Investigating the security issues of multi-layer IoT attacks using machine learning techniques

The rapid growth of the IoT applications in smart
homes, medical devices and industry 4.0 has brought huge
benefits to our society and industry however faces several
challenges in terms of security and privacy issues. Due to its heterogeneous architecture, lack of standard security frameworks between layers, lack of secured communication protocols and lack of resources of power, memory and cryptographic functions on edge control, current IoT devices are prone to security attacks at all three main layers: application, network, and physical layer. While there are some attacks such as Sybil, Blackhole, and Malware usually target a specific layer of IoT architecture, other attacks like DDoS and MITM can compromise the security across multiple layers. These types of attacks not only result in
the loss of control over sensitive data and the theft of personal information, but they also result in financial and reputational damages. In recent years, the majority of the research has been carried out to develop robust intrusion detection technologies to safeguard the IoT from a wide range of security attacks, either through novel secure network protocols, the use of firmware or encryption techniques. It is also important to detect IoT attacks at different layers while securing it. Consequently various supervised and unsupervised machine learning (ML) techniques have been found to be effective in detecting them. There is still a lack of research for detecting multilayer attacks as well as new
types of attacks in IoT devices. Hence a thorough investigation of multi-layer Intrusion Detection Systems (IDS) is provided in this article to identify a wide variety of multi-layer attacks and their behavioural patterns. The list of effective ML algorithms is also reviewed along with their training datasets. We have highlighted the challenges and opportunities for future directions of multi-layer intrusion detection research through the taxonomy of multi-layer attacks. We aim to develop a novel computational
framework by investigating the similarities in the features of multi-layer attacks for training ML models to overcome existing problems.

[1] S. Khanam, I. B. Ahmedy, M. Y. Idna Idris, M. H. Jaward, and A. Q. Bin Md Sabri, “A survey of security challenges, attacks taxonomy and advanced countermeasures in the internet of things,” IEEE Access, vol. 8, pp. 219 709–219 743, 2020.
[2] e. a. Carrie MacGillivray, Stacy Crook, “Idc futurescape: Worldwide iot 2020 predictions,” last accessed: 2022-04-10. [Online]. Available:https://www.idc.com/research/viewtoc.jsp?containerId=US45591819
[3] M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, “A survey of machine and deep learning methods for internet of things (iot) security,” IEEE Communications Surveys Tutorials, vol. 22, no. 3, pp. 1646–1685, 2020.
[4] I. Idrissi, M. Azizi, and O. Moussaoui, “Iot security with deep learningbased intrusion detection systems: A systematic literature review,” in 2020 Fourth International Conference On Intelligent Computing in Data Sciences (ICDS), 2020, pp. 1–10.
[5] S. M. Tahsien, H. Karimipour, and P. Spachos, “Machine learning based solutions for security of internet of things (iot): A survey,” Journal of Network and Computer Applications, vol. 161, p. 102630, 2020.
[6] R. Ahmad and I. Alsmadi, “Machine learning approaches to iot security: A systematic literature review,” Internet of Things, vol. 14, p. 100365, 01 2021.
[7] H. F. Atlam and G. B. Wills, IoT Security, Privacy, Safety and Ethics. Cham: Springer International Publishing, 2020, pp. 123–149.
[8] M. Bagaa, T. Taleb, J. B. Bernabe, and A. Skarmeta, “A machine learning security framework for iot systems,” IEEE Access, vol. 8, pp. 114 066– 114 077, 2020.
[9] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, “A survey on iot security: Application areas, security threats, and solution architectures,” IEEE Access, vol. 7, pp. 82 721–82 743, 2019.
[10] R. Doshi, N. Apthorpe, and N. Feamster, “Machine learning ddos detection for consumer internet of things devices,” in 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 29–35.
[11] B. K. Mohanta, D. Jena, S. Ramasubbareddy, M. Daneshmand, and A. H. Gandomi, “Addressing security and privacy issues of iot using blockchain technology,” IEEE Internet of Things Journal, vol. 8, no. 2, pp. 881–888, 2021.
[12] J. Park, H. Chung, and J. F. DeFranco, “Multilayered diagnostics for smart cities,” Computer, vol. 55, no. 2, pp. 14–22, 2022.
[13] T. S. Gopal, M. Meerolla, G. Jyostna, P. R. L. Eswari, and E. Magesh, “Mitigating mirai malware spreading in iot environment,” in 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, 2018, pp. 2226–2230.
[14] “Owasp internet of things project,” https://wiki.owasp.org/index.php/
OWASP Internet of Things Project#tab=IoT Top 10, 2019, [Online; last accessed 239-2022-2022].
[15] IBM, “Ibm security x-force threat intelligence index,” https://www.ibm. com/reports/threat-intelligence/, 2022, [Online; last accessed 239-2022-2022].
[16] R. Kumar and R. Sharma, “Leveraging blockchain for ensuring trust in iot: A survey,” Journal of King Saud University - Computer and Information Sciences, 2021.
[17] A. Mitrokotsa, M. Rieback, and A. Tanenbaum, “Classifying rfid attacks and defenses,” Information Systems Frontiers, vol. 12, pp. 491–505, 11 2010.
[18] P. Malhotra, Y. Singh, P. Anand, D. K. Bangotra, P. K. Singh, and W.-C. Hong, “Internet of things: Evolution, concerns and security challenges,” Sensors, vol. 21, no. 5, 2021.
[19] N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network intrusion detection for iot security based on learning techniques,” IEEE Communications Surveys & Tutorials, vol. PP, pp. 1–1, 01 2019.
[20] A. Mosenia and N. K. Jha, “A comprehensive study of security of internet-of-things,” IEEE Transactions on Emerging Topics in Computing, vol. 5, no. 4, pp. 586–602, 2017.
[21] Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, p. e4150, 2021.
[22] J. Deogirikar and A. Vidhate, “Security attacks in iot: A survey,” in 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 2017, pp. 32–37.
[23] “Official statistics by uk government: Cyber security breaches survey 2021,” last accessed: 2022-04-10. [Online]. Available: https://www.gov.uk/government/statistics/cyber-security-breaches-sur...
[24] I. Sarker, A. S. M. Kayes, S. Badsha, H. Alqahtani, P. Watters, and A. Ng, “Cybersecurity data science: an overview from machine learning perspective,” Journal of Big Data, vol. 7, 07 2020.
[25] S. Priya, M. Sivaram, D. Yuvaraj, and A. Jayanthiladevi, “Machine learning based ddos detection,” in 2020 International Conference on Emerging Smart Computing and Informatics (ESCI), 2020, pp. 234–237.
[26] N. Ravi and S. M. Shalinie, “Learning-driven detection and mitigation of ddos attack in iot via sdn-cloud architecture,” IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3559–3570, 2020.
[27] J. M. Peterson, J. L. Leevy, and T. M. Khoshgoftaar, “A review and analysis of the bot-iot dataset,” in 2021 IEEE International Conference on Service-Oriented System Engineering (SOSE), 2021, pp. 20–27.
[28] S. ur Rehman, M. Khaliq, S. I. Imtiaz, A. Rasool, M. Shafiq, A. R. Javed, Z. Jalil, and A. K. Bashir, “Diddos: An approach for detection and identification of distributed denial of service (ddos) cyberattacks using gated recurrent units (gru),” Future Generation Computer Systems, vol.
118, pp. 453–466, 2021.
[29] W. L. Al-Yaseen, Z. A. Othman, and M. Z. A. Nazri, “Multi-level hybrid support vector machine and extreme learning machine based on modified k-means for intrusion detection system,” Expert Syst. Appl., vol. 67, no. C, p. 296–303, jan 2017.
[30] N. Moustafa, B. Turnbull, and K.-K. R. Choo, “An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4815–4830, 2019.
[31] A. O. Sangodoyin, M. O. Akinsolu, P. Pillai, and V. Grout, “Detection and classification of ddos flooding attacks on software-defined networks: A case study for the application of machine learning,” IEEE Access,
vol. 9, pp. 122 495–122 508, 2021.
[32] A. Zainudin, L. A. C. Ahakonye, R. Akter, D.-S. Kim, and J.-M. Lee, “An efficient hybrid-dnn for ddos detection and classification in software-defined iiot networks,” IEEE Internet of Things Journal, 2022.
[33] Z. Chkirbene, S. Eltanbouly, M. Bashendy, N. AlNaimi, and A. Erbad, “Hybrid machine learning for network anomaly intrusion detection,” in 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), 2020, pp. 163–170.
[34] I. Cviti´c, D. Perakovic, B. B. Gupta, and K.-K. R. Choo, “Boostingbased ddos detection in internet of things systems,” IEEE Internet of Things Journal, vol. 9, no. 3, pp. 2109–2123, 2022.
[35] A. Sivanathan, H. H. Gharakheili, F. Loi, A. Radford, C. Wijenayake, A. Vishwanath, and V. Sivaraman, “Classifying iot devices in smart environments using network traffic characteristics,” IEEE Transactions on Mobile Computing, vol. 18, no. 8, pp. 1745–1759, 2019.
[36] Y.-W. Chen, J.-P. Sheu, Y.-C. Kuo, and N. Van Cuong, “Design and implementation of iot ddos attacks detection system based on machine learning,” in 2020 European Conference on Networks and Communications (EuCNC), 2020, pp. 122–127.
[37] O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, “A machine learning based framework for iot device identification and abnormal traffic detection,” Transactions on Emerging Telecommunications Technologies, vol. 33, no. 3, p. e3743, 2022.
[38] M. Saharkhizan, A. Azmoodeh, A. Dehghantanha, K.-K. R. Choo, and R. M. Parizi, “An ensemble of deep recurrent neural networks for detecting iot cyber attacks using network traffic,” IEEE Internet of Things Journal, vol. 7, no. 9, pp. 8852–8859, 2020.
[39] I. Fraz˜ao, P. H. Abreu, T. Cruz, H. Ara´ujo, and P. Sim˜oes, “Denial of service attacks: Detecting the frailties of machine learning algorithms in the classification process,” in Critical Information Infrastructures
Security, E. Luiijf, I. ˇ Zutautait˙e, and B. M. H¨ammerli, Eds. Cham: Springer International Publishing, 2019, pp. 230–235.
[40] A. A. Hady, A. Ghubaish, T. Salman, D. Unal, and R. Jain, “Intrusion detection system for healthcare systems using medical and network data: A comparison study,” IEEE Access, vol. 8, pp. 106 576–106 584, 2020.
[41] B. Illuri and D. Jose, “Design and implementation of hybrid integration of cognitive learning and chaotic countermeasures for side channel attacks,” Journal of Ambient Intelligence and Humanized Computing, vol. 12, 05 2021.
[42] N. Mukhtar, A. P. Fournaris, T. M. Khan, C. Dimopoulos, and Y. Kong, “Improved hybrid approach for side-channel analysis using efficient convolutional neural network and dimensionality reduction,” IEEE Access, vol. 8, pp. 184 298–184 311, 2020.
[43] N. Mukhtar, A. Mehrabi, Y. Kong, and A. Anjum, “Machine-learningbased side-channel evaluation of elliptic-curve cryptographic fpga processor,” Applied Sciences, vol. 9, p. 64, 12 2018.
[44] A. R. Gad, A. A. Nashat, and T. M. Barkat, “Intrusion detection system using machine learning for vehicular ad hoc networks based on ton-iot dataset,” IEEE Access, vol. 9, pp. 142 206–142 217, 2021.
[45] A. Makkar, S. Garg, N. Kumar, M. S. Hossain, A. Ghoneim, and M. Alrashoud, “An efficient spam detection technique for iot devices using machine learning,” IEEE Transactions on Industrial Informatics, vol. 17, no. 2, pp. 903–912, 2021.
[46] M. Zolanvari, M. A. Teixeira, L. Gupta, K. M. Khan, and R. Jain, “Machine learning-based network vulnerability analysis of industrial internet of things,” IEEE Internet of Things Journal, vol. 6, no. 4, pp. 6822–6834, 2019.
[47] E. Anthi, L. Williams, M. Słowi´nska, G. Theodorakopoulos, and P. Burnap, “A supervised intrusion detection system for smart home iot devices,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 9042–9053, 2019.
[48] “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” Journal of Computational Science, vol. 25, pp. 152–160, 2018.
[49] C. Liang, B. Shanmugam, S. Azam, M. Jonkman, F. D. Boer, and G. Narayansamy, “Intrusion detection system for internet of things based on a machine learning approach,” in 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), 2019, pp. 1–6.
[50] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, “Deep learning approach for network intrusion detection in software defined networking,” in 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), 2016, pp. 258–263.
[51] “Identification of malicious activities in industrial internet of things based on deep learning models,” Journal of Information Security and Applications, vol. 41, pp. 1–11, 2018.
[52] B. A. Tama, M. Comuzzi, and K.-H. Rhee, “Tse-ids: A two-stage classifier ensemble for intelligent anomaly-based intrusion detection system,” IEEE Access, vol. 7, pp. 94 497–94 507, 2019.
[53] P. Nimbalkar and D. Kshirsagar, “Feature selection for intrusion detection system in internet-of-things (iot),” ICT Express, vol. 7, no. 2, pp. 177–181, 2021.
[54] M. A. Ferrag, L. Maglaras, A. Ahmim, M. Derdour, and H. Janicke, “Rdtids: Rules and decision tree-based intrusion detection system for internet-of-things networks,” Future Internet, vol. 12, no. 3, 2020.
[55] “Ensemble detection model for iot ids,” Internet of Things, vol. 16, p. 100435, 2021.