Abstract

Internet-of-Things has been a widely used term, referring to the interconnected ecosystem, built of loosely connected devices, capable of accumulating, processing and transferring data through the heterogeneous network Recently, the IoT’s technical, economic and social importance has drastically increased. However, the IoT does not bring advantages only. According to recent studies, vast majority of IoT devices are prone to being attacked, hacked or intruded. If not secure enough, IoT may pose risk to the security of ordinary citizens, and whole industries alike. The paper aims at drawing the current threat landscape in relation to IoT, by examining the threat actors, their motivation and capabilities. Firstly, the specific security goals, context, elements and main challenges to IoT security are discussed. Then, the work collects the actors that pose the threat to IoT, as well as their motives for attacking IoT. The following part of the paper discusses the various attack taxonomies, and the state-of-the art of the IoT cybersecurity countermeasures and recommendations. Against this background, a novel intrusion detection tool is introduced, and its technical description is provided. When tested on data from a benchmark dataset, the method has already shown promise in performing its tasks.

Recommended Citation

Pawlicki, M., Pawlicka, A., Komisarek, M., Kozik, R., & Choraś, M. (2022). The IoT Threat Landscape vs. Machine Learning, a.k.a. Who Attacks IoT, Why Do They Do It, and How to Prevent It?. In R. A. Buchmann, G. C. Silaghi, D. Bufnea, V. Niculescu, G. Czibula, C. Barry, M. Lang, H. Linger, & C. Schneider (Eds.), Information Systems Development: Artificial Intelligence for Information Systems Development and Operations (ISD2022 Proceedings). Cluj-Napoca, Romania: Babeș-Bolyai University.

Paper Type

Short Paper

Share

COinS
 

The IoT Threat Landscape vs. Machine Learning, a.k.a. Who Attacks IoT, Why Do They Do It, and How to Prevent It?

Internet-of-Things has been a widely used term, referring to the interconnected ecosystem, built of loosely connected devices, capable of accumulating, processing and transferring data through the heterogeneous network Recently, the IoT’s technical, economic and social importance has drastically increased. However, the IoT does not bring advantages only. According to recent studies, vast majority of IoT devices are prone to being attacked, hacked or intruded. If not secure enough, IoT may pose risk to the security of ordinary citizens, and whole industries alike. The paper aims at drawing the current threat landscape in relation to IoT, by examining the threat actors, their motivation and capabilities. Firstly, the specific security goals, context, elements and main challenges to IoT security are discussed. Then, the work collects the actors that pose the threat to IoT, as well as their motives for attacking IoT. The following part of the paper discusses the various attack taxonomies, and the state-of-the art of the IoT cybersecurity countermeasures and recommendations. Against this background, a novel intrusion detection tool is introduced, and its technical description is provided. When tested on data from a benchmark dataset, the method has already shown promise in performing its tasks.