Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches

Kotenko, Igor; Izrailov, Konstantin; Buinevich, Mikhail

doi:10.3390/s22041335

Cited by 33 publications

(11 citation statements)

References 133 publications

(199 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As criteria Cr (abbr. for criterion), the following were reasonably chosen and assessed on a point scale: "−"-does not correspond (0 points), "+/−"-corresponds partially or potentially (0.5 points), "+"-corresponds completely (1 point): Cr 5 -simulation accuracy; if the accuracy is insufficient, the development process will contain system errors, and the identification of vulnerabilities will have errors of I and/or II types; • Cr 6 -applicability for the entire software complex; energy networks consist of a whole set of programs and require specialized modeling; • Cr 7 -the possibility of using machine learning; this is a modern trend that increases the efficiency of solving problems for various purposes [58]; • Cr 8 -reducing the influence of the human factor; this is one of the main reasons for the violation of the correctness of software engineering and the appearance of vulnerabilities in SW [59].…”

Section: Discussionmentioning

confidence: 99%

Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities

et al. 2023

Self Cite

View full text Add to dashboard Cite

This paper solves the problem of modeling the scheme for developing software systems, which can be used in building solutions for secure energy networks. A development scheme is proposed in a set of representations through which each program of the software complex passes, namely the following representations: idea, conceptual model, architecture, algorithm, source code, graphic code, abstract syntax tree, assembler code, machine code, byte code, executed code. The main properties of each representation are indicated, such as the form (text, graphic, programming language, binary, and decoded), development (transformation) methods, as well as vulnerabilities that are detected in it. An example of each representation is given, particularly as applied to the energy networks. The scheme elements (representations, vulnerabilities, forms, etc.) and the main operations for working with their elements (representation transformation, vulnerability injection, and detection) are presented in an analytical form. An example of a development scheme for a simple software complex of energy networks is given. The classification of vulnerabilities is introduced; it divides the vulnerabilities according to the structural level, functioning disruption, and information impact. The vulnerabilities in each of the views are substantiated using the common vulnerabilities and exposures (CVE) database. An experiment was conducted to demonstrate the vulnerability spread across representations during the development of a software complex example for the energy network. The features of the applications of the obtained results for energy networks are taken into account. The advantages, disadvantages, and limitations of the study, as well as ways to eliminate them, are discussed.

show abstract

Section: Discussionmentioning

confidence: 99%

Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities

et al. 2023

Self Cite

View full text Add to dashboard Cite

show abstract

“…The generated amounts of data meet the demand for careful authentication and encryption techniques. Artificial intelligence (AI) techniques are considered one of the most promising methods for addressing cyber security threats and providing security [9], [10]. Figure 1 presents the serious security risks and their mitigation scenarios in radiation monitoring systems.…”

Section: Security Risks and Mitigation Scenariosmentioning

confidence: 99%

Evaluation of Advanced Information Security Scheme in Internet of Things Environment for Intelligent Monitoring Applications

Gaber,

Khalaf,

Mahmoud

et al. 2024

Journal of Computing and Communication

View full text Add to dashboard Cite

In recent years, the Internet of Things (IoT) technologies have been developed to make great progress for nuclear energy applications. These applications require advanced schemes to secure sensitive information from incremental attacks and sabotage processes. The schemes should meet the major security attributes, including confidentiality, availability, and integrity. This paper introduces an information security scheme for transmitting sensitive information with secure monitoring of the critical radiation levels at nuclear facilities. It is evaluated by integrating the cryptography and steganography techniques with cloud computing services. The cryptography techniques are based on Advanced Encryption Standard (AES) and Rivest, Shamir-Adleman (RSA) algorithms. The scheme uses the extracted cryptography keys from authenticated biometric attributes and is suitable for emergencies through a low computational time. It allows securing access for encrypted sensitive measurements, files, and images with high data integrity and confidentiality. Furthermore, it hides confidential, sensitive information with great Capacity and imperceptibility through the transmitted carrier images. The security performance analysis ensures the robustness of the introduced scheme against various attacks through authentication, encryption, and information-hiding techniques. Finally, the paper discusses the resistance of the introduced scheme against serious attacks such as the man in the middle, noise, and Distributed Denial of Service (DDOS) attacks.

show abstract

“…The study explores the challenges and opportunities in integrating drones into various applications, including industrial automation and logistics. Addressing the scalability and security issues in IoT-based systems, authors in [12] systemizes the implementation of various static analysis stages using machine learning algorithms. The study focuses on overcoming performance bottlenecks and security threats in IoT systems.…”

Section: B Ml-based Idsmentioning

confidence: 99%

Enhancing Security of Host-Based Intrusion Detection Systems for the Internet of Things

Nallakaruppan,

Somayaji,

Fuladi

et al. 2024

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) infrastructure enables smart devices to learn, think, speak and perform. The facilities of the IoT devices can be enhanced to support an intelligent application through technologies like fog computing, smart networks, federated learning or explainable artificial intelligence infrastructures. In all these cases networking of IoT devices becomes inevitable. Where-ever there exists a network, a threat to the network infrastructure is also possible. The proposed work classifies various attacks on the hosts with the support of proven machine learning (ML) algorithms. This work performs the comparative analysis of all these classification parameters of the machine learning algorithms with the use of fuzzy-based recommendation systems. This work also lists out various incidents of intrusions on the IoT hosts in appropriate layers of the interface and proposes an efficient algorithm and framework to overcome the occurrences of the intrusions on the host side. In particular, we propose an effective security framework to deal with the intrusions that can deteriorate the host-based systems. The ranking of the algorithms is evaluated using fuzzy-based recommendation systems such as TOPSIS, VIKOR, MORA, WASPAS. The ensemble of machine learning algorithms such as Decision Tree, Lite Gradient Boost, Xtra Gradient Boost and Random Forest provide better values of accuracy (around 99%) with higher precision, re-call and F1scores, thus proving their efficacy for intrusion detection in IoT networks.

show abstract

Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches

Cited by 33 publications

References 133 publications

Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities

Modeling the Development of Energy Network Software, Taking into Account the Detection and Elimination of Vulnerabilities

Evaluation of Advanced Information Security Scheme in Internet of Things Environment for Intelligent Monitoring Applications

Enhancing Security of Host-Based Intrusion Detection Systems for the Internet of Things

Contact Info

Product

Resources

About