Main Article Content

Machine Learning Intrusion Detection as a Solution to Security and Privacy Issues in IoT: A Systematic Review


Olufunke G. Darley
Adetokunbo A. Adenowo
3Abayomi I. O. Yussuff

Abstract

Billions of IoT devices are in use worldwide and generate a humongous amount of data for the IoT system. This continuous stream of data is open to attack during its collection, transportation, processing, dissemination and storage cycle. Also, IoT devices themselves are points of system vulnerability through which the system can be attacked. Machine learning (ML), due to its ability to identify inherent patterns and behaviour in data, has been applied by many researchers to IoT data such that strange patterns or intrusions into IoT systems can be speedily detected and real-time decisions on security and privacy (S&P)  protection implemented in a timely manner. Different ML techniques with their different algorithms have provided solutions in various scenarios such that security and privacy requirements for the IoT system can be met. In particular, ML has been successfully applied in intrusion detection and has been shown to perform better than traditional means in flagging new trends of attacks. This paper presents a systematic literature review on ML intrusion detection in IoT. Academic journals from 2011 to 2021 from two databases (IEEE and Proquest) were explored using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) framework. A review of the final selected papers revealed that data preprocessing, feature extraction, model training and deployment of ML-based Intrusion Detection Systems (IDS) increase computational complexity resulting in greater resource requirement (CPU,  memory, and energy); enable ML to be used in the execution of adversarial attacks on IoT devices and networks (as seen with emerging attacks); give rise to scalability issues especially due to the heterogeneous nature of IoT networks; require trade-offs between detection accuracy and false-positive events; and highlight the superior performance of deep learning methods over traditional ML ones in anomaly detection. Generally, the changing nature of attacks makes it difficult for any particular IDS to be able to detect all attack types thus making the development of IDS a continuing project.


Journal Identifiers


eISSN: 2579-0617
print ISSN: 2579-0625