Investigating the security issues of multi-layer IoT attacks using machine learning techniques

Conference paper


Al Sukhni, B., Dave, J., Manna, S. and Zhang, L. Investigating the security issues of multi-layer IoT attacks using machine learning techniques.
AuthorsAl Sukhni, B., Dave, J., Manna, S. and Zhang, L.
TypeConference paper
Description

The rapid growth of the IoT applications in smart
homes, medical devices and industry 4.0 has brought huge
benefits to our society and industry however faces several
challenges in terms of security and privacy issues. Due to its heterogeneous architecture, lack of standard security frameworks between layers, lack of secured communication protocols and lack of resources of power, memory and cryptographic functions on edge control, current IoT devices are prone to security attacks at all three main layers: application, network, and physical layer. While there are some attacks such as Sybil, Blackhole, and Malware usually target a specific layer of IoT architecture, other attacks like DDoS and MITM can compromise the security across multiple layers. These types of attacks not only result in
the loss of control over sensitive data and the theft of personal information, but they also result in financial and reputational damages. In recent years, the majority of the research has been carried out to develop robust intrusion detection technologies to safeguard the IoT from a wide range of security attacks, either through novel secure network protocols, the use of firmware or encryption techniques. It is also important to detect IoT attacks at different layers while securing it. Consequently various supervised and unsupervised machine learning (ML) techniques have been found to be effective in detecting them. There is still a lack of research for detecting multilayer attacks as well as new
types of attacks in IoT devices. Hence a thorough investigation of multi-layer Intrusion Detection Systems (IDS) is provided in this article to identify a wide variety of multi-layer attacks and their behavioural patterns. The list of effective ML algorithms is also reviewed along with their training datasets. We have highlighted the challenges and opportunities for future directions of multi-layer intrusion detection research through the taxonomy of multi-layer attacks. We aim to develop a novel computational
framework by investigating the similarities in the features of multi-layer attacks for training ML models to overcome existing problems.

KeywordsMulti-layer IoT attacks; Machine learning; Dataset; IoT Security
ConferenceInternational Conference On Human-Centered Cognitive Systems
Official URLhttp://www.hccs.gaasnetwork.org/
File
File Access Level
Restricted
Publisher's version
File Access Level
Restricted
References

[1] S. Khanam, I. B. Ahmedy, M. Y. Idna Idris, M. H. Jaward, and A. Q. Bin Md Sabri, “A survey of security challenges, attacks taxonomy and advanced countermeasures in the internet of things,” IEEE Access, vol. 8, pp. 219 709–219 743, 2020.
[2] e. a. Carrie MacGillivray, Stacy Crook, “Idc futurescape: Worldwide iot 2020 predictions,” last accessed: 2022-04-10. [Online]. Available:https://www.idc.com/research/viewtoc.jsp?containerId=US45591819
[3] M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, “A survey of machine and deep learning methods for internet of things (iot) security,” IEEE Communications Surveys Tutorials, vol. 22, no. 3, pp. 1646–1685, 2020.
[4] I. Idrissi, M. Azizi, and O. Moussaoui, “Iot security with deep learningbased intrusion detection systems: A systematic literature review,” in 2020 Fourth International Conference On Intelligent Computing in Data Sciences (ICDS), 2020, pp. 1–10.
[5] S. M. Tahsien, H. Karimipour, and P. Spachos, “Machine learning based solutions for security of internet of things (iot): A survey,” Journal of Network and Computer Applications, vol. 161, p. 102630, 2020.
[6] R. Ahmad and I. Alsmadi, “Machine learning approaches to iot security: A systematic literature review,” Internet of Things, vol. 14, p. 100365, 01 2021.
[7] H. F. Atlam and G. B. Wills, IoT Security, Privacy, Safety and Ethics. Cham: Springer International Publishing, 2020, pp. 123–149.
[8] M. Bagaa, T. Taleb, J. B. Bernabe, and A. Skarmeta, “A machine learning security framework for iot systems,” IEEE Access, vol. 8, pp. 114 066– 114 077, 2020.
[9] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, “A survey on iot security: Application areas, security threats, and solution architectures,” IEEE Access, vol. 7, pp. 82 721–82 743, 2019.
[10] R. Doshi, N. Apthorpe, and N. Feamster, “Machine learning ddos detection for consumer internet of things devices,” in 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 29–35.
[11] B. K. Mohanta, D. Jena, S. Ramasubbareddy, M. Daneshmand, and A. H. Gandomi, “Addressing security and privacy issues of iot using blockchain technology,” IEEE Internet of Things Journal, vol. 8, no. 2, pp. 881–888, 2021.
[12] J. Park, H. Chung, and J. F. DeFranco, “Multilayered diagnostics for smart cities,” Computer, vol. 55, no. 2, pp. 14–22, 2022.
[13] T. S. Gopal, M. Meerolla, G. Jyostna, P. R. L. Eswari, and E. Magesh, “Mitigating mirai malware spreading in iot environment,” in 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, 2018, pp. 2226–2230.
[14] “Owasp internet of things project,” https://wiki.owasp.org/index.php/
OWASP Internet of Things Project#tab=IoT Top 10, 2019, [Online; last accessed 239-2022-2022].
[15] IBM, “Ibm security x-force threat intelligence index,” https://www.ibm. com/reports/threat-intelligence/, 2022, [Online; last accessed 239-2022-2022].
[16] R. Kumar and R. Sharma, “Leveraging blockchain for ensuring trust in iot: A survey,” Journal of King Saud University - Computer and Information Sciences, 2021.
[17] A. Mitrokotsa, M. Rieback, and A. Tanenbaum, “Classifying rfid attacks and defenses,” Information Systems Frontiers, vol. 12, pp. 491–505, 11 2010.
[18] P. Malhotra, Y. Singh, P. Anand, D. K. Bangotra, P. K. Singh, and W.-C. Hong, “Internet of things: Evolution, concerns and security challenges,” Sensors, vol. 21, no. 5, 2021.
[19] N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network intrusion detection for iot security based on learning techniques,” IEEE Communications Surveys & Tutorials, vol. PP, pp. 1–1, 01 2019.
[20] A. Mosenia and N. K. Jha, “A comprehensive study of security of internet-of-things,” IEEE Transactions on Emerging Topics in Computing, vol. 5, no. 4, pp. 586–602, 2017.
[21] Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, p. e4150, 2021.
[22] J. Deogirikar and A. Vidhate, “Security attacks in iot: A survey,” in 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 2017, pp. 32–37.
[23] “Official statistics by uk government: Cyber security breaches survey 2021,” last accessed: 2022-04-10. [Online]. Available: https://www.gov.uk/government/statistics/cyber-security-breaches-sur...
[24] I. Sarker, A. S. M. Kayes, S. Badsha, H. Alqahtani, P. Watters, and A. Ng, “Cybersecurity data science: an overview from machine learning perspective,” Journal of Big Data, vol. 7, 07 2020.
[25] S. Priya, M. Sivaram, D. Yuvaraj, and A. Jayanthiladevi, “Machine learning based ddos detection,” in 2020 International Conference on Emerging Smart Computing and Informatics (ESCI), 2020, pp. 234–237.
[26] N. Ravi and S. M. Shalinie, “Learning-driven detection and mitigation of ddos attack in iot via sdn-cloud architecture,” IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3559–3570, 2020.
[27] J. M. Peterson, J. L. Leevy, and T. M. Khoshgoftaar, “A review and analysis of the bot-iot dataset,” in 2021 IEEE International Conference on Service-Oriented System Engineering (SOSE), 2021, pp. 20–27.
[28] S. ur Rehman, M. Khaliq, S. I. Imtiaz, A. Rasool, M. Shafiq, A. R. Javed, Z. Jalil, and A. K. Bashir, “Diddos: An approach for detection and identification of distributed denial of service (ddos) cyberattacks using gated recurrent units (gru),” Future Generation Computer Systems, vol.
118, pp. 453–466, 2021.
[29] W. L. Al-Yaseen, Z. A. Othman, and M. Z. A. Nazri, “Multi-level hybrid support vector machine and extreme learning machine based on modified k-means for intrusion detection system,” Expert Syst. Appl., vol. 67, no. C, p. 296–303, jan 2017.
[30] N. Moustafa, B. Turnbull, and K.-K. R. Choo, “An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4815–4830, 2019.
[31] A. O. Sangodoyin, M. O. Akinsolu, P. Pillai, and V. Grout, “Detection and classification of ddos flooding attacks on software-defined networks: A case study for the application of machine learning,” IEEE Access,
vol. 9, pp. 122 495–122 508, 2021.
[32] A. Zainudin, L. A. C. Ahakonye, R. Akter, D.-S. Kim, and J.-M. Lee, “An efficient hybrid-dnn for ddos detection and classification in software-defined iiot networks,” IEEE Internet of Things Journal, 2022.
[33] Z. Chkirbene, S. Eltanbouly, M. Bashendy, N. AlNaimi, and A. Erbad, “Hybrid machine learning for network anomaly intrusion detection,” in 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), 2020, pp. 163–170.
[34] I. Cviti´c, D. Perakovic, B. B. Gupta, and K.-K. R. Choo, “Boostingbased ddos detection in internet of things systems,” IEEE Internet of Things Journal, vol. 9, no. 3, pp. 2109–2123, 2022.
[35] A. Sivanathan, H. H. Gharakheili, F. Loi, A. Radford, C. Wijenayake, A. Vishwanath, and V. Sivaraman, “Classifying iot devices in smart environments using network traffic characteristics,” IEEE Transactions on Mobile Computing, vol. 18, no. 8, pp. 1745–1759, 2019.
[36] Y.-W. Chen, J.-P. Sheu, Y.-C. Kuo, and N. Van Cuong, “Design and implementation of iot ddos attacks detection system based on machine learning,” in 2020 European Conference on Networks and Communications (EuCNC), 2020, pp. 122–127.
[37] O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, “A machine learning based framework for iot device identification and abnormal traffic detection,” Transactions on Emerging Telecommunications Technologies, vol. 33, no. 3, p. e3743, 2022.
[38] M. Saharkhizan, A. Azmoodeh, A. Dehghantanha, K.-K. R. Choo, and R. M. Parizi, “An ensemble of deep recurrent neural networks for detecting iot cyber attacks using network traffic,” IEEE Internet of Things Journal, vol. 7, no. 9, pp. 8852–8859, 2020.
[39] I. Fraz˜ao, P. H. Abreu, T. Cruz, H. Ara´ujo, and P. Sim˜oes, “Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process,” in Critical Information Infrastructures
Security, E. Luiijf, I. ˇ Zutautait˙e, and B. M. H¨ammerli, Eds. Cham: Springer International Publishing, 2019, pp. 230–235.
[40] A. A. Hady, A. Ghubaish, T. Salman, D. Unal, and R. Jain, “Intrusion detection system for healthcare systems using medical and network data: A comparison study,” IEEE Access, vol. 8, pp. 106 576–106 584, 2020.
[41] B. Illuri and D. Jose, “Design and implementation of hybrid integration of cognitive learning and chaotic countermeasures for side channel attacks,” Journal of Ambient Intelligence and Humanized Computing, vol. 12, 05 2021.
[42] N. Mukhtar, A. P. Fournaris, T. M. Khan, C. Dimopoulos, and Y. Kong, “Improved hybrid approach for side-channel analysis using efficient convolutional neural network and dimensionality reduction,” IEEE Access, vol. 8, pp. 184 298–184 311, 2020.
[43] N. Mukhtar, A. Mehrabi, Y. Kong, and A. Anjum, “Machine-learningbased side-channel evaluation of elliptic-curve cryptographic fpga processor,” Applied Sciences, vol. 9, p. 64, 12 2018.
[44] A. R. Gad, A. A. Nashat, and T. M. Barkat, “Intrusion detection system using machine learning for vehicular ad hoc networks based on ton-iot dataset,” IEEE Access, vol. 9, pp. 142 206–142 217, 2021.
[45] A. Makkar, S. Garg, N. Kumar, M. S. Hossain, A. Ghoneim, and M. Alrashoud, “An efficient spam detection technique for iot devices using machine learning,” IEEE Transactions on Industrial Informatics, vol. 17, no. 2, pp. 903–912, 2021.
[46] M. Zolanvari, M. A. Teixeira, L. Gupta, K. M. Khan, and R. Jain, “Machine learning-based network vulnerability analysis of industrial internet of things,” IEEE Internet of Things Journal, vol. 6, no. 4, pp. 6822–6834, 2019.
[47] E. Anthi, L. Williams, M. Słowi´nska, G. Theodorakopoulos, and P. Burnap, “A supervised intrusion detection system for smart home iot devices,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 9042–9053, 2019.
[48] “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” Journal of Computational Science, vol. 25, pp. 152–160, 2018.
[49] C. Liang, B. Shanmugam, S. Azam, M. Jonkman, F. D. Boer, and G. Narayansamy, “Intrusion detection system for internet of things based on a machine learning approach,” in 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), 2019, pp. 1–6.
[50] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, “Deep learning approach for network intrusion detection in software defined networking,” in 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), 2016, pp. 258–263.
[51] “Identification of malicious activities in industrial internet of things based on deep learning models,” Journal of Information Security and Applications, vol. 41, pp. 1–11, 2018.
[52] B. A. Tama, M. Comuzzi, and K.-H. Rhee, “Tse-ids: A two-stage classifier ensemble for intelligent anomaly-based intrusion detection system,” IEEE Access, vol. 7, pp. 94 497–94 507, 2019.
[53] P. Nimbalkar and D. Kshirsagar, “Feature selection for intrusion detection system in internet-of-things (iot),” ICT Express, vol. 7, no. 2, pp. 177–181, 2021.
[54] M. A. Ferrag, L. Maglaras, A. Ahmim, M. Derdour, and H. Janicke, “Rdtids: Rules and decision tree-based intrusion detection system for internet-of-things networks,” Future Internet, vol. 12, no. 3, 2020.
[55] “Ensemble detection model for iot ids,” Internet of Things, vol. 16, p. 100435, 2021.

Publication process dates
Deposited05 Dec 2022
Permalink -

https://repository.canterbury.ac.uk/item/9341y/investigating-the-security-issues-of-multi-layer-iot-attacks-using-machine-learning-techniques

  • 36
    total views
  • 0
    total downloads
  • 8
    views this month
  • 0
    downloads this month

Export as

Related outputs

Cyber physical system: Security challenges in Internet of Things system
Mohanta, Bhabendu Kumar, Dehury, Mohan Kumar, Sukhni, Badeea Al and Mohapatra, Niva 2022. Cyber physical system: Security challenges in Internet of Things system. in: 2022 Sixth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC) IEEE.
Machine learning-based solutions for securing IoT systems against multilayer attacks
Al Sukhni, B., Manna, S., Dave, J. and Zhang, L. 2022. Machine learning-based solutions for securing IoT systems against multilayer attacks.
Investigating the security issues of multi-layer IoMT attacks using machine learning techniques
Al Sukhni, B., Manna, S., Dave, J. and Zhang, L. 2022. Investigating the security issues of multi-layer IoMT attacks using machine learning techniques.
Designing a system to mimic expert cognition: An initial prototype
Hepenstal, Sam, Zhang, Leishi and William Wong, B. L. 2022. Designing a system to mimic expert cognition: An initial prototype. Proceedings of the Human Factors and Ergonomics Society Annual Meeting. 66 (1), pp. 2057-2061. https://doi.org/10.1177/1071181322661092
Accuracy and repeatability study of an elbow exoskeleton for multistage exercises
Manna, Soumya K 2022. Accuracy and repeatability study of an elbow exoskeleton for multistage exercises. in: 2022 20th International Conference on Mechatronics - Mechatronika (ME) IEEE.
A smart and home-based telerehabilitation tool for patients with neuromuscular disorder
Manna, S., Azhar, H., Smith, D. and Islam, T. 2022. A smart and home-based telerehabilitation tool for patients with neuromuscular disorder.
A qualitative review of educational robots for STEM: Technical features and impacts
Manna, S. and Azhar, H. 2022. A qualitative review of educational robots for STEM: Technical features and impacts.
Evaluation of students’ performance in CDIO projects through blended learning
Manna, S., Battikh, N., Nortcliffe, A. and Camm, J. 2022. Evaluation of students’ performance in CDIO projects through blended learning.
A smart and secure IoMT tele-neurorehabilitation framework for post-stroke patients
Manna, S., Azhar, H. and Sakel, M. 2022. A smart and secure IoMT tele-neurorehabilitation framework for post-stroke patients. in: Bhaumik, S., Chattopadhyay, S., Chattopadhyay, T. and Bhattacharya, S. (ed.) Proceedings of International Conference on Industrial Instrumentation and Control ICI2C 2021 Singapore Springer. pp. 11-20
Enhancing hands-on skills under capstone CDIO project using blended learning approach
Manna, S., Battikh, N. and Camm, J. 2021. Enhancing hands-on skills under capstone CDIO project using blended learning approach . Sheffield
An analysis of expertise in intelligence analysis to support the design of human-centered artificial intelligence
Hepenstal, S., Zhang, L. and Wong, BL William 2021. An analysis of expertise in intelligence analysis to support the design of human-centered artificial intelligence. https://doi.org/10.1109/SMC52423.2021.9659095
Automated identification of insight seeking behaviours, strategies and rules: a preliminary study
Hepenstal, S., Zhang, L. and Wong, BL William 2021. Automated identification of insight seeking behaviours, strategies and rules: a preliminary study. Sage Journals: Proceedings of the Human Factors and Ergonomics Society Annual Meeting . (65), pp. 1269-1273. https://doi.org/https://doi.org/10.1177/1071181321651348
An inclusive student-led online class test during the pandemic
Manna, S. and Azhar, H. 2021. An inclusive student-led online class test during the pandemic . Assessment and Feedback Symposium 2021.
A granular computing approach to provide transparency of intelligent systems for criminal investigations
Zhang, L. 2021. A granular computing approach to provide transparency of intelligent systems for criminal investigations. in: Pedrycz, W. and Chen, S.-M. (ed.) Interpretable Artificial Intelligence: A Perspective of Granular Computing Cham Springer.
Developing conversational agents for use in criminal investigations
Hepenstal, S., Zhang, L., Kodagoda N. and Wong B.L.W 2021. Developing conversational agents for use in criminal investigations. ACM Transactions on Interactive Intelligent Systems. 11 (3-4), pp. 1-35. https://doi.org/10.1145/3444369
Adaptive and flexible online learning during Covid19 lockdown
Manna, S., Nortcliffe, A., Sheikholeslami, G. and Richmond-Fuller, A. 2021. Adaptive and flexible online learning during Covid19 lockdown.
Developing engineering growth mindset through CDIO outreach activites
Manna, S., Nortcliffe, A. and Sheikholeslami, G. 2020. Developing engineering growth mindset through CDIO outreach activites. Gothenburg, Sweden http://www.cdio.org/.
Design of a game-based rehabilitation system using Kinect sensor
Manna, S. and Dubuy, V. N. 2019. Design of a game-based rehabilitation system using Kinect sensor. Minneapolis, MN, USA ASME.
Assessment of joint parameters in a Kinect sensor based rehabilitation game
Manna, S. and Dubey, V. N. 2019. Assessment of joint parameters in a Kinect sensor based rehabilitation game. Anaheim, California, USA ASME.
Rehabilitation strategy for post-stroke recovery using an innovative elbow exoskeleton
Manna, S. and Dubey, V. N. 2019. Rehabilitation strategy for post-stroke recovery using an innovative elbow exoskeleton. Proceedings of the Institution of Mechanical Engineers, Part H: Journal of Engineering in Medicine. 233 (6), pp. 668-680. https://doi.org/10.1177/0954411919847058
A portable elbow exoskeleton for three stages of rehabilitation
Manna, S. and Dubey, V. N. 2019. A portable elbow exoskeleton for three stages of rehabilitation. Journal of Mechanisms and Robotics. 11 (6), p. 065002. https://doi.org/10.1115/1.4044535