With the advancement of low-cost and low energy-consuming sensors, the Internet of Things (IoT) is building a network of Internet-enabled devices. The concept of IoT is employed in almost all fields such as healthcare, smart cities, smart grids, energy distribution, agriculture, and even transportation. In a typical IoT-enabled network, smart sensors are geographically distributed to collect and process data within a smart infrastructure using an open channel, the Internet. However, the use of the Internet brings inherent vulnerabilities related to security (e.g., IoT devices can be compromised using advanced hacking techniques) and privacy (e.g., adversary performing inference and data poisoning attacks). Intrusion Detection System (IDS) and Cyber Threat Intelligence (CTI) are the two most extensively used techniques in IoT-enabled networks to safeguard the integrity and availability of sensitive smart systems. However, the presence of a large volume of data i.e., dimensionality curse and cloud-based centralized deployment mechanism hurts the IDS performance in terms of intrusion detection tasks and increased latency for data processing. On the other hand, modelling CTI is challenging due to the limited labels of cyber threat sources, and analysing these sources to extract relevant threat information manually is a time-consuming and error-prone procedure that necessitates a large investment of resources.
This thesis provides substantial contributions to research on the building of a distributed IDS, a hybrid feature selection approach, an automated CTI Modelling and Identification scheme, and a deep privacy-encoding module for enhancing security and privacy of IoT-enabled networks.
Contents
1 Introduction to IoT
1.1 Overview of IoT-enabled Networks
1.2 Overview of Threats and Security Mechanism in IoT-enabled Network
1.2.1 Categorization of IoT Threats
1.2.2 Security Mechanism in IoT-enabled Network
1.3 Data Privacy and Privacy-preservation Techniques in IoT-enabled Network
1.4 Motivation and Problem Statement
1.5 Thesis Contribution
1.6 Thesis Structure
2 Background and Literature Review
2.1 Introduction
2.2 Review of Intrusion Detection Systems in IoT-enabled Networks
2.2.1 Shortcomings and Research Gaps
2.3 Review of Feature Selection techniques used in the design of IDS for IoT-enabled Networks
2.3.1 Shortcomings and Research Gaps
2.4 Review of Cyber Threat Intelligence Techniques
2.4.1 Shortcomings and Research Gaps
2.5 Review of Privacy-preserving techniques for IoT-enabled Networks
2.5.1 Shortcomings and Research Gaps
2.6 Chapter Conclusion
3 An Ensemble Learning and Fog-Cloud Architecture-driven Cyber-Attack Detection Framework for IoMT Networks
3.1 Introduction
3.2 System Architecture of Proposed Ensemble Learning Framework
3.2.1 Traffic Processing Engine
3.2.2 Intrusion Detection Engine
3.2.3 Deployment of proposed framework as SaaS at fog side and IaaS at cloud side
3.3 Experimental Results and Analysis
3.3.1 Description of Dataset used for Performance Evaluation
3.3.2 Evaluation Metrics
3.3.3 Analysis of Feature Selection Technique
3.3.4 Analysis of Correntropy Measure
3.3.5 Performance Evaluation of proposed E-ADS
3.3.6 Comparison with state-of-the-art IDS
3.3.7 Discussion
3.4 Chapter Conclusion
4 Toward Design of an Intelligent Cyber Attack Detection System using Hybrid Feature Reduced Approach for IoT Networks
4.1 Introduction
4.2 System Architecture of Proposed Intelligent IDS using Hybrid Feature Reduced Approach
4.2.1 Feature Preprocessing Phase
4.2.2 Proposed Hybrid feature selection approach for intrusion detection in IoT-based smart environment
4.2.3 Correntropy Measure to Evaluate the Optimized Feature Set
4.2.4 Selection criteria of ML Techniques in Intrusion Detection
4.3 Experimental Results and Analysis
4.3.1 Description of Datasets used in Performance Evaluation
4.3.2 Evaluation Metrics
4.3.3 Analysis of proposed Hybrid Feature Selection Approach
4.3.4 Analysis of Correntropy Measure
4.3.5 Performance Evaluation of proposed Intelligent IDS
4.3.6 Result Comparison with Existing IDS using NSL-KDD, DS2OS and BoT-IoT Datasets
4.3.7 Discussion
4.4 Chapter Conclusion
5 Deep Learning-driven Cyber Threat Intelligence Modeling and Identification Framework in IoT-Enabled Maritime Transportation Systems
5.1 Introduction
5.2 System Architecture of Proposed DLTIF Framework
5.2.1 LSTM-VAE-based Deep Feature Extractor Scheme
5.2.2 Bi-GRU-based Cyber Threat Intelligence Driven Detection (CTIDD) Scheme
5.2.3 Bi-GRU-based Cyber Threat Intelligence-Attack Type Identification (CTIATI) scheme
5.3 Experimental Results and Analysis
5.3.1 Description of Dataset used in Performance Evaluation
5.3.2 Evaluation Metrics
5.3.3 Performance Evaluation of proposed DLTIF
5.3.4 Comparison with Traditional Approaches
5.3.5 Comparison with state-of-the-art Techniques
5.3.6 Discussion
5.4 Chapter Conclusion
6 A Deep Privacy-Encoding based Federated Learning Framework for Smart Agriculture
6.1 Introduction
6.2 Centralized vs Federated Learning
6.2.1 Centralized Learning
6.2.2 Federated Learning
6.3 System Architecture of Proposed PEFL Framework
6.3.1 Proposed Two-level Privacy-Preservation Module
6.3.2 Proposed Intrusion Detection Module
6.4 Experimental Results and Analysis
6.4.1 Description of Dataset used in Performance Evaluation
6.4.2 Evaluation Metrics
6.4.3 Performance Evaluation of proposed PEFL
6.4.4 Comparison with Traditional Approaches
6.4.5 Comparison with state-of-the-art Techniques
6.4.6 Discussion
6.5 Chapter Conclusion
7 Conclusions and Future Work
7.1 Conclusions
7.2 Scope for the Future Work
Research Objectives and Topics
The primary research objective of this thesis is to address the critical security and privacy challenges in IoT-enabled networks by designing and developing robust, distributed, and privacy-preserving frameworks. The work focuses on identifying various cyber threats and protecting sensitive data across different IoT domains, specifically the Internet of Medical Things (IoMT), Maritime Transportation Systems (MTS), and Smart Agriculture (SA).
- Design of distributed intrusion detection systems (IDS) utilizing fog-cloud architecture.
- Development of intelligent feature selection and reduction approaches to enhance IDS performance.
- Implementation of automated, deep learning-driven cyber threat intelligence (CTI) modeling.
- Creation of deep privacy-encoding frameworks within federated learning environments to prevent inference attacks.
- Performance evaluation against state-of-the-art techniques using real-world IoT datasets.
Excerpt from the Book
1.2.1 Categorization of IoT Threats
”A threat is an action that takes advantage of security weaknesses in a system and has a negative impact on it” [13]. IoT threats can be categorized into two types: Physical and Cyber attack:
1.2.1.1 Physical Attack: Physical attacks includes the actual tampering of the physical device. Most IoT devices operate in outdoor locations, which are especially vulnerable to physical attacks due to the unattended and scattered nature of the IoT. Such attack includes malicious code injection, radio frequency jamming, fake node injection, Permanent Denial of Service, Side Channel Attack and Sleep Denial Attack [14].
Malicious Node Injection: The attacker physically inserts a new malicious node between two or more nodes in this attack. It then alters the data and sends incorrect data to the other nodes. The attacker performs a malicious node injection attack using numerous nodes. The adversary begins by inserting a duplicate of node B. Then it inserts more malicious nodes (node M1). Both of these nodes collaborate to carry out the attack. As a result, a collision occurs at the victim node and the attacked node is unable to receive or send any packets [15].
Radio Frequency Jamming: Jammers disrupt communication by emitting jamming signals proactively or reactively, causing packets to be damaged or IoT users to be denied the ability to send data packets during the jamming time. In IoTs, jamming drastically lowers bandwidth availability [16].
Summary of Chapters
1 Introduction to IoT: Provides an overview of the IoT landscape, categorization of threats, and an analysis of current security mechanisms and privacy-preservation challenges.
2 Background and Literature Review: Surveys existing research on intrusion detection systems, feature selection, cyber threat intelligence, and privacy-preserving techniques in IoT environments.
3 An Ensemble Learning and Fog-Cloud Architecture-driven Cyber-Attack Detection Framework for IoMT Networks: Presents a distributed, ensemble-based detection framework deployed across fog and cloud layers to mitigate attacks in IoMT networks.
4 Toward Design of an Intelligent Cyber Attack Detection System using Hybrid Feature Reduced Approach for IoT Networks: Introduces a hybrid feature selection methodology to optimize the performance of intrusion detection systems across multiple IoT datasets.
5 Deep Learning-driven Cyber Threat Intelligence Modeling and Identification Framework in IoT-Enabled Maritime Transportation Systems: Details a deep learning-based framework (DLTIF) designed to automate cyber threat intelligence gathering and threat type identification in maritime systems.
6 A Deep Privacy-Encoding based Federated Learning Framework for Smart Agriculture: Develops a federated learning framework (PEFL) incorporating two-level privacy encoding to secure smart agriculture data against inference and poisoning attacks.
7 Conclusions and Future Work: Summarizes the key contributions of the research and outlines potential directions for future work in IoT security and privacy.
Keywords
Internet of Things, IoT, Security, Privacy, Intrusion Detection System, IDS, Cyber Threat Intelligence, CTI, Machine Learning, Deep Learning, Federated Learning, Feature Selection, IoMT, Maritime Transportation Systems, Smart Agriculture.
Frequently Asked Questions
What is the core focus of this PhD thesis?
The thesis focuses on the design and development of secure, privacy-preserving frameworks for IoT-enabled networks, with the ultimate goal of identifying cyber-attacks and protecting data privacy across diverse IoT applications.
Which domains are covered in this research?
The research explores three specific IoT scenarios: the Internet of Medical Things (IoMT), IoT-enabled Maritime Transportation Systems (MTS), and Smart Agriculture (SA).
What is the main research objective regarding intrusion detection?
The primary objective is to move away from centralized architectures toward distributed, fog-cloud-based IDS designs that can provide efficient, real-time detection of malicious activities in high-speed, dynamic IoT environments.
What scientific methods are applied to achieve the research goals?
The research employs a variety of machine learning and deep learning methodologies, including ensemble learning (DT, NB, RF, XGBoost), feature selection algorithms (correlation coefficients, gain ratio), and advanced neural networks like LSTM-VAE and Bi-GRU.
What is the function of the proposed "DLTIF" framework?
DLTIF stands for "Deep Learning-driven Cyber Threat Intelligence Modeling and Identification Framework." Its function is to automatically extract hidden threat patterns and identify the exact types of threats in maritime transportation systems.
How is data privacy maintained in the smart agriculture application?
Privacy is maintained through a two-level mechanism: the first level uses perturbation-based encoding, and the second level employs deep learning-based LSTM-AE to transform sensitive data, thereby preventing inference attacks.
What makes the ensemble learning framework suitable for IoMT?
The ensemble approach combines multiple classifiers (Decision Tree, Naive Bayes, Random Forest) through stacking, which improves accuracy and classification performance, providing a robust solution for the security requirements of medical IoT devices.
How does the proposed hybrid feature selection approach improve IDS efficiency?
By combining filter and wrapper methods to rank features, it eliminates irrelevant and redundant data, which reduces the dimensionality of the input traffic and allows the intrusion detection models to operate with higher accuracy and lower processing latency.
- Citar trabajo
- Prabhat Kumar (Autor), 2022, Towards Design and Development of Secure and Privacy-Preserving Frameworks for IoT-enabled Networks, Múnich, GRIN Verlag, https://www.grin.com/document/1189176
