haseeb-ud-Din ◽

Arif Jamal Malik ◽

Tehmina Karmat Khan ◽

Aaqif Afzaal Abbasi ◽

...

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

The Internet ◽

Counter Measures ◽

The Internet Of Things

Download Full-text

A System to automate the development of anomaly-based network intrusion detection model

Journal of Physics Conference Series ◽

10.1088/1742-6596/2089/1/012006 ◽

2021 ◽

Vol 2089 (1) ◽

pp. 012006

Author(s):

B Padmaja ◽

K Sai Sravan ◽

E Krishna Rao Patro ◽

G Chandra Sekhar

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Real Time ◽

Network Traffic ◽

Intrusion Detection Systems ◽

Network Intrusion Detection ◽

Support Vector ◽

The Internet ◽

Detection Systems ◽

Network Intrusion

Abstract Cyber security is the major concern in today’s world. Over the past couple of decades, the internet has grown to such an extent that almost every individual living on this planet has the access to the internet today. This can be viewed as one of the major achievements in the human race, but on the flip side of the coin, this gave rise to a lot of security issues for every individual or the company that is accessing the web through the internet. Hackers have become active and are always monitoring the networks to grab every possible opportunity to attack a system and make the best fortune out of its vulnerabilities. To safeguard people’s and organization’s privacy in this cyberspace, different network intrusion detection systems have been developed to detect the hacker’s presence in the networks. These systems fall under signature based and anomaly based intrusion detection systems. This paper deals with using anomaly based intrusion detection technique to develop an automation system to both train and test supervised machine learning models, which is developed to classify real time network traffic as to whether it is malicious or not. Currently the best models by considering both detection success rate and the false positives rate are Artificial Neural Networks(ANN) followed by Support Vector Machines(SVM). In this paper, it is verified that Artificial Neural Network (ANN) based machine learning with wrapper feature selection outperforms support vector machine (SVM) technique while classifying network traffic as harmful or harmless. Initially to evaluate the performance of the system, NSL-KDD dataset is used to train and test the SVM and ANN models and finally classify real time network traffic using these models. This system can be used to carry out model building automatically on the new datasets and also for classifying the behaviour of the provided dataset without having to code.

Download Full-text

MADS Based on DL Techniques on the Internet of Things (IoT): Survey

Electronics ◽

10.3390/electronics10212598 ◽

2021 ◽

Vol 10 (21) ◽

pp. 2598

Author(s):

Hussah Talal ◽

Rachid Zagrouba

Keyword(s):

Internet Of Things ◽

Intrusion Detection Systems ◽

The Internet ◽

Detection Systems ◽

Iot Applications ◽

New Generation ◽

The Internet Of Things ◽

Great Development ◽

Comprehensive Study

Technologically speaking, humanity lives in an age of evolution, prosperity, and great development, as a new generation of the Internet has emerged; it is the Internet of Things (IoT) which controls all aspects of lives, from the different devices of the home to the large industries. Despite the tremendous benefits offered by IoT, still there are some challenges regarding privacy and information security. The traditional techniques used in Malware Anomaly Detection Systems (MADS) could not give us as robust protection as we need in IoT environments. Therefore, it needed to be replaced with Deep Learning (DL) techniques to improve the MADS and provide the intelligence solutions to protect against malware, attacks, and intrusions, in order to preserve the privacy of users and increase their confidence in and dependence on IoT systems. This research presents a comprehensive study on security solutions in IoT applications, Intrusion Detection Systems (IDS), Malware Detection Systems (MDS), and the role of artificial intelligent (AI) in improving security in IoT.

Download Full-text