Internet of Things (IoT) describes a network which allows various smart devices, sensors, and actuators, to be connected and be able to exchange data through the Internet. IoT faces many challenges with security being one of the majors and most complex. A secured IoT solution must ensure integrity, confidentiality, and availability. Due to the different specifications among IoT devices, the different functions (e.g., sensing, monitoring, and controlling), and the diverse data types (images, string data, etc.), there cannot be a global cybersecurity solution that can meet all the IoT deployment requirements.
Depending on the network topology of the interconnected IoT nodes, an IoT gateway can be a physical device or a software program that serves as the connection point between the cloud and IoT devices (smart sensors, actuators, etc.). Data sharing between sub-networks, the devices and the cloud is done through the gateway. Some IoT gateways do more than just routing the data. For example, they can preprocess the data locally and then send it to the cloud. Consequently, a gateway can be the most vulnerable device in an IoT network thus, it needs the maximum security. In case an adversarial attacker controls the gateway, he/she can alter the communication route, data content or even hard stop the communication. In conventional security methods, static targets can be more easily attacked.
To address this issue, Moving Target Defense (MTD) has been proposed as a more valuable security technique. Moving Target Defense (MTD) deploys different mechanisms and strategies of the underlying system, which are diverse to each other and change over time in order to neutralize the attacker and in a more pragmatic scenario, reduce the success rate of an advanced adversarial attacker. Honeypots can be an additional security layer and one of active defense technologies. Honeypots can act as MTDs, aiming at strengthening the immunity of the system. Honeypots are security resources which help attract, detect, and gather attack information. During the last 5-10 years, Artificial Intelligence (AI) and in particular Machine Learning (ML) and Deep Learning (DL) methods and techniques, have shown that they can improve IoT systems’ security, robustness, and resilience. Compared to conventional hardware and software tools, ML/DL based security solutions can recognize patterns in data and analyze the behavior of an attacker, leading to more sophisticated security systems. AI can also provide IoT systems with automation processes to analyze great amounts of data and strengthen the existing systems and software to reduce adversarial attacks.
In 2017, Federated Learning (FL) emerged as a disruptive technology to change the way ML/DL models are trained. Contrary to conventional centralized learning, FL enables mobile phones, IoT devices, etc. to collaboratively learn a shared model while keeping all the training data on device. Nevertheless, FL systems raise some serious questions about privacy preserving and preventing data disclosure. A way to address that is by integrating security ML based tools in IoT systems. Particularly, in the IoT-NGIN project, innovative ML/DL methods will learn IoT network properties and respectively emulate, as MTD mechanisms, weak and vulnerable IoT nodes. As a result, they will be able to attract malicious/suspicious attackers that may attempt to change or disfigure Federated Learning model settings in ways that compromise their proper training.
¹ IEEE – Artificial Intelligence and Machine Learning Applied to Cybersecurity – 6-8 Oct, 2017, access URL: https://www.ieee.org/content/dam/ieee-org/ieee/web/org/about/industry/ieee_confluence_report.pdf