Internet of things

Maintaining security in IoT systems depends on intrusion detection since these networks' sensitivity to cyber-attacks is growing. Based on the IoT23 dataset, this study explores the use of several Machine Learning (ML) and Deep Learning (DL) along with the hybrid models for binary and multi-class intrusion detection. The standalone machine and deep learning models like Random Forest (RF), Extreme Gradient Boosting (XGBoost), Artificial Neural Network (ANN), K-Nearest Neighbors (KNN), Support Vector Machine (SVM), and Convolutional Neural Network (CNN) were used. Furthermore, two hybrid models were created by combining machine learning techniques: RF, XGBoost, AdaBoost, KNN, and SVM and these hybrid models were voting based hybrid classifier. Where one is for binary, and the other one is for multi-class classification. These models were tested using precision, recall, accuracy, and F1-score criteria and compared the performance of each model. This work thoroughly explains how hybrid, standalone ML and DL techniques could improve IDS (Intrusion Detection System) in terms of accuracy and scalability in IoT (Internet of Things).

IoBT stands for the Internet of Battlefield Things. This concept extends the principles of the Internet of Things (IoT) for military and defense use. IoBT integrates smart devices, sensors, and technology on the battlefield to improve situational awareness, communication, and decision-making in military operations. Sensitive military data typically includes information crucial to national security, such as the location of soldiers and equipment. Unauthorized access to location data may compromise operational confidentiality and impede the element of surprise in military operations. Therefore, ensuring the security of location data is crucial for the success and efficiency of military operations. We propose two systems to address this issue.
First, we propose a novel deception-based scheme to enhance the location-information security of IoBT nodes. The proposed scheme uses a novel encryption method, dummy IDs, and dummy packets technology. We develop a mathematical model to evaluate our scheme in terms of safety time (ST), probability of failure (PF), and the probability of identifying the real packet in each location information update (PIRP). Then, we develop NetLogo simulations to validate the mathematical model. The proposed scheme increases ST, reduces PF and PIRP.

The Internet of Things (IoT) has undergone remarkable expansion in recent years, leading to a proliferation of devices capable of connecting to the internet, collecting data, and sharing information. However, this rapid growth has also introduced a myriad of security challenges, resulting in an uptick in cyber-attacks targeting IoT infrastructures. To mitigate these threats and ensure the integrity of data, researchers have been actively engaged in the development of robust Intrusion Detection Systems (IDS) utilizing various machine learning (ML) techniques. This dissertation presents a comprehensive overview of three distinct approaches toward IoT intrusion detection, each leveraging ML methodologies to enhance security measures. The first approach focuses on a multi-class classification algorithm, integrating models such as random forest, logistic regression (LR), decision tree (DT), and Xgboost. Through meticulous evaluation utilizing evaluation metrics including F1 score, recall, and precision under the Receiver Operating Characteristics (ROC) curve, this approach demonstrates a remarkable 99 % accuracy in detecting IoT attacks. In the second approach, a deep ensemble model comprising Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM) architectures is proposed for intrusion detection in IoT environments. Evaluation on the UNSW 2018 IoT Botnet dataset showcases the proficiency of this approach, achieving an accuracy of 98.4 % in identifying malicious activities. Lastly, the dissertation explores a real-time Intrusion Detection System (IDS) framework deployed within the Pyspark architecture, aimed at efficiently detecting IoT attacks while minimizing detection time.

The Internet of Things (IoT) refers to a network of interconnected nodes constantly engaged in communication, data exchange, and the utilization of various network protocols. Previous research has demonstrated that IoT devices are highly susceptible to cyber-attacks, posing a significant threat to data security. This vulnerability is primarily attributed to their susceptibility to exploitation and their resource constraints. To counter these threats, Intrusion Detection Systems (IDS) are employed. This study aims to contribute to the field by enhancing IDS detection efficiency through the integration of Ensemble Learning (EL) methods with traditional Machine Learning (ML) and deep learning (DL) models. To bolster IDS performance, we initially utilize a binary ML classification approach to classify IoT network traffic as either normal or abnormal, employing EL methods such as Stacking and Voting. Once this binary ML model exhibits high detection rates, we extend our approach by incorporating a ML multi-class framework to classify attack types. This further enhances IDS performance by implementing the same Ensemble Learning methods. Additionally, for further enhancement and evaluation of the intrusion detection system, we employ DL methods, leveraging deep learning techniques, ensemble feature selections, and ensemble methods. Our DL approach is designed to classify IoT network traffic. This comprehensive approach encompasses various supervised ML, and DL algorithms with ensemble methods. The proposed models are trained on TON-IoT network traffic datasets. The ensemble approaches are evaluated using a comprehensive metrics and compared for their effectiveness in addressing this classification tasks. The ensemble classifiers achieved higher accuracy rates compared to individual models, a result attributed to the diversity of learning mechanisms and strengths harnessed through ensemble learning. By combining these strategies, we successfully improved prediction accuracy while minimizing classification errors. The outcomes of these methodologies underscore their potential to significantly enhance the effectiveness of the Intrusion Detection System.

Embedded systems and Internet of Things (IoT) devices have been limited in application by constraints posed by batteries. Batteries add size, weight, and upkeep costs, while also limiting the lifetime of devices that are preferred to be small, lightweight, and long-lasting. We present Apis, a software and hardware toolkit for federated power management in energy harvesting applications. By replacing batteries with rapid charging storage capacitors, circuitry to control federated energy storage, and software support to make this architecture useful to developers, embedded devices can potentially run inde nitely with limited maintenance. We present the Apis hardware design for controlling federated energy storage, supporting software for controlling this hardware, and the results of experiments performed to validate the Apis model. The system is named after the taxonomy genus for the honey bee, a creature dedicated to the harvesting and federated storage of energy resources.

Software systems increasingly interact with each other, forming ecosystems. Cloud is one such ecosystem that has evolved and enabled other technologies like IoT and containers. Such systems are very complex and heterogeneous because their components can have diverse origins, functions, security policies, and communication protocols, which makes it difficult to comprehend, utilize and consequently secure them. Abstract architectural models can be used to handle this complexity and heterogeneity but there is lack of work on precise, implementation/vendor neutral and holistic models which represent ecosystem components and their mutual interactions. We attempted to find similarities in systems and generalize to create abstract models for adding security. We represented the ecosystem as a Reference architecture (RA) and the ecosystem units as patterns. We started with a pattern diagram which showed all the components involved along with their mutual interactions and dependencies. We added components to the already existent Cloud security RA (SRA). Containers, being relatively new virtualization technology, did not have a precise and holistic reference architecture. We have built a partial RA for containers by identifying and modeling components of the ecosystem. Container security issues were identified from the literature as well as analysis of our patterns. We added corresponding security countermeasures to container RA as security patterns to build a container SRA. Finally, using container SRA as an example, we demonstrated an approach for RA validation. We have also built a composite pattern for fog computing that is an intermediate platform between Cloud and IoT devices. We represented an attack, Distributed Denial of Service (DDoS) using IoT devices, in the form of a misuse pattern which explains it from the attacker’s perspective. We found this modelbased approach useful to build RAs in a flexible and incremental way as components can be identified and added as the ecosystems expand. This provided us better insight to analyze security issues across boundaries of individual ecosystems. A unified, precise and holistic view of the system is not just useful for adding or evaluating security, this approach can also be used to ensure compliance, privacy, safety, reliability and/or governance for cloud and related ecosystems. This is the first work we know of where patterns and RAs are used to represent ecosystems and analyze their security.