Machine Learning-Based Security Solutions for IoT Networks: A Comprehensive Survey
Abstract
1. Introduction
- A comprehensive, up-to-date analysis of ML techniques for IoT security (2020–2024), identifying emerging trends and methodologies.
- Examination of key IoT security issues, including data protection, intrusion detection, privacy concerns, trust management, and threat mitigation across healthcare, the IoT, smart cities, and the IoV.
- Systematic analysis of AI methods such as ML, DL, ensemble learning (EL), transfer learning (TL), and FL in addressing IoT vulnerabilities in various domains.
- Comparative assessment of prior IoT security studies, highlighting unique contributions, gaps, and overlaps in the literature across healthcare, the IIoT, smart cities, and the IoV.
- Evaluation of challenges and limitations in applying ML techniques to IoT security, offering insights for scalable and practical security frameworks.
2. Closely Related Surveys
- ML Applications in IoT Security. ML has been widely explored to address IoT security challenges [30]. While numerous surveys examine specific aspects of IoT security, they often have a limited scope, focusing on isolated applications or techniques. Our research provides a comprehensive review across multiple IoT applications, leveraging advanced ML methodologies.
- General Surveys on IoT Security. Al-Garadi et al. [17] classify ML and DL methods based on their applications across IoT architecture layers, analyzing their security benefits and challenges. However, this study is restricted to security techniques and does not extend to other IoT applications. Hussain et al. [14] present a broad review of ML and DL in IoT security but lack specificity in addressing critical domains like healthcare, industrial IoT (IIoT), and smart cities. Ashraf et al. [18] and Jayalaxmi et al. [25] focus on ML-based intrusion detection systems (IDSs) in IoT networks but overlook broader security solutions.
- Domain-Specific Surveys in IoT. Bharadwaj et al. [19] and Bhuiyan et al. [13] explore ML applications in the healthcare IoT (H-IoT), focusing on patient monitoring and diagnosis. However, they lack discussions on the IIoT and smart cities. Sharma et al. [20] review ML and DL applications for IIoT security but do not consider other IoT domains. Ali et al. [22] and Alalwany et al. [23] focus on ML techniques in the IoV, addressing traffic management and data security but excluding other critical IoT applications.
- Advanced ML Techniques and Trends. Mazhar et al. [27] and Gugueoth et al. [8] review federated learning (FL) and DL for IoT security, emphasizing privacy preservation. However, these studies focus solely on security aspects, neglecting broader IoT applications. Al-Turjman et al. [24], Wu et al. [12], and Ismagilova et al. [26] examine ML in smart city IoT environments but primarily address conventional security frameworks. Pandya et al. [29] review FL’s role in smart cities, emphasizing security but limiting their analysis to this domain.
- Research Gaps and Contributions. Unlike previous surveys, our research provides a comprehensive analysis of ML techniques for IoT security from 2020 to 2024. We address diverse security challenges, including data protection, intrusion detection, privacy, and trust management, across key IoT applications such as the IIoT, healthcare, the IoV, and smart cities. We evaluate advanced ML techniques such as DL, EL, transfer learning (TL), and FL, offering a systematic comparison of previous studies. Furthermore, Table 1 illustrates the comparative analysis, highlighting the novel contributions of our study.
3. Methodology
- Literature Search: A systematic search was conducted across major academic databases, including IEEE Xplore, Nature, ScienceDirect, MDPI, SpringerLink, and Google Scholar, to identify relevant research published between 2020 and 2024. Specific keywords related to ML and IoT security were used to ensure comprehensive coverage.
- Selection: Research papers were analyzed for key aspects such as ML techniques used, IoT applications addressed, and security challenges encountered. The search, conducted in August 2024, identified over 200 papers. Selection criteria included:
- –
- Publication between 2020 and 2024.
- –
- Relevance to ML and IoT security.
- –
- Use of sound methodologies in analyzing ML techniques for IoT security.
- Data Extraction and Analysis: Extracted data were analyzed to identify trends, research gaps, and future opportunities. ML techniques were classified based on their applications in various IoT domains, providing a structured assessment of their effectiveness in addressing security challenges in the IIoT, healthcare, the IoV, and smart cities.
4. Internet of Things: Foundations and Applications
4.1. IoT Architecture and Market Potential
4.2. IoT-Related Applications
4.2.1. Internet of Vehicles (IoV)
- Typical Components of the IoV:
- –
- Vehicle to Vehicle (V2V): Allows vehicles to exchange information with each other about speed, direction, and location to prevent accidents and improve traffic flow.
- –
- Vehicle to Infrastructure (V2I): Communication between vehicles and road infrastructure, such as traffic lights, parking spaces, and toll booths.
- –
- Vehicle to Pedestrian (V2P): Ensures safety for pedestrians by alerting vehicles about their presence, especially in dense urban areas.
- –
- Vehicle to Cloud (V2C): Vehicles communicate with cloud servers for data storage, analysis, and updates, such as weather and road conditions.
- Typical Applications of IoV:
- –
- Traffic Management: Real-time data from IoV systems helps manage traffic flow, reduce congestion, and provide optimal routing for drivers.
- –
- Safety Features: The IoV enables advanced safety features, such as collision warnings, emergency braking systems, and pedestrian alerts.
- –
- Autonomous Driving: The IoV is a foundation for autonomous vehicles, providing data needed for safe and effective self-driving functionality.
- –
- Entertainment and Personalization: The IoV can enhance in-car entertainment systems, enabling personalized experiences by syncing with devices and user preferences.
- –
- Fleet Management: For commercial vehicles, the IoV offers tools for monitoring vehicle performance, driver behavior, and route optimization.
4.2.2. Healthcare IoT
- Typical Components of the Healthcare IoT:
- –
- Device to Device (D2D): Enables direct communication between medical devices, such as wearables and monitors, to share real-time health data.
- –
- Device to Hospital (D2H): Connects patient devices to healthcare providers, allowing for remote monitoring, alerts, and quick response to patient needs.
- –
- Device to Patient (D2P): Allows healthcare devices to provide feedback directly to patients, such as reminders for medication or alerts for abnormal health readings.
- –
- Device to Cloud (D2C): Healthcare devices communicate with cloud servers for storing large volumes of patient data, analytics, and updates on medical conditions.
- Typical Applications of the Healthcare IoT:
- –
- Remote Patient Monitoring: Allows healthcare providers to monitor patient’s health data in real time, enabling early detection of health issues and reducing hospital visits.
- –
- Smart Wearables: Devices such as fitness trackers and smartwatches track health metrics like heart rate, oxygen levels, and physical activity, providing insights to users and physicians.
- –
- Telemedicine: Enables virtual consultations and remote diagnosis, reducing the need for physical hospital visits and making healthcare accessible in remote areas.
- –
- Medication Management: IoT devices can remind patients to take medication, track adherence, and provide alerts for missed doses or potential drug interactions.
- –
- Emergency Assistance: IoT-connected devices can detect emergencies (e.g., falls, heart attacks) and automatically alert healthcare providers or emergency services for immediate response.
4.2.3. Industrial IoT (IIoT)
- Typical Components of the Industrial IoT (IIoT):
- –
- Machine to Machine (M2M): Enables direct communication between industrial machines and equipment, facilitating automation and real-time data exchange for operational efficiency.
- –
- Machine to Cloud (M2C): Industrial machines communicate with cloud servers to store, process, and analyze large datasets, enabling predictive maintenance and advanced analytics.
- –
- Machine to Human (M2H): Provides interfaces for human operators to interact with machinery, allowing for monitoring, control, and adjustments based on real-time feedback.
- –
- Machine to Enterprise (M2E): Integrates machine data with enterprise systems, such as ERP and supply chain management, to optimize business operations and decision-making.
- Typical Applications of the Industrial IoT (IIoT):
- –
- Predictive Maintenance: Uses sensor data to monitor equipment health, predict failures, and schedule maintenance before breakdowns occur, reducing downtime and maintenance costs.
- –
- Process Automation: Enhances production processes through automated control systems, improving efficiency, quality, and consistency in manufacturing.
- –
- Quality Control: The IIoT enables real-time monitoring of product quality, detecting defects early and ensuring compliance with quality standards.
- –
- Asset Tracking: Provides real-time location and condition monitoring of assets, such as tools, machinery, and vehicles, improving asset utilization and management.
- –
- Energy Management: Monitors energy consumption across industrial processes, enabling efficient energy use, cost savings, and environmental sustainability.
4.2.4. Smart City IoT
- Typical Components of the Smart City IoT:
- –
- Sensor Networks: Deploy sensors across the city to monitor various parameters such as air quality, noise levels, temperature, and traffic conditions.
- –
- City to Citizen (C2C): Facilitates communication between city infrastructure and citizens, providing real-time information on traffic, public transportation, and city services.
- –
- City to Cloud (C2C): Connects urban infrastructure to cloud platforms for centralized data storage, analysis, and management of city resources.
- –
- City to Vehicle (C2V): Enables vehicles to interact with city infrastructure, such as traffic lights and parking systems, to optimize traffic flow and parking availability.
- Typical Applications of the Smart City IoT:
- –
- Smart Traffic Management: Uses real-time data from sensors and connected vehicles to manage traffic flow, reduce congestion, and optimize signal timing.
- –
- Waste Management: Implements smart bins with sensors to monitor waste levels, optimizing collection routes and reducing unnecessary pickups.
- –
- Energy Management: Monitors and manages energy consumption in city buildings, streetlights, and public facilities, enhancing energy efficiency and sustainability.
- –
- Public Safety: Deploys IoT-enabled surveillance and emergency response systems to enhance safety and ensure quick response to incidents.
- –
- Environmental Monitoring: Tracks air quality, water levels, and pollution levels to inform environmental policies and ensure the well-being of citizens.
4.3. Challenges in IoT-Related Applications
4.3.1. Challenges in the IoV
- Security: IoV systems are susceptible to cyberattacks such as data tampering, spoofing, and denial-of-service (DoS) attacks [23]. Ensuring the integrity and availability of communication among vehicles and infrastructure is critical to prevent accidents and maintain traffic flow.
- Privacy: As the IoV collects sensitive data (e.g., location, speed, driving behaviour), protecting the privacy of drivers and passengers is essential [23]. Unauthorized access to this information could lead to tracking or profiling of individuals.
- Trust: Trust is vital in ensuring the authenticity of data exchanged among vehicles and infrastructure. Malicious vehicles or compromised infrastructure components can inject false information, leading to potentially dangerous situations [23].
4.3.2. Challenges in the Healthcare IoT
- Security: Healthcare IoT devices are often vulnerable to attacks that could compromise patient data and device functionality [39]. Ensuring device security against unauthorized access and maintaining system integrity is crucial to prevent data breaches.
- Privacy: Patient data in IoT systems is highly sensitive [39]. It requires robust measures for data anonymization and secure transmission to prevent unauthorized access and ensure compliance with healthcare privacy regulations.
- Trust: Trust in healthcare IoT devices and systems is necessary to ensure the reliability of health monitoring and diagnostics [40]. Patients and providers must trust the accuracy of data and alerts, particularly in critical situations.
4.3.3. Challenges in the Industrial IoT (IIoT)
- Security: IIoT systems can be targets of industrial espionage, sabotage, or ransomware attacks, threatening operational continuity and safety [41]. Protecting industrial control systems from these threats is essential to avoid significant economic losses.
- Privacy: Although privacy concerns are less prominent in the IIoT compared to consumer applications, data about operational processes and employees’ interactions with machines could still pose privacy risks if mishandled [41].
- Trust: In the IIoT, trust is required in the reliability of sensor data and automated decision-making processes [42]. Any compromised or malfunctioning device can lead to inaccurate insights, affecting productivity and safety.
4.3.4. Challenges in the Smart City IoT
- Security: Smart city infrastructures is exposed to a variety of cyber threats, including attacks on public services like traffic management and utilities [43]. Ensuring the resilience of smart city systems is essential to maintain public safety and prevent service disruptions.
- Privacy: Smart cities gather vast amounts of data from citizens, which can include location, behavioral, and personal data [43]. Maintaining citizen privacy through data minimization, anonymization, and strict access controls is a significant challenge.
- Trust: Trust is essential between the city and its citizens to ensure data integrity and reliability of services. Citizens must trust that their data are secure and that city systems provide accurate information for services such as traffic and public safety [43].
5. Machine Learning (ML): Foundations and Techniques in the IoT
5.1. Supervised Learning
- Decision Trees: Used for real-time decision-making in IoT systems, such as determining whether the current state of a device is normal or anomalous based on sensor inputs [53].
- Support Vector Machines (SVMs): Well suited for scenarios with clear class separation, such as distinguishing between normal and anomalous network traffic patterns in IoT systems [56].
- Neural Networks: Applied to more complex anomaly detection tasks, particularly for identifying subtle patterns in large-scale IoT data that simpler models might overlook.
- K-Nearest Neighbors (KNN): Effective for anomaly detection in IoT scenarios with smaller datasets, where anomalies are identified based on their proximity to known normal instances [57].
5.2. Unsupervised Learning
- K-Means Clustering: Used in the IoT for grouping similar device behavior, such as energy consumption patterns in smart meters. Anomalies are detected as data points that do not fit well into any cluster.
- DBSCAN (Density-Based Spatial Clustering of Applications with Noise): Effective for identifying anomalies in network traffic data by clustering normal behavior and detecting anomalies as noise points.
- Principal Component Analysis (PCA): Used in the IoT for feature reduction in sensor data, aiding in anomaly detection by highlighting unusual variance.
- Distributed Stochastic Neighbor Embedding (t-SNE): Useful for visualizing complex IoT data and detecting clusters of anomalous behavior.
5.3. Reinforcement Learning
- Wireless Sensor Networks (WSNs): An RL agent can dynamically allocate bandwidth based on real-time network conditions, reducing power consumption while maintaining data integrity [60].
- Edge Computing: RL agents optimize task scheduling and resource allocation by learning from past decisions, thereby minimizing latency and energy consumption [61].
- Smart Grid Management: RL agents predict energy consumption patterns and adjust resource distribution accordingly, enhancing grid stability and reducing energy waste [62].
- Traffic Management in Smart Cities: RL dynamically adjusts traffic signal timings based on real-time data to optimize traffic flow and reduce congestion [63].
- Agent: The decision-making entity that interacts with the IoT environment (e.g., a software agent managing network resources).
- Environment: The IoT system with which the agent interacts (e.g., a network of sensors and devices).
- State: The current condition of the environment, providing context for decision-making (e.g., current bandwidth usage, device battery levels).
- Action: A decision taken by the agent that influences the environment’s state (e.g., allocating additional bandwidth to a device).
- Reward: Feedback received after an action, indicating its effectiveness (e.g., improved network performance results in a positive reward).
- Policy: A strategy used by the agent to determine actions based on the current state (e.g., rules for resource allocation).
- Value Function: An estimate of the expected cumulative reward for a given state or action, guiding the agent towards optimal decisions.
- Q-Learning: A model-free algorithm that learns the value of actions in each state to formulate a policy. It is particularly useful in environments that are too complex to model accurately [65].
- Deep Q-Networks (DQN): An extension of Q-learning that integrates Deep Neural Networks to manage high-dimensional state spaces, making it ideal for complex IoT environments [66].
- Policy Gradient Methods: These methods directly learn a policy that maps states to actions, enabling continuous action spaces and stochastic policies [67].
- Actor–Critic Methods: A hybrid approach that combines value function estimation (critic) with policy learning (actor), improving stability and efficiency in complex decision-making scenarios [68].
5.4. Deep Learning
- Anomaly Detection: Anomaly detection is critical for identifying irregular activities or deviations from normal behavior, which could indicate security threats such as intrusions or malware attacks as [69]. Several deep learning techniques such as Recurrent Neural Networks (RNNs), Long Short-Term Memory (LSTM) networks and Autoencoders can used for anomaly detection. RNNs and LSTM can learn patterns of normal behavior in IoT data streams and detect anomalies, such as unexpected spikes in network traffic or unusual device activity, which may indicate security breaches. Furthermore, Autoencoders can be used to detect anomalies in network traffic data, device behavior logs, or sensor readings, helping to identify potential security threats.
- Intrusion Detection Systems (IDSs): Deep learning can enhance traditional intrusion detection systems by providing more accurate and adaptive threat detection [25,70]. Convolutional Neural Networks (CNNs) can classify network traffic patterns and detect intrusions based on anomalies in data packets, improving the detection of sophisticated cyberattacks. Moreover, Hybrid models, such as combining CNNs with LSTMs, can be used for real-time intrusion detection in IoT networks, leveraging both static and dynamic data features.
- Malware Detection: Deep learning can be utilized to identify and prevent malware attacks on IoT devices by analyzing code or behavior patterns. For instance, Deep Belief Networks (DBNs) and Restricted Boltzmann Machines (RBMs) can analyze binary code or network behavior to detect malware signatures or suspicious activities, offering proactive protection against cyber threats [71].
- Authentication and Access Control Deep learning can enhance authentication mechanisms by analyzing behavioral biometrics or device usage patterns [72]. RNNs, for example, can be used to detect unusual login attempts or access patterns, providing an additional layer of security through behavior-based authentication.
5.5. Ensemble Learning
- Bagging (Bootstrap Aggregating): Random Forest is a well-known bagging technique where each model is a Decision Tree. It is widely used in IoT applications for tasks like anomaly detection and sensor data classification due to its robustness and accuracy [74].
- Boosting: AdaBoost, Gradient Boosting, and XGBoost are popular boosting algorithms used in the IoT for improving predictive performance in areas such as network intrusion detection and fault diagnosis [75].
5.6. Federated Learning
- Decentralized Data: Unlike traditional machine learning, where data are collected and processed centrally, federated learning keeps the data on local devices. Only the model updates (gradients) are shared with a central server [81].
- Privacy and Security: Since the data never leave the local devices, federated learning offers enhanced privacy and security, reducing the risk of data breaches [82].
- Collaborative Learning: Multiple devices collaboratively contribute to the model’s learning process, improving its generalization across diverse data sources [83].
- Communication Efficiency: Federated learning reduces the need to transmit large datasets over the network, focusing instead on model updates, which are typically smaller [84].
5.7. Transfer Learning
- Anomaly Detection: Transfer learning allows for quick adaptation to various sensor environments, enabling real-time anomaly detection without the need for extensive data collection and labeling.
- Malware Classification: This approach accelerates the development of malware detection systems, enhancing their ability to recognize and respond to evolving threats.
6. Security Requirements and Cyberattack Landscape in IoT Applications
6.1. Security Requirements
6.1.1. Smart Cities
6.1.2. Healthcare IoT
- Regulatory Compliance: Compliance with healthcare regulations mitigates legal and ethical risks [13].
6.1.3. Connected Vehicles
6.1.4. Industrial IoT (IIoT)
6.2. Common Threats and Cyberattack Types
6.2.1. DoS and DDoS Attacks
- Impact in Each Application:
- Smart City: Disruptions in traffic management, energy distribution, and public safety due to DDoS attacks can cause severe consequences. The IDCPRO-DLM model achieved 98.53% accuracy in detecting such attacks [86].
- Healthcare: DDoS attacks disrupt real-time monitoring and patient care. Federated Generative Adversarial Network (GAN) models achieved 92.98% accuracy in mitigating these attacks [128].
- Connected Vehicles: Attacks can impair Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication, increasing accident risks. Long Short-Term Memory (LSTM) models achieved 99.5% accuracy in detection [129].
- IIoT: Disruptions in manufacturing and supply chains are major concerns. A stacked ensemble model achieved 99.7% accuracy in detecting DDoS threats [130].
6.2.2. Data Breaches
- Impact in Each Application:
- Smart City: Breaches expose citizen data and critical infrastructure information. Privacy-preserving frameworks using blockchain enhance security [133].
- Healthcare: Exposure of patient data can violate privacy laws such as the Health Insurance Portability and Accountability Act (HIPAA). ML models achieved over 95% accuracy in detecting breaches [134].
- Connected Vehicles: Data breaches compromise passenger privacy and security. Federated learning (FL) models improved breach mitigation with an 82.6% coverage rate [135].
- IIoT: Breaches expose industrial secrets and disrupt operations. FL with deep reinforcement learning (DRL) achieved high accuracy in breach detection [136].
6.2.3. Unauthorized Access
- Impact in Each Application:
- Smart City: Attackers may control street lighting or public utilities. Kernel Principal Component Analysis (KPCA) with VGG-16 achieved 96% accuracy in detecting unauthorized access [142].
- Healthcare: Unauthorized control of medical devices can endanger patients. Federated GAN models achieved 92.98% accuracy in securing the healthcare IoT [128].
- Connected Vehicles: Unauthorized access can compromise vehicle safety. Transfer learning (TL) with Convolutional Neural Networks (CNNs) reached 99.25% detection rates [143].
- IIoT: Attackers can halt production and disrupt supply chains. Hybrid LSTM–Deep Neural Network (DNN) models achieved 99.94% accuracy in IIoT security [144].
6.2.4. Poisoning Attacks
- Impact in Each Application:
- Smart City: Compromised ML models affect traffic and resource management. Blockchain-based validation systems mitigate such risks [133].
- Healthcare: Poisoned data can lead to incorrect diagnoses. FL with Secure Multi-Party Computation (SMPC) achieved 97.69% accuracy in mitigating these attacks [147].
- Connected Vehicles: Poisoned navigation data reduce communication reliability. TL models improved robustness against such attacks [148].
- IIoT: Corrupted data impact industrial decision-making. FL with Generative Adversarial Networks (GANs) improved detection accuracy by 8% [149].
6.2.5. Malware and Botnets
- Impact in Each Application:
- Healthcare: Malware in medical devices can compromise patient care. LSTM–Decision Tree (DT) models achieved 0.96 F1-score in detecting threats [153].
- Connected Vehicles: Malware disrupts vehicular communication and safety features. ML models achieved high precision in botnet detection [154].
- IIoT: Malware can halt production and steal industrial data. Hybrid LSTM-DNN models achieved 99.94% accuracy in botnet detection [144].
7. Intrusion Detection Systems (IDSs) in the IoT: Mechanisms, Techniques, and Challenges
7.1. Background and Overview
- Unauthorized File Access: Detecting unauthorized access to sensitive files.
- Denial of Service (DoS): Identifying DoS attacks that disrupt network availability.
- Insider Threats: Recognizing potential abuse by authorized users.
- Zero-Day Exploits: Detecting unknown vulnerabilities and attacks.
- Buffer Overflow: Identifying software vulnerabilities from buffer overflows.
- Malware Infections: Detecting malicious software, including viruses, worms, and Trojans.
- Phishing Attacks: Identifying deceptive emails or websites aimed at stealing sensitive information.
- Man-in-the-Middle Attacks: Detecting interception and potential alteration of communications.
- Data Exfiltration: Preventing unauthorized transfer of sensitive data.
7.2. Intrusion Detection Mechanisms for the IoT
- Signature-Based Detection: Identifies known threats by matching activity with stored attack signatures.
- Anomaly-Based Detection: Detects outliers by comparing activity against normal behavioral baselines.
- ML-Based Detection: Uses ML algorithms to analyze data and detect complex attack patterns.
- Hybrid Approaches: Combine signature-based and anomaly-based methods for improved detection.
7.3. Challenges
- Emerging and Sophisticated Attacks: IoT networks comprise numerous interconnected devices, making them at risk of emerging and more complex cyber attacks. The current IDS solutions lack the capability to accurately identify and understand emerging attack patterns, making them less effective in detecting new types of attacks. Therefore, developing innovative and lightweight IDS solutions is essential to enhance detection accuracy and mitigate emerging threats.
- Privacy and Confidentiality: IoT environments collect and transmit vast amounts of sensitive data, including personal, health, and financial information. Ensuring IDS-monitored data remain private and confidential is essential, given the critical nature of such environments. Furthermore, IDSs are vulnerable to adversarial attacks, leading it to fail to detect new threats.
- High False Positive Rates: Excessive false positives reduce the effectiveness of anomaly-based IDSs. This challenge arises from the difficulty in differentiating between benign anomalies and genuine attacks, resulting in excessive false alarms and diminished trust in the IDS. Incorporating advanced techniques, such as artificial intelligence (AI) and statistical models, can enhance accuracy and minimize false alerts.
- Explainability: Many IDS solutions, particularly those based on ML and DL, operate as “black boxes,” making decision-making processes opaque. A lack of transparency reduces trust and hinders adoption. XAI techniques can address this issue by understanding attack patterns and providing interpretations of detection results, which in turn supports and enhances the decision-making process.
- Scalability: The growing IoT ecosystem generates massive data volumes, increasing device interconnectivity and expanding attack vectors. To prevent IDS overload, scalable solutions such as distributed architectures, edge computing, and cloud-based approaches must be implemented.
- Computational Complexity: Due to the nature of IoT systems, integrating machine learning approaches introduces computational challenges that require additional resources and careful optimization to maintain system efficiency.
- Evaluation Metrics: IoT systems often handle sensitive data (e.g, healthcare date). However, existing assessment measures are unable to evaluate how successfully IDS maintain a balance between effective security detection and privacy preservation.
8. ML-Based Security Solutions in the IoT: Addressing Security, Privacy, and Trust
8.1. Smart Cities
8.1.1. Observations and Lessons Learned
- Federated learning and ensemble methods improve both accuracy and privacy yet are constrained by computation and communication overheads.
- Trust modeling is being integrated into ML pipelines using historical and consensus-based approaches, though trust remains loosely defined and inconsistently evaluated.
- XAI emerges as essential for public-facing smart services, providing transparency without heavily compromising performance.
- Multi-layered defenses, including biometric and blockchain-based methods, show strong potential but lack extensive real-world testing.
8.1.2. Future Work
- Lightweight FL and XAI models suitable for edge devices in dense urban networks.
- Standardized trust frameworks to guide deployment and evaluation of trustworthy AI in smart city services.
- Interdisciplinary integration of privacy-preserving ML with legal regulations such as GDPR.
- Real-world smart city testbeds to validate ML models at scale in heterogeneous environments.
8.2. Healthcare
8.2.1. Observations and Lessons Learned
- Federated learning supports privacy-preserving training but introduces synchronization and convergence issues in resource-limited devices.
- Ensemble and meta-learning significantly improve detection accuracy and adaptiveness, particularly in dynamic health data environments.
- Optimization methods (e.g., firefly algorithm, genetic algorithms) refine model selection and reduce false alarms yet raise complexity and deployment overhead.
- Interpretability is crucial, especially when decisions affect patient care; however, few studies balance this with high performance.
8.2.2. Future Work
- Efficient FL systems tailored to IoMT with reduced bandwidth and latency requirements.
- Adaptive models for evolving threats, capable of handling new attack patterns in real time.
- Transparent decision-making tools for clinical environments, combining interpretability with high detection accuracy.
- Scalable healthcare IoT frameworks tested on diverse clinical datasets and integrated with healthcare standards (e.g., HIPAA).
8.3. Internet of Vehicles (IoV)
8.3.1. Observations and Lessons Learned
- Hybrid DL models (e.g.,: LSTM and GRU) are highly effective at detecting network anomalies in real-time but consume significant resources.
- Transfer learning reduces training time and supports cross-domain knowledge reuse, improving attack detection with limited data.
- Trust management systems, especially those using contextual and adaptive metrics, enhance the resilience of vehicular networks.
- Blockchain and federated learning combinations improve privacy and integrity but often remain conceptual with limited field testing.
8.3.2. Future Work
- Edge-optimized IDS models that balance detection precision with low latency and resource use.
- Online learning systems that continuously update with new threats in vehicular networks.
- Blockchain-integrated FL frameworks with minimal communication overhead.
- Field-deployable prototypes tested in diverse IoV environments (e.g.,: urban vs. highway) for performance and robustness.
8.4. Industrial Internet of Things (IIoT)
8.4.1. Observations and Lessons Learned
- FL and blockchain-based architectures preserve privacy and decentralize learning, essential for multi-stakeholder industrial systems.
- Autoencoders and hybrid DL models excel at anomaly and intrusion detection, especially for unknown or stealthy attacks.
- Optimization techniques like SMO and GANs enhance performance but demand careful tuning and add overhead.
- Handling non-IID data and imbalanced datasets is a recurring challenge, with transfer learning showing promise in addressing it.
8.4.2. Future Work
- Lightweight and scalable IDS frameworks capable of real-time detection under constrained computation.
- Federated anomaly detection models resilient to adversarial and poisoning attacks in heterogeneous IIoT setups.
- Explainable AI for critical industrial systems to support traceable decision-making in high-risk environments.
- Cross-domain generalization strategies to ensure IDS adaptability to new attack vectors or evolving industrial protocols.
9. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Yuehong, Y.; Zeng, Y.; Chen, X.; Fan, Y. The internet of things in healthcare: An overview. J. Ind. Inf. Integr. 2016, 1, 3–13. [Google Scholar]
- Yang, F.; Wang, S.; Li, J.; Liu, Z.; Sun, Q. An overview of internet of vehicles. China Commun. 2014, 11, 1–15. [Google Scholar] [CrossRef]
- Boyes, H.; Hallaq, B.; Cunningham, J.; Watson, T. The industrial internet of things (IIoT): An analysis framework. Comput. Ind. 2018, 101, 1–12. [Google Scholar] [CrossRef]
- Kim, T.H.; Ramos, C.; Mohammed, S. Smart city and IoT. Future Gener. Comput. Syst. 2017, 76, 159–162. [Google Scholar] [CrossRef]
- Shaqrah, A.; Almars, A. Examining the internet of educational things adoption using an extended unified theory of acceptance and use of technology. Internet Things 2022, 19, 100558. [Google Scholar] [CrossRef]
- Elgazzar, K.; Khalil, H.; Alghamdi, T.; Badr, A.; Abdelkader, G.; Elewah, A.; Buyya, R. Revisiting the internet of things: New trends, opportunities and grand challenges. Front. Internet Things 2022, 1, 1073780. [Google Scholar] [CrossRef]
- Iftikhar, A.; Qureshi, K.N.; Shiraz, M.; Albahli, S. Security, trust and privacy risks, responses, and solutions for high-speed smart cities networks: A systematic literature review. J. King Saud-Univ.-Comput. Inf. Sci. 2023, 35, 101788. [Google Scholar] [CrossRef]
- Gugueoth, V.; Safavat, S.; Shetty, S. Security of Internet of Things (IoT) using federated learning and deep learning—Recent advancements, issues and prospects. Ict Express 2023, 9, 941–960. [Google Scholar] [CrossRef]
- Humayun, M.; Jhanjhi, N.Z.; Alsayat, A.; Ponnusamy, V. Internet of things and ransomware: Evolution, mitigation and prevention. Egypt. Inform. J. 2021, 22, 105–117. [Google Scholar] [CrossRef]
- Awotunde, J.B.; Jimoh, R.G.; Folorunso, S.O.; Adeniyi, E.A.; Abiodun, K.M.; Banjo, O.O. Privacy and security concerns in IoT-based healthcare systems. In The Fusion of Internet of Things, Artificial Intelligence, and Cloud Computing in Health Care; Springer: Berlin/Heidelberg, Germany, 2021; pp. 105–134. [Google Scholar]
- Tawalbeh, L.; Muheidat, F.; Tawalbeh, M.; Quwaider, M. IoT Privacy and security: Challenges and solutions. Appl. Sci. 2020, 10, 4102. [Google Scholar] [CrossRef]
- Wu, H.; Han, H.; Wang, X.; Sun, S. Research on artificial intelligence enhancing internet of things security: A survey. IEEE Access 2020, 8, 153826–153848. [Google Scholar] [CrossRef]
- Bhuiyan, M.N.; Rahman, M.M.; Billah, M.M.; Saha, D. Internet of things (IoT): A review of its enabling technologies in healthcare applications, standards protocols, security, and market opportunities. IEEE Internet Things J. 2021, 8, 10474–10498. [Google Scholar] [CrossRef]
- Hussain, F.; Hussain, R.; Hassan, S.A.; Hossain, E. Machine learning in IoT security: Current solutions and future challenges. IEEE Commun. Surv. Tutor. 2020, 22, 1686–1721. [Google Scholar] [CrossRef]
- Sarker, I.H.; Khan, A.I.; Abushark, Y.B.; Alsolami, F. Internet of things (IoT) security intelligence: A comprehensive overview, machine learning solutions and research directions. Mob. Netw. Appl. 2023, 28, 296–312. [Google Scholar] [CrossRef]
- Mohanta, B.K.; Jena, D.; Satapathy, U.; Patnaik, S. Survey on IoT security: Challenges and solution using machine learning, artificial intelligence and blockchain technology. Internet Things 2020, 11, 100227. [Google Scholar] [CrossRef]
- Al-Garadi, M.A.; Mohamed, A.; Al-Ali, A.K.; Du, X.; Ali, I.; Guizani, M. A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun. Surv. Tutor. 2020, 22, 1646–1685. [Google Scholar] [CrossRef]
- Asharf, J.; Moustafa, N.; Khurshid, H.; Debie, E.; Haider, W.; Wahab, A. A review of intrusion detection systems using machine and deep learning in internet of things: Challenges, solutions and future directions. Electronics 2020, 9, 1177. [Google Scholar] [CrossRef]
- Bharadwaj, H.K.; Agarwal, A.; Chamola, V.; Lakkaniga, N.R.; Hassija, V.; Guizani, M.; Sikdar, B. A review on the role of machine learning in enabling IoT based healthcare applications. IEEE Access 2021, 9, 38859–38890. [Google Scholar] [CrossRef]
- Sharma, P.; Jain, S.; Gupta, S.; Chamola, V. Role of machine learning and deep learning in securing 5G-driven industrial IoT applications. Hoc Netw. 2021, 123, 102685. [Google Scholar] [CrossRef]
- Gopalan, S.S.; Raza, A.; Almobaideen, W. IoT security in healthcare using AI: A survey. In Proceedings of the 2020 International Conference on Communications, Signal Processing, and their Applications (ICCSPA), Sharjah, United Arab Emirates, 16–18 March 2021; pp. 1–6. [Google Scholar]
- Ali, E.S.; Hasan, M.K.; Hassan, R.; Saeed, R.A.; Hassan, M.B.; Islam, S.; Nafi, N.S.; Bevinakoppa, S. Machine learning technologies for secure vehicular communication in internet of vehicles: Recent advances and applications. Secur. Commun. Netw. 2021, 2021, 8868355. [Google Scholar] [CrossRef]
- Alalwany, E.; Mahgoub, I. Security and trust management in the internet of vehicles (IoV): Challenges and machine learning solutions. Sensors 2024, 24, 368. [Google Scholar] [CrossRef] [PubMed]
- Al-Turjman, F.; Zahmatkesh, H.; Shahroze, R. An overview of security and privacy in smart cities’ IoT communications. Trans. Emerg. Telecommun. Technol. 2022, 33, e3677. [Google Scholar] [CrossRef]
- Jayalaxmi, P.; Saha, R.; Kumar, G.; Conti, M.; Kim, T.H. Machine and deep learning solutions for intrusion detection and prevention in IoTs: A survey. IEEE Access 2022, 10, 121173–121192. [Google Scholar] [CrossRef]
- Ismagilova, E.; Hughes, L.; Rana, N.P.; Dwivedi, Y.K. Security, privacy and risks within smart cities: Literature review and development of a smart city interaction framework. Inf. Syst. Front. 2022, 24, 393–414. [Google Scholar] [CrossRef] [PubMed]
- Mazhar, T.; Talpur, D.B.; Shloul, T.A.; Ghadi, Y.Y.; Haq, I.; Ullah, I.; Ouahada, K.; Hamam, H. Analysis of IoT security challenges and its solutions using artificial intelligence. Brain Sci. 2023, 13, 683. [Google Scholar] [CrossRef]
- Kumar, M.; Kumar, A.; Verma, S.; Bhattacharya, P.; Ghimire, D.; Kim, S.h.; Hosen, A.S. Healthcare Internet of Things (H-IoT): Current trends, future prospects, applications, challenges, and security issues. Electronics 2023, 12, 2050. [Google Scholar] [CrossRef]
- Pandya, S.; Srivastava, G.; Jhaveri, R.; Babu, M.R.; Bhattacharya, S.; Maddikunta, P.K.R.; Mastorakis, S.; Piran, M.J.; Gadekallu, T.R. Federated learning for smart cities: A comprehensive survey. Sustain. Energy Technol. Assessments 2023, 55, 102987. [Google Scholar] [CrossRef]
- Xiao, L.; Wan, X.; Lu, X.; Zhang, Y.; Wu, D. IoT security techniques based on machine learning: How do IoT devices use AI to enhance security? IEEE Signal Process. Mag. 2018, 35, 41–49. [Google Scholar] [CrossRef]
- Hassan, R.; Qamar, F.; Hasan, M.K.; Aman, A.H.M.; Ahmed, A.S. Internet of Things and its applications: A comprehensive survey. Symmetry 2020, 12, 1674. [Google Scholar] [CrossRef]
- Gartner. What Is Internet of Things (IoT) and Why Can’t We Ignore It? 2024. Available online: https://www.gartner.com/en/information-technology/insights/internet-of-things (accessed on 2 November 2024).
- Vailshery, L.S. Internet of Things (IoT) Total Annual Revenue Worldwide from 2020 to 2033, 10 September 2024. Available online: https://www.statista.com/statistics/1194709/iot-revenue-worldwide/#statisticContainer (accessed on 2 November 2024).
- Authority, D. Unpacking IoT Architecture: Layers and Components Explained. 2024. Available online: https://deviceauthority.com/unpacking-iot-architecture-layers-and-com (accessed on 16 November 2024).
- Contreras-Castillo, J.; Zeadally, S.; Guerrero-Ibañez, J.A. Internet of vehicles: Architecture, protocols, and security. IEEE Internet Things J. 2017, 5, 3701–3709. [Google Scholar] [CrossRef]
- Li, C.; Wang, J.; Wang, S.; Zhang, Y. A review of IoT applications in healthcare. Neurocomputing 2024, 565, 127017. [Google Scholar] [CrossRef]
- Zhang, T.; Xue, C.; Wang, J.; Yun, Z.; Lin, N.; Han, S. A Survey on Industrial Internet of Things (IIoT) Testbeds for Connectivity Research. arXiv 2024, arXiv:2404.17485. [Google Scholar]
- Zanella, A.; Bui, N.; Castellani, A.; Vangelista, L.; Zorzi, M. Internet of things for smart cities. IEEE Internet Things J. 2014, 1, 22–32. [Google Scholar] [CrossRef]
- Selvaraj, S.; Sundaravaradhan, S. Challenges and opportunities in IoT healthcare systems: A systematic review. Appl. Sci. 2020, 2, 139. [Google Scholar] [CrossRef]
- Rauf, A.; Shaikh, R.A.; Shah, A. Trust Modelling and management for IoT healthcare. Int. J. Wirel. Microw. Technol. 2022, 12, 21–35. [Google Scholar] [CrossRef]
- Tan, S.F.; Samsudin, A. Recent technologies, security countermeasure and ongoing challenges of Industrial Internet of Things (IIoT): A survey. Sensors 2021, 21, 6647. [Google Scholar] [CrossRef]
- Miorandi, D.; Sicari, S.; De Pellegrini, F.; Chlamtac, I. Internet of things: Vision, applications and research challenges. Hoc Netw. 2012, 10, 1497–1516. [Google Scholar]
- Silva, B.N.; Khan, M.; Han, K. Towards sustainable smart cities: A review of trends, architectures, components, and open challenges in smart cities. Sustain. Cities Soc. 2018, 38, 697–713. [Google Scholar]
- Tyagi, H.; Kumar, R. Attack and anomaly detection in IoT networks using supervised machine learning approaches. Rev. D’Intelligence Artif. 2021, 35. [Google Scholar]
- Jia, W.; Shukla, R.M.; Sengupta, S. Anomaly detection using supervised learning and multiple statistical methods. In Proceedings of the 2019 18th IEEE International Conference on Machine Learning and Applications (ICMLA), Boca Raton, FL, USA, 16–19 December 2019; pp. 1291–1297. [Google Scholar]
- Aboelwafa, M.M.; Seddik, K.G.; Eldefrawy, M.H.; Gadallah, Y.; Gidlund, M. A machine-learning-based technique for false data injection attacks detection in industrial IoT. IEEE Internet Things J. 2020, 7, 8462–8471. [Google Scholar]
- Hooshmand, M.K.; Huchaiah, M.D.; Alzighaibi, A.R.; Hashim, H.; Atlam, E.S.; Gad, I. Robust network anomaly detection using ensemble learning approach and explainable artificial intelligence (XAI). Alex. Eng. J. 2024, 94, 120–130. [Google Scholar] [CrossRef]
- Noor, T.H.; Almars, A.M.; El-Sayed, A.; Noor, A. Deep learning model for predicting consumers’ interests of IoT recommendation system. Int. J. Adv. Comput. Sci. Appl. 2022, 13. [Google Scholar] [CrossRef]
- Soliman, S.; Oudah, W.; Aljuhani, A. Deep learning-based intrusion detection approach for securing industrial Internet of Things. Alex. Eng. J. 2023, 81, 371–383. [Google Scholar] [CrossRef]
- Alzighaibi, A.R.; Atlam, E.; Hashim, H.; Almaliki, M.; Maliki, Z. Internet of Things: World of lmagination Towards Fusion of Smart. Int. Inf. Inst. Inf. 2020, 23, 47–54. [Google Scholar]
- Lorenti, L.; Dalle Pezze, D.; Andreoli, J.; Masiero, C.; Gentner, N.; Yang, Y.; Susto, G.A. Predictive maintenance in the industry: A comparative study on deep learning-based remaining useful life estimation. In Proceedings of the 2023 IEEE 21st International Conference on Industrial Informatics (INDIN), Lemgo, Germany, 18–20 July 2023; pp. 1–9. [Google Scholar]
- Veeravalli, B.; Deepu, C.J.; Ngo, D. Real-time, personalized anomaly detection in streaming data for wearable healthcare devices. In Handbook of Large-Scale Distributed Computing in Smart Healthcare; Springer: New York, NY, USA, 2017; pp. 403–426. [Google Scholar]
- Alghuried, A. A Model for Anomalies Detection in Internet of Things (IoT) Using Inverse Weight Clustering and Decision Tree. Master’s Thesis, Technological University Dublin, Dublin, Ireland, February 2017. [Google Scholar]
- Anton, S.D.D.; Sinha, S.; Schotten, H.D. Anomaly-based intrusion detection in industrial data with SVM and random forests. In Proceedings of the 2019 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), Split, Croatia, 19–21 September 2019; pp. 1–6. [Google Scholar]
- Latif, S.; Zou, Z.; Idrees, Z.; Ahmad, J. A novel attack detection scheme for the industrial internet of things using a lightweight random neural network. IEEE Access 2020, 8, 89337–89350. [Google Scholar] [CrossRef]
- Yang, K.; Kpotufe, S.; Feamster, N. An efficient one-class SVM for anomaly detection in the internet of things. arXiv 2021, arXiv:2104.11146. [Google Scholar]
- Himeur, Y.; Alsalemi, A.; Bensaali, F.; Amira, A. Smart power consumption abnormality detection in buildings using micromoments and improved K-nearest neighbors. Int. J. Intell. Syst. 2021, 36, 2865–2894. [Google Scholar] [CrossRef]
- Gupta, P.; Tripathy, P. Unsupervised Learning for Real-Time Data Anomaly Detection: A Comprehensive Approach. Ssrg Int. J. Comput. Sci. Eng. 2024, 11, 1–11. [Google Scholar] [CrossRef]
- Chen, W.; Qiu, X.; Cai, T.; Dai, H.N.; Zheng, Z.; Zhang, Y. Deep reinforcement learning for Internet of Things: A comprehensive survey. IEEE Commun. Surv. Tutor. 2021, 23, 1659–1692. [Google Scholar] [CrossRef]
- Savaglio, C.; Pace, P.; Aloi, G.; Liotta, A.; Fortino, G. Lightweight reinforcement learning for energy efficient communications in wireless sensor networks. IEEE Access 2019, 7, 29355–29364. [Google Scholar] [CrossRef]
- Zhao, R.; Wang, X.; Xia, J.; Fan, L. Deep reinforcement learning based mobile edge computing for intelligent Internet of Things. Phys. Commun. 2020, 43, 101184. [Google Scholar] [CrossRef]
- Kumari, A.; Tanwar, S. A reinforcement-learning-based secure demand response scheme for smart grid system. IEEE Internet Things J. 2021, 9, 2180–2191. [Google Scholar] [CrossRef]
- Joo, H.; Ahmed, S.H.; Lim, Y. Traffic signal control for smart cities using reinforcement learning. Comput. Commun. 2020, 154, 324–330. [Google Scholar] [CrossRef]
- Lei, L.; Tan, Y.; Zheng, K.; Liu, S.; Zhang, K.; Shen, X. Deep reinforcement learning for autonomous internet of things: Model, applications and challenges. IEEE Commun. Surv. Tutor. 2020, 22, 1722–1760. [Google Scholar] [CrossRef]
- Spano, S.; Cardarilli, G.C.; Di Nunzio, L.; Fazzolari, R.; Giardino, D.; Matta, M.; Nannarelli, A.; Re, M. An efficient hardware implementation of reinforcement learning: The q-learning algorithm. IEEE Access 2019, 7, 186340–186351. [Google Scholar] [CrossRef]
- Talaat, F.M. Effective deep Q-networks (EDQN) strategy for resource allocation based on optimized reinforcement learning algorithm. Multimed. Tools Appl. 2022, 81, 39945–39961. [Google Scholar] [CrossRef]
- Chen, T.; Zhang, K.; Giannakis, G.B.; Başar, T. Communication-efficient policy gradient methods for distributed reinforcement learning. IEEE Trans. Control Netw. Syst. 2021, 9, 917–929. [Google Scholar] [CrossRef]
- Wei, Y.; Yu, F.R.; Song, M.; Han, Z. Joint optimization of caching, computing, and radio resources for fog-enabled IoT using natural actor–critic deep reinforcement learning. IEEE Internet Things J. 2018, 6, 2061–2073. [Google Scholar] [CrossRef]
- Bharati, S.; Podder, P. Machine and deep learning for iot security and privacy: Applications, challenges, and future directions. Secur. Commun. Netw. 2022, 2022, 8951961. [Google Scholar] [CrossRef]
- Sharma, B.; Sharma, L.; Lal, C. Anomaly detection techniques using deep learning in IoT: A survey. In Proceedings of the 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE), Dubai, United Arab Emirates, 11–12 December 2019; pp. 146–149. [Google Scholar]
- Susilo, B.; Sari, R.F. Intrusion detection in IoT networks using deep learning algorithm. Information 2020, 11, 279. [Google Scholar] [CrossRef]
- Chaganti, R.; Ravi, V.; Pham, T.D. Deep learning based cross architecture internet of things malware detection and classification. Comput. Secur. 2022, 120, 102779. [Google Scholar] [CrossRef]
- Emanet, S.; Baydogmus, G.K.; Demir, O. An ensemble learning based IDS using Voting rule: VEL-IDS. PeerJ Comput. Sci. 2023, 9, e1553. [Google Scholar] [CrossRef] [PubMed]
- Magaia, N.; Fonseca, R.; Muhammad, K.; Segundo, A.H.F.N.; Neto, A.V.L.; De Albuquerque, V.H.C. Industrial internet-of-things security enhanced with deep learning approaches for smart cities. IEEE Internet Things J. 2020, 8, 6393–6405. [Google Scholar] [CrossRef]
- Lai, T.; Farid, F.; Bello, A.; Sabrina, F. Ensemble learning based anomaly detection for IoT cybersecurity via Bayesian hyperparameters sensitivity analysis. Cybersecurity 2024, 7, 44. [Google Scholar] [CrossRef]
- Ganie, S.M.; Pramanik, P.K.D.; Bashir Malik, M.; Mallik, S.; Qin, H. An ensemble learning approach for diabetes prediction using boosting techniques. Front. Genet. 2023, 14, 1252159. [Google Scholar] [CrossRef]
- Ismail, W.N.; Alsalamah, H.A.; Mohamed, E. GA-Stacking: A New Stacking-Based Ensemble Learning Method to Forecast the COVID-19 Outbreak. Comput. Mater. Contin. 2023, 74. [Google Scholar] [CrossRef]
- Malki, A.; Atlam, E.S.; Hassanien, A.E.; Ewis, A.; Dagnew, G.; Gad, I. SARIMA model-based forecasting required number of COVID-19 vaccines globally and empirical analysis of peoples’ view towards the vaccines. Alex. Eng. J. 2022, 61, 12091–12110. [Google Scholar] [CrossRef]
- Almars, A.M.; Gad, I.; Atlam, E.S. Applications of AI and IoT in COVID-19 vaccine and its impact on social life. In Medical Informatics and Bioimaging Using Artificial Intelligence: Challenges, Issues, Innovations and Recent Developments; Springer International Publishing: Cham, Switzerland, 2022; pp. 115–127. [Google Scholar]
- Mothukuri, V.; Khare, P.; Parizi, R.M.; Pouriyeh, S.; Dehghantanha, A.; Srivastava, G. Federated-learning-based anomaly detection for IoT security attacks. IEEE Internet Things J. 2021, 9, 2545–2554. [Google Scholar] [CrossRef]
- Priya, V.; Thaseen, I.S.; Gadekallu, T.R.; Aboudaif, M.K.; Nasr, E.A. Robust attack detection approach for IIoT using ensemble classifier. arXiv 2021, arXiv:2102.01515. [Google Scholar]
- Hegedus, I.; Danner, G.; Jelasity, M. Decentralized learning works: An empirical comparison of gossip learning and federated learning. J. Parallel Distrib. Comput. 2021, 148, 109–124. [Google Scholar] [CrossRef]
- Gosselin, R.; Vieu, L.; Loukil, F.; Benoit, A. Privacy and security in federated learning: A survey. Appl. Sci. 2022, 12, 9901. [Google Scholar] [CrossRef]
- Lin, F.P.C.; Hosseinalipour, S.; Azam, S.S.; Brinton, C.G.; Michelusi, N. Semi-decentralized federated learning with cooperative D2D local model aggregations. IEEE J. Sel. Areas Commun. 2021, 39, 3851–3869. [Google Scholar] [CrossRef]
- Nguyen, D.C.; Ding, M.; Pathirana, P.N.; Seneviratne, A.; Li, J.; Poor, H.V. Federated learning for internet of things: A comprehensive survey. IEEE Commun. Surv. Tutor. 2021, 23, 1622–1658. [Google Scholar] [CrossRef]
- Alrayes, F.S.; Asiri, M.M.; Maashi, M.; Salama, A.S.; Hamza, M.A.; Ibrahim, S.S.; Zamani, A.S.; Alsaid, M.I. Intrusion detection using chaotic poor and rich optimization with deep learning model for smart city environment. Sustainability 2023, 15, 6902. [Google Scholar] [CrossRef]
- Yılmaz, S.; Aydogan, E.; Sen, S. A transfer learning approach for securing resource-constrained IoT devices. IEEE Trans. Inf. Forensics Secur. 2021, 16, 4405–4418. [Google Scholar] [CrossRef]
- Alauthman, M.; Aldweesh, A.; Al-Qerem, A. IoT Security Challenges in Modern Smart Cities. In Proceedings of the 2024 2nd International Conference on Cyber Resilience (ICCR), Dubai, United Arab Emirates, 26–28 February 2024; pp. 1–6. [Google Scholar]
- HaddadPajouh, H.; Dehghantanha, A.; Parizi, R.M.; Aledhari, M.; Karimipour, H. A survey on internet of things security: Requirements, challenges, and solutions. Internet Things 2021, 14, 100129. [Google Scholar] [CrossRef]
- Oh, S.R.; Kim, Y.G. Security requirements analysis for the IoT. In Proceedings of the 2017 International Conference on Platform Technology and Service (PlatCon), Busan, Republic of Korea, 13–15 February 2017; pp. 1–6. [Google Scholar]
- Pal, S.; Hitchens, M.; Rabehaja, T.; Mukhopadhyay, S. Security requirements for the internet of things: A systematic approach. Sensors 2020, 20, 5897. [Google Scholar] [CrossRef]
- Jaiswal, S.; Gupta, D. Security requirements for internet of things (IoT). In Proceedings of the International Conference on Communication and Networks: ComNet 2016; Springer: Berlin/Heidelberg, Germany, 2017; pp. 419–427. [Google Scholar]
- Altulyan, M.; Yao, L.; Kanhere, S.S.; Wang, X.; Huang, C. A unified framework for data integrity protection in people-centric smart cities. Multimed. Tools Appl. 2020, 79, 4989–5002. [Google Scholar] [CrossRef]
- Alazeb, A.; Panda, B. Maintaining data integrity in fog computing based critical infrastructure systems. In Proceedings of the 2019 International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, NV, USA, 5–7 December 2019; pp. 40–47. [Google Scholar]
- Beltran, V.; Martinez, J.A.; Skarmeta, A.F. User-centric access control for efficient security in smart cities. In Proceedings of the 2017 Global Internet of Things Summit (GIoTS), Geneva, Switzerland, 6–9 June 2017; pp. 1–6. [Google Scholar]
- Akhuseyinoglu, N.B.; Joshi, J.; Al-Tudjman, F.; Imran, M. Access control approaches for smart cities. In IoT Technologies in Smart-Cities: From Sensors to Big Data, Security and Trust; Institution of Engineering and Technology: Stevenage, UK, 2020; pp. 1–40. [Google Scholar]
- Zhang, Y.; Yutaka, M.; Sasabe, M.; Kasahara, S. Attribute-based access control for smart cities: A smart-contract-driven framework. IEEE Internet Things J. 2020, 8, 6372–6384. [Google Scholar] [CrossRef]
- Gheisari, M.; Najafabadi, H.E.; Alzubi, J.A.; Gao, J.; Wang, G.; Abbasi, A.A.; Castiglione, A. OBPP: An ontology-based framework for privacy-preserving in IoT-based smart city. Future Gener. Comput. Syst. 2021, 123, 1–13. [Google Scholar] [CrossRef]
- Khan, M.A. A formal method for privacy-preservation in cognitive smart cities. Expert Syst. 2022, 39, e12855. [Google Scholar] [CrossRef]
- Aldeen, Y.A.A.S.; Salleh, M. Techniques for privacy preserving data publication in the cloud for smart city applications. In Smart Cities Cybersecurity and Privacy; Elsevier: Amsterdam, The Netherlands, 2019; pp. 129–145. [Google Scholar]
- Shen, M.; Tang, X.; Zhu, L.; Du, X.; Guizani, M. Privacy-preserving support vector machine training over blockchain-based encrypted IoT data in smart cities. IEEE Internet Things J. 2019, 6, 7702–7712. [Google Scholar] [CrossRef]
- Sterbenz, J.P. Smart city and IoT resilience, survivability, and disruption tolerance: Challenges, modelling, and a survey of research opportunities. In Proceedings of the 2017 9th International Workshop on Resilient Networks Design and Modeling (RNDM), Alghero, Italy, 4–6 September 2017; pp. 1–6. [Google Scholar]
- Nova, K. Security and resilience in sustainable smart cities through cyber threat intelligence. Int. J. Inf. Cybersecur. 2022, 6, 21–42. [Google Scholar]
- Health & Human Services, U.D. Health Insurance Portability and Accountability Act of 1996 (HIPAA). 1996. Available online: https://www.hhs.gov/hipaa/ (accessed on 10 November 2024).
- Union, E. General Data Protection Regulation (GDPR)—Regulation (EU) 2016/679. 2016. Available online: https://eur-lex.europa.eu/eli/reg/2016/679/oj (accessed on 10 November 2024).
- Salunkhe, V.; Tangudu, A.; Mokkapati, C.; Goel, D.P.; Aggarwal, A. Advanced Encryption Techniques in Healthcare IoT: Securing Patient Data in Connected Medical Devices. Mod. Dyn. Math. Progress. 2024, 1, 224–247. [Google Scholar]
- Yadav, K.; Alharbi, A.; Jain, A.; Ramadan, R.A. An IoT based secure patient health monitoring system. Comput. Mater. Contin. 2022, 70, 3637–3652. [Google Scholar] [CrossRef]
- Sodhro, A.H.; Awad, A.I.; van de Beek, J.; Nikolakopoulos, G. Intelligent authentication of 5G healthcare devices: A survey. Internet Things 2022, 20, 100610. [Google Scholar] [CrossRef]
- Joshitta, R.S.M.; Arockiam, L. Device authentication mechanism for IoT enabled healthcare system. In Proceedings of the 2017 International Conference on Algorithms, Methodology, Models and Applications in Emerging Technologies (ICAMMAET), Chennai, India, 16–18 February 2017; pp. 1–6. [Google Scholar]
- Suleski, T.; Ahmed, M.; Yang, W.; Wang, E. A review of multi-factor authentication in the Internet of Healthcare Things. Digit. Health 2023, 9, 20552076231177144. [Google Scholar] [CrossRef]
- Leal, F.; Chis, A.E.; Caton, S.; González-Vélez, H.; García-Gómez, J.M.; Durá, M.; Sánchez-García, A.; Sáez, C.; Karageorgos, A.; Gerogiannis, V.C.; et al. Smart pharmaceutical manufacturing: Ensuring end-to-end traceability and data integrity in medicine production. Big Data Res. 2021, 24, 100172. [Google Scholar] [CrossRef]
- Alam, S.; Bhatia, S.; Shuaib, M.; Khubrani, M.M.; Alfayez, F.; Malibari, A.A.; Ahmad, S. An overview of blockchain and IoT integration for secure and reliable health records monitoring. Sustainability 2023, 15, 5660. [Google Scholar] [CrossRef]
- Intertek. Automotive Cybersecurity: Addressing Threats to Connected Vehicles; Intertek: London, UK, 2023. [Google Scholar]
- Kornaros, G.; Tomoutzoglou, O.; Mbakoyiannis, D.; Karadimitriou, N.; Coppola, M.; Montanari, E.; Deligiannis, I.; Gherardi, G. Towards holistic secure networking in connected vehicles through securing CAN-bus communication and firmware-over-the-air updating. J. Syst. Archit. 2020, 109, 101761. [Google Scholar] [CrossRef]
- Halder, S.; Ghosal, A.; Conti, M. Secure over-the-air software updates in connected vehicles: A survey. Comput. Netw. 2020, 178, 107343. [Google Scholar] [CrossRef]
- Pham, M.; Xiong, K. A survey on security attacks and defense techniques for connected and autonomous vehicles. Comput. Secur. 2021, 109, 102269. [Google Scholar] [CrossRef]
- Ju, Z.; Zhang, H.; Li, X.; Chen, X.; Han, J.; Yang, M. A survey on attack detection and resilience for connected and automated vehicles: From vehicle dynamics and control perspective. IEEE Trans. Intell. Veh. 2022, 7, 815–837. [Google Scholar] [CrossRef]
- Reuters. Cyberattacks on U.S. Utilities Surged 70% This Year, Says Check Point. 2024. Available online: https://www.reuters.com/technology/cybersecurity/cyberattacks-us-utilities-surged-70-this-year-says-check-point-2024-09-11/?utm_source=chatgpt.com (accessed on 10 November 2024).
- Alotaibi, B. A survey on industrial Internet of Things security: Requirements, attacks, AI-based solutions, and edge computing opportunities. Sensors 2023, 23, 7470. [Google Scholar] [CrossRef]
- Salonikias, S.; Gouglidis, A.; Mavridis, I.; Gritzalis, D. Access control in the industrial internet of things. In Security and Privacy Trends in the Industrial Internet of Things; Springer: Berlin/Heidelberg, Germany, 2018; pp. 95–114. [Google Scholar] [CrossRef]
- Ren, Y.; Zhu, F.; Qi, J.; Wang, J.; Sangaiah, A.K. Identity management and access control based on blockchain under edge computing for the industrial internet of things. Appl. Sci. 2019, 9, 2058. [Google Scholar] [CrossRef]
- Bader, J.; Michala, A.L. Searchable encryption with access control in industrial internet of things (IIoT). Wirel. Commun. Mob. Comput. 2021, 2021, 5555362. [Google Scholar] [CrossRef]
- Kolluru, K.K.; Paniagua, C.; van Deventer, J.; Eliasson, J.; Delsing, J.; DeLong, R.J. An AAA solution for securing industrial IoT devices using next generation access control. In Proceedings of the 2018 IEEE Industrial Cyber-Physical Systems (ICPS), Saint Petersburg, Russia, 15–18 May 2018; pp. 737–742. [Google Scholar]
- Cook, A.; Maglaras, L.; Smith, R.; Janicke, H. Managing incident response in the industrial internet of things. Int. J. Internet Technol. Secur. Trans. 2018, 8, 251–276. [Google Scholar] [CrossRef]
- Damaševičius, R.; Bacanin, N.; Misra, S. From sensors to safety: Internet of Emergency Services (IoES) for emergency response and disaster management. J. Sens. Actuator Netw. 2023, 12, 41. [Google Scholar] [CrossRef]
- Cloudflare. Mirai Botnet—DDoS Glossary. 2024. Available online: https://www.cloudflare.com/learning/ddos/glossary/mirai-botnet/ (accessed on 31 October 2024).
- Lakshmanan, R. New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining. 2024. Available online: https://thehackernews.com/2024/08/new-gafgyt-botnet-variant-targets-weak.html (accessed on 20 November 2024).
- Siniosoglou, I.; Sarigiannidis, P.; Argyriou, V.; Lagkas, T.; Goudos, S.K.; Poveda, M. Federated intrusion detection in NG-IoT healthcare systems: An adversarial approach. In Proceedings of the ICC 2021-IEEE International Conference on Communications, Montreal, Canada, 14–23 June 2021; pp. 1–6. [Google Scholar]
- Ullah, S.; Khan, M.A.; Ahmad, J.; Jamal, S.S.; e Huma, Z.; Hassan, M.T.; Pitropakis, N.; Arshad; Buchanan, W.J. HDL-IDS: A hybrid deep learning architecture for intrusion detection in the Internet of Vehicles. Sensors 2022, 22, 1340. [Google Scholar] [CrossRef]
- Oliveira, G.A.D.S.; Lima, P.S.S.; Kon, F.; Terada, R.; Batista, D.M.; Hirata, R.; Hamdan, M. A stacked ensemble classifier for an intrusion detection system in the edge of IoT and IIoT Networks. In Proceedings of the 2022 IEEE Latin-American Conference on Communications (LATINCOM), Santo Domingo, Dominican Republic, 17–19 November 2021; pp. 1–6. [Google Scholar]
- Zainudin, A.; Ahakonye, L.A.C.; Akter, R.; Kim, D.S.; Lee, J.M. An efficient hybrid-dnn for ddos detection and classification in software-defined iiot networks. IEEE Internet Things J. 2022, 10, 8491–8504. [Google Scholar] [CrossRef]
- Manaa, M.E.; Hussain, S.M.; Alasadi, S.A.; Al-Khamees, H.A. DDoS attacks detection based on machine learning algorithms in IoT environments. Intel. Artif. 2024, 27, 152–165. [Google Scholar] [CrossRef]
- Zhang, Y.; Chatterjee, P.; Mukherjee, A. Trust, Privacy and Security for Smart Cities. Sustainability 2023, 15, 5523. [Google Scholar] [CrossRef]
- Unal, D.; Bennbaia, S.; Catak, F.O. Machine learning for the security of healthcare systems based on Internet of Things and edge computing. In Cybersecurity and Cognitive Science; Elsevier: Amsterdam, The Netherlands, 2022; pp. 299–320. [Google Scholar]
- Xu, X.; Liu, W.; Zhang, Y.; Zhang, X.; Dou, W.; Qi, L.; Bhuiyan, M.Z.A. Psdf: Privacy-aware iov service deployment with federated learning in cloud-edge computing. Acm Trans. Intell. Syst. Technol. 2022, 13, 1–22. [Google Scholar] [CrossRef]
- Wang, X.; Garg, S.; Lin, H.; Hu, J.; Kaddoum, G.; Piran, M.J.; Hossain, M.S. Toward accurate anomaly detection in industrial internet of things using hierarchical federated learning. IEEE Internet Things J. 2021, 9, 7110–7119. [Google Scholar] [CrossRef]
- Makkar, A.; Kim, T.W.; Singh, A.K.; Kang, J.; Park, J.H. Secureiiot environment: Federated learning empowered approach for securing iiot from data breach. IEEE Trans. Ind. Inform. 2022, 18, 6406–6414. [Google Scholar] [CrossRef]
- Ferrag, M.A.; Friha, O.; Hamouda, D.; Maglaras, L.; Janicke, H. Edge-IIoTset: A new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. IEEE Access 2022, 10, 40281–40306. [Google Scholar] [CrossRef]
- Zhang, J.; Luo, C.; Carpenter, M.; Min, G. Federated learning for distributed IIoT intrusion detection using transfer approaches. IEEE Trans. Ind. Inform. 2022, 19, 8159–8169. [Google Scholar] [CrossRef]
- Awad, O.F.; Hazim, L.R.; Jasim, A.A.; Ata, O. Enhancing IIoT security with machine learning and deep learning for intrusion detection. Malays. J. Comput. Sci. 2024, 37, 139–153. [Google Scholar]
- Ren, Y.; Huang, D.; Wang, W.; Yu, X. BSMD: A blockchain-based secure storage mechanism for big spatio-temporal data. Future Gener. Comput. Syst. 2023, 138, 328–338. [Google Scholar] [CrossRef]
- Annadurai, C.; Nelson, I.; Devi, K.N.; Manikandan, R.; Jhanjhi, N.; Masud, M.; Sheikh, A. Biometric authentication-based intrusion detection using artificial intelligence internet of things in smart city. Energies 2022, 15, 7430. [Google Scholar] [CrossRef]
- Yang, L.; Shami, A. A transfer learning and optimized CNN based intrusion detection system for Internet of Vehicles. In Proceedings of the ICC 2022-IEEE International Conference on Communications, Seoul, Republic of Korea, 16–20 May 2022; pp. 2774–2779. [Google Scholar]
- Hasan, T.; Malik, J.; Bibi, I.; Khan, W.U.; Al-Wesabi, F.N.; Dev, K.; Huang, G. Securing industrial internet of things against botnet attacks using hybrid deep learning approach. IEEE Trans. Netw. Sci. Eng. 2022, 10, 2952–2963. [Google Scholar] [CrossRef]
- Tanveer, M.; Abd El-Latif, A.A.; Ahmad, M.; Ateya, A.A. LEAF-IIoT: Lightweight and efficient authentication framework for the industrial internet of things. IEEE Access 2024, 12, 31771–31787. [Google Scholar] [CrossRef]
- Hassan, M.M.; Huda, S.; Sharmeen, S.; Abawajy, J.; Fortino, G. An adaptive trust boundary protection for IIoT networks using deep-learning feature-extraction-based semisupervised model. IEEE Trans. Ind. Inform. 2020, 17, 2860–2870. [Google Scholar] [CrossRef]
- Abaoud, M.; Almuqrin, M.A.; Khan, M.F. Advancing federated learning through novel mechanism for privacy preservation in healthcare applications. IEEE Access 2023, 11, 83562–83579. [Google Scholar] [CrossRef]
- Xu, M.; Hoang, D.T.; Kang, J.; Niyato, D.; Yan, Q.; Kim, D.I. Secure and reliable transfer learning framework for 6G-enabled Internet of Vehicles. IEEE Wirel. Commun. 2022, 29, 132–139. [Google Scholar] [CrossRef]
- Taheri, R.; Shojafar, M.; Alazab, M.; Tafazolli, R. FED-IIoT: A robust federated malware detection architecture in industrial IoT. IEEE Trans. Ind. Inform. 2020, 17, 8442–8452. [Google Scholar] [CrossRef]
- Hosen, A.S.; Singh, S.; Sharma, P.K.; Ghosh, U.; Wang, J.; Ra, I.H.; Cho, G.H. Blockchain-based transaction validation protocol for a secure distributed IoT network. IEEE Access 2020, 8, 117266–117277. [Google Scholar] [CrossRef]
- Zakariyya, I.; Kalutarage, H.; Al-Kadri, M.O. Towards a robust, effective and resource efficient machine learning technique for IoT security monitoring. Comput. Secur. 2023, 133, 103388. [Google Scholar] [CrossRef]
- Nadu, T. An Intrusion Detection System Using a Machine Learning Approach in IOT-based Smart Cities. J. Internet Serv. Inf. Secur. 2023, 13, 11–21. [Google Scholar]
- Khan, F.; Jan, M.A.; Alturki, R.; Alshehri, M.D.; Shah, S.T.; ur Rehman, A. A secure ensemble learning-based fog-cloud approach for cyberattack detection in IoMT. IEEE Trans. Ind. Inform. 2023, 19, 10125–10132. [Google Scholar] [CrossRef]
- Sharma, P.; Liu, H. A machine-learning-based data-centric misbehavior detection model for internet of vehicles. IEEE Internet Things J. 2020, 8, 4991–4999. [Google Scholar] [CrossRef]
- Pokhrel, S.; Abbas, R.; Aryal, B. IoT security: Botnet detection in IoT using machine learning. arXiv 2021, arXiv:2104.02231. [Google Scholar]
- Santos, L.; Rabadao, C.; Gonçalves, R. Intrusion detection systems in Internet of Things: A literature review. In Proceedings of the 2018 13th Iberian Conference on Information Systems and Technologies (CISTI), Caceres, Spain, 13–16 June 2018; pp. 1–7. [Google Scholar]
- Vaigandla, K.; Azmi, N.; Karne, R. Investigation on intrusion detection systems (IDSs) in IoT. Int. J. Emerg. Trends Eng. Res. 2022, 10, 158–166. [Google Scholar]
- Ghorbani, A.A.; Lu, W.; Tavallaee, M. Network Intrusion Detection and Prevention: Concepts and Techniques; Springer: Berlin/Heidelberg, Germany, 2009; Volume 47. [Google Scholar]
- Anwar, S.; Mohamad Zain, J.; Zolkipli, M.F.; Inayat, Z.; Khan, S.; Anthony, B.; Chang, V. From intrusion detection to an intrusion response system: Fundamentals, requirements, and future directions. Algorithms 2017, 10, 39. [Google Scholar] [CrossRef]
- Eskandari, M.; Janjua, Z.H.; Vecchio, M.; Antonelli, F. Passban IDS: An intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet Things J. 2020, 7, 6882–6897. [Google Scholar] [CrossRef]
- Bovenzi, G.; Aceto, G.; Ciuonzo, D.; Persico, V.; Pescapé, A. A hierarchical hybrid intrusion detection approach in IoT scenarios. In Proceedings of the GLOBECOM 2020-2020 IEEE Global Communications Conference, Taipei, Taiwan, 7–11 December 2020; pp. 1–7. [Google Scholar]
- Saba, T.; Rehman, A.; Sadad, T.; Kolivand, H.; Bahaj, S.A. Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput. Electr. Eng. 2022, 99, 107810. [Google Scholar] [CrossRef]
- Thamilarasu, G.; Chawla, S. Towards deep-learning-driven intrusion detection for the internet of things. Sensors 2019, 19, 1977. [Google Scholar] [CrossRef]
- Shurman, M.M.; Khrais, R.M.; Yateem, A.A. IoT denial-of-service attack detection and prevention using hybrid IDS. In Proceedings of the 2019 International Arab Conference on Information Technology (ACIT), Al Ain, United Arab Emirates, 3–5 December 2019; pp. 252–254. [Google Scholar]
- Al-Janabi, S.T.F.; Saeed, H.A. A neural network based anomaly intrusion detection system. In Proceedings of the 2011 Developments in E-systems Engineering, Dubai, United Arab Emirates, 6–8 December 2011; pp. 221–226. [Google Scholar]
- Bhavsar, M.; Roy, K.; Kelly, J.; Olusola, O. Anomaly-based intrusion detection system for IoT application. Discov. Internet Things 2023, 3, 5. [Google Scholar] [CrossRef]
- Bacha, S.; Aljuhani, A.; Abdellafou, K.B.; Taouali, O.; Liouane, N.; Alazab, M. Anomaly-based intrusion detection system in IoT using kernel extreme learning machine. J. Ambient. Intell. Humaniz. Comput. 2024, 15, 231–242. [Google Scholar] [CrossRef]
- Sheikh, N.U.; Rahman, H.; Vikram, S.; AlQahtani, H. A lightweight signature-based IDS for IoT environment. arXiv 2018, arXiv:1811.04582. [Google Scholar]
- Ioulianou, P.; Vasilakis, V.; Moscholios, I.; Logothetis, M. A signature-based intrusion detection system for the internet of things. Inf. Commun. Technol. Form 2018, in press. [Google Scholar]
- Farooq, M.; Khan, M.H. Signature-Based Intrusion Detection System in Wireless 6G IoT Networks. J. Internet Things 2022, 4. [Google Scholar] [CrossRef]
- Otoum, Y.; Nayak, A. As-ids: Anomaly and signature based ids for the internet of things. J. Netw. Syst. Manag. 2021, 29, 23. [Google Scholar] [CrossRef]
- Kwon, H.Y.; Kim, T.; Lee, M.K. Advanced intrusion detection combining signature-based and behavior-based detection methods. Electronics 2022, 11, 867. [Google Scholar] [CrossRef]
- Thankappan, M.; Rifà-Pous, H.; Garrigues, C. A signature-based wireless intrusion detection system framework for multi-channel man-in-the-middle attacks against protected Wi-Fi networks. IEEE Access 2024, 12, 23096–23121. [Google Scholar] [CrossRef]
- Thankappan, M.; Rifà-Pous, H.; Garrigues, C. A distributed and cooperative signature-based intrusion detection system framework for multi-channel man-in-the-middle attacks against protected Wi-Fi networks. Int. J. Inf. Secur. 2024, 23, 3527–3546. [Google Scholar] [CrossRef]
- Bagui, S.; Wang, X.; Bagui, S. Machine learning based intrusion detection for IoT botnet. Int. J. Mach. Learn. Comput. 2021, 11, 399–406. [Google Scholar] [CrossRef]
- Altulaihan, E.; Almaiah, M.A.; Aljughaiman, A. Anomaly Detection IDS for Detecting DoS Attacks in IoT Networks Based on Machine Learning Algorithms. Sensors 2024, 24, 713. [Google Scholar] [CrossRef]
- Verma, A.; Ranga, V. Machine learning based intrusion detection systems for IoT applications. Wirel. Pers. Commun. 2020, 111, 2287–2310. [Google Scholar] [CrossRef]
- Maseer, Z.K.; Yusof, R.; Bahaman, N.; Mostafa, S.A.; Foozy, C.F.M. Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access 2021, 9, 22351–22370. [Google Scholar] [CrossRef]
- Lee, S.; Abdullah, A.; Jhanjhi, N.; Kok, S. Classification of botnet attacks in IoT smart factory using honeypot combined with machine learning. PeerJ Comput. Sci. 2021, 7, e350. [Google Scholar] [CrossRef]
- Jullian, O.; Otero, B.; Rodriguez, E.; Gutierrez, N.; Antona, H.; Canal, R. Deep-learning based detection for cyber-attacks in IoT networks: A distributed attack detection framework. J. Netw. Syst. Manag. 2023, 31, 33. [Google Scholar] [CrossRef]
- Kandhro, I.A.; Alanazi, S.M.; Ali, F.; Kehar, A.; Fatima, K.; Uddin, M.; Karuppayah, S. Detection of real-time malicious intrusions and attacks in IoT empowered cybersecurity infrastructures. IEEE Access 2023, 11, 9136–9148. [Google Scholar] [CrossRef]
- Rahman, M.M.; Al Shakil, S.; Mustakim, M.R. A survey on intrusion detection system in IoT networks. Cyber Secur. Appl. 2025, 3, 100082. [Google Scholar] [CrossRef]
- Jeong, Y.S.; Park, J.H. Security, privacy, and efficiency of sustainable computing for future smart cities. J. Inf. Process. Syst. 2020, 16, 1–5. [Google Scholar]
- Sicato, J.C.S.; Singh, S.K.; Rathore, S.; Park, J.H. A comprehensive analyses of intrusion detection system for IoT environment. J. Inf. Process. Syst. 2020, 16, 975–990. [Google Scholar]
- Diana, L.; Dini, P.; Paolini, D. Overview on Intrusion Detection Systems for Computers Networking Security. Computers 2025, 14, 87. [Google Scholar] [CrossRef]
- Rashid, M.M.; Kamruzzaman, J.; Hassan, M.M.; Imam, T.; Gordon, S. Cyberattacks detection in iot-based smart city applications using machine learning techniques. Int. J. Environ. Res. Public Health 2020, 17, 9347. [Google Scholar] [CrossRef]
- El Majdoubi, D.; El Bakkali, H. Towards a Holistic Privacy Preserving Approach in a Smart City Environment. In Innovations in Smart Cities Applications Edition 3: The Proceedings of the 4th International Conference on Smart City Applications; Springer: Berlin/Heidelberg, Germany, 2020; pp. 947–960. [Google Scholar]
- Qolomany, B.; Mohammed, I.; Al-Fuqaha, A.; Guizani, M.; Qadir, J. Trust-based cloud machine learning model selection for industrial IoT and smart city services. IEEE Internet Things J. 2020, 8, 2943–2958. [Google Scholar] [CrossRef]
- Kabir, M.H.; Hasan, K.F.; Hasan, M.K.; Ansari, K. Explainable artificial intelligence for smart city application: A secure and trusted platform. In Explainable Artificial Intelligence for Cyber Security: Next Generation Artificial Intelligence; Springer: Berlin/Heidelberg, Germany, 2022; pp. 241–263. [Google Scholar]
- Abdalzaher, M.S.; Salim, M.M.; Elsayed, H.A.; Fouda, M.M. Machine learning benchmarking for secured iot smart systems. In Proceedings of the 2022 IEEE International Conference on Internet of Things and Intelligence Systems (IoTaIS), Bali, Indonesia, 24–26 November 2022; pp. 50–56. [Google Scholar]
- Abbasi, R.; Bashir, A.K.; Mateen, A.; Amin, F.; Ge, Y.; Omar, M. Efficient security and privacy of lossless secure communication for sensor-based urban cities. IEEE Sens. J. 2023, 24, 5549–5560. [Google Scholar] [CrossRef]
- Utomo, S.; Rouniyar, A.; Hsu, H.C.; Hsiung, P.A. Federated Adversarial Training Strategies for Achieving Privacy and Security in Sustainable Smart City Applications. Future Internet 2023, 15, 371. [Google Scholar] [CrossRef]
- Li, J.; Meng, Y.; Ma, L.; Du, S.; Zhu, H.; Pei, Q.; Shen, X. A federated learning based privacy-preserving smart healthcare system. IEEE Trans. Ind. Inform. 2021, 18, 2021–2031. [Google Scholar] [CrossRef]
- Iwendi, C.; Anajemba, J.H.; Biamba, C.; Ngabo, D. Security of things intrusion detection system for smart healthcare. Electronics 2021, 10, 1375. [Google Scholar] [CrossRef]
- Otoum, Y.; Wan, Y.; Nayak, A. Federated transfer learning-based ids for the internet of medical things (iomt). In Proceedings of the 2021 IEEE Globecom Workshops (GC Wkshps), Madrid, Spain, 7–11 December 2021; pp. 1–6. [Google Scholar]
- Hussain, F.; Abbas, S.G.; Shah, G.A.; Pires, I.M.; Fayyaz, U.U.; Shahzad, F.; Garcia, N.M.; Zdravevski, E. A framework for malicious traffic detection in IoT healthcare environment. Sensors 2021, 21, 3025. [Google Scholar] [CrossRef]
- Thilagam, K.; Beno, A.; Lakshmi, M.V.; Wilfred, C.B.; George, S.M.; Karthikeyan, M.; Peroumal, V.; Ramesh, C.; Karunakaran, P. Secure IoT Healthcare Architecture with Deep Learning-Based Access Control System. J. Nanomater. 2022, 2022, 2638613. [Google Scholar] [CrossRef]
- Rana, A.; Reddy, A.; Shrivastava, A.; Verma, D.; Ansari, M.S.; Singh, D. Secure and smart healthcare system using IoT and deep learning models. In Proceedings of the 2022 2nd International Conference on Technological Advancements in Computational Sciences (ICTACS), Tashkent, Uzbekistan, 10–12 October 2022; pp. 915–922. [Google Scholar]
- Chakraborty, C.; Nagarajan, S.M.; Devarajan, G.G.; Ramana, T.; Mohanty, R. Intelligent ai-based healthcare cyber security system using multi-source transfer learning method. Acm Trans. Sens. Netw. 2023. [Google Scholar] [CrossRef]
- Wazid, M.; Singh, J.; Das, A.K.; Rodrigues, J.J. An Ensemble-Based Machine Learning-Envisioned Intrusion Detection in Industry 5.0-Driven Healthcare Applications. IEEE Trans. Consum. Electron. 2023, 70, 1903–1912. [Google Scholar] [CrossRef]
- Savanović, N.; Toskovic, A.; Petrovic, A.; Zivkovic, M.; Damaševičius, R.; Jovanovic, L.; Bacanin, N.; Nikolic, B. Intrusion detection in healthcare 4.0 internet of things systems via metaheuristics optimized machine learning. Sustainability 2023, 15, 12563. [Google Scholar] [CrossRef]
- Alalhareth, M.; Hong, S.C. Enhancing the Internet of Medical Things (IoMT) Security with Meta-Learning: A Performance-Driven Approach for Ensemble Intrusion Detection Systems. Sensors 2024, 24, 3519. [Google Scholar] [CrossRef]
- Yang, L.; Moubayed, A.; Shami, A. MTH-IDS: A multitiered hybrid intrusion detection system for internet of vehicles. IEEE Internet Things J. 2021, 9, 616–632. [Google Scholar] [CrossRef]
- Kumar, R.; Kumar, P.; Tripathi, R.; Gupta, G.P.; Kumar, N. P2SF-IoV: A privacy-preservation-based secured framework for Internet of Vehicles. IEEE Trans. Intell. Transp. Syst. 2021, 23, 22571–22582. [Google Scholar] [CrossRef]
- Uprety, A.; Rawat, D.B.; Li, J. Privacy preserving misbehavior detection in IoV using federated machine learning. In Proceedings of the 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 9–12 January 2021; pp. 1–6. [Google Scholar]
- Hbaieb, A.; Ayed, S.; Chaari, L. Federated learning based IDS approach for the IoV. In Proceedings of the 17th International Conference on Availability, Reliability and Security, Vienna Austria, 23–26 August 2022; pp. 1–6. [Google Scholar]
- Otoum, Y.; Wan, Y.; Nayak, A. Transfer learning-driven intrusion detection for Internet of Vehicles (IoV). In Proceedings of the 2022 International Wireless Communications and Mobile Computing (IWCMC), Dubrovnik, Croatia, 30 May–3 June 2022; pp. 342–347. [Google Scholar]
- Rani, P.; Sharma, C.; Ramesh, J.V.N.; Verma, S.; Sharma, R.; Alkhayyat, A.; Kumar, S. Federated learning-based misbehaviour detection for the 5G-enabled internet of vehicles. IEEE Trans. Consum. Electron. 2023, 70, 4656–4664. [Google Scholar] [CrossRef]
- Gou, W.; Zhang, H.; Zhang, R. Multi-classification and tree-based ensemble network for the intrusion detection system in the internet of vehicles. Sensors 2023, 23, 8788. [Google Scholar] [CrossRef] [PubMed]
- Wang, Y.; Mahmood, A.; Sabri, M.F.M.; Zen, H.; Kho, L.C. MESMERIC: Machine Learning-Based Trust Management Mechanism for the Internet of Vehicles. Sensors 2024, 24, 863. [Google Scholar] [CrossRef]
- Hassan, M.M.; Hassan, M.R.; Huda, S.; De Albuquerque, V.H.C. A robust deep-learning-enabled trust-boundary protection for adversarial industrial IoT environment. IEEE Internet Things J. 2020, 8, 9611–9621. [Google Scholar] [CrossRef]
- Arachchige, P.C.M.; Bertok, P.; Khalil, I.; Liu, D.; Camtepe, S.; Atiquzzaman, M. A trustworthy privacy preserving framework for machine learning in industrial IoT systems. IEEE Trans. Ind. Inform. 2020, 16, 6092–6102. [Google Scholar] [CrossRef]
- Ruzafa-Alcázar, P.; Fernández-Saura, P.; Mármol-Campos, E.; González-Vidal, A.; Hernández-Ramos, J.L.; Bernal-Bernabe, J.; Skarmeta, A.F. Intrusion detection based on privacy-preserving federated learning for the industrial IoT. IEEE Trans. Ind. Inform. 2021, 19, 1145–1154. [Google Scholar] [CrossRef]
- ur Rehman, M.H.; Dirir, A.M.; Salah, K.; Damiani, E.; Svetinovic, D. TrustFed: A framework for fair and trustworthy cross-device federated learning in IIoT. IEEE Trans. Ind. Inform. 2021, 17, 8485–8494. [Google Scholar] [CrossRef]
- Le, T.T.H.; Oktian, Y.E.; Kim, H. XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability 2022, 14, 8707. [Google Scholar] [CrossRef]
- Otoum, Y.; Liu, D.; Nayak, A. DL-IDS: A deep learning–based intrusion detection framework for securing IoT. Trans. Emerg. Telecommun. Technol. 2022, 33, e3803. [Google Scholar] [CrossRef]
- Lin, H.; Garg, S.; Hu, J.; Wang, X.; Piran, M.J.; Hossain, M.S. Data fusion and transfer learning empowered granular trust evaluation for Internet of Things. Inf. Fusion 2022, 78, 149–157. [Google Scholar] [CrossRef]
Citation | Year | Security | Trust | Privacy | AI Approaches | IoT Applications | Comparison | |||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ML | DL | EL | TL | FL | Smart City | IoV | IIoT | Health- care | ||||||
[17] | 2020 | Yes | No | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes | Yes | Focused on ML/DL for IoT security across smart cities, IoV, IIoT, and healthcare but lacks trust mechanisms, TL, and FL. |
[18] | 2020 | Yes | No | Yes | Yes | Yes | No | No | No | No | Yes | No | No | Emphasizes ML/DL for IoT intrusion detection, lacks application to other IoT applications. |
[14] | 2020 | Yes | No | Yes | Yes | Yes | No | No | Yes | No | No | No | No | General IoT security with ML/DL, lacks application of EL, TL. |
[19] | 2021 | Yes | No | Yes | Yes | Yes | No | No | No | No | No | No | Yes | Focus on ML in healthcare IoT, lacks integration with broader IoT applications. |
[20] | 2021 | Yes | Yes | Yes | Yes | Yes | Yes | No | No | Yes | No | Yes | Yes | Focuses on ML/DL for IIoT security, with limited coverage of other IoT applications. |
[13] | 2021 | Yes | Yes | Yes | No | No | No | No | No | No | No | No | Yes | Focus on healthcare IoT security and standards, lacks ML techniques like EL, TL, FL. |
[21] | 2021 | Yes | No | Yes | Yes | Yes | No | No | No | No | No | No | Yes | Focus on AI/ML for healthcare IoT security, lacks exploration of broader IoT applications. |
[22] | 2021 | Yes | Yes | No | Yes | Yes | No | No | No | No | Yes | No | No | Focus on IoV, highlights ML/DL, lacks EL, TL, FL and other IoT applications. |
[23] | 2024 | Yes | Yes | Yes | Yes | Yes | No | No | No | No | Yes | No | No | Focus on IoV security and trust, limited ML techniques such as DL, TL and FL. |
[24] | 2022 | Yes | Yes | Yes | No | No | No | No | No | Yes | No | No | No | Focus on smart city security and privacy, but lacks exploration of ML techniques. |
[25] | 2022 | Yes | No | Yes | Yes | Yes | No | No | No | No | No | No | No | Focus on ML/DL for intrusion detection, general IoT security but lacks broader IoT security applications. |
[12] | 2020 | Yes | Yes | Yes | Yes | Yes | No | No | No | Yes | No | No | No | General IoT security with ML/DL, lacks detailed analysis of specific IoT applications. |
[26] | 2022 | Yes | Yes | Yes | No | No | No | No | No | Yes | No | No | No | Focus on smart cities, lacks advanced ML techniques and broader IoT applications. |
[7] | 2023 | Yes | Yes | Yes | Yes | Yes | No | No | No | Yes | No | No | No | Comprehensive review of smart city networks, lacks in-depth analysis of advanced ML techniques. |
[8] | 2023 | Yes | Yes | Yes | Yes | Yes | No | No | Yes | No | No | Yes | No | Focus on IoT security using FL and DL, limited to IoT applications, lacks broader ML techniques. |
[27] | 2023 | Yes | No | Yes | Yes | Yes | No | No | No | No | No | No | Yes | Focus on ML for IoT healthcare security, lacks exploration of other IoT applications. |
[28] | 2023 | Yes | No | Yes | Yes | Yes | No | No | No | No | No | No | Yes | Focus on H-IoT security, highlights ML/DL, lacks broader IoT applications. |
[29] | 2023 | Yes | Yes | Yes | Yes | Yes | No | No | Yes | Yes | No | No | No | Focus on FL for smart cities, lacks exploration of ML techniques across other IoT applications. |
Our survey | 2024 | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Comprehensive focus on security, trust, and privacy using all advanced ML techniques (ML, DL, EL, TL, FL) across smart cities, IoV, IIoT, and healthcare applications. |
Citation | Year | Techniques | Type of Threats | Dataset | Accuracy |
---|---|---|---|---|---|
[160] | 2020 | Anomaly detection | Different types of threats | NSL-KDD dataset | 98% |
[161] | 2020 | A hybrid of anomaly detection and DL | DDoS, DoS, Scan, and Theft | Bot-IoT dataset | Not mentioned |
[162] | 2022 | Anomaly detection and CNN | Abnormal traffic behavior | NID and BoT-IoT | 99.51% and 92.85% |
[163] | 2019 | A hybrid of anomaly detection and DL | Blackhole, Opportunistic Service, DDoS, Sinkhole, and Wormhole | 5 million network transactions | 97% |
[164] | 2019 | A hybrid of signature-based IDS and anomaly-based IDS | DoS | Ips datasets | Not mentioned |
[165] | 2021 | ANN | DoS, Probe, U2R, and R2L | KDD99 | Not mentioned |
[166] | 2023 | A hybrid of anomaly detection and PCC-CNN | Abnormal traffic behavior | NSL-KDD, CICIDS-2017 | Above 98% |
[167] | 2024 | Anomaly detection with KELM | Different types of threats | Not mentioned | 99.40% |
[168] | 2018 | Signature-based IDS | Abnormal traffic behavior | NSL-KDD | Not mentioned |
[169] | 2018 | Signature-based IDS | DoS | - | Not mentioned |
[170] | 2022 | Signature-based IDS | Malicious Intrusions | - | 98.9% |
[171] | 2021 | A hybrid of signature-based IDS and anomaly-based IDS | Different types of threats | NSL-KDD | Not mentioned |
[172] | 2022 | A hybrid of signature-based and behavior-based detection | Anomalous behaviors caused by malicious activity | SWaT dataset | Above 96.0% |
[173] | 2024 | A signature-based wireless intrusion detection system | Man-in-the-middle attacks | AWID3 dataset | True positive rate of 90% |
[174] | 2024 | A distributed and cooperative signature-based intrusion | Man-in-the-middle attacks | AWID3 dataset | 98% |
[175] | 2021 | LR, SVM, RF | Botnet | UCI’s machine learning repository | Above 99% |
[176] | 2024 | Anomaly detection and DT, RF, KNN, SVN | Denial of service attack | IoTID20 dataset | Above 99% |
[177] | 2020 | RF, AdaBoost, GB, extremely randomized trees, classification RT, MLP | Denial of service attack | CIDDS-001, UNSW-NB15, and NSL-KDD | 96.74% |
[180] | 2024 | DL | Different types of threats | NSL-KDD and BoT-IoT | 99.95% |
[181] | 2023 | DL | Malicious Intrusions | NSL-KDD, KDDCup99, and UNSW-NB15 | 97% |
[178] | 2022 | SVM, RF, KNN, DT, CNN | Different types of threats | CICIDS2017 dataset | Above 99% |
[179] | 2021 | Honeypot with ML | Botnet | Botnet dataset | 96% |
Citation | Year | IoT App | Focus Area | Ai Approche | Security Application | Advantages | Limitations |
---|---|---|---|---|---|---|---|
[186] | 2020 | Smart City | Security | ML and EL | IDS | High accuracy, precision, recall; Ensemble methods improve detection | High computational cost in ensemble models |
[187] | 2020 | Smart City | Privacy | ML | Secure Data Communication | Holistic approach, integration of privacy laws | Limited testing in real-world environments |
[188] | 2020 | Smart City | Trust | ML | traffic flow prediction | Reduced cloud overhead, high trust level (0.7–2.53% drop) | Not suitable for federated learning; limited to poisoning attacks |
[189] | 2022 | Smart City | Security | ML | Cybersecurity enhancement | Improves transparency and trust in AI decisions | Trade-off between accuracy and explainability |
[142] | 2022 | Smart City | Security | DL and TL | Intrusion Detection | High accuracy (96%), robust data transmission | High computational demand for real-time systems |
[190] | 2022 | Smart City | Security | ML | IDS, Anomaly Detection | High accuracy, Robust against noisy data | High computational cost for large-scale systems |
[152] | 2023 | Smart City | Security | ML and DL | IDS | High accuracy (95%), Addresses data imbalance | High computational complexity, particularly in feature extraction and model training stages, which may hinder real-time deployment in large-scale IoT networks |
[191] | 2023 | Smart City | Security | ML | Lossless secure communication for IoT networks | High embedding capacity, low computational complexity | Limited testing on real-world large-scale systems |
[192] | 2023 | Smart City | Privacy/ Security | FL | Intrusion Detection | Enhances privacy and security, robust against PGD and FGSM | Reduced accuracy with PGD-based attacks (10% drop) |
[133] | 2023 | Smart City | Security/ Privacy | ML | Secure Data Communication | Promotes trust, privacy, and security in smart cities | Implementation challenges in large-scale systems |
[86] | 2023 | Smart City | Security | DL | IDS | High accuracy (98.53%), improved feature selection | Computationally intensive for large-scale systems |
Ref | Model | Attack Types | Performance Metrics Used | Results |
---|---|---|---|---|
[186] | Stacking | Various IoT cyberattacks | Accuracy, Precision, Recall, F1-Score | Stacking achieved highest performance with F1-score of 99.9% |
[187] | ML | Data breaches, unauthorized access | Privacy, Compliance | Enhanced privacy, compliance with GDPR |
[188] | Heuristic ML Model Selection | Poisoning attacks | Trust Level, Accuracy | Trust level decreased by 0.49–3.17% compared to ILP |
[189] | XAI | General cyber threats, vulnerabilities | Accuracy, Transparency, Trust | High interpretability with moderate impact on accuracy |
[142] | KPCA with VGG-16 Net and DTTP | Biometric-based intrusion detection | Accuracy, Precision, Recall, F-Score, RMSE | 96% accuracy, improved recall 80%, RMSE of 46% |
[190] | Random Forest, KNN, AdaBoost | Intrusion detection, anomalies | Accuracy, Precision, Recall, F1-Score | Achieved 95% accuracy with high precision |
[152] | RF-RBN | Multiple IoT attacks (e.g., DoS, Spoofing) | Accuracy, Sensitivity, Specificity | 95% accuracy, 96% sensitivity, 97% specificity |
[191] | Quadtree N-bit localization-based RDH | Passive attacks, replay attack | PSNR, SSIM, Embedding Capacity | High PSNR (52.23 dB), high SSIM, large embedding capacity |
[192] | FAT | PGD, FGSM | Accuracy, Robustness | 81.13% (PGD) and 91.34% (FGSM) accuracy |
[133] | privacy and security framework | Cyberattacks, data breaches | Data Privacy, Trust, Security | Enhanced data privacy and security with blockchain technology |
[86] | IDCPRO-DLM (CPROA with DSAE) | DDoS, PortScan, Brute Force, Botnet | Accuracy, Precision, Recall, F1-Score | 98.53% accuracy, high precision and recall |
Citation | Year | Focus Area | IoT Apps. | AI Approches | Security Application | Advantages | Limitations |
---|---|---|---|---|---|---|---|
[193] | 2021 | Privacy | Healthcare | FL | Data Protection, Privacy Preservation | High accuracy, privacy-preserving architecture | Decreased accuracy with high privacy settings |
[194] | 2021 | Security | Healthcare | ML | IDS | High detection rate, low false alarm rate, optimized feature selection | Computationally intensive in large-scale environments |
[128] | 2021 | Security, Privacy | Healthcare | FL | IDS | Improved privacy, decentralized model, higher detection accuracy | Computational overhead, complexity in large-scale systems |
[195] | 2021 | Privacy, Security | Healthcare | FL, TL, DL | IDS | High accuracy, data privacy preserved, low communication overhead | High computational demand in federated settings |
[196] | 2021 | Security | Healthcare | ML | IDS | Real-time traffic generation, high detection accuracy | High computational complexity for large-scale networks |
[134] | 2022 | Security, Privacy | Healthcare | ML | Intrusion Detection, Data Protection, Privacy Preservation | Real-time monitoring, high accuracy in threat detection | Complexity in handling big data systems, scalability issues |
[197] | 2022 | Privacy, Security | Healthcare | DL, FL | Data Protection, Privacy Preservation, Access Control | High accuracy, low privacy leakage, scalable for large datasets | High computational cost, requires frequent updates |
[198] | 2022 | Security, Privacy | Healthcare | DL | Data Protection, Access Control, Privacy Preservation | High privacy, secure real-time monitoring, scalable | High computational complexity in resource-constrained environments |
[199] | 2023 | Security | Healthcare | TL | Cyber Attack Detection, Malware Detection, | High accuracy, real-time processing, low latency | High computational demand in complex systems |
[153] | 2023 | Security | Healthcare | ML, DL | IDS | Improved detection rate, real-time processing, efficient for IoMT | High computational overhead in fog nodes |
[147] | 2023 | Privacy | Healthcare | FL | Data Protection, Privacy Preservation | Strong privacy guarantees, decentralized learning | High computational complexity in large-scale systems |
[200] | 2023 | Security | Healthcare | ML, EL | IDS | High accuracy, formal security verification | Computational overhead with large datasets |
[201] | 2023 | Security | Healthcare | ML | IDS | Improved accuracy, optimized model using FA, interpretable with SHAP | Computationally intensive for larger IoT systems |
[202] | 2024 | Security, Privacy | Healthcare | ML, EL | IDS | High accuracy, adaptive, low false positive rate | High computational cost in large-scale IoMT environments |
Ref | Model | Attacks Types | Performance Metric Used | Results |
---|---|---|---|---|
[193] | FL | Data leakage, MITM, dackdoor attack, data tampering | Accuracy, Execution Time | 81.88% Accuracy, 0.712s detection time per user |
[194] | GA-, RF | DoS, Probe, R2L, U2R | Detection Rate, False Alarm Rate, F1-Score | Detection Rate: 98.81%, False Alarm Rate: 0.8%, F1-Score: optimized by 8.2% |
[128] | Federated GAN | Data modification, DoS, eavesdropping, MITM, data injection | Accuracy, F1-Score, Detection Rate | Accuracy: 92.98%, F1-Score: 0.928, Detection Rate: 91.5% |
[195] | FTL with DNN | Data modification, DoS, data injection, unauthorized access | Accuracy, Detection Rate, Training Time | Accuracy: 95.14%, Detection Rate: 94.74%, Training Time: Reduced by 12.5% |
[196] | RF, KNN, DT, LR | MITM, DDoS, spoofing, replay attacks | Accuracy, F1-Score, Precision, Recall | Random Forest achieved 99.51% Accuracy, F1-Score of 99.65% |
[134] | ML | Data breaches, privacy violations, MITM, insider threats | Detection Rate, Accuracy, Privacy Preservation | High Detection Accuracy (>95%), strong privacy guarantees |
[197] | FDL with CNN | Unauthorized access, rivacy leakage, data breaches | Accuracy, Precision, F1-Score | Accuracy: 98%, Precision: 95%, F1-Score: 0.95 |
[198] | CNN | Unauthorized access, data tampering | Accuracy, Security Level, Processing Time | Accuracy: 98%, low latency, improved security of patient data |
[199] | CMTL | DoS/DDoS attacks, malware, injection, MITM, | Accuracy, Execution Time, F1-Score | Achieved high Accuracy (up to 99.24%) for 2 classes and improved execution time compared to other models |
[153] | LSTM, DT | Data breaches, DoS/DDoS attacks, malware, injection, ransomware | Accuracy, F1-Score, Detection Rate, False Alarm Rate | Accuracy: 98.5%, F1-Score: 0.96, False Alarm Rate: 2.1%, Detection Rate: 97.8% |
[147] | FL with DP and SMPC | Data leakage, MITM, backdoor, data tampering | Accuracy, Privacy Leakage, Computation Time | Accuracy: 97.69%, Privacy Leakage: 0.025, computation time improved by 15% |
[200] | SVM, DT, KNN | Malware injection, replaying of information, unauthorized healthcare data disclosure, impersonation, credential guessing, DoS | Accuracy, F1-Score, Detection Rate | Accuracy: 95.12%, F1-Score: 0.94, Detection Rate: 94.74% |
[201] | XGBoost | Data leakage, model poisoning, data tampering | Accuracy, Precision, Recall, F1-Score | Accuracy: 99.51%, Precision: 99.65%, Recall: 99.42%, F1-Score: 99.53% |
[202] | Meta-Learning- | Data breaches, malware, DoS attacks, unauthorized access | Accuracy, F1-Score, Detection Rate, False Positive Rate | Accuracy: 98.0%, F1-Score: 0.996, Detection Rate: 97%, False Positive Rate: 0.101 |
Citation | Year | IoT Apps | Focused Area | Ai Approches | Security Application | Advantages | Limitations |
---|---|---|---|---|---|---|---|
[154] | 2020 | IoV | Security, Trust | ML and FL | Misbehavior Detection | High detection accuracy, enhanced with plausibility checks | Poor performance in detecting subtle position forgeries, computational complexity in large-scale environments |
[203] | 2021 | IoV | Security, Trust | ML | Intrusion Detection | High accuracy, detection of zero-day attacks, real-time applicability | Computational complexity, struggles with random attack detection |
[204] | 2021 | IoV | Privacy, Security, Trust | DL | Intrusion Detection | High privacy and security, scalability via IPFS | Computational overhead due to LSTM-based IDS |
[205] | 2021 | IoV | Privacy, Security | FL | Misbehavior Detection | Privacy preservation, high detection accuracy, low communication overhead | Scalability issues, possible training errors due to wireless resource limitations |
[135] | 2022 | IoV | Privacy, Security | DL and FL | Privacy-preserving service deployment | High coverage, low latency, privacy preservation | High computational complexity, high communication overhead |
[206] | 2022 | IoV | Security, Trust, Privacy | FL | Intrusion Detection | High detection accuracy, privacy-preserving | High communication overhead, dependency on stable SDN |
[143] | 2022 | IoV | Security | TL and EL | Intrusion Detection | High accuracy, optimized through PSO, scalable | High computational cost, limited real-time capabilities |
[148] | 2022 | IoV | Security, Trust, Privacy | TL | Knowledge Transfer | Secure and reliable model sharing, high scalability | High computational cost due to auction-based model sharing |
[129] | 2022 | IoV | Security, Privacy, Trust | DL | Intrusion Detection | High detection accuracy, reduced training time, real-time detection | Computational overhead due to deep learning complexity |
[207] | 2022 | IoV | Security, Privacy | TL and DL | Intrusion Detection | High accuracy, reduced training time, knowledge transfer | High computational cost for deep learning models |
[208] | 2023 | IoV | Security, Privacy | FL | Misbehavior Detection | High accuracy, low communication overhead | Limited scalability in highly dynamic environments |
[209] | 2023 | IoV | Security, Privacy, Trust | ML | Intrusion Detection | High detection accuracy, addresses class imbalance | Computational overhead due to deep-layer ensemble learning |
[210] | 2024 | IoV | Security, Trust | ML | Trust Management | Accurate trust segregation, context-aware, ML optimization | High computational complexity due to model training |
Ref | Model | Attacks Types | Performance Metric Used | Results |
---|---|---|---|---|
[154] | Supervised ML | Position Forgery | Precision, Recall, F1-score | 5% improvement in precision, 2% in recall |
[203] | Supervised ML | DoS, Fuzzy, Spoofing, Zero-Day | Accuracy, F1-score | 99.99% (IVNs), 99.88% external |
[204] | LSTM | DoS, Data Poisoning, MitM, Spoofing | Detection Rate, Accuracy | Over 99% accuracy, 0.00002–0.00451% FAR |
[205] | FL with ANN | Position Falsification | Precision, Recall, Accuracy | Federated training outperformed central training in precision and recall |
[135] | DRL, DDPG, FL | Privacy Leakage, Data Breaches | Coverage rate, delay, data transmission | 82.6% coverage, reduced execution delay, reduced data transmission |
[206] | FL | Black Hole, Malicious Node Infiltration | Recall, Precision, F1-score | 99.04% recall, 99.3% precision |
[143] | TL with CNN | DoS, Fuzzy, Spoofing, RPM Attacks | Accuracy, Precision, F1-score | Over 99.25% detection rate |
[148] | TL | Data Poisoning, Model Tampering, Malicious Sellers | Detection Rate, Accuracy | Improved model accuracy, reduced adversarial effects |
[129] | LSTM and GRU | DDoS, Fuzzy, Spoofing | Accuracy, Precision, F1-score | 99.5% accuracy |
[207] | TL with DNN, CNN | DoS, DDoS, Botnet, Brute Force | Accuracy, Precision, F1-score | Over 99% accuracy for large datasets |
[208] | FL | DoS, Spoofing, Jamming, Blackhole | Accuracy, Precision, Recall, F1-score | 99.72% accuracy, 99.70% precision |
[209] | Tree-Based EL | DoS, DDoS, Fuzzy, Spoofing, Port Scanning | Accuracy, F1-score | 0.965 (CICIDS2017), 0.9999 (Car-Hacking) |
[210] | ML-based Trust | Data Falsification, Message Tampering | Precision, Recall, F1-score | High precision and F1-score for detecting malicious vehicles |
Citation | Year | IoT app | Focused Area | Ai Approches | Security Application | Advantages | Limitations |
---|---|---|---|---|---|---|---|
[46] | 2020 | IIoT | Security | ML | FDI Attack Detection | High detection accuracy, works with unlabeled data, detects unknown attacks | High computational complexity for large datasets |
[55] | 2020 | IIoT | Security | ML | Attack Detection | High accuracy, reduced prediction time | Computationally intensive on large datasets |
[211] | 2020 | IIoT | Security | DL | Trust Boundary Protection | High robustness against adversarial attacks, improved classification accuracy | High computational cost, requires a large dataset for training |
[212] | 2020 | IIoT | Privacy, Security, Trust | ML and FL | Privacy- preserving | Strong privacy guarantees, enhanced security | High computational cost, complex implementation |
[149] | 2020 | IIoT | Security, Privacy | FL, | Malware Detection | High accuracy, privacy-preserving, robust against adversarial attacks | High computational cost, complex implementation |
[80] | 2021 | IIoT | Security, Privacy | FL | Anomaly Detection | High accuracy, privacy-preserving, decentralized model | High computational cost, complexity of implementation |
[213] | 2021 | IIoT | Security, Privacy | FL | Intrusion Detection | High privacy, supports non-IID data, strong intrusion detection | Computationally intensive, requires complex setup |
[136] | 2021 | IIoT | Security, Privacy | FL and DL | Anomaly Detection | High detection accuracy, privacy-preserving | Computational complexity, non-IID data challenge |
[214] | 2021 | IIoT | Security, Trust, Privacy | FL | Intrusion Detection | Ensures fairness, high trust, privacy-preserving | High computational cost, complex implementation |
[144] | 2022 | IIoT | Security | DL | Botnet Detection | High detection rate, low processing time | High computational complexity for large datasets |
[215] | 2022 | IIoT | Security | ML | Intrusion Detection | Handles imbalanced data, high accuracy | Requires fine-tuning and high computational cost |
[216] | 2022 | IIoT | Security | DL | Intrusion Detection | High detection accuracy, optimal feature selection, low processing time | High computational complexity for large datasets |
[130] | 2022 | IIoT | Security | EL | Intrusion Detection | High accuracy, efficient feature selection, scalable for edge networks | High computational cost for large datasets |
[217] | 2022 | IIoT | Security, Trust | TL | Trust Evaluation | High accuracy, efficient data fusion, reduced training time | High computational complexity, requires large datasets |
[49] | 2023 | IIoT | Security | DL | IDS, Malware Detection | High accuracy, handles imbalanced data | Longer training times, high computational cost |
Ref | Model | Attacks Types | Performance Metric Used | Results |
---|---|---|---|---|
[46] | Autoencoders | FDI | Accuracy, MSE, False Alarm | 100% detection in case 1, 95% in case 2 |
[55] | RaNN | DoS, Data Type Probing, Malicious Control, Scan, Malicious Operation, Spying, | Accuracy, Precision, Recall, F1-Score | 99.20% accuracy, 34.51 ms prediction time |
[211] | Downsampler- Encoder with DNN | DDoS, Command Injection, Relay Misconfiguration, Malware Injection | Accuracy, Cross-Entropy Loss | 99.20% accuracy, low cross-entropy loss |
[212] | FedML | Adversarial Attacks, Data Leakage, Man-in-the-Middle | Accuracy, Latency, Privacy Budget | High accuracy, low latency, strong privacy guarantees |
[149] | GAN | Adversarial Attacks, Data Poisoning, Backdoor | Accuracy, Precision, F1-Score | 8% higher accuracy than existing models |
[80] | FL with GRUs | Man-in-the-Middle, Ping DDoS, SYN DDoS, Modbus Query Flood | Accuracy, Precision, Recall, F1-Score | High accuracy, low false alarm rate |
[213] | FedAvg, Fed+ | DDoS, Backdoor, Command Injection | Accuracy, Privacy Budget | High accuracy, maintains privacy |
[136] | FL with DRL | Data Breaches, Anomalous Behavior | Accuracy, Latency, False Alarm Rate | High accuracy, low latency, reduced FAR |
[214] | FL | Adversarial Attacks, Model Poisoning | Accuracy, Trust Score, Reputation | High accuracy, fairness achieved, improved trust scores |
[144] | Hybrid (LSTM-DNN) | Gafgyt, Mirai Botnets | Accuracy, F1-Score, Precision | 99.94% accuracy, 0.066 ms detection time |
[215] | XGBoost | Ransomware, DDoS, Command Injection | Accuracy, F1-Score, Precision | 99.9% F1 on X-IIoTID, 99.87% F1 on TON_IoT |
[216] | SDPN | DoS, U2R, R2L, and Probe Attacks | Accuracy, Precision, Recall, F1-Score | High accuracy of 99.02%, as well as superior precision, recall, and F1-score values |
[130] | Stacked Ensemble | DDoS, Ransomware, Brute Force | Accuracy, Precision, F1-Score | 99.7% accuracy, improved F1-score |
[217] | DRL, TL | Privacy Attacks, Task Sabotage | Accuracy, FAR, MDR | 99% accuracy, low FAR and MDR |
[49] | Bi-LSTM, GRU | Backdoor, DDoS, DoS, Injection, Ransomware | Accuracy, F1-Score, AUC-ROC | 99.99% accuracy, 0.001% error rate |
AI Approach | Application Domains | Strengths | Limitations | Future Directions |
---|---|---|---|---|
Deep Learning (DL) | Smart cities, IIoT, healthcare | High accuracy in complex tasks, automated feature extraction | High computational cost, slow training | Lightweight DL models for edge devices; energy-efficient architectures |
Federated Learning (FL) | Healthcare, IoV, IIoT | Privacy-preserving, decentralized training | Communication overhead, convergence challenges | Efficient FL protocols; integration with blockchain; real-world deployments |
Transfer Learning (TL) | IoV, IIoT | Reduces training time and data requirements | Domain mismatch, negative transfer risk | Cross-domain adaptation; task-specific fine-tuning for IoT |
Ensemble Learning (EL) | Smart cities, healthcare, IIoT | Improves accuracy and robustness | High resource demand; complex implementation | Adaptive and lightweight ensemble strategies for constrained environments |
Explainable AI (XAI) | Smart cities, healthcare | Enhances transparency and trust in ML decisions | Reduced accuracy; limited tool maturity in IoT | Domain-specific XAI models; balancing explainability and performance |
Anomaly Detection (Unsupervised) | All domains | Detects unknown attacks without labeled data | High false positives; hard to evaluate accuracy | Hybrid models combining unsupervised and supervised learning |
Reinforcement Learning (RL) | Resource allocation, adaptive security policies | Dynamic decision-making; environment-aware learning | Slow convergence; exploration risks | Safe and scalable RL for dynamic IoT contexts |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Alfahaid, A.; Alalwany, E.; Almars, A.M.; Alharbi, F.; Atlam, E.; Mahgoub, I. Machine Learning-Based Security Solutions for IoT Networks: A Comprehensive Survey. Sensors 2025, 25, 3341. https://doi.org/10.3390/s25113341
Alfahaid A, Alalwany E, Almars AM, Alharbi F, Atlam E, Mahgoub I. Machine Learning-Based Security Solutions for IoT Networks: A Comprehensive Survey. Sensors. 2025; 25(11):3341. https://doi.org/10.3390/s25113341
Chicago/Turabian StyleAlfahaid, Abdullah, Easa Alalwany, Abdulqader M. Almars, Fatemah Alharbi, Elsayed Atlam, and Imad Mahgoub. 2025. "Machine Learning-Based Security Solutions for IoT Networks: A Comprehensive Survey" Sensors 25, no. 11: 3341. https://doi.org/10.3390/s25113341
APA StyleAlfahaid, A., Alalwany, E., Almars, A. M., Alharbi, F., Atlam, E., & Mahgoub, I. (2025). Machine Learning-Based Security Solutions for IoT Networks: A Comprehensive Survey. Sensors, 25(11), 3341. https://doi.org/10.3390/s25113341