The Internet of Things (IoT) is a well-known technology that has a significant impact on many areas, including connections, work, healthcare, and the economy. IoT has the potential to improve life in a variety of contexts, from smart cities to classrooms, by automating tasks, increasing output, and decreasing anxiety. Cyberattacks and threats, on the other hand, have a significant impact on intelligent IoT applications. Many traditional techniques for protecting the IoT are now ineffective due to new dangers and vulnerabilities. To keep their security procedures, IoT systems of the future will need artificial intelligence (AI)-efficient machine learning and deep learning. The capabilities of artificial intelligence, particularly machine and deep learning solutions, must be used if the next-generation IoT system is to have a continuously changing and up-to-date security system.
The Internet of Things (IoT) connects everything in the modern world and is gaining traction in business, particularly in healthcare. The IoT is one of the most popular new ideas in recent years. It locates, transmits, and analyzes data using a network of connected components. In the IoT, “things” are sensors, RFID tags, heart rate monitors, and other smart devices that collect and transmit data. New devices are added to IoT networks daily. There will be roughly 20.4 billion connected devices in 2022, up from 8.4 billion in 2020 
The IoT has an impact on our daily social, commercial, and economic activities. IoT revenue is expected to increase from 892 billion USD in 2018 to more than 4 trillion USD by 2025. This expansion is directly related to the growth of the digital economy. The Internet of Things has enabled smart meters, remote monitoring, process automation, smart homes, smart cities, and smart businesses 
. Current and future Internet of Things applications and services have the potential to significantly improve the ease, speed, and comfort of customers’ lives 
. Many cyber threats and attacks, however, are significant impediments to IoT development.
Expansion of IoT networks raises significant issues in several areas, including device management, data management, computation, security, and privacy 
. Several security flaws discovered may jeopardize the burgeoning IoT. Future IoT applications, such as those mentioned above, may fail to fulfill all their promises if a dependable framework is not in place as they will be unable to meet individual needs or adhere to social norms. IoT systems are divided into four layers: the application layer; the middleware or support layer; the networking and data transmission layer; and the perception or sensing layer. There are many layers to IoT applications, and each needs different technology 
. At each stage, there are particular security concerns and difficulties. Attacks, including denial-of-service, spoofing, jamming, eavesdropping, data manipulation, and man-in-the-middle, are among the most common IoT risks.
Because security threats and attacks are becoming more numerous and complex, traditional security practices are no longer as effective as they once were. Future IoT infrastructure requires a security solution that uses risk-mitigation technology to reduce risk. Proponents of the Fourth Industrial Revolution argue that artificial intelligence (AI) is critical to the future development of intelligent systems. As a result, it can detect unexpected or harmful IoT behaviors and provide a dynamic, adaptive security solution by leveraging artificial intelligence skills, particularly machine, and deep learning. To sift through security data in search of novel insights and trends, machine learning and deep learning models commonly use a preset set of rules, strategies, or complex transfer functions 
. By recognizing anomalies in the IoT, developed security models might also be used to teach robots how to defend themselves against potential threats or attacks.
Understanding the nature of data, the many kinds of cyber threats, and other pertinent factors is essential when using machine learning and deep learning to build data-driven security systems 
. Regarding connectivity, the IoT controls how and what happens when things communicate. This suggests that, regardless of location, IoT networks are always available. Networks must remain flexible and responsive because IoT devices are constantly added and removed 
Because IoT devices are constantly being added and withdrawn, the network reconfiguration process must be dynamic and flexible. Ad hoc networks may rely on nearby devices for short-range communications 
. An IoT-enabled device transforms and acts based on its proximity to the current location 
. Wireless communication is the primary obstacle in industrial IoT networks. Highly reliable, low-latency communication is necessary for sensitive applications, such as traffic monitoring, manufacturing on an assembly line, and medical equipment 
An IoT device is a piece of hardware equipped with a sensor that sends data between locations through the internet. Because many sensors are used in a complex system application, the systems should be set up to use fewer resources and cost less 
There are different techniques of machine learning and deep learning, such as rule-based techniques, the clustering method, optimization of security features, recurrent neural network, multi-layer perceptron, and classification and regression techniques, used to protect IoT data. Regression and classification techniques are well known and frequently used in IoT machine security. Predicting the outcome of discrete values or categories, such as anomaly, average, or attacks, is a standard definition of classification problems. Clustering algorithms may be very helpful in resolving IoT security issues, such as identifying outliers, anomalies, signatures, fraud, and cyberattacks, by exposing previously hidden patterns and structures in IoT security data. Rule-based systems may be essential to IoT security because they may learn security or policy rules from data. A well-known machine learning technique called association rule learning looks for patterns or relationships between the attributes in a security dataset. This MLP network is used to analyze the NSL-KDD dataset’s malware, explain IoT parameters, detect malicious traffic coming from IoT devices, and create a model for intrusion detection. These enhanced signature properties may simplify the management of large amounts of IoT security data, such as identifying anomalies in IoT network traffic, as part of machine-learning-based security modeling.
2. Artificial Intelligence to Solve the IoT Security Challenges
2.1. Security Issues in the Perception or Sensing Layer
A conventional IoT design consists of three layers: the application layer, the network layer, and the perception layer 
. However, the support or middleware layer between the network and application layers becomes more important as the significance of data processing and intelligent decision making rises. Multiple layers, including a network layer and a support layer, may be present in IoT systems. Cloud computing has been used as the underlying support layer in numerous studies of IoT systems.
Various sensors and other devices make up the perception layer, sometimes called the sensing layer. This layer’s storage, processing, memory, and communication capabilities are limited. The main methods this layer secures in the IoT network are node authentication, weak encryption, and access control 
. Attacks and crimes against the perceiving layer’s privacy are too common in the real world. One approach to conduct this is to take control of a node. Malicious code usage, data injection, replay assaults, and side-channel attacks are other techniques. For example, if an attacker takes over a node, it will stop sending valid network data and may even stop using the IoT security program. It is possible that the IoT application will not operate as planned if it receives terrible data or is compromised by malicious code injection. A technique called eavesdropping, also called sniffing or snooping, allows an attacker to intercept and look through data being exchanged between two devices 
2.1.1. Issues with Networking and Data Communications Layer Security
The main goals of this layer are compatibility, privacy, and secrecy. At this layer, it is expected that criminal activities, including phishing, distributed denial-of-service attacks, attacks on data transit, routing attacks, identity authentication, and encryption, will occur 
. This layer of the IoT is especially vulnerable to phishing attacks, which aim to obtain sensitive information such as passwords and login credentials. When an attacker or unauthorized user gains access to the IoT network while IoT apps gather and transfer sensitive data, this is characterized as an access attack, also known as a continuous advanced threat.
2.1.2. Security Issues in the Middleware or Support Layer
Distributed computing solutions have been used to replace centralized cloud environments in a variety of cases, with good results in terms of performance and response time. All sent data should now be checked for accuracy, concision, and secrecy.
When someone inside a network purposefully alters or steals data or information, this is known as a malicious inside attack 
. By inserting malicious SQL queries into the code, SQL injection attacks are used to steal data from user services in the real world. When damage to one virtual machine spreads to another, this is a virtualization attack. With the help of cloud malware injection, a hacker can take over a cloud service, install malicious code, or even create a fake virtual machine. There could be significant consequences if attacks are so powerful that cloud infrastructure is incredibly frustrated 
2.1.3. Application Layer
Defining and maintaining IoT applications, including their interactions with specific clients, fall under the scope of the application layer. One way to use IoT services is through a user interface. A computer, a smartphone, or any other Internet-enabled smart device could serve as an interface. The data that the middleware layer process is used by the application layer 
. This holds for a wide range of application categories, including applications for smart homes, smart cities, industry, construction, and health. The security needs of an application may change depending on how it functions. When sending information on climate change forecasts as opposed to when conducting online banking, it is acceptable to expect a better level of security. The application layer must address various security challenges, such as attacks on access control, malicious code, programming, data leaks, service interruptions, application vulnerabilities, and software flaws 
Attacks that interrupt service, commonly referred to as “Distributed Denial of Service (DoS)” attacks, stop users from using IoT apps by sending a flood of requests to servers or networks. Threat actors could use sniffer software to monitor data being transmitted by IoT apps. Attacks that gain unauthorized access can seriously harm a system quickly by preventing users from using IoT-related services and wiping data 
Each layer of an IoT system may be vulnerable to different security flaws and attacks, as was already mentioned. Furthermore, there is a severe risk of unknown vulnerabilities. One must conduct a thorough investigation to find these hacks. Understanding artificial intelligence, especially machine learning and deep learning architectures and techniques, is an effective way to safeguard the system regarding IoT security. Figure 1 shows the layers and function of IoT architecture.
Layered Architecture 
2.2. IoT Security Solutions Based on ML and DL
IoT devices can use AI technologies, such as machine learning and deep learning, to act correctly after learning from the data they gather. It is feasible to detect significant security event trends in IoT data using learning models, which frequently include rules, procedures, or complex “transfer functions” 
This enables DL and ML, which are entirely different, to function in real time over IoT networks. This shows how data-driven IoT security intelligence models could be created using ML and DL. IoT security data can be used to learn new things via classification and regression analysis, clustering, rule-based techniques, feature optimization, and DL with ANN, such as the M.N.L.P.N., C.N., and recurrent networks 
. The following section covers the use of ML and DL to increase the security of IoT products. A machine-learning-based IoT security architecture is shown in Figure 2
A machine learning security framework for IoT systems 
2.2.1. Classification and Regression Techniques
Regression and classification techniques are well known and frequently used in IoT machine security. Predicting the outcome of discrete values or categories, such as anomaly, average, or attacks, is a standard definition of classification problems 
. Regression is the technique of predicting a continuous or quantitative event, such as the effects of an attack.
The uses of such techniques are presented as follows:
The SVM classification approach looks for unusual behavior in IoT devices and malware on Android to assure the dependability of IoT services 
Anomalies, denial-of-service assaults, IoT intrusions, and irregularities in smart cities are all detected using the random forest approach 
Two other methods for detecting abnormalities include a Naive-Bayes-based classification model and a linear-regression-based strategy for spotting malicious IoT malicious nodes 
Regression modeling, on the other hand, can be used to predict attacks or measure the severity of one. Worms, viruses, and another harmful software fall under this category 
. Regression techniques, network packet characteristics, and quantitative security models that examine phishing over a specified period are examples of relevant models.
- Any widely used R.T., such as linear, logistic, polynomial, and partial least-squares regression, can be used to build the quantitative security model. For instance, multiple regression analysis can create a correlation between human characteristics and how people desire to act in terms of cybersecurity .
2.2.2. Clustering Techniques
Clustering is a standard method of unsupervised learning used in machine learning to analyze IoT security data. It may group or cluster data points based on similarity or dissimilarity metrics of security data from IoT devices from various sources. As a result, clustering might make finding hidden patterns and structures in data easier, making it simpler to spot anomalies or attacks in the IoT. Various perspectives, such as partitioning, hierarchies, fuzzy theory, distribution, and grids, can be used to cluster data. Many well-known methods for classifying data include k-means, K-medoids, and the Gaussian mixture model .
2.2.3. Rule-Based Techniques
Older patterns are less likely to stand out and aid in the identification or prediction of IoT security issues than newer unfriendly behavior patterns. Selectivity analysis, which examines current practices, may be more beneficial in some cases than conventional data analysis. Another critical goal is to develop a security model for IoT devices that is based on how recently they have been used. Innovative, portable IoT device solutions that take new data trends into account are required as part of the learning-based research on IoT security 
By creating various links and patterns based on support and confidence values, rule-based procedures are easy to use and complicate the model. The problem might be lessened with a robust association model. A rule-learning technique that can be used to find trustworthy, non-redundant links between ideas is shown in a earlier work 
. Policy rules in a plan define which network usage is allowed and which is not. Even cyberattacks with no known vulnerabilities can be stopped by security policy monitoring filters and protections based on rules 
2.2.4. Optimization of Security Features and Principal Component Analysis
In the current cyber threat environment, the development and optimization of security features are significant barriers to the success of an ML-based IoT security solution. Security characteristics and IoT data have a direct impact on ML-based security models, necessitating the use of a data-dimensionality-reduction technique. “Feature engineering” is the process of establishing and changing security features or variables so that machine-learning-based security models work properly. Today’s IoT security datasets may contain unused or irrelevant data, making simulation of cyberattacks and other challenges difficult 
. The forecasting accuracy of a security model can be harmed by extreme variation, overfitting, expensive processing, and time-consuming model setup 
. A high-dimensional dataset with many security attributes evaluated according to how important or relevant they are may make it easier to create an IoT security model 
. Existing approaches include the correlation coefficient, the chi-squared test, and analysis of variance. Techniques for embedding information include regularization, Lasso, Ridge, Elastic Net, and tree-based feature importance 
2.2.5. Multi-Layer Perceptron (MLP)
Deep learning usually uses the multi-layer MLP, FFAN. The input layer, the hidden output layers, and the actual output layer are the three layers that make up the traditional M.L.P. design. An AI network links each node in a layer to a specific value in the layer below it. In the end, this number is associated with the layer below it. As the model is being built, MLP employs backpropagation to adjust the internal weight values 
. This M.L.P. network is used to analyze the NSL-KDD dataset’s malware, explain the IoT parameters, detect malicious traffic coming from IoT devices, and create a model for intrusion detection 
. The idea divides network data into secure data and unsecure data.
2.2.6. Recurrent Neural Network (RNN)
Another variety of artificial neural networks is the recurrent neural network. A directed graph representing time is constructed from the connections between the nodes. In the R.N.N. model, neural feed-forward networks are used. It looks at its internal state, or memory, to determine how long different input sequences last. IoT security, natural language processing, and speech recognition can all benefit from the RNN model’s capabilities to manage sequential data effectively 
. IoT devices that are connected provide a lot of sequential data, including information that changes over time and network traffic flows. Recurrent connections in neural networks can uncover potential defense vulnerabilities when a threat’s communication patterns change over time. This is because it has a powerful model for predicting time series because of its long short-term Memory, which allows it to remember what it has been told in the past.
The detection and prevention of malware, spoofing, and computer virus attacks across a wide range of IoT devices can be made using a variety of deep learning models and hybrid network models 
. One type of deep learning model that could be used to protect IoT devices is a DBN-based security model 
. The authors looked at multiple approaches to in-depth learning.
2.3. Research Issues and Directions
As a result, through current and future research and development, it addresses the issues raised in this section and attempt to identify the best strategies for protecting IoT networks and devices. As a result, determining the best learning strategy for a specific IoT security scenario can be time consuming. This is conducted so that the results of various learning algorithms can differ depending on the quality of the input 
. The model’s efficacy, precision, and labor requirements may be jeopardized if the incorrect learning method is used. Additionally, redundant IoT security data could lead to the gathering of irrelevant data and inaccurate conclusions. Machine learning or deep learning security models may not perform as well, be less accurate, or even be completely ineffective if the IoT data are incomplete in some way, such as by not being representative, being of poor quality, having irrelevant features, or being too small for training 
Here are a few possible future paths for study on IoT security:
Because of the way the IoT works, gathering security information can be difficult. A dynamic feature of the IoT known as heterogeneity was briefly discussed. It enables the routine collection of massive amounts of data from various sources. Data collection for IoT security is difficult. When working with IoT data, it is critical to understand the data collection process 
. Statistics that are inaccurate or incomplete, outliers, and other flaws may jeopardize the security of the aging process or insufficient IoT devices 
. The machine learning or deep learning methodology of IoT security has a significant impact on data quality and training availability, which has a significant impact on the IoT security model. IoT environments generate a lot of security data, which are hard to manage and clean up. Learning algorithms must be improved, or new data preparation techniques must be devised for them to be helpful in IoT security 
. An effective IoT security solution must include the constraints or capabilities of IoT systems and devices. A device’s ability to store, compute, process, make decisions, and communicate must therefore be balanced with security. Therefore, choosing the best machine learning or deep learning algorithms requires extensive research 
2.3.1. Poor Management
Systems based on the IoT are having trouble because of poor management. The problem is that most of the time, software engineers try to figure out how to extract useful data from sensors 
. They do not care how data are gathered, just that it is. It is easier for attackers to hack a system and steal sensitive user data when there is no guarantee. Developers must start concentrating on data acquisition as a result 
2.3.2. Naming and Identity Management
To communicate with other components of a network, each component needs to have its own identity. Therefore, a technique for dynamically identifying each network node with a special identification must exist 
. When the IoT first started, IPv4 was used to give each networked device a special identifier. Because the number of Internet of Things devices is increasing, IPv6 is used to give each one a distinct name.
2.3.3. Trust Management and Policy
The idea of trust is important and complicated. It is also necessary to have scalability, dependability, strength, and availability. It goes above taking safety procedures. IoT apps ask their users for sensitive information with their permission. Therefore, a privacy guarantee is necessary. User data are protected and cannot be accessed without permission. Academics have suggested a range of strategies for improving both trust and privacy in scholarly writings. These strategies for protecting trust and privacy in IoT applications have been ineffective. These issues are currently at the forefront of research on the Internet of Things as a result 
2.3.4. Big Data
Currently, billions of devices are connected to the web, forming what is known as the IoT. Huge volumes of information are being generated by these devices. IoT struggles with the transmission and processing of massive datasets. Therefore, such a system is essential in order to solve the problem of big data 
Information security implementation in the IoT is challenging. Users communicate private data to complete tasks. There are various possible opponents for user privacy. Therefore, security measures should be implemented to safeguard user data and discourage unauthorized access 
IoT devices must also be secure to use. Sensors keep an eye on the surroundings and send the information they gather to computers. Because there is no encounter measurement, the security of data storage devices cannot be guaranteed. As a result, there needs to be a way to stop unauthorized access to or monitoring of sensitive data 
2.3.7. Authentication and Authorization
User IDs can be verified using several different techniques. The most common approach is to use a login and password, but there are other options as well, such as an access card, retina scan, voice recognition, or fingerprints. Authorization can also be obtained through access control. It is a method of protecting a system by only allowing those who need access to use it. The system has become complex because it consists of so many nodes and components. The traditional methods of authentication and permission have failed in large-scale networks. Although concerns with authentication and authorization have been researched, they still need to be fixed. To solve these challenges, such an approach is necessary 
2.3.8. Secure Network
Man-in-the-middle and denial-of-service attacks are only two examples of the multiple ways the transport layer of a network can be used. An attack that prevents user’s access to the targeted system, device, or network resource is known as a denial-of-service attack 
. A cyberattack known as “man-in-the-middle” occurs when an attacker pretends to be a third party and transmits and detects messages between two objectives who believe they are speaking directly to one another. Therefore, a set of protections must be put in place to guarantee the security of the network layer 
Therefore, it is challenging to create new, lightweight algorithms or procedures for IoT devices without first weighing the advantages and disadvantages of current teaching techniques