Open Access
Subscription Access
Survey and testing of the IoT Cybersecurity Framework Using Intrusion Detection Systems
The Internet of Things is a new paradigm that facilitates collecting business or personal data through smart devices with Internet connections. IoT devices are heterogeneous and have a limited computational capacity which represents a challenge for protecting data against cyber-attacks. This article surveys communication protocols, cybersecurity attacks and intrusion detection systems (IDSs). This study identifies the IoT protocols used for data transmission, and cybersecurity challenges and then presents a comparative analysis of IDSs. Next, the IoT cybersecurity framework, IoTCyFra, is surveyed by cybersecurity specialists. IoTCyFra is a validated IoT cybersecurity framework with an organizational structure that safeguards data and detects cybersecurity threats in an IoT infrastructure. It also explores how an IDS protects against cyberattacks through an IoT-controlled environment. Finally, the results and conclusions are reported.
Keywords
Internet of Things, Cybersecurity, Intrusion Detection System, Framework, Cyberattacks, Communication Protocols
User
Font Size
Information
- A. Khan, S. Siddiqui, M. Irshad, S. Ali, M. Saleem, and S. Iqbal, “Analytical Method to Improve the Security of Internet of Things with Limited Resources,” EAI Endorsed Transactions on Internet of Things, vol. 5, no. 18, p. 163502, 2019, doi: 10.4108/eai.13-72018.163502.
- E. A. Shammar and A. T. Zahary, “The Internet of Things (IoT): a survey of techniques, operating systems, and trends,” Library Hi Tech, vol. 38, no. 1. Emerald Group Holdings Ltd., pp. 5–66, Apr. 06, 2020.
- doi: 10.1108/LHT-12-2018-0200.
- R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, “Internet of Things ( IoT ) Security : Current Status , Challenges and Prospective Measures,” The 10th International Conference for Internet Technology and Secured Transactions (ICITST-2015) Internet, pp. 336–341, 2015.
- M. A. Obaidat, S. Obeidat, J. Holst, A. Al Hayajneh, and J. Brown, “A comprehensive and systematic survey on the internet of things: Security and privacy challenges, security frameworks, enabling technologies, threats, vulnerabilities and countermeasures,” Computers, vol. 9, no. 2, pp. 2–43, 2020, doi:
- 3390/computers9020044.
- A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 20, 2019.
- I. Alqassem and D. Svetinovic, “A taxonomy of security and privacy requirements for the Internet of Things (IoT),” in IEEE International Conference on Industrial Engineering and Engineering Management, 2014, vol. 2015-Janua, pp. 1244–1248. doi:
- 1109/IEEM.2014.7058837.
- S. Babar, P. Mahalle, A. Stango, N. Prasad, and R. Prasad, “Proposed security model and threat taxonomy for the Internet of Things (IoT),” Communications in Computer and Information Science, vol. 89 CCIS, pp. 420–429, 2010, doi: 10.1007/978-3-642-14478-3_42.
- M. Ammar, G. Russello, and B. Crispo, “Internet of Things: A survey on the security of IoT frameworks,” Journal of Information Security and Applications, vol. 38, pp. 8–27, 2018, doi:
- 1016/j.jisa.2017.11.002.
- M. Nawir, A. Amir, N. Yaakob, O. B. Lynn, and C. Engineering, “Internet of Things ( IoT ): Taxonomy of Security Attacks,” 2016 3rd International Conference on Electronic Design (ICED), August 11-12, 2016, Phuket, Thailand, pp. 321–326, 2016.
- M. D. Alshehri and F. K. Hussain, “A fuzzy security protocol for trust management in the internet of things ( Fuzzy-IoT ),” Computing, 2018, doi: 10.1007/s00607-018-0685-7.
- S. Singh and N. Singh, “Internet of Things (IoT): Security challenges, business opportunities & reference architecture for E-commerce,” in Proceedings of the 2015 International Conference on Green Computing and Internet of Things, ICGCIoT 2015, 2016, pp. 1577– 1581. doi: 10.1109/ICGCIoT.2015.7380718.
- A. A. Hayajneh, M. Z. A. Bhuiyan, and I. McAndrew, “Improving internet of things (IoT) security with software-defined networking (SDN),” Computers, vol. 9, no. 1, 2020, doi:
- 3390/computers9010008.
- A. Thakkar and R. Lohiya, “A Review on Machine Learning and Deep Learning Perspectives of IDS for IoT: Recent Updates, Security Issues, and Challenges,” Archives of Computational Methods in Engineering, vol. 28, no. 4, pp. 3211–3243, Jun. 2021, doi: 10.1007/s11831-020-09496-0.
- N. Sklavos and I. D. Zaharakis, “Cryptography and security in internet of things (IoTs): Models, schemes, and implementations,” in 2016 8th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2016, 2016. doi: 10.1109/NTMS.2016.7792443.
- M. Mohsin, Z. Anwar, G. Husari, E. Al-shaer, and M. A. Rahman, “IoTSAT : A Formal Framework for Security Analysis of the Internet of Things ( IoT ),” 2016 IEEE Conference on Communications and Network Security (CNS) IoTSAT:, 2016.
- K. Mabodi, M. Yusefi, S. Zandiyan, L. Irankhah, and R. Fotohi, “Multi-level trust-based intelligence schema for securing of internet of things (IoT) against security threats using cryptographic authentication,” Journal of Supercomputing, 2020, doi:
- 1007/s11227-019-03137-5.
- A. Tewari and B. B. Gupta, “Security , Privacy and Trust of different Layers in Internet-of-things ( IoTs ) Framework,” Future Generation Computer Systems, 2018, doi: 10.1016/j.future.2018.04.027.
- M. Grabovica, D. Pezer, S. Popić, and V. Knežević, “Provided security measures of enabling technologies in Internet of Things (IoT): A survey,” in 2016 Zooming Innovation in Consumer Electronics International Conference, ZINC 2016, 2016, pp. 28–31. doi: 10.1109/ZINC.2016.7513647.
- C. M. de Morais, D. Sadok, and J. Kelner, “An IoT sensor and scenario survey for data researchers,” Journal of the Brazilian Computer Society, vol. 25, no. 1, Dec. 2019, doi: 10.1186/s13173019-0085-7.
- J. de Huang and H. C. Hsieh, “Design of gateway for monitoring system in IoT networks,” in Proceedings - 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, GreenCom-iThings-CPSCom 2013, 2013, pp. 1876–1880. doi:
- 1109/GreenCom-iThings-CPSCom.2013.348.
- M. R. Ghori, T. C. Wan, and G. C. Sodhy, “Bluetooth low energy mesh networks: Survey of communication and security protocols,” Sensors (Switzerland), vol. 20, no. 12. MDPI AG, pp. 1–35, Jun. 01, 2020. doi: 10.3390/s20123590.
- F. Moreno-Cruz, V. Toral-López, A. Escobar-Molero, V. U. Ruíz, A.
- Rivadeneyra, and D. P. Morales, “Trench: Ultra-low power wireless communication protocol for iot and energy harvesting,” Sensors (Switzerland), vol. 20, no. 21, pp. 1–21, Nov. 2020, doi: 10.3390/s20216156.
- G. Ferrari, P. Medagliani, S. di Piazza, and M. Martalò, “Wireless sensor networks: Performance analysis in indoor scenarios,” EURASIP J Wirel Commun Netw, vol. 2007, 2007, doi:
- 1155/2007/81864.
- X. Wang, C. Gu, F. Wei, and S. Lu, “Security and Privacy for EdgeAssisted Internet of Things Security Proof for the SKKE Protocol,” Security and Communication Networks, vol. 2021, 2021, doi: 10.1155/2021/9029664.
- S. Ding, J. Liu, and M. Yue, “The Use of ZigBee Wireless Communication Technology in Industrial Automation Control,” Wirel Commun Mob Comput, vol. 2021, 2021, doi: 10.1155/2021/8317862.
- M. Magdin, M. Valovič, Š. Koprda, and Z. Balogh, “Design and realization of interconnection of multifunctional weighing device with sigfox data network,” Agris On-line Papers in Economics and Informatics, vol. 12, no. 2, pp. 99–110, Jun. 2020, doi:
- 7160/aol.2020.120209.
- R. Berto, P. Napoletano, and M. Savi, “A lora-based mesh network for peer-to-peer long-range communication,” Sensors, vol. 21, no. 13, Jul. 2021, doi: 10.3390/s21134314.
- A. Ferriyan, A. H. Thamrin, K. Takeda, and J. Murai, “Generating network intrusion detection dataset based on real and encrypted synthetic attack traffic,” Applied Sciences (Switzerland), vol. 11, no.
- , Sep. 2021, doi: 10.3390/app11177868.
- A. Thakkar and R. Lohiya, “A Review of the Advancement in Intrusion Detection Datasets,” in Procedia Computer Science, 2020, vol. 167, pp. 636–645. doi: 10.1016/j.procs.2020.03.330.
- Nivaashini M., Thangaraj P., Sountharrajan S., Suganya E., and Soundariya R.S, “Effective Feature Selection for Hybrid Wireless IoT Network Intrusion Detection Systems Using Machine Learning Techniques,” Ad Hoc & Sensor Wireless Networks, vol. 49, pp. 175– 206, 2021.
- A. Amin Aburomman and M. bin Ibne Reaz, “Review of IDS Develepment Methods in Machine Learning,” International Journal of Electrical and Computer Engineering (IJECE), vol. 6, no. 5, pp. 2432– 2436, 2016, [Online]. Available:
- http://iaesjournal.com/online/index.php/IJECE
- O. Ibitoye, O. Shafiq, and A. Matrawy, “Analyzing Adversarial Attacks Against Deep Learning for Intrusion Detection in IoT Networks,” Dec. 2019.
- B. Biggio and F. Roli, “Wild patterns: Ten years after the rise of adversarial machine learning,” Pattern Recognit, vol. 84, pp. 317–331, Dec. 2018, doi: 10.1016/j.patcog.2018.07.023.
- G. Apruzzese, M. Andreolini, L. Ferretti, M. Marchetti, and M.
- Colajanni, “Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems,” Digital Threats: Research and Practice, Jun. 2021, doi: 10.1145/3469659.
- M. Usama, M. Asim, S. Latif, H. Qadir, and Ala-Al-Fuqaha, “Generative Adversarial Networks for launching and thwarting Adversial Attacks on Network Intrusion Detection Systems,” 2019.
- S. Zhao, J. Li, J. Wang, Z. Zhang, L. Zhu, and Y. Zhang, “AttackGAN: Adversarial Attack against Black-box IDS using Generative Adversarial Networks,” in Procedia Computer Science, 2021, vol. 187, pp. 128–133. doi: 10.1016/j.procs.2021.04.118.
- Y. Sagduyu, Y. Shi, and T. Erpek, “IoT Network Security from the Perspective of Adversarial Deep Learning,” Cornell University, May 2019, Accessed: Jun. 12, 2022. [Online]. Available:
- https://arxiv.org/abs/1906.00076
- C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long Beach Calif), 2017.
- C. Vijayakumaran, B. Muthusenthil, and B. Manickavasagam, “A reliable next generation cyber security architecture for industrial internet of things environment,” International Journal of Electrical and Computer Engineering, vol. 10, no. 1, pp. 387–395, 2020, doi: 10.11591/ijece.v10i1.pp387-395.
- A. Mehmood, M. Mukherjee, S. H. Ahmed, H. Song, and K. M.
- Malik, “NBC-MAIDS: Naïve Bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks,” Journal of Supercomputing, vol. 74, no. 10, pp. 5156–5170, Oct. 2018, doi: 10.1007/s11227-018-2413-7.
- M. T. Jufri, M. Hendayun, and T. Suharto, “Risk-Assessment Based Academic Information System Security Policy Using OCTAVE
- Allegro and ISO 27002,” Nov. 2017.
- L. Sulay et al., “Aplicación de ISO 27001 y su influencia en la seguridad de la información de una empresa privada peruana Application of ISO 27001 and its influence on the information security of a Peruvian private company,” Propósitos y Representaciones, vol.
- , no. 3, pp. 786–296, Sep. 2020, doi: 10.20511/pyr2020.v8n3.786.
- A. Ibrahim, C. Valli, I. McAteer, and J. Chaudhry, “A security review of local government using NIST CSF: a case study,” Journal of Supercomputing, vol. 74, no. 10, pp. 5171–5186, Oct. 2018, doi: 10.1007/s11227-018-2479-2.
- V. P. Kafle, Y. Fukushima, and H. Harai, “Internet of Things standarization in ITU and prospective networking technologies,” IEEE Communications Magazine, pp. 43–49, 2016.
- W. Park and S. Ahn, “Performance Comparison and Detection Analysis in Snort and Suricata Environment,” Wireless Pers Commun, vol. 94, pp. 241–252, 2017, doi: 10.1007/s11277-016-3209-9.
- A. Rahman, M. Daud, and M. Mohamad, “Securing Sensor to Cloud Ecosystem using Internet of Things ( IoT ) Security Framework,” ICC ’16: Proceedings of the International Conference on Internet of things and Cloud Computing, vol. 2016, no. 79, pp. 1–5, 2016.
- S. Babar, A. Stango, P. Neeli, J. Sed, and R. Prasad, “Proposed Embedded Security Framework for Internet of Things (IoT),” IEEE, pp. 1–5, 2011.
- E. Adi, A. Anwar, Z. Baig, and S. Zeadally, “Machine learning and data analytics for the IoT,” Neural Comput Appl, vol. 32, no. 20, pp.
- –16233, Oct. 2020, doi: 10.1007/s00521-020-04874-y.
- M. Kim, N. Y. Lee, and J. H. Park, “A security generic service interface of internet of things (IoT) platforms,” Symmetry (Basel), vol.
- , no. 9, 2017, doi: 10.3390/sym9090171.
- A. M. Zarca, J. B. Bernabe, A. Skarmeta, and J. M. Alcaraz Calero, “Virtual IoT HoneyNets to mitigate cyberattacks in SDN/NFVEnabled IoT networks,” IEEE Journal on Selected Areas in
- Communications, vol. 38, no. 6, pp. 1262–1277, Jun. 2020, doi: 10.1109/JSAC.2020.2986621.
- A. Alhowaide, I. Alsmadi, and J. Tang, “PCA, Random-forest and pearson correlation for dimensionality reduction in IoT IDS,” Sep.
- doi: 10.1109/IEMTRONICS51293.2020.9216388.
- A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, and Adna N Anwar, “TON-IoT telemetry dataset: A new generation dataset of IoT and IIoT for data-driven intrusion detection systems,” IEEE Access, vol. 8, pp. 165130–165150, 2020, doi: 10.1109/ACCESS.2020.3022862.
- A. A. Diro and N. Chilamkurti, “Distributed attack detection scheme using deep learning approach for Internet of Things,” Future Generation Computer Systems, vol. 82, pp. 761–768, May 2018, doi: 10.1016/j.future.2017.08.043.
- S. Hernández Ramos, M. T. Villalba, and R. Lacuesta, “MQTT Security: A Novel Fuzzing Approach,” Wirel Commun Mob Comput, vol. 2018, 2018, doi: 10.1155/2018/8261746.
- S. N. Matheu-García, J. L. Hernández-Ramos, A. F. Skarmeta, and G. Baldini, “Risk-based automated assessment and testing for the cybersecurity certification and labelling of IoT devices,” Comput Stand Interfaces, vol. 62, pp. 64–83, 2019, doi:
- 1016/j.csi.2018.08.003.
- E. Wazoel Lubua and P. D. Pretorius, “Cyber-security Policy Framework and Procedural Compliance in Public Organisations,” in Proceedings of the International Conference on Industrial Engineering and Operations Management Pilsen, 2019, pp. 23–26. [Online].
- Available: https://thelawdictionary.org/policy-framework/
- R. Kwon, T. Ashley, J. Castleberry, P. McKenzie, and S. N. Gupta Gourisetti, “Cyber threat dictionary using MITRE ATTCK matrix and NIST cybersecurity framework mapping,” in 2020 Resilience Week, RWS 2020, Oct. 2020, pp. 106–112. doi:
- 1109/RWS50334.2020.9241271.
- W. Xiong, E. Legrand, O. Aberg, and Lagerström Robert, “Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix,” Softw Syst Model, pp. 1–21, 2021.
- A. Georgiadou, S. Mouzakitis, and D. Askounis, “Assesing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework,” Sensors, vol. 21, no. 3267, pp. 1–14, 2021.
- M. Frayssinet Delgado, D. Esenarro, F. F. Juárez Regalado, and M. Díaz Reátegui, “Methodology based on the NIST cybersecurity framework as a proposal for cybersecurity management in government organizations,” 3C TIC: Cuadernos de desarrollo aplicados a las TIC, vol. 10, no. 2, pp. 123–141, Jun. 2021, doi:
- 17993/3ctic.2021.102.123-141.
- D. Sulistyowati, F. Handayani, and Y. Suryanto, “Comparative Analysis and Design of Cybersecurity Maturity Assessment
- Methodology Using NIST CSF, COBIT, ISO/IEC 27002 and PCI
- DSS,” International Journal on Informatics Visualization, vol. 4, no. 4, pp. 225–230, 2020.
- C. B. Espinosa Garrido and L. Rosales Roldan, “Marco de referencia de ciberseguridad para dispositivos de IoT usando la tecnología de IDS,” in Décima Segunda Conferencia Iberoamericana de Complejidad, Informática y Cibernética, Mar. 2022, pp. 210–215.
- V. Kelli, V. Argyriou, T. Lagkas, G. Fragulis, E. Grigoriou, and P.
- Sarigiannidis, “Ids for industrial applications: A federated learning approach with active personalization,” Sensors, vol. 21, no. 20, Oct.
- , doi: 10.3390/s21206743.
- K. Muthamil Sudar and P. Deepalakshmi, “An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier,” Journal of Intelligent and Fuzzy Systems, vol. 40, no. 3, pp. 4237–4256, 2021, doi: 10.3233/JIFS-200850.
- M. S. Akhtar and T. Feng, “Deep Learning-Based Framework for the Detection of Cyberattack Using Feature Engineering,” Security and Communication Networks, vol. 2021, 2021, doi:
- 1155/2021/6129210.
- A. Kim, M. Park, and D. H. Lee, “AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection,” IEEE Access, vol.
- , pp. 70245–70261, 2020, doi: 10.1109/ACCESS.2020.2986882.
- J. Aveleira-Mata, Á. L. Muñoz-Castañeda, M. T. García-Ordás, C.
- Benavides-Cuellar, J. A. Benítez-Andrades, and H. Alaiz-Moretón, “IDS prototype for intrusion detection with machine learning models in IoT systems of the Industry 4.0,” Dyna (Spain), vol. 93, no. 3, pp.
- –275, May 2021, doi: 10.6036/10011.
- L. Santos, C. Rabadão, and R. Gonçalves, “Intrusion Detection Systems in Internet of Things,” Jun. 2018.
- “Suricata Detect Dos Attack,” Open Source Libs, May 06, 2022.
- https://opensourcelibs.com/lib/suricata-detect-dos-attack (accessed May 04, 2022).
- “CVE - Search Results,” The MITRE Corporation, May 06, 2022.
- https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mqtt (accessed May 04, 2022).
- “Matrix | MITRE ATT&CK®,” MITRE ATT&CK, Apr. 21, 2022.
- https://attack.mitre.org/matrices/ics/ (accessed May 03, 2022).
Abstract Views: 196
PDF Views: 1