FIGURE 5 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
![FIGURE 4. ROC curves -P, Q and R show levels of detection [50].](publication/342536324/figure/fig3/AS:1001336988508160@1615748750725/ROC-curves-P-Q-and-R-show-levels-of-detection-50_Q320.jpg)
The Internet of Things (IoT) exemplifies a large network of sensing and actuating devices that have penetrated into the physical world enabling new applications like smart homes, intelligent transportation, smart healthcare and smart cities. Through IoT, these applications have consolidated in the modern world to generate, share, aggregate and anal...
Context in source publication
Similar publications
Cloud computing provides scalable, on-demand, and highly available computing services over the Internet to both the public and organizations on a pay-per-use basis. It provides a variety of services such as networking, storage space, and applications. The key issue for cloud computing is ensuring the confidentiality and privacy of cloud resources a...
The operation of hydropower stations plays a very important role in improving the quality of power supply, reducing the cost of electricity, reducing environmental damage, protecting the ecological environment, and achieving sustainable economic development. The low-altitude aircraft defense system using for hydropower station is mainly for the con...
Citations
... In another comprehensive review, the authors in [44] offered mechanisms to enhance the IoT system by focusing on IoT layers, presenting the IDS categorization, and comparing different IoT threats. In addition to identifying the implementation, data components, and event criteria for evaluation, along with preliminary data processing procedures for IDS and IPS, the authors in [45] also evaluated the IoT architecture. Conversely, the authors in [46] discussed an IoT survey and future challenges for a Wireless Sensor Network. ...
The Internet of Things (IoT) is an innovative technology used in manufacturing, environmental monitoring, home automation, human health applications, and other fields. IoT devices, however, are susceptible to various security risks. Cyber-attacks on IoT systems can halt the entire system, resulting in data loss. Intrusion Detection Systems (IDS) can quickly identify malicious activity that could have compromised the network's performance. Effective IDS and Intrusion Prevention System (IPS) are necessary to protect IoT systems. Blockchain technology presents another innovative method to strengthen security systems against the latest attacks. This paper focuses on conducting a Systematic Literature Review (SLR) on Blockchain-based Intrusion Detection/Prevention Systems in IoT Networks. We reviewed several relevant blockchain-based IDS and IPS proposed for IoT networks and their mechanisms. The most recent research articles, published between 2017 and 2022, were selected from several databases. Consequently, a comprehensive review of these selected papers sheds light on their techniques, advantages, and drawbacks.
... Generally, devices in a traditional network are secured using three approaches namely: 1) device-level protection, 2) isolation, and 3) network level protection. Unlike computers, SHDs lack power and computing resources to apply devicelevel protection [31], [32]. Considering the lack of first-line defence mechanisms, the third objective of this research is to apply a second line defence mechanism. ...
... The IDS is called the second layer of protection in a network. The IDS along with a firewall is used to safeguard critical assets of a network [9]. The typical deployment of an IDS in a network is shown in Figure 1. ...
Intrusion Prevention Systems (IPS), capable of preventing the organizational network from a cyber-attack in addition to detecting it, are widely adopted by organizations to protect their networks from unauthorized access, attacks, and malicious activities. Similarly, Snort an open-source IPS is extensively used for effective network security monitoring and analysis. When functioning as an IPS, Snort can be deployed in inline mode within an organizational network, so that all the organizational network traffic travels through it, hence actively blocking or preventing malicious traffic in real-time. This requires Snort to process the network traffic fast enough to match the network traffic line rate. But the Snort IPS default data acquisition module i.e. advanced packet filtering (AF_PACKET) cannot process network traffic at the line rate that causes packet loss and network services disturbance. This research work discusses the technologies available to make Snort IPS process network traffic at line rate. Packet filtering framework (PF_RING) and data plane development kit (DPDK) are the most effective and widely used software technologies, whereas the Napatech smart network interface card (smartNIC) is a very efficient hardware technology for achieving line rate traffic processing. A throughput comparison shows that PF_RING and DPDK achieve a throughput close to 1G with 100% CPU utilization whereas Napatech smartNIC achieves full 1G throughput with CPU utilization of less than 5%. Furthermore, the integration of Snort IPS with the security information and event management (SIEM) system has been discussed for better attack detection in an organizational network.
... These challenges necessitate the proposal of augmenting Blockchain technology with machine learning techniques to improve the security mechanism as presented in this work. However, the literature has shown the efficient performance of adopting blockchain technology, machine learning algorithms, and artificial intelligence in securing smart technologies-based IIoT networks [20][21][22][23]. ...
... • A secure communication: To maintain the integrity and privacy of the massive heterogeneous devices through secure and reliable communication links [54][55][56]. • A smart and self-controlled network: To provide intelligent and learning-based control to the complex dynamic networks [23,57]. It develops scalable, adaptable and flexible characteristics for the system to behave autonomously in the changing environment. ...
... But higher frequencies confront their own challenges, such as signal attenuation, low coverage range, and signal blockages. Moreover, the increased connectivity of devices demands different levels of network security to address the diversity among IoT devices [54,167]. ...
... It is composed of the line of sight (LoS) and a few non-LoS scattering components. The power of non-LoS scattering components is very negligible as compared to the LoS components [54,199]. Therefore, we ignore the non-LoS components and only consider the LoS part as it majorly dominates the THz channel. ...
The evolution of wireless communication networks, from present to the emerging fifth-generation (5G) new radio (NR), and sixth-generation (6G) is inevitable, yet propitious. The thesis evolves around application of machine learning and optimization techniques to problems in spectrum management, internet-of-things (IoT), physical layer security, and intelligent reflecting surface (IRS). The first problem explores License Assisted Access (LAA), which leverages unlicensed resource sharing with the Wi-Fi network as a promising technique to address the spectrum scarcity issue in wireless networks. An optimal communication policy is devised which maximizes the throughput performance of LAA network while guaranteeing a proportionally fair performance among LAA stations and a fair share for Wi-Fi stations. The numerical results demonstrate more than 75 % improvement in the LAA throughput and a notable gain of 8-9 % in the fairness index. Next, we investigate the unlicensed spectrum sharing for bandwidth hungry diverse IoT networks in 5G NR. An efficient coexistence mechanism based on the idea of adaptive initial sensing duration (ISD) is proposed to enhance the diverse IoT-NR network performance while keeping the primary Wi-Fi network's performance to a bearable threshold. A Q-learning (QL) based algorithm is devised to maximize the normalized sum throughput of the coexistence Wi-Fi/IoT-NR network. The results confirm a maximum throughput gain of 51 % and ensure that the Wi-Fi network's performance remains intact. Finally, advanced levels of network security are critical to maintain due to severe signal attenuation at higher frequencies of 6G wireless communication. Thus, an IRS-based model is proposed to address the issue of network security under trusted-untrusted device diversity, where the untrusted devices may potentially eavesdrop on the trusted devices. A deep deterministic policy gradient (DDPG) algorithm is devised to jointly optimize the active and passive beamforming matrices. The results confirm a maximum gain of 2-2.5 times in the sum secrecy rate of trusted devices and ensure Quality-of-Service (QoS) for all the devices. In conclusion, the thesis has led towards efficient, secure, and smart communication and build foundation to address similar complex wireless networks.
... Plus, IoT is a network of physical objects that can be monitored and controlled via the Internet [7,8]. Besides, millions of objects can be found in the IoT via a Wireless Sensor Network (WSN) through different types of actuators and sensors connected to the Internet [9,10]. IoT sensors usually have low memory, low power, battery, and network limitations, so IoT data needs to be computed, stored, accessed, and analyzed [11,12]. ...
The Internet of Things (IoT) is a paradigm that connects objects to the Internet as a whole and enables them to work together to achieve common objectives, such as innovative home automation. Potential attackers see the scattered and open IoT service structure as an appealing target for cyber-attacks. So, security cannot be dealt with independently. Security must be designed and built-in to every layer of the IoT system. IoT security concerns not only network and data security but also human health and life attacks. Therefore, the development of the loT system to provide security through resistance to attacks is a de facto requirement to make the loT safe and operational. Protecting these things is very important for system security. Plus, it is important to integrate the Intrusion Detection System (IDS) with IoT systems. IDS intends to track and analyze network traffic from different resources and detect malicious activities. It is a significant part of cybersecurity technology. In short, IDS is a process used to detect malicious activities against victims by several methods. Besides, the method of Systematic Literature Review (SLR) is used to classify, review, and incorporate results from all similar research that answers one or more IDS research topics and perform a detailed empirical research analysis on IDS techniques. Furthermore, depending on the detection technique, we classify IDS approaches in IoT as signature-based, anomaly-based, specification-based, and hybrid. Also, for the IDS approaches, the authors give a parametric comparison. The benefits and drawbacks of the chosen mechanisms are then addressed. Eventually, there is an analysis of open problems as well as potential trend directions.
... In the detection phase, the IDS generate a passive alert after identifying deviations in the traffic by using different detection techniques as summarized in Table 3 . More details on the different IDS techniques and classifications are reported in Daniya et al. (2021) ; Han et al. (2014) ; Kamaldeep et al. (2020) . In the response phase, the IRS generate a reactive response in a timely manner to handle intrusions and mitigate their effect on the attacked system. ...
Cyberattacks on Cyber-Physical Systems (CPS) are on the rise due to CPS increased networked connectivity and may cause costly environmental hazards as well as human and financial loss. This necessitates designing and implementing proper automatic cybersecurity defensive mechanisms to protect CPS from cyberattacks. This paper studies and surveys Intrusion Response Systems (IRS) by considering their taxonomy, countermeasures pool, general architecture, and the different decision-making approaches utilized in the literature to build resilient CPS that can maintain a safe and stable operational behavior and minimize the effect of cyberattacks. Recent new advances using Reinforcement Learning (RL) algorithms for IRS designs are also surveyed and discussed. Additionally, the paper highlights open research questions and sketches directions for future work.
... Recently, there has been a huge increase in research on IDS for IoT, especially concerning the application of ML techniques (especially deep learning) (Dutta & Granjal, 2020). However, ML-based techniques face the challenge of the low availability of realistic, high-quality datasets that contain diverse attacks for the IoT. ...
... However, ML-based techniques face the challenge of the low availability of realistic, high-quality datasets that contain diverse attacks for the IoT. In Dutta & Granjal (2020), the authors also identify a strong effort in the optimization of existing algorithms for implementation in IoT, and in the development of nodes with high computational performance to perform the tasks of IDS in IoT, through the adoption of fog and edge computing. Implementing an IoT IDS using edge and fog computing would allow the detection of intrusions in IoT ecosystems with less resource consumption. ...
... (Chaabouni, Mosbah, Zemmari, Sauvignac, & Faruki, 2019). However, most of the existing proposals detect a low number of attacks and focus mostly on attacks on routing and DoS and, less frequently, on attacks related to the source of the data (Dutta & Granjal, 2020). ...
The Internet of Things (IoT) comprises the interconnection of a wide range of different devices, from Smart Bluetooth speakers to humidity sensors. The great variety of devices enables applications in several contexts, including Smart Cities and Smart Industry. IoT devices collect and process a large amount of data on machines and the environment and even monitor people's activities. Due to their characteristics and architecture, IoT devices and networks are potential targets for cyberattacks. Indeed, cyberattacks can lead to malfunctions of the IoT environment and access and misuse of private data. This chapter addresses security concerns in the IoT ecosystem. It identifies common threats for each of IoT layers and presents advantages, challenges, and limitations of promising countermeasures based on new technologies and strategies, like Blockchain and Machine Learning. It also contains a more in-depth discussion on Intrusion Detection Systems (IDS) for IoT, a promising solution for cybersecurity in IoT ecosystems.
... It is composed of the line of sight (LOS) and the non-LOS scattering components. The channel is majorly dominated by the LOS component, which renders the scattering component power negligible [3], [37]. Therefore, ignoring the scattered components, the overall path loss for the THz channel for the direct path from BS to devices is given as [3], [34] ...
... The channel is majorly dominated by the LOS component, which renders the scattering component power negligible [3], [37]. Therefore, ignoring the scattered components, the overall path loss for the THz channel for the direct path from BS to devices is given as [3], [34] ...
The sixth-generation (6G) wireless communication has called for higher bandwidth and massive connectivity of Internet-of-Things (IoT) devices. The increased connectivity also demands advanced levels of network security, which are critical to maintaining due to severe signal attenuation at higher frequencies. Intelligent reflecting surface (IRS) is an increasingly popular, efficient, solution to cater to higher data rates, better coverage range, and reduced signal blockages. In this paper, an IRS-based model is proposed to address the issue of network security under trusted-untrusted device diversity, where the untrusted devices may potentially eavesdrop on the trusted devices. A mathematical design of the system model is presented, and an optimization problem is formulated. The secrecy rate of the trusted devices is maximized while guaranteeing Quality-of-Service (QoS) to all the legitimate, trusted and untrusted devices. A deep deterministic policy gradient (DDPG) algorithm is devised to jointly optimize the active and passive beamforming matrices owing to the complex and continuous nature of action and state spaces. The results confirm a maximum gain of 2-2.5 times in the sum secrecy rate of trusted devices under the proposed model, as compared to the benchmark cases. The results also ensure the throughput performance of all trusted and untrusted devices. The performance of the proposed DDPG model is evaluated under meticulously selected hyper-parameters.
... Even though several articles exist on the topic of intrusion detection in the IoT [4], [5], [6], [7], [8], [9], [10], the motivations behind this survey are two-fold: 1) Most existing papers mainly focus on machine and deep learning for intrusion detection while disregarding some other important approaches such as mathematical and trust-based intrusion detection solutions. Moreover, we noticed a lack of sub-classification in the current papers, as most of them focus mainly on a single high-level classification (e.g., machine learning, deep learning, etc.). ...
... This work differentiates between the following intrusion detection and mitigation schemes: (1) signature-based detection, (2) routing protocol information-based detection, (3) statisticsbased mitigation, (4) machine learning-based mitigation and (5) hybrid mitigation approaches. In addition to intrusion detection systems, the authors of [9] also discuss Intrusion Prevention Systems (IPS) and Intrusion Response Systems (IRS). The authors include the works that rely on security in the standardized protocol stack of IoT by considering nine different dimensions and characteristics. ...
In the past several years, the world has witnessed an acute surge in the production and usage of smart devices which are referred to as the Internet of Things (IoT). These devices interact with each other as well as with their surrounding environments to sense, gather and process data of various kinds. Such devices are now part of our everyday’s life and are being actively used in several verticals such as transportation, healthcare, and smart homes. IoT devices, which usually are resource-constrained, often need to communicate with other devices such as fog nodes and/or cloud computing servers to accomplish certain tasks that demand large resource requirements. These communications entail unprecedented security vulnerabilities, where malicious parties find in this heterogeneous and multi-party architecture a compelling platform to launch their attacks. In this work, we conduct an in-depth survey on the existing intrusion detection solutions proposed for the IoT ecosystem which includes the IoT devices as well as the communications between the IoT, fog computing and cloud computing layers. Although some survey articles already exist, the originality of this work stems from the three following points: (1) discuss the security issues of the IoT ecosystem not only from the perspective of IoT devices but also taking into account the communications between the IoT, fog and cloud computing layers; (2) propose a novel two-level classification scheme that first categorizes the literature based on the approach used to detect attacks and then classify each approach into a set of sub-techniques; and (3) propose a comprehensive cybersecurity framework that combines the concepts of Explainable Artificial Intelligence (XAI), federated learning, game theory and social psychology to offer future IoT systems a strong protection against cyberattacks.
