The advancement of the Internet of Things (IoT) has allowed for unprecedented data collection, automation, and remote sensing and actuation, transforming autonomous systems and bringing smart command and control into numerous cyber physical systems (CPS) that our daily lives depend on. Simultaneously, dramatic improvements in machine learning and deep neural network architectures have enabled unprecedented analytical capabilities, which we see in increasingly common applications and production technologies, such as self-driving vehicles and intelligent mobile applications. Predictably, these technologies have seen rapid adoption, which has left many implementations vulnerable to threats unforeseen or undefended against. Moreover, such technologies can be used by malicious actors, and the potential for cyber threats, attacks, intrusions, and obfuscation that are only just being considered, applied, and countered. In this paper, we consider the good, the bad, and the ugly use of machine learning for cybersecurity and CPS/IoT. In detail, we consider the numerous benefits (good use) that machine learning has brought, both in general, and specifically for security and CPS/IoT, such as the improvement of intrusion detection mechanisms and decision accuracy in CPS/IoT. More pressing, we consider the vulnerabilities of machine learning (bad use) from the perspectives of security and CPS/IoT, including the ways in which machine learning systems can be compromised, misled, and subverted at all stages of the machine learning life-cycle (data collection, pre-processing, training, validation, implementation, etc.). Finally, the most concerning, a growing trend has been the utilization of machine learning in the execution of cyberattacks and intrusions (ugly use). Thus, we consider existing mechanisms with the potential to improve target acquisition and existing threat patterns, as well as those that can enable novel attacks yet to be seen.INDEX TERMS Security, machine learning, cyber physical systems, Internet of Things, applications, distributed environments.
The widespread adoption of the Internet of Things (IoT) technologies has drastically increased the breadth and depth of attack surfaces in networked systems, providing new mechanisms for the intrusion. In the context of smart-world critical infrastructures and cyber-physical systems, the rapid adoption of the IoT systems and infrastructures without thorough consideration for the risks and vulnerabilities has the potential for catastrophic damage to the privacy, safety, and security of individuals and corporations. While the IoT systems have the potential to increase productivity, accountability, traceability, and efficiency, their potential weaknesses are also more abundant. In this paper, we provide critical consideration of the security of the IoT systems as applied to smart-world critical infrastructures. Particularly, we carry out a detailed assessment of vulnerabilities in IoT-based critical infrastructures from the perspectives of applications, networking, operating systems, software, firmware, and hardware. In addition, we highlight the three key critical infrastructure IoT-based cyber-physical systems, namely the smart transportation, smart manufacturing, and smart grid. Moreover, we provide a broad collection of attack examples upon each of the key applications. Furthermore, we introduce a case study, in which we assess the impacts of potential attacks on critical IoT-based systems, using the smart transportation system as an example. Finally, we provide a set of best practices and address the necessary steps to enact countermeasures for any generic IoT-based critical infrastructure system. INDEX TERMS Cyber-physical systems, Internet of Things, security, critical infrastructure, case study, computing infrastructure. I. INTRODUCTION Advances in information communication technologies have given rise to the Internet of Things (IoT), which will play an increasingly important role in our daily lives [1]-[3]. In IoT, the massive number of deployed IoT devices (sensors, actuators, etc.) will be connected to collect data related to objects in critical infrastructures, including city and government, industrial manufacturing, energy, transportation, healthcare, and public safety infrastructures, among others, supporting numerous smart-world systems. The examples of such systems are smart manufacturing, smart cities, smart grid, smart transportation, smart home, and smart health systems, to name a few [4]-[11]. The associate editor coordinating the review of this manuscript and approving it for publication was Jinsong Wu.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.