IoT Security Challenges and Intrusion Detection Systems: History
View Latest Version
Please note this is an old version of this entry, which may differ significantly from the current revision.
Contributor:
Ammar Odeh
,
Anas Abu Taleb

Cybersecurity finds widespread applications across diverse domains, encompassing intelligent industrial systems, residential environments, personal gadgets, and automobiles. This has spurred groundbreaking advancements while concurrently posing persistent challenges in addressing security concerns tied to IoT devices. IoT intrusion detection involves using sophisticated techniques, including deep learning models such as convolutional neural networks (CNNs), recurrent neural networks (RNNs), and anomaly detection algorithms, to identify unauthorized or malicious activities within IoT ecosystems. These systems continuously monitor and analyze network traffic and device behavior, seeking patterns that deviate from established norms. When anomalies are detected, security measures are triggered to thwart potential threats. IoT intrusion detection is vital for safeguarding data integrity, ensuring users’ privacy, and maintaining critical systems’ reliability and safety.

  • intrusion detection system
  • Internet of Things
  • cybersecurity
  • cyber-physical systems
  • cyberattacks
  • cybercrime
  • intrusion detection

1. Introduction

The Internet of Things (IoT) represents a transformative concept where everyday objects, devices, and appliances are interconnected, enabling them to collect and exchange data [1]. This vast network extends the Internet’s reach beyond traditional devices like computers and smartphones, encompassing everything from household appliances and wearables to vehicles and industrial machinery. This seamless connectivity offers unparalleled convenience, fostering smarter cities, enhanced healthcare, and more efficient industries—Figure 1 shows the top IoT applications [2].
Figure 1. The top IoT Applications.
However, with this rapid expansion and integration of devices into daily life, several challenges arise, particularly in security [3][4]. The vast number of connected devices presents a large attack surface, making them potential entry points for malicious actors. Moreover, the lack of standardization, default insecure settings, and limited computational power in many IoT devices compound these security vulnerabilities. As a result, there is an imperative need for robust security solutions to safeguard the ever-evolving IoT landscape [5].
Furthermore, the IoT ecosystem’s heterogeneous nature, characterized by various manufacturers, protocols, and software stacks, complicates establishing a unified security approach. Many IoT devices, designed primarily for functionality and cost-effectiveness, often lack regular software updates, exposing them to known security threats for prolonged periods [6][7]. Data privacy is another pressing concern. As these devices continually collect vast amounts of data, sensitive information can be accessed or misused, threatening individual privacy and corporate confidentiality [8].
Addressing these security challenges is paramount to ensure that the IoT realizes its full potential without compromising user trust and safety [9]. As the adoption of IoT continues to surge, there is an increasing emphasis on developing sophisticated security measures, including advanced intrusion detection systems and adaptive threat response mechanisms. Only by prioritizing and innovating in the realm of security can the promise of a truly connected, innovative, and safe world be achieved [10][11].
Moreover, the physical nature of IoT devices adds another layer of vulnerability. Unlike purely digital platforms, these devices can be physically tampered with, leading to breaches not just in data but also in their operational integrity. Consider smart infrastructure in cities or hospital health devices; tampering could have real-world, life-threatening consequences [12].
This interconnectedness, while being the strength of the IoT, also becomes its Achilles’ heel. A breach in one device can potentially cascade, affecting a network of interconnected systems, emphasizing the need for holistic security frameworks. Collaboration across industries, manufacturers, and regulatory bodies is essential to develop and enforce standards that ensure the resilience and safety of the IoT ecosystem. As research and development forge ahead, integrating security from the inception of device design, rather than as an afterthought, will be crucial in defining the future of a secure and efficient IoT landscape [13][14][15]. The author in [16][17] introduces an enhanced aggregate segmentation mask RCNN model (AS Mask RCNN) for grading mixed aggregates. The study conducted three different experiments and found that the AS Mask RCNN achieved an impressive accuracy of over 89.13% across all experimental scenarios. Compared to the faster RCNN and mask R-CNN models, it demonstrated an accuracy improvement of 8.85%. It reduced the processing time for single image segmentation by 1.29 s, making it suitable for near real-time field detection requirements. The paper also presents a self-developed noncontact testing platform for aggregate grading that can be applied in complex environments. This platform facilitates digital, automated, and intelligent noncontact grading of mixed aggregates, ultimately enhancing the accuracy of aggregate grading testing and supporting the high-quality development of reservoir dam construction in China. The author’s work focuses on the significant role of the human microbiome in predicting certain diseases. They acknowledge the challenges posed by limited samples and high-dimensional features in microbiome data for machine learning methods. The author introduces a novel ensemble deep-learning disease prediction method to address this. The approach combines unsupervised and supervised learning techniques. It starts with unsupervised deep learning to discover potential sample representations. Then, these representations are used to develop a disease-scoring strategy, creating informative features for ensemble analysis. A score selection mechanism is implemented to ensure optimal ensemble performance, and performance-enhancing features are incorporated with the original data [18].

2. IoT Security Challenges

The IoT (Internet of Things) brings about a revolution in connectivity, enabling devices to communicate seamlessly. However, with this increased connectivity comes a myriad of security challenges. Figure 2 depicts some of the most pressing security challenges associated with the IoT.
Figure 2. IoT security challenges.

2.1. Lack of Physical Security

The absence of robust physical safeguards on IoT devices makes them vulnerable to unauthorized access. Devices stationed in isolated locations over extended periods are particularly susceptible to tampering. The ease with which attackers can exploit IoT devices with minimal physical protection poses significant security challenges [19].
Consider, for instance, the potential for IoT devices to be compromised via malware-laden USB flash drives. While it is incumbent upon IoT device manufacturers to prioritize their products’ physical security, engineering secure yet cost-effective transmitters and sensors remains a daunting task for them [20].

2.2. Lack of Standardization

A diverse range of manufacturers produces IoT devices, each adhering to unique standards and protocols. This absence of standardized security measures can lead to vulnerabilities, offering potential entry points for exploitation.
Furthermore, this fragmentation in manufacturing practices and protocols complicates establishing a cohesive security framework for the IoT. Since devices might communicate differently and prioritize varied security aspects, ensuring compatibility and security across the board becomes challenging. This disjointed landscape hinders interoperability and makes it harder to deploy universal security patches or updates. For users, this means a heightened risk, as one weak device can compromise the security of an entire connected network. As the IoT ecosystem continues to expand, industry-wide collaboration is urgently needed to establish and enforce consistent security standards, ensuring a safer and more integrated digital future [21][22].

2.3. Lack of Visibility

For I.T. teams, obtaining a comprehensive view of all devices on the network is daunting, primarily because numerous devices are not cataloged in the I.T. inventory. Often overlooked by I.T. teams, devices such as coffee machines, ventilation systems, and air conditioners are not typically tracked [23].
If security teams are unaware of the devices connected to the network, they can not effectively prevent breaches. The insufficient visibility into IoT devices complicates the I.T. department’s task of accurately identifying and monitoring assets that require protection [24].

2.4. Data Privacy and Integrity

In IoT, data privacy emerges as a paramount security concern. User data traverses many devices, from medical equipment divulging patient details to intelligent toys and wearables revealing personal information. To illustrate this, a cybercriminal could potentially harvest corporate information, exposing, selling, or leveraging it to blackmail the proprietor [25].

2.5. Physical Security Threats

Given their physical nature, IoT devices are inherently vulnerable to direct interference and manipulation. Malicious actors can exploit these devices by gaining hands-on access to their hardware components, potentially altering their functionalities or extracting sensitive data. This tangible aspect of IoT emphasizes the importance of digital and physical security measures to protect against unauthorized interventions [26].

2.6. Insecure Data Storage and Transmission

A significant number of IoT devices lack data encryption for both stored and transmitted information. This oversight exposes the data, allowing potential eavesdroppers to intercept and access it without authorization. Such lax security measures underscore the pressing need for enhanced encryption protocols in the IoT landscape to safeguard against breaches and unauthorized intrusions [27]. Additionally, the absence of robust encryption practices exacerbates the risk of man-in-the-middle attacks, where malicious actors can intercept and potentially alter data as it is being transmitted between devices. This not only compromises the confidentiality of the information but also its integrity. Furthermore, with the growing reliance on IoT devices in critical sectors such as healthcare, transportation, and energy, the consequences of unauthorized data access could be dire, ranging from personal privacy breaches to large-scale infrastructure disruptions. For these reasons, manufacturers must prioritize and implement advanced encryption techniques, ensuring both the security and trustworthiness of IoT device communications [28].

2.7. Botnet Attacks

A significant security issue with IoT pertains directly to the devices themselves. Their inherent security vulnerabilities make them prime targets for botnet infiltrations.
Essentially, a botnet is an ensemble of machines compromised by malware. Attackers harness these compromised machines to flood targets with overwhelming request traffic. Unlike conventional computers, IoT devices often lack regular security updates, heightening their susceptibility to malware exploits. Consequently, malicious actors can swiftly transform these devices into botnets, becoming conduits for vast request traffic [29][30].

2.8. Ransomware

In the context of IoT security, ransomware poses a significant threat by encrypting and barring access to vital files. To regain access, hackers typically demand a ransom in exchange for the decryption key [31].
While currently uncommon, IoT devices with subpar security might become future victims of ransomware. As the value and dependence on healthcare devices, smart homes, and other intelligent appliances grow, they could become increasingly attractive targets, especially given their critical importance to users [32].

3. Intrusion Detection Systems (IDS)

Intrusion detection refers to identifying malicious activities carried out against information systems. These malevolent acts, termed intrusions, are efforts to gain unauthorized access to a computer system. Intruders can be categorized into two main types: internal and external. Internal intruders are individuals within the network who, despite having some legitimate access, aim to elevate their access privileges to misuse resources they are not authorized for. In contrast, external intruders are individuals outside the network aiming to infiltrate it and access system information without permission [33].
Both types of intruders pose distinct challenges. Internal intruders, already having some degree of legitimate access, can exploit vulnerabilities from within, making their actions more complicated to detect. Their familiarity with the system’s architecture and potential weak points can make their intrusions more targeted and potentially more damaging. On the other hand, external intruders, although initially lacking access, often employ a wide range of techniques, from brute-force attacks to sophisticated phishing schemes, to breach the system’s defenses [34].
Moreover, the rise of IoT devices and the expanding digital landscape have further complicated intrusion detection. With more entry points and a diverse range of devices, networks are more susceptible than ever. This underscores the importance of robust security measures, continuous system monitoring, and regular updates to defend against evolving threats. Additionally, organizations must foster a culture of security awareness, ensuring that every internal or external user is well-informed about potential risks and best practices to mitigate them.
The evolving dynamics of cyber threats necessitate an adaptive and layered approach to security. Intrusion detection systems (IDS) are just one component of a comprehensive cybersecurity strategy. Beyond simple detection, the focus has shifted towards intrusion prevention systems (IPS) that not only detect but also take proactive measures to prevent unauthorized access [35][36].
Furthermore, with the integration of artificial intelligence and machine learning in security systems, there is an opportunity to predict and identify novel threats before they manifest. These predictive systems analyze patterns and behaviors, allowing them to flag anomalous activities even if they do not match known threat signatures.
Yet, technology alone is not the panacea. Human factors play a significant role in security breaches. Regular training sessions, workshops, and awareness campaigns should be organized for employees and users. This ensures that they are aware of the potential risks and equipped with the knowledge to recognize and report suspicious activities [37].
The principle of least privilege (PoLP) should be strictly adhered to, meaning that users should only be granted access to the information and resources necessary for their specific tasks, reducing the potential damage of an internal intrusion.
In a world where cyber threats continually evolve, staying a step ahead is crucial. This requires cutting-edge technology, strategic planning, and an informed and vigilant user base. By integrating these elements, organizations can fortify their defenses, ensuring data integrity and maintaining the trust of their users [38].

This entry is adapted from the peer-reviewed paper 10.3390/app132111985

References

  1. Hassan, W.H. Current research on Internet of Things (IoT) security: A survey. Comput. Netw. 2019, 148, 283–294.
  2. Ibrahim, H. A Review on the Mechanism Mitigating and Eliminating Internet Crimes using Modern Technologies: Mitigating Internet crimes using modern technologies. Wasit J. Comput. Math. Sci. 2022, 1, 76–108.
  3. Rizvi, S.; Kurtz, A.; Pfeffer, J.; Rizvi, M. Securing the Internet of things (IoT): A security taxonomy for IoT. In Proceedings of the 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), New York, NY, USA, 1–3 August 2018.
  4. Al-Garadi, M.A.; Mohamed, A.; Al-Ali, A.K.; Du, X.; Ali, I.; Guizani, M. A survey of machine and deep learning methods for Internet of things (IoT) security. IEEE Commun. Surv. Tutor. 2020, 22, 1646–1685.
  5. Gupta, B.B.; Quamara, M. An overview of Internet of Things (IoT): Architectural aspects, challenges, and protocols. Concurr. Comput. Pract. Exp. 2020, 32, e4946.
  6. Køien, G.M. Zero-Trust Principles for Legacy Components: 12 Rules for Legacy Devices: An Antidote to Chaos. Wirel. Pers. Commun. 2021, 121, 1169–1186.
  7. Chen, Z.; Liu, J.; Shen, Y.; Simsek, M.; Kantarci, B.; Mouftah, H.T.; Djukic, P. Machine learning-enabled iot security: Open issues and challenges under advanced persistent threats. ACM Comput. Surv. 2022, 55, 1–37.
  8. Le-Dang, Q.; Le-Ngoc, T. Internet of Things (IoT) infrastructures for smart cities. In Handbook of Smart Cities: Software Services and Cyber Infrastructure; Springer: Berlin/Heidelberg, Germany, 2018; pp. 1–30.
  9. Shaukat, K.; Alam, T.M.; Hameed, I.A.; Khan, W.A.; Abbas, N.; Luo, S. A review on security challenges in Internet of things (IoT). In Proceedings of the 2021 26th International Conference on Automation and Computing (ICAC), Portsmouth, UK, 2–4 September 2021.
  10. Ahanger, T.A.; Aljumah, A. Internet of Things: A comprehensive study of security issues and defense mechanisms. IEEE Access 2018, 7, 11020–11028.
  11. Omolara, A.E.; Alabdulatif, A.; Abiodun, O.I.; Alawida, M.; Alabdulatif, A.; Arshad, H. The internet of things security: A survey encompassing unexplored areas and new insights. Comput. Secur. 2022, 112, 102494.
  12. Sengupta, J.; Ruj, S.; Bit, S.D. A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J. Netw. Comput. Appl. 2020, 149, 102481.
  13. Cuppari, R.; Schmeier, S.; Demuth, S. Preventing Conflicts, Fostering Cooperation—The Many Roles of Water Diplomacy; ICWRGC: Koblenz, Germany, 2017.
  14. Kotenko, I.; Izrailov, K.; Buinevich, M. Static analysis of information systems for IoT cyber security: A survey of machine learning approaches. Sensors 2022, 22, 1335.
  15. Burhan, M.; Rehman, R.A.; Khan, B.; Kim, B.-S. IoT elements, layered architectures and security issues: A comprehensive survey. Sensors 2018, 18, 2796.
  16. Qin, J.; Wang, J.; Lei, T.; Sun, G.; Yue, J.; Wang, W.; Chen, J.; Qian, G. Deep learning-based software and hardware framework for a noncontact inspection platform for aggregate grading. Measurement 2023, 211, 112634.
  17. Chen, X.; Wang, Z.; Hua, Q.; Shang, W.-L.; Luo, Q.; Yu, K. AI-empowered speed extraction via port-like videos for vehicular trajectory analysis. IEEE Trans. Intell. Transp. Syst. 2022, 24, 4541–4552.
  18. Shen, Y.; Zhu, J.; Deng, Z.; Lu, W.; Wang, H. EnsDeepDP: An Ensemble Deep Learning Approach for Disease Prediction Through Metagenomics. IEEE/ACM Trans. Comput. Biol. Bioinform. 2022, 20, 986–998.
  19. Ali, B.; Awad, A.I. Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 2018, 18, 817.
  20. Attkan, A.; Ranga, V. Cyber-physical security for IoT networks: A comprehensive review on traditional, blockchain and artificial intelligence based key-security. Complex Intell. Syst. 2022, 8, 3559–3591.
  21. Kumar, N.M.; Mallick, P.K. Blockchain technology for security issues and challenges in IoT. Procedia Comput. Sci. 2018, 132, 1815–1823.
  22. Frustaci, M.; Pace, P.; Aloi, G. Securing the IoT world: Issues and perspectives. In Proceedings of the 2017 IEEE Conference on Standards for Communications and Networking (CSCN), Helsinki, Finland, 18–20 September 2017.
  23. Ahmed, S.; Kalsoom, T.; Ramzan, N.; Pervez, Z.; Azmat, M.; Zeb, B.; Ur Rehman, M. Towards supply chain visibility using Internet of things: A dyadic analysis review. Sensors 2021, 21, 4158.
  24. Kothari, S.S.; Jain, S.V.; Venkteshwar, A. The impact of IOT in supply chain management. Int. Res. J. Eng. Technol 2018, 5, 257–259.
  25. Wang, T.; Bhuiyan, M.Z.A.; Wang, G.; Qi, L.; Wu, J.; Hayajneh, T. Preserving balance between privacy and data integrity in edge-assisted Internet of Things. IEEE Internet Things J. 2019, 7, 2679–2689.
  26. Kim, T.; Ochoa, J.; Faika, T.; Mantooth, H.A.; Di, J.; Li, Q.; Lee, Y. An overview of cyber-physical security of battery management systems and adoption of blockchain technology. IEEE J. Emerg. Sel. Top. Power Electron. 2020, 10, 1270–1281.
  27. Khalaf, O.I.; Abdulsahib, G.M. Optimized dynamic storage of data (ODSD) in IoT based on blockchain for wireless sensor networks. Peer Peer Netw. Appl. 2021, 14, 2858–2873.
  28. Zhang, L.; Peng, M.; Wang, W.; Jin, Z.; Su, Y.; Chen, H. Secure and efficient data storage and sharing scheme for blockchain-based mobile-edge computing. Trans. Emerg. Telecommun. Technol. 2021, 32, e4315.
  29. Injadat, M.; Moubayed, A.; Shami, A. Detecting botnet attacks in IoT environments: An optimized machine learning approach. In Proceedings of the 2020 32nd International Conference on Microelectronics (ICM), Aqaba, Jordan, 14–17 December 2020.
  30. Ali, I.; Ahmed, A.I.A.; Almogren, A.; Raza, M.A.; Shah, S.A.; Khan, A.; Gani, A. Systematic literature review on IoT-based botnet attack. IEEE Access 2020, 8, 212220–212232.
  31. Humayun, M.; Jhanjhi, N.; Alsayat, A.; Ponnusamy, V. Internet of things and Ransomware: Evolution, mitigation and prevention. Egypt. Inform. J. 2021, 22, 105–117.
  32. Zahra, S.R.; Chishti, M.A. Ransomware and Internet of things: A new security nightmare. In Proceedings of the 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence), Noida, India, 10–11 January 2019.
  33. Abu Al-Haija, Q.; Al Badawi, A. High-performance intrusion detection system for networked UAVs via deep learning. Neural Comput. Appl. 2022, 34, 10885–10900.
  34. Alsulami, A.A.; Abu Al-Haija, Q.; Tayeb, A.; Alqahtani, A. An Intrusion Detection and Classification System for IoT Traffic with Improved Data Engineering. Appl. Sci. 2022, 12, 12336.
  35. Prajapati, P.; Bhatt, B.; Zalavadiya, G.; Ajwalia, M.; Shah, P. A review on recent intrusion detection systems and intrusion prevention systems in IoT. In Proceedings of the 2021 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence), Noida, India, 28–29 January 2021.
  36. Kumar, A.; Abhishek, K.; Ghalib, M.R.; Shankar, A.; Cheng, X. Intrusion detection and prevention system for an IoT environment. Digit. Commun. Netw. 2022, 8, 540–551.
  37. Pandu, V.; Mohan, J.; Kumar, T. Network intrusion detection and prevention systems for attacks in IoT systems. In Countering Cyber Attacks and Preserving the Integrity and Availability of Critical Systems; IGI Global: Hershey, PA, USA, 2019; pp. 128–141.
  38. Jakka, G.; Alsmadi, I.M. Ensemble Models for Intrusion Detection SystemClassification. Int. J. Smart Sens. Adhoc Netw. 2022, 3, 8.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
This entry is offline, you can click here to edit this entry!
Video Production Service
Feedback