Name of the paper

A Modern Analysis of Aging Machine Learning Based IoT Cybersecurity Methods

A Machine Learning Security Framework for Iot Systems

Machine Learning for Security and the Internet of Things: The Good, the Bad, and the
Ugly

Role of Artifcial Intelligence in the Internet of Things (IoT) cybersecurity

Cyberattacks Detection in IoT-Based Smart City Applications Using Machine Learning
Techniques
Author

Sam Strecker1 , Rushit Dave1,* , Nyle Siddiqui1 , Naeem Seliya1 1Department of Computer
Science, University of Wisconsin – Eau Claire, Eau Claire, US *Corresponding author:
[email protected]

MILOUD BAGAA 1 , (Member, IEEE), TARIK TALEB 1,3,4, (Senior Member, IEEE), JORGE BERNAL
BERNABE 2 , AND ANTONIO SKARMETA 2 , (Member, IEEE) 1Department of Communications
and Networking, School of Electrical Engineering, Aalto University, 02150 Espoo, Finland
2Department of Communications and Information Engineering, University of Murcia, 30001
Murcia, Spain 3Department of Computer and Information Security, Sejong University, Seoul
05006, South Korea 4Centre for Wireless Communications (CWC), University of Oulu, 90570
Oulu, Finland Corresponding author: Miloud Bagaa ([email protected]) This work was
supported in part by the European Research Project H2020 ANASTACIA under Grant GA
731558, in part by the H2020 INSPIRE-5Gplus Project under Grant GA 871808, in part by the
AXA Postdoctoral Scholarship awarded by the AXA Research Fund (Cyber-SecIoT project), in
part by the Academy of Finland 6Genesis Project under Grant 318927, and in part by the
Academy of Finland CSN Project under Grant 311654.

FAN LIANG, WILLIAM GRANT HATCHER, WEIXIAN LIAO , WEICHAO GAO, AND WEI YU
Department of Computer and Information Sciences, Towson University, Towson, MD 21252,
USA Corresponding author: Wei Yu ([email protected]) This work was supported in part by the
US National Science Foundation (NSF) under Grant CNS 1350145, and in part by the University
System of Maryland through the Wilson H. Elkins Professorship Award

Murat Kuzlu1  · Corinne Fair2  · Ozgur Guler

Md Mamunur Rashid 1 , Joarder Kamruzzaman 2 , Mohammad Mehedi Hassan 3,* , Tasadduq
Imam 4 and Steven Gordon 1 1 School of Engineering and Technology, CQUniversity,
Rockhampton North, QLD 4701, Australia; [email protected] (M.M.R.);
[email protected] (S.G.) 2 School of Engineering, Information Technology and Physical
Sciences, Federation University Australia, Gippsland Campus, Churchill, VIC 3842, Australia;
[email protected] 3 Information Systems Department, College of
Computer and Information Sciences, King Saud University, Riyadh 11543, Saudi Arabia 4 School
of Business and Law, CQUniversity, Melbourne Campus, Melbourne, VIC 3000, Australia;
[email protected] * Correspondence: [email protected]
Abstract

Modern scientific advancements often contribute to the introduction and refinement of never-before-seen technologies. This
be quite the task for humans to maintain and monitor and as a result, our society has become reliant on machine learning to a
in this task. With new technology comes new methods and thus new ways to circumvent existing cyber security measures. Thi
study examines the effectiveness of three distinct Internet of Things cyber security algorithms currently used in industry today
malware and intrusion detection: Random Forest (RF), Support-Vector Machine (SVM), and K-Nearest Neighbor (KNN). Each
algorithm was trained and tested on the Aposemat IoT-23 dataset which was published in January 2020 with the earliest of
captures from 2018 and latest from 2019. The RF, SVM, and KNN reached peak accuracies of 92.96%, 86.23%, and 91.48%,
respectively, in intrusion detection and 92.27%, 83.52%, and 89.80% in malware detection. It was found all three algorithms a
capable of being effectively utilized for the current landscape of IoT cyber security in 2021.

Internet of Things security is attracting a growing attention from both academic and industry communities. Indeed, IoT device
prone to various security attacks varying from Denial of Service (DoS) to network intrusion and data leakage. This paper presen
novel machine learning (ML) based security framework that automatically copes with the expanding security aspects related t
domain. This framework leverages both Software Defined Networking (SDN) and Network Function Virtualization (NFV) enable
for mitigating different threats. This AI framework combines monitoring agent and AI_x0002_based reaction agent that use M
Models divided into network patterns analysis, along with anomaly_x0002_based intrusion detection in IoT systems. The
framework exploits the supervised learning, distributed data mining system and neural network for achieving its goals. Experim
results demonstrate the efficiency of the proposed scheme. In particular, the distribution of the attacks using the data mining
approach is highly successful in detecting the attacks with high performance and low cost. Regarding our anomaly_x0002_bas
intrusion detection system (IDS) for IoT, we have evaluated the experiment in a real Smart building scenario using one-class SV
The advancement of the Internet of Things (IoT) has allowed for unprecedented data collection, automation, and remote sens
The detection accuracy of anomalies achieved 99.71%. A feasibility study is conducted to identify the current potential solutio
and actuation, transforming autonomous systems and bringing smart command and control into numerous cyber physical syst
be adopted and to promote the research towards the open challenges.
(CPS) that our daily lives depend on. Simultaneously, dramatic improvements in machine learning and deep neural network
architectures have enabled unprecedented analytical capabilities, which we see in increasingly common applications and
production technologies, such as self-driving vehicles and intelligent mobile applications. Predictably, these technologies have
rapid adoption, which has left many implementations vulnerable to threats unforeseen or undefended against. Moreover, suc
technologies can be used by malicious actors, and the potential for cyber threats, attacks, intrusions, and obfuscation that are
just being considered, applied, and countered. In this paper, we consider the good, the bad, and the ugly use of machine learn
for cybersecurity and CPS/IoT. In detail, we consider the numerous benefits (good use) that machine learning has brought, bot
general, and specifically for security and CPS/IoT, such as the improvement of intrusion detection mechanisms and decision
accuracy in CPS/IoT. More pressing, we consider the vulnerabilities of machine learning (bad use) from the perspectives of sec
and CPS/IoT, including the ways in which machine learning systems can be compromised, misled, and subverted at all stages o
machine learning life-cycle (data collection, pre-processing, training, validation, implementation, etc.). Finally, the most conce
a growing trend has been the utilization of machine learning in the execution of cyberattacks and intrusions (ugly use). Thus, w
consider existing mechanisms with the potential to improve target acquisition and existing threat patterns, as well as those th
can enable novel attacks yet to be seen.

In recent years, the use of the Internet of Things (IoT) has increased exponentially, and cybersecurity concerns have increased
along with it. On the cutting edge of cybersecurity is Artifcial Intelligence (AI), which is used for the develop_x0002_ment of
complex algorithms to protect networks and systems, including IoT systems. However, cyber-attackers have fgured out how to
exploit AI and have even begun to use adversarial AI in order to carry out cybersecurity attacks. This review paper compiles
information from several other surveys and research papers regarding IoT, AI, and attacks with and against AI and explores the
relationship between these three topics with the purpose of comprehensively present_x0002_ing and summarizing relevant
literature in these felds.
In recent years, the widespread deployment of the Internet of Things (IoT) applications has contributed to the development o
smart cities. A smart city utilizes IoT-enabled technologies, communications and applications to maximize operational efficienc
and enhance both the service providers’ quality of services and people’s wellbeing and quality of life. With the growth of smar
networks, however, comes the increased risk of cybersecurity threats and attacks. IoT devices within a smart city network are
connected to sensors linked to large cloud servers and are exposed to malicious attacks and threats. Thus, it is important to de
approaches to prevent such attacks and protect IoT devices from failure. In this paper, we explore an attack and anomaly dete
technique based on machine learning algorithms (LR, SVM, DT, RF, ANN and KNN) to defend against and mitigate IoT cybersec
threats in a smart city. Contrary to existing works that have focused on single classifiers, we also explore ensemble methods su
as bagging, boosting and stacking to enhance the performance of the detection system. Additionally, we consider an integratio
feature selection, cross-validation and multi-class classification for the discussed domain, which has not been well considered
the existing literature. Experimental results with the recent attack dataset demonstrate that the proposed technique can
effectively identify cyberattacks and the stacking ensemble model outperforms comparable models in terms of accuracy, prec
recall and F1-Score, implying the promise of stacking in this domain.
Insights

This article has discussed, and tested the effectiveness of three machine learning algorithms used in IoT cybersecurity for malw
detection trained on a modern dataset. This study highlighted the importance of maintaining and evolving the cybersecurity p
and networks to prevent malicious attackers. The study explored RFs efficacy with modern IoT data and confirmed that it conti
optimal algorithm to use for IoT cybersecurity. While the KNN and SVM did not perform better than the RF, they can still be eff
and intrusion detection in today’s IoT networks.

In this paper, it said that they investigated the most common threats to IoT systems. They have provided a list of promising te
security framework to integrate them in a comprehensive way. They believe that the joint use of SDN, NFV and machine learn
holistic security system able to enforce the requested security policies. They have also provided a study that proves the feasib
security framework, which combines both, knowledge-based intrusion detection and anomaly-based intrusion detection. Fina
ensuring a certain level of security involves additional resource consumption and potential performance degradation; therefor
security requirements and Quality of Service should
be deeply examined within the reaction module.

In this paper, it said to have developed a broad understanding of machine learning for positive and negative uses, and have ex
machine learning systems against traditional and machine learning based attacks. They have presented the bad use of machin
the widespread use of machine learning raises new and unresolved vulnerabilities in a variety of systems, and the significant la
capabilities. Finally, they have addressed in detail the ugly use of machine learning, or the weaponization of machine learning
user confidentiality, system reliability, and service, and the improvement of intrusion and obfuscation mechanisms. Of particu
vulnerabilities of existing machine learning systems provide unprotected attack surfaces, ripe for exploitation. At the same tim
learning to improve attack success, efficacy, and strength should raise alarms across all industries and research, as the lack of d
learning based attacks make us all vulnerable. Critical research is necessary to strengthen detection and defenses against such
attacks, especially in critical infrastructure systems with the potential for massive disruption, destruction, and loss of life.

This paper explores popular techniques to attempt to disrupt or compromise IoT and explains at a surface level how these atta
Methods of attacking AI and using AI to attack are also discussed, with the frame of IoT systems. Having covered all these topi
provide a useful tool with which
researchers and cybersecurity professionals may study IoT in the context of cybersecurity and AI in order to secure IoT system
IoT and AI have been taken advantage of for criminal purposes or have had weaknesses exploited as an example of this, which
understand current risks and help cultivate an understanding such that these weaknesses are accounted for in the future in or
cyberattacks.
In this paper, they explore the feasibility of an ensemble based learning with single model classifiers for identifying cyberattac
smart city applications. Their experiments with the most recent IoT attack database show that their ensemble approach, espe
better than single models in identifying attacks from benign samples. Their approach employs an information gain based featu
identify the most influential features before building the model. Furthermore, in classifying attack types, their ensemble appro
leads to better performance than the single or other ensemble models used in recent works in terms of accuracy, precision, re
Their results indicating that stacking of classifiers can better detect cyberattacks in the smart city systems go beyond technical
economic and social implications.Future research will provide further insights in this respect.
Moulema,
han, V.
/Jun. 2018,
X. Fu, and
(2014).
Attacking
pp. 1–7.
W. Zhao,
Powering
AI.pdf.
[49] A. M.
‘‘A
thenovel
Zarca,
Accessed
en-route J.
internet
B. Aug
25
of
filtering
things.
Bernabe,
2019. 28.
Reference
In
scheme
McMahan
A.
Proceedin
against
B, Daniel
Skarmeta,
gs of data
false the
R.
and J. M.
injection
2014
Federated
A. Calero,
attacks
internatio in
learning:
‘‘Vir tual
cyber_x0
nal
IoT
collabora
002_physi
symposiu
HoneyNet
tive
m on Low
cal
s to
machine
power
networke
mitigate
learning
electronic
d
without
cyberatta
s and
systems,’’
centralize
cks in
IEEE
design
d training
SDN/NFV-
Trans.
(pp. 375-
data.
enabled
Comput.,
380)
Google AI Aposemat IoT-23: A Labeled Dataset With Malicious And Benign IoT Network Traffic — Stratosphere IPS
IoT
vol. 64,
networks,
Blog,
no. 1, pp.
’’ IEEE J.
Google.
4–18, Jan.
Sel. Areas
http://
2015. [17]
www.ai.g
Commun.
F. Liang,
oogleblog
,C.early
Qian,
.com/201
access,
W. G.
7/04/fede
Apr. 8,
Hatcher,
rated-
2020,
and W.
doi:
learning-
Yu,
10.1109/J
collabora
‘‘Search
SAC.2020.
tive.html.
engine for
2986621.
Accessed
the
6 Apr
Internet
2017. 29.
of Things:
Rojek M.
Lessons
Federated
from Web
learning
search,
for IoT.
vision,
Medium,
and
becoming
opportuni
human:
ties,’’ IEEE
artifcial
Access,
intelligen
vol.
ce 7, pp.
104673–
magazine.
104691,
http://ww
2019.
w.becomi
nghuman.
ai/theres-
a_x0002_
better-
way-of-
doing-ai-
in-The-
iot-era-
feabbbc1
b589.
Accessed
16 Apr
2019.
d feature
selection
approach
(HFSA). In
Proceedin
gs of the
2015 SAI
Intelligent
Systems
Conferen
ce
(IntelliSys
),
London,
UK, 10–11
Novembe
r 2015;
pp. 989–
995
— Stratosphere IPS