Bassey Isong,Otshepeng Kgote,Adnan Abu-Mahfouz

DOI: https://doi.org/10.3390/electronics13122370

IF: 2.9

2024-06-18

Electronics

Abstract:The swift explosion of Internet of Things (IoT) devices has brought about a new era of interconnectivity and ease of use while simultaneously presenting significant security concerns. Intrusion Detection Systems (IDS) play a critical role in the protection of IoT ecosystems against a wide range of cyber threats. Despite research advancements, challenges persist in improving IDS detection accuracy, reducing false positives (FPs), and identifying new types of attacks. This paper presents a comprehensive analysis of recent developments in IoT, shedding light on detection methodologies, threat types, performance metrics, datasets, challenges, and future directions. We systematically analyze the existing literature from 2016 to 2023, focusing on both machine learning (ML) and non-ML IDS strategies involving signature, anomaly, specification, and hybrid models to counteract IoT-specific threats. The findings include the deployment models from edge to cloud computing and evaluating IDS performance based on measures such as accuracy, FP rates, and computational costs, utilizing various IoT benchmark datasets. The study also explores methods to enhance IDS accuracy and efficiency, including feature engineering, optimization, and cutting-edge solutions such as cryptographic and blockchain technologies. Equally, it identifies key challenges such as the resource-constrained nature of IoT devices, scalability, and privacy issues and proposes future research directions to enhance IoT-based IDS and overall ecosystem security.

engineering, electrical & electronic,computer science, information systems,physics, applied

Moutaz Alazab,Albara Awajan,Hadeel Alazzam,Mohammad Wedyan,Bandar Alshawi,Ryan Alturki

DOI: https://doi.org/10.3390/s24072188

IF: 3.9

2024-03-30

Sensors

Abstract:The Internet of Things (IoT) is the underlying technology that has enabled connecting daily apparatus to the Internet and enjoying the facilities of smart services. IoT marketing is experiencing an impressive 16.7% growth rate and is a nearly USD 300.3 billion market. These eye-catching figures have made it an attractive playground for cybercriminals. IoT devices are built using resource-constrained architecture to offer compact sizes and competitive prices. As a result, integrating sophisticated cybersecurity features is beyond the scope of the computational capabilities of IoT. All of these have contributed to a surge in IoT intrusion. This paper presents an LSTM-based Intrusion Detection System (IDS) with a Dynamic Access Control (DAC) algorithm that not only detects but also defends against intrusion. This novel approach has achieved an impressive 97.16% validation accuracy. Unlike most of the IDSs, the model of the proposed IDS has been selected and optimized through mathematical analysis. Additionally, it boasts the ability to identify a wider range of threats (14 to be exact) compared to other IDS solutions, translating to enhanced security. Furthermore, it has been fine-tuned to strike a balance between accurately flagging threats and minimizing false alarms. Its impressive performance metrics (precision, recall, and F1 score all hovering around 97%) showcase the potential of this innovative IDS to elevate IoT security. The proposed IDS boasts an impressive detection rate, exceeding 98%. This high accuracy instills confidence in its reliability. Furthermore, its lightning-fast response time, averaging under 1.2 s, positions it among the fastest intrusion detection systems available.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Basharat Ahmad,Zhaoliang Wu,Yongfeng Huang,Sadaqat Ur Rehman

DOI: https://doi.org/10.1016/j.knosys.2024.112614

IF: 8.139

2024-10-21

Knowledge-Based Systems

Abstract:The Internet of Things (IoT) networks, which are defined by their interconnected devices and data streams are an expanding attack surface for cyber adversaries. Industrial Internet of Things (IIoT) is a subset of IoT and has significant importance in-terms of security. Robust intrusion detection systems (IDS) are essential for protecting these critical infrastructures. Our research suggests a novel approach to the detection of anomalies in IoT and IIoT networks that leverages the capabilities of deep transfer learning. Our methodology begins with the EdgeIIoT dataset, which serves as the basis for our data analysis. We convert the data into an appropriate image format to enable Convolutional Neural Network (CNN)-based processing. The hyper-parameters of individual machine learning models are subsequently optimized using a Random Search algorithm. This optimization phase optimizes the performance of each model by modifying the hyper-parameters that are unique to the learning algorithms. The performance of each model is meticulously assessed subsequent to hyper-parameter optimization. The top-performing models are subsequently, strategically selected and combined using the ensemble technique. The IDS scheme's overall detection accuracy and generalizability are improved by the integration of strengths from multiple models. The proposed scheme demonstrates significant effectiveness in identifying a broad spectrum of attacks, encompassing a total of 14 distinct attack types. This comprehensive detection capability contributes to a more secure and resilient IoT ecosystem. Furthermore, application of quantization to our best models reduces resource utilization significantly without compromising accuracy.

computer science, artificial intelligence

Noor Wali Khan,Mohammed S Alshehri,Muazzam A Khan,Sultan Almakdi,Naghmeh Moradpoor,Abdulwahab Alazeb,Safi Ullah,Naila Naz,Jawad Ahmad

DOI: https://doi.org/10.3934/mbe.2023602

2023-06-13

Abstract:The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

Sandeepkumar Racherla,Prathyusha Sripathi,Nuruzzaman Faruqui,Md Alamgir Kabir,Md Whaiduzzaman,Syed Aziz Shah

DOI: https://doi.org/10.1109/access.2024.3396461

IF: 3.9

2024-05-10

IEEE Access

Abstract:The Internet of Things (IoT) represents a swiftly expanding sector that is pivotal in driving the innovation of today's smart services. However, the inherent resource-constrained nature of IoT nodes poses significant challenges in embedding advanced algorithms for cybersecurity, leading to an escalation in cyberattacks against these nodes. Contemporary research in Intrusion Detection Systems (IDS) predominantly focuses on enhancing IDS performance through sophisticated algorithms, often overlooking their practical applicability. This paper introduces Deep-IDS, an innovative and practically deployable Deep Learning (DL)-based IDS. It employs a Long-Short-Term-Memory (LSTM) network comprising 64 LSTM units and is trained on the CIC-IDS2017 dataset. Its streamlined architecture renders Deep-IDS an ideal candidate for edge-server deployment, acting as a guardian between IoT nodes and the Internet against Denial of Service, Distributed Denial of Service, Brute Force, Man-in-the-Middle, and Replay Attacks. A distinctive aspect of this research is the trade-off analysis between the intrusion Detection Rate (DR) and the False Alarm Rate (FAR), facilitating the real-time performance of the Deep-IDS. The system demonstrates an exemplary detection rate of 96.8% at the 70% threshold of DR-FAR trade-off and an overall classification accuracy of 97.67%. Furthermore, Deep-IDS achieves precision, recall, and F1-scores of 97.67%, 98.17%, and 97.91%, respectively. On average, Deep-IDS requires 1.49 seconds to identify and mitigate intrusion attempts, effectively blocking malicious traffic sources. The remarkable efficacy, swift response time, innovative design, and novel defense strategy of Deep-IDS not only secure IoT nodes but also their interconnected sub-networks, thereby positioning Deep-IDS as a leading IDS for IoT-enhanced computer networks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Eirini Anthi,Lowri Williams,Małgorzata Słowińska,George Theodorakopoulos,Pete Burnap,Malgorzata Slowinska

DOI: https://doi.org/10.1109/jiot.2019.2926365

IF: 10.6

2019-10-01

IEEE Internet of Things Journal

Abstract:The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate every day tasks, they also introduce tremendous security flaws. Current insufficient security measures employed to defend smart devices make IoT the "weakest" link to breaking into a secure infrastructure, and therefore an attractive target to attackers. This paper proposes a three layer intrusion detection system (IDS) that uses a supervised approach to detect a range of popular network based cyber-attacks on IoT networks. The system consists of three main functions: 1) classify the type and profile the normal behavior of each IoT device connected to the network; 2) identifies malicious packets on the network when an attack is occurring; and 3) classifies the type of the attack that has been deployed. The system is evaluated within a smart home testbed consisting of eight popular commercially available devices. The effectiveness of the proposed IDS architecture is evaluated by deploying 12 attacks from 4 main network based attack categories, such as denial of service (DoS), man-in-the-middle (MITM)/spoofing, reconnaissance, and replay. Additionally, the system is also evaluated against four scenarios of multistage attacks with complex chains of events. The performance of the system's three core functions result in an F-measure of: 1) 96.2%; 2) 90.0%; and 3) 98.0%. This demonstrates that the proposed architecture can automatically distinguish between IoT devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device connected to the network successfully.

Muhammad Zawad Mahmud,Samiha Islam,Shahran Rahman Alve,Al Jubayer Pial

2024-12-04

Abstract:An application of software known as an Intrusion Detection System (IDS) employs machine algorithms to identify network intrusions. Selective logging, safeguarding privacy, reputation-based defense against numerous attacks, and dynamic response to threats are a few of the problems that intrusion identification is used to solve. The biological system known as IoT has seen a rapid increase in high dimensionality and information traffic. Self-protective mechanisms like intrusion detection systems (IDSs) are essential for defending against a variety of attacks. On the other hand, the functional and physical diversity of IoT IDS systems causes significant issues. These attributes make it troublesome and unrealistic to completely use all IoT elements and properties for IDS self-security. For peculiarity-based IDS, this study proposes and implements a novel component selection and extraction strategy (our strategy). A five-ML algorithm model-based IDS for machine learning-based networks with proper hyperparamater tuning is presented in this paper by examining how the most popular feature selection methods and classifiers are combined, such as K-Nearest Neighbors (KNN) Classifier, Decision Tree (DT) Classifier, Random Forest (RF) Classifier, Gradient Boosting Classifier, and Ada Boost Classifier. The Random Forest (RF) classifier had the highest accuracy of 99.39%. The K-Nearest Neighbor (KNN) classifier exhibited the lowest performance among the evaluated models, achieving an accuracy of 94.84%. This study's models have a significantly higher performance rate than those used in previous studies, indicating that they are more reliable.

Cryptography and Security,Machine Learning

Yulong Fu,Zheng Yan,Jin Cao,Ousmane Kone,Xuefei Cao

DOI: https://doi.org/10.1155/2017/1750637

2017-01-01

Mobile Information Systems

Abstract:Internet of Things (IoT) transforms network communication to Machine-to-Machine (M2M) basis and provides open access and new services to citizens and companies. It extends the border of Internet and will be developed as one part of the future 5G networks. However, as the resources of IoT’s front devices are constrained, many security mechanisms are hard to be implemented to protect the IoT networks. Intrusion detection system (IDS) is an efficient technique that can be used to detect the attackers when cryptography is broken, and it can be used to enforce the security of IoT networks. In this article, we analyzed the intrusion detection requirements of IoT networks and then proposed a uniform intrusion detection method for the vast heterogeneous IoT networks based on an automata model. The proposed method can detect and report the possible IoT attacks with three types: jam-attack, false-attack, and reply-attack automatically. We also design an experiment to verify the proposed IDS method and examine the attack of RADIUS application.

Chandra Prabha Kaliappan,Kanmani Palaniappan,Devipriya Ananthavadivel,Ushasukhanya Subramanian

DOI: https://doi.org/10.1007/s12083-024-01684-0

IF: 3.488

2024-06-02

Peer-to-Peer Networking and Applications

Abstract:Over the years, the Internet of Things (IoT) devices have shown rapid proliferation and development in various domains. However, the widespread adoption of smart devices significantly ameliorates the possibility of several security challenges. To address these challenges, this research presents an advanced AI-enhanced trust framework for IoT Intrusion detection to safeguard IoT environments from any potential intrusion attempts. The proposed framework integrates cutting-edge AI techniques for intrusion detection which identifies the anomalies based on the device behavior and responds dynamically to emerging threats. Initially, a robust Intrusion Detection System (IDS) is developed based on an Isolation Forest (IF) algorithm and Autoencoders (AE) to promptly identify anomalies in real-time. Then, behavioral Modeling is performed by employing Long Short-Term Memory (LSTM) and Convolutional Neural Networks (CNNs) for precise behavioral understanding of IoT devices. Additionally, the Bayesian Network is used to perform adaptive trust assessment and the Reinforcement Learning based Proximal Policy Optimization (PPO) for providing dynamic responses to the detected anomalies. The proposed framework is practically implemented and evaluated using IoTID20 and N-BaIoT datasets, and compared with baseline intrusion detection methods including, CNN-TSODE, cuLSTMGRU, ELETL-IDS, Fed-Inforce-Fusion, and Conv-LSTM. The results demonstrate that the proposed framework achieves high efficiency and outperformed other baseline methods by obtaining a detection accuracy of 98.25%, recall of 96.8%, and precision of 97.45%. Overall, the proposed AI-Enhanced Trust Framework offers a promising solution by identifying the intrusion endeavors effectively and contributing toward the attainment of secure and trustworthy IoT ecosystems.

computer science, information systems,telecommunications

Abdulaziz Aldaej,Tariq Ahamed Ahanger,Imdad Ullah

DOI: https://doi.org/10.3390/s23249869

2023-12-16

Abstract:The Internet of Things (IoT) technology has seen substantial research in Deep Learning (DL) techniques to detect cyberattacks. Critical Infrastructures (CIs) must be able to quickly detect cyberattacks close to edge devices in order to prevent service interruptions. DL approaches outperform shallow machine learning techniques in attack detection, giving them a viable alternative for use in intrusion detection. However, because of the massive amount of IoT data and the computational requirements for DL models, transmission overheads prevent the successful implementation of DL models closer to the devices. As they were not trained on pertinent IoT, current Intrusion Detection Systems (IDS) either use conventional techniques or are not intended for scattered edge-cloud deployment. A new edge-cloud-based IoT IDS is suggested to address these issues. It uses distributed processing to separate the dataset into subsets appropriate to different attack classes and performs attribute selection on time-series IoT data. Next, DL is used to train an attack detection Recurrent Neural Network, which consists of a Recurrent Neural Network (RNN) and Bidirectional Long Short-Term Memory (LSTM). The high-dimensional BoT-IoT dataset, which replicates massive amounts of genuine IoT attack traffic, is used to test the proposed model. Despite an 85 percent reduction in dataset size made achievable by attribute selection approaches, the attack detection capability was kept intact. The models built utilizing the smaller dataset demonstrated a higher recall rate (98.25%), F1-measure (99.12%), accuracy (99.56%), and precision (99.45%) with no loss in class discrimination performance compared to models trained on the entire attribute set. With the smaller attribute space, neither the RNN nor the Bi-LSTM models experienced underfitting or overfitting. The proposed DL-based IoT intrusion detection solution has the capability to scale efficiently in the face of large volumes of IoT data, thus making it an ideal candidate for edge-cloud deployment.

Soham Biswas,Md. Sarfaraj Alam Ansari

DOI: https://doi.org/10.1007/s11227-024-06021-z

IF: 3.3

2024-03-22

The Journal of Supercomputing

Abstract:The term "Internet of Things" (IoT) encompasses an entire group of gadgets that are capable of connecting to the Internet in order to gather and share data. The IoT paradigm is being pushed into computer networks by numerous highly advanced intrusions. Cloud computing greatly enhances the success of the IoT by enabling users to perform computing tasks using Internet-based services accessed through connected devices. This seamless integration of cloud technology and the IoT has become a powerful catalyst, revolutionizing the way we operate. The adoption of a distributed architecture, such as cloud computing, exposes the system to potential threats like Distributed Denial of Service (DDoS) and Denial of Service (DoS) attacks. To mitigate these risks, the concept of an intrusion detection system (IDS) has been introduced within the cloud environment. Various machine learning (ML) and deep learning (DL) algorithms have been proposed and implemented to effectively detect and respond to such malicious traffic in the cloud system. For dimension reduction during the training process of those algorithms, multiple independent and hybrid techniques have been proposed. This study presents an efficient ML-based real-time IDS framework with proposed hybrid feature selection techniques. Additionally, in this study, a concise comparative analysis has been conducted using five well-known public datasets. The findings presented in this paper reveal that our proposed IDS achieved a maximum accuracy of 99.98% in identifying malicious traffic.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Prabhat Kumar,Govind P. Gupta,Rakesh Tripathi

DOI: https://doi.org/10.1007/s13369-020-05181-3

IF: 2.807

2021-01-11

Arabian Journal for Science and Engineering

Abstract:With simple connectivity and fast-growing demand of smart devices and networks, IoT has become more prone to cyber attacks. In order to detect and prevent cyber attacks in IoT networks, intrusion detection system (IDS) plays a crucial role. However, most of the existing IDS have dimensionality curse that reduces overall IoT systems efficiency. Hence, it is important to remove repetitive and irrelevant features while designing effective IDS. Motivated from aforementioned challenges, this paper presents an intelligent cyber attack detection system for IoT network using a novel hybrid feature reduced approach. This technique first performs feature ranking using correlation coefficient, random forest mean decrease accuracy and gain ratio to obtain three different feature sets. Then, features are combined using a suitably designed mechanism (AND operation), to obtain single optimized feature set. Finally, the obtained reduced feature set is fed to three well-known machine learning algorithms such as random forest, K-nearest neighbor and XGBoost for detection of cyber attacks. The efficiency of the proposed cyber attack detection framework is evaluated using NSL-KDD and two latest IoT-based datasets namely, BoT-IoT and DS2OS. Performance of the proposed framework is evaluated and compared with some recent state-of-the-art techniques found in literature, in terms of accuracy, detection rate (DR), precision and F1 score. Performance analysis using these three datasets shows that the proposed model has achieved DR up to 90%–100%, for most of the attack vectors that has close similarity to normal behaviors and accuracy above 99%.

multidisciplinary sciences

Sahar Soliman,Wed Oudah,Ahamed Aljuhani

DOI: https://doi.org/10.1016/j.aej.2023.09.023

2023-09-21

AEJ - Alexandria Engineering Journal

Abstract:The widespread deployment of the Internet of Things (IoT) into critical sectors such as industrial and manufacturing has resulted in the Industrial Internet of Things (IIoT). The IIoT consists of sensors, actuators, and smart devices that communicate with one another to optimize manufacturing and industrial processes. Although IIoT provides various benefits to both service providers and consumers, security and privacy remain a big challenge. An intrusion detection system (IDS) has been utilized to mitigate cyberattacks in such a connected network. However, many existing solutions for IDS in IIoT suffer from the lack of comprehensiveness of the types of attack the network is exposed to, high feature dimension, models built on out-of-date datasets, and a lack of focus on the problem of imbalanced datasets. To address the aforementioned issues, we propose an intelligent detection system for identifying cyberattacks in Industrial IoT networks. The proposed model uses the singular value decomposition (SVD) technique to reduce data features and improve detection results. We use the synthetic minority over-sampling (SMOTE) technique to avoid over-fitting and under-fitting issues that result in biased classification. Several machine learning and deep learning algorithms have been implemented to classify data for binary and multi-class classification. We evaluate the efficacy of the proposed intelligent model on ToN_IoT dataset. The proposed approach achieved an accuracy rate of 99.99% and a reduced error rate of 0.001% for binary classification, and an accuracy rate of 99.98% and a reduced error rate of 0.016% for multi-class classification.

Joseph Rose,Matthew Swann,Gueltoum Bendiab,Stavros Shiaeles,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/NetSoft51509.2021.9492685

2021-09-06

Abstract:The rapid increase in the use of IoT devices brings many benefits to the digital society, ranging from improved efficiency to higher productivity. However, the limited resources and the open nature of these devices make them vulnerable to various cyber threats. A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber-attacks. The proposed anomaly-based intrusion detection solution dynamically and actively profiles and monitors all networked devices for the detection of IoT device tampering attempts as well as suspicious network transactions. Any deviation from the defined profile is considered to be an attack and is subject to further analysis. Raw traffic is also passed on to the machine learning classifier for examination and identification of potential attacks. Performance assessment of the proposed methodology is conducted on the Cyber-Trust testbed using normal and malicious network traffic. The experimental results show that the proposed anomaly detection system delivers promising results with an overall accuracy of 98.35% and 0.98% of false-positive alarms.

Cryptography and Security,Artificial Intelligence

Salma Elhag,Amal Mahmoud Alghamdi,Norah Ahmad Al-Shomrani

DOI: https://doi.org/10.1007/s42979-022-01566-3

2022-12-29

SN Computer Science

Abstract:The Internet of Things (IoT) has evolved to the point that modern enterprises may now deploy large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT) (IIoT). The IIoT is susceptible to many cyber-attacks that hacker may use to cause significant reputational and financial harm to businesses. An anomaly-based intrusion detection system (IDS) may offer secure, dependable, and efficient IIoT ecosystems by preserving the confidentiality, integrity, and availability of IIoT networks. This study investigates the application of a security model for the IIoT that uses machine learning techniques to improve network and communication security by preventing malicious and infected nodes from spreading and infecting other nodes in the network. In this, four machine learning classifiers (SVM, DT, RF, and kNN) have been used to classify the attacks with three main attack scenarios. The results show that RF has a stable performance and accuracy of 99.5%, while the other classifiers show differences in accuracy and performance with each attack scenario.

Azidine Guezzaz,Mourade Azrour,Said Benkirane,Mouaad Mohy-Eddine,Hanaa Attou,Maryam Douiba

DOI: https://doi.org/10.34028/iajit/19/5/14

2022-01-01

The International Arab Journal of Information Technology

Abstract:Due to the development of cloud computing and Internet of Things (IoT) environments, such as healthcare systems, telecommunications and Industry 4.0 or Industrial IoT (IIoT) many daily services are transformed. Therefore, Security issues become useful to better protect these novel technologies. IIoT security represents a real challenge for industry actors and academic research. A set of security approaches, such as intrusion detection are integrated to improve IIoT environments security. Hence, an Intrusion Detection System (IDS) aims to monitor, detect an intrusion in real time and then make reliable decisions. Many recent IDS incorporate Machine Learning (ML) techniques to improve their Accuracy (ACC), precision and Detection Rate (DR). This paper presents a hybrid IDS for Edge-Based IIoT Security using ML techniques. This new hybrid framework is based on misuse and anomaly detection using K-Nearest Neighbor (K-NN) and Principal Component Analysis (PCA) techniques. Specifically, the K-NN classifier has been incorporated to improve detection accuracy and make effective decision and the PCA is used for an enhanced feature engineering and training process. The obtained results have proven that our proposed Framework presents many advantages compared with other recent models. It gives good results with 99.10% ACC, 98.4% DR 2.7% False Alarm Rate (FAR) on NSL-KDD dataset and 98.2% ACC, 97.6% DR, 2.9% FAR on Bot-IoT dataset.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Pietro Spadaccino,Francesca Cuomo

DOI: https://doi.org/10.48550/arXiv.2012.01174

2022-04-14

Abstract:Key components of current cybersecurity methods are the Intrusion Detection Systems (IDSs) were different techniques and architectures are applied to detect intrusions. IDSs can be based either on cross-checking monitored events with a database of known intrusion experiences, known as signature-based, or on learning the normal behavior of the system and reporting whether some anomalous events occur, named anomaly-based. This work is dedicated to survey the application of IDS to the Internet of Things (IoT) networks, where also the edge computing is used to support the IDS implementation. New challenges that arise when deploying an IDS in an edge scenario are identified and remedies are proposed. We focus on anomaly-based IDSs, showing the main techniques that can be leveraged to detect anomalies and we present machine learning techniques and their application in the context of an IDS, describing the expected advantages and disadvantages that a specific technique could cause.

Cryptography and Security,Artificial Intelligence,Networking and Internet Architecture

Luca Arnaboldi,Charles Morisset

DOI: https://doi.org/10.48550/arXiv.2105.08096

2021-05-18

Abstract:Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. The procedure of implementing a IDS for Internet of Things (IoT) networks is not without challenges due to the variability of these systems and specifically the difficulty in accessing data. The specifics of these very constrained devices render the design of an IDS capable of dealing with the varied attacks a very challenging problem and a very active research subject. In the current state of literature, a number of approaches have been proposed to improve the efficiency of intrusion detection, catering to some of these limitations, such as resource constraints and mobility. In this article, we review works on IDS specifically for these kinds of devices from 2008 to 2018, collecting a total of 51 different IDS papers. We summarise the current themes of the field, summarise the techniques employed to train and deploy the IDSs and provide a qualitative evaluations of these approaches. While these works provide valuable insights and solutions for sub-parts of these constraints, we discuss the limitations of these solutions as a whole, in particular what kinds of attacks these approaches struggle to detect and the setup limitations that are unique to this kind of system. We find that although several paper claim novelty of their approach little inter paper comparisons have been made, that there is a dire need for sharing of datasets and almost no shared code repositories, consequently raising the need for a thorough comparative evaluation.

Cryptography and Security

Haipeng Yao,Pengcheng Gao,Peiying Zhang,Jingjing Wang,Chunxiao Jiang,Lijun Lu

DOI: https://doi.org/10.1109/MNET.001.1800479

IF: 10.294

2019-01-01

IEEE Network

Abstract:The design of an intrusion detection system (IDS) plays a critical role in guaranteeing the security of the Industrial Internet of Things (IIoT). Recently, the rapid development of edge-based IIoT has posed new challenges in the design of a beneficial IDS considering its billions of IIoT devices and substantially decentralized data interaction. Both the detection method and the system architecture become the key components in constructing an efficient IDS for edge-based IIoT. In this article, we survey the typical state-of-theart studies about detection methods and system structure of IDS. Moreover, we propose a hybrid IDS architecture and introduce a machine learning aided detection method, which outperforms the literature in terms of a range of benchmarks.

Wengui Hu,Qingsong Cao,Mehdi Darbandi,Nima Jafari Navimipour

DOI: https://doi.org/10.1007/s10586-024-04385-8

2024-04-28

Cluster Computing

Abstract:The number of cloud-, edge-, and Internet of Things (IoT)-based applications that produce sensitive and personal data has rapidly increased in recent years. The IoT is a new model that integrates physical objects and the Internet and has become one of the principal technological evolutions of computing. Cloud computing is a paradigm for centralized computing that gathers resources in one place and makes them available to consumers via the Internet. Despite the vast array of resources that cloud computing offers, real-time mobile applications might not find it acceptable because it is typically located far from users. However, in applications where low latency and high dependability are required, edge computing—which disperses resources to the network edge—is becoming more and more popular. Though it has less processing power than traditional cloud computing, edge computing offers resources in a decentralized way that can react to customers' needs more quickly. There has been a sharp increase in attackers stealing data from these applications since the data is so sensitive. Thus, a powerful Intrusion Detection System (IDS) that can identify intruders is required. IDS are essential for the cybersecurity of the IoT, cloud, and edge architectures. Investigators have mostly embraced the use of deep learning algorithms as a means of protecting the IoT environment. However, these techniques have some issues with computational complexity, long processing times, and poor precision. Feature selection approaches can be utilized to overcome these problems. Optimization methods, including bio-inspired algorithms, are applied as feature selection approaches to enhance the classification accuracy of IDS systems. Based on the cited sources, it appears that no study has looked into these difficulties in depth. This research thoroughly analyzes the current literature on intrusion detection and using nature-inspired algorithms to safeguard IoT and cloud/edge settings. This article examines pertinent analyses and surveys on the aforementioned subjects, dangers, and outlooks. It also examines many frequently used algorithms in the development of IDSs used in IoT security. The findings demonstrate their efficiency in addressing IoT and cloud/edge ecosystem security issues. Moreover, it has been shown that the methods put out in the literature might improve IDS security and dependability in terms of precision and execution speed.

computer science, information systems, theory & methods