Abstract
Security is one of the biggest challenges concerning networks and communications. The problem becomes aggravated with the proliferation of wireless devices. Artificial Intelligence (AI) has emerged as a promising solution and a volume of literature exists on the methodological studies of AI to resolve the security challenge. In this survey, we present a taxonomy of security threats and review distinct aspects and the potential of AI to resolve the challenge. To the best of our knowledge, this is the first comprehensive survey to review the AI solutions for all possible security types and threats. We also present the lessons learned from the existing AI techniques and contributions of up-to-date literature, future directions of AI in security, open issues that need to be investigated further through AI, and discuss how AI can be more effectively used to overcome the upcoming advanced security threats.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ahmed M, Shi H, Chen X, Li Y, Waqas M, Jin D (2018a) Socially aware secrecy-ensured resource allocation in D2D underlay communication: an overlapping coalitional game scheme. IEEE Trans Wirel Commun 17(6):4118–4133
Ahmed M, Li Y, Waqas M, Sheraz M, Jin D, Han Z (2018b) A survey on socially aware device-to-device communications. IEEE Commun Surv Tutor 20(3):2169–2197
Ahuja R, Chug A, Gupta S, Ahuja P, Kohli S (2020) Classification and clustering algorithms of machine learning with their applications. In: Yang X-S, He X-S (eds) Nature-inspired computation in data mining and machine learning. Springer, pp 225–248
Alauthaman M, Aslam N, Zhang L, Alasem R, Hossain MA (2018) A P2P botnet detection scheme based on decision tree and adaptive multilayer neural networks. Neural Comput Appl 29(11):991–1004
Aljawarneh S, Aldwairi M, Yassein MB (2018) Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. J Comput Sci 25:152–160
Alom MZ, Bontupalli V, Taha TM (2015) Intrusion detection using deep belief networks. In: National aerospace and electronics conference (NAECON), pp 339–344
Ambekar A, Schotten HD (2014) Enhancing channel reciprocity for effective key management in wireless ad-hoc networks. In: IEEE 79th vehicular technology conference (VTC Spring), pp 1–5
Ameen N, Tarhini A, Shah MH, Madichie NO (2020) Employees’ behavioural intention to smartphone security: a gender-based. Cross-national study. Comput Hum Behav 104:106184
Amuru S, Tekin C, v der Schaar M, Buehrer RM (2016) Jamming bandits: a novel learning method for optimal jamming. IEEE Trans Wirel Commun 15(4):2792–2808
Amuru S, Buehrer RM (2014) Optimal jamming strategies in digital communications impact of modulation. In: IEEE global communications conference, pp 1619–1624
Prasad R, Rohokale V (2020) Malware. In: Cyber security: the lifeline of information and communication technology. Springer, Berlin, pp 67–81
Anjomshoa F, Kantarci B, Erol-Kantarci M, Schuckers S (2017) Detection of spoofed identities on smartphones via sociability metrics. In: IEEE international conference on communications (ICC), pp 1–6
Ayodeji O et al (2021) Security and privacy for artificial intelligence: opportunities and challenges. arXiv:2102.04661
Batra L, Taneja H (2020) Evaluating volatile stock markets using information theoretic measures. Phys A Stat Mech Appl 537:122711
Belciug S, Gorunescu F (2020) Era of intelligent systems in healthcare. In: Dorgham MA (ed) Intelligent decision support systems-a journey to smarter healthcare. Springer, Berlin, pp 1–55
Bellet A, Liang Y, Garakani AB, Balcan MF, Sha F (2015) A distributed Frank–Wolfe algorithm for communication efficient sparse learning. In: Proceedings of the 2015 SIAM international conference on data mining, pp 478–486
Bernal P (2020) What do we know and what should we do about internet privacy? SAGE Publications Limited, Thousand Oaks
Bhuyan MH, Bhattacharyya DK, Kalita JK (2013) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor 16(1):303–336
Bill L, Curtis W, Bedford D, Iyer S (2019) The knowledge economy: implications for organizations. Work and workers, knowledge economies and knowledge work (Working methods for knowledge management), pp 41–64
Blatt D, Hero AO, Gauchman H (2007) A convergent incremental gradient method with a constant step size. SIAM J Optim 18(1):29–51
Boureau Y-L, Ponce J, LeCun Y (2010) A theoretical analysis of feature pooling in visual recognition. In: Proceedings of the 27th international conference on machine learning, pp 111–118
Buczak AL, Guven E (2016) A survey of data mining and machine learning methods for cybersecurity intrusion detection. IEEE Commu Surv Tutor 18(2):1153–1176
Butt UJ, Abbod MF, Kumar A (2020) Cyber threat ransomware and marketing to networked consumers. In: Dadwal SS (ed) Handbook of research on innovations in technology and marketing for the connected consumer. IGI Global, pp 155–185
Caravelli J, Jones N (2019) Cyber crime. In: Paige D (ed) Cyber security: threats and responses for government and business. ABC-CLIO, pp 23–43
Chatterjee B, Das D, Maity S, Sen S (2019) RF-PUF: enhancing IoT security through authentication of wireless nodes using in-situ machine learning. IEEE Internet Things J 6(1):388–398
Chen J, Yu Q, Cheng P, Sun Y, Fan Y, Shen X (2011) Game theoretical approach for channel allocation in wireless sensor and actuator networks. IEEE Trans Autom Control 56(10):2332–2344
Chen Y, Zhang Y, Maharjan S (2017) Deep learning for secure mobile edge computing. CoRR arxiv: abs/1709.08025
Chen G, Zhan Y, Chen Y, Xiao L, Wang Y, An N (2018a) Reinforcement learning based power control for in-body sensors in WBANS against jamming. IEEE Access 6:37403–37412
Chen Y, Poskitt CM, Sun J (2018b) Learning from mutants: using code mutation to learn and monitor invariants of a cyber-physical system. In: IEEE symposium on security and privacy, pp 648–660
Chen L, Yi Z, Chen X (2020) Research on network security technology based on artificial intelligence. In: Kacprzyk J (ed) Recent trends in intelligent computing, communication and devices. Springer, Berlin, pp 729–735
Chernov D, Sornette D (2020) Specific features of risk management in the industrial and agricultural sectors. In: Critical risks of different economic sectors. Springer, Berlin, pp 13–145
Conley WG, Miller AJ (2013) Cognitive jamming game for dynamically countering ad-hoc cognitive radio networks. In: MILCOM 2013—2013 IEEE military communications conference, pp 1176–1182
Connor OP (2019) 2019 security lockdown or hacker bonanza. ITNOW 61(4):44–45
Dai HN et al (2019) Big data analytics for large-scale wireless networks: challenges and opportunities. ACM Comput Surv (CSUR) 52(5):1–36
de Mello FL (2020) A survey on machine learning adversarial attacks. J Inf Secur Cryptogr (Enigma) 7(1):1–7
Dibaei M et al (2020) Investigating the prospect of leveraging blockchain and machine learning to secure vehicular networks: a survey. IEEE Trans Intell Transp Syst. https://doi.org/10.1109/TITS.2020.3019101
Diesch R, Pfaff M, Krcmar H (2020) A comprehensive model of information security factors for decision-makers. Comput Secur 92:101747
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst 82:761–768
Draper-Gil G, Lashkari AH, Mamun MSI, Ghorbani AA (2016) Characterization of encrypted and VPN traffic using time-related. In: Proceedings of the 2nd international conference on information systems security and privacy (ICISSP), pp 407–414
Emami C, Smith RG, Jorna P (2019) Predicting online fraud victimisation in Australia. Trends Issues Crime Crim Justice no 577, p 1
Eslahi M, Yousefi M, Var Naseri M, Yussof YM, Tahir N, Hashim H (2016) Mobile botnet detection model based on retrospective pattern recognition. Int J Secur Appl 10:39–44
Fatma S et al (2020) Modelling perceived risks to personal privacy from location disclosure on online social networks. Int J Geogr Inf Sci 34(1):150–176
Feng Q, Dou Z, Li C, Si G (2017a) Anomaly detection of spectrum in wireless communication via deep autoencoder. In: Advances in computer science and ubiquitous computing, pp 259–265
Feng C, Wu S, Liu N (2017b) A user-centric machine learning framework for cybersecurity operations center. In: IEEE international conference on intelligence and security informatics (ISI), pp 173–175
Fiore U, Palmieri F, Castiglione A, De Santis A (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122:13–23
Forecast CGMDT (2016) Update Report, 2014–2019, Cisco white paper
Geogen G, Poovammal E (2020) Mobile malware, securing the internet of things: concepts, methodologies, tools, and applications. IGI Global, Hershey, pp 92–108
Gopalsamy BN, Brindha G, Santhi B (2020) Implementation of machine learning in network security. In: Solanki A, Kumar S, Nayyar A (eds) Handbook of research on emerging trends and applications of machine learning. IGI Global, pp 276–299
Gu X, Li X (2016) A detection method for network security based on the combination of support vector machine. In: Third international conference on artificial intelligence and pattern recognition (AIPR), pp 1–5
Gupta V, Sharma E (2018) Mitigating DNS amplification attacks using a set of geographically distributed SDN routers. In: IEEE international conference on advances in computing, communications and informatics (ICACCI), pp 392–400
Gurbuzbalaban M, Ozdaglar A, Parrilo PA (2017) On the convergence rate of incremental aggregated gradient algorithms. SIAM J Optim 27(2):1035–1048
Gwon YL, Kung H (2014) Inferring origin flow patterns in wi-fi with deep learning. In: 11th international conference on autonomic computing, pp 73–83
Gwon Y, Dastangoo S, Fossa C, Kung H (2013) Competing mobile network game: embracing anti-jamming and jamming strategies with reinforcement learning. In: IEEE conference on communications and network security (CNS), pp 28–36
Hajoary PK, Akhilesh K (2020) Role of government in tackling cybersecurity threat. In: Akhilesh KB, Möller DPF (eds) Smart technologies. Springer, pp 79–96
Hamedani K, Liu L, Atat R, Wu J, Yi Y (2018) Reservoir computing meets smart grids: attack detection using delayed feedback networks. IEEE Trans Ind Inf 14(2):734–743
Han Y, Alpcan T, Chan J, Leckie C, Rubinstein BI (2016) A game theoretical approach to defend against co-resident attacks in cloud computing: preventing co-residence using semi-supervised learning. IEEE Trans Inf Forensics Secur 11(3):556–570
Hartong MW, Roddy SA (2020) An information theoretic approach to platform technology selection to aid influence operations. IEEE Syst J 14(4):5308–5319
Haus M, Waqas M, Ding AY, Li Y, Tarkoma S, Ott J (2017) Security and privacy in device-to-device (D2D) communication: a review. IEEE Commun Surv Tutor 19(2):1054–1079
He P, Gan G (2020) Android malicious APP detection based on CNN deep learning algorithm. In: IOP conference series: earth and environmental science, vol 428, no 1, p 012061
He X, Dai H, Ning P (2016) Faster learning and adaptation in security games by exploiting information asymmetry. IEEE Trans Signal Process 64(13):3429–3443
Head B (2019) Breach of faith. Co Dir 35(9):62
Hodo E, Bellekens X, Hamilton A, Tachtatzis C, Atkinson R (2017) Shallow and deep networks intrusion detection system: a taxonomy and survey. arXiv:1701.02145
Hou S, Saas A, Chen L, Ye Y (2016) Deep4maldroid: a deep learning framework for android malware detection based on linux kernel system call graphs. In: 2016 IEEE/WIC/ACM international conference on web intelligence workshops (WIW), pp 104–111
Huang X, Lu Y, Li D, Ma M (2018) A novel mechanism for fast detection of transformed data leakage. IEEE Access 6:35 926-35 936
Huang L, Joseph AD, Nelson B, Rubinstein BI, Tygar JD (2011) Adversarial machine learning. In: Proceedings of the 4th ACM workshop on security and artificial intelligence, pp 43–58
Jaggi M (2013) Revisiting Frank–Wolfe: projection-free sparse convex optimization. In: ICML (1), pp 427–435
Javaid A, Niyaz Q, Sun W, Alam M (2016) A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI international conference on bio-inspired information and communications technologies, pp 21–26
Jiang Z, Zhao J, Li X-Y, Han J, Xi W (2013) Rejecting the attack: source authentication for wi-fi management frames using CSI information. In: Proceedings IEEE INFOCOM, pp 2544–2552
Jiang C, Zhang H, Ren Y, Han Z, Kwang KC, Lajos H (2016) Machine learning paradigms for next-generation wireless networks. IEEE Wirel Commun 24(2):98–105
Jing Q, Vasilakos AV, Wan J et al (2014) Security of the Internet of Things: perspectives and challenges. Wirel Netw 20:2481–2501
Jonathan OA, Oeldorf-Hirsch A (2020) The biggest lie on the Internet: ignoring the privacy policies and terms of service policies of social networking services. Inf Commun Soc 23(1):128–147
Kang M-J, Kang J-W (2016) Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE 11(6):e0155781
Keetharuth BS, Forbes AN, Simmons WP (2019) Increasing legal protections at the international, regional and national levels for human rights defenders working in Africa and Asia E-WEL-2016-5378, September 2016–August 2019
Khan MA, Khan S, Shams B, Lloret J (2016) Distributed flood attack detection mechanism using artificial neural network in wireless mesh networks. Secur Commun Netw 9(15):2715–2729
Kharraz A, Robertson W, Kirda E (2018) Surveylance: automatically detecting online survey scams. In: IEEE symposium on security and privacy, pp 70–86
Kömürcü G, Dündar G (2012) Determining the quality metrics for PUFs and performance evaluation of two RO-PUFs. In: 10th IEEE international NEWCAS conference, pp 73–76
Kwon D, Kim H, Kim J, Suh SC, Kim I, Kim KJ A (2017) Survey of deep learning-based network anomaly detection, cluster computing
Larriva-Novo XA, Vega-Barbas M, Villagrá VA, Rodrigo MS (2020) Evaluation of cybersecurity data set characteristics for their applicability to neural networks algorithms detecting cybersecurity anomalies. IEEE Access 8:9005–9014
Lee JH, Kim H (2017) Security and privacy challenges in the Internet of Things [Security and privacy matters]. IEEE Consum Electron Mag 6(3):134–136
Lheureux A, Grolinger K, Elyamany HF, Capretz MA (2017) Machine learning with big data: challenges and approaches. IEEE Access 5:7776–7797
Li JH (2019) Cyber security meets artificial intelligence: a survey. Front Inf Technol Electron Eng 19:1462–1474
Li W, Huang J (2018) Mobile physical layer spoofing detection based on sparse representation. IET Commun 12(14):1709–1713
Li P, Liu Q, Zhao W, Wang D, Wang S (2018) Chronic poisoning against machine learning based IDSS using edge pattern detection. In.:IEEE international conference on communications (ICC), pp 1–7
Lin Q, Tu S, Waqas M, ur Rehman S, Chang CC (2019) Tracking areas planning based on spectral clustering in small cell networks. IET Commun 13(13):1921–1927
Liu FJ, Wang X, Primak SL (2013) A two dimensional quantization algorithm for CIR-based physical layer authentication. In: IEEE international conference on communications (ICC), pp 4724–4728
Liu H, Wang Y, Liu J, Yang J, Chen Y (2014) Practical user authentication leveraging channel state information (csi). In: Proceedings of the 9th ACM symposium on information, computer and communications security, pp 389–400
Liu M, Tu S, Xiao C, Waqas M, ur Rehman S, Aamir M, Chang CC (2020a) The allocation and reuse scheme of physical cell identifications based on maximum degree first coloring algorithm. IEEE Syst J 14(1):582–591
Liu X, Lin Y, Li H, Zhang J (2020b) A novel method for malware detection on ML-based visualization technique. Comput Secur 89:101682
Liu X et al (2021) Privacy and security issues in deep learning: a survey. IEEE Access 9:4566–4593
Lobato AGP, Lopez MA, Sanz IJ, Cardenas AA, Duarte, OCM, Pujolle G (2018) An adaptive real-time architecture for zero-day threat detection. In: IEEE international conference on communications (ICC), pp 1–6
Lohstroh M (2017) Why the equifax breach should not have mattered
Lotfollahi M, Siavoshani MJ, Zade RSH, Saberian M (2017) Deep packet: a novel approach for encrypted traffic classification using deep learning. Soft Comput 24:1999–2012
Lu Y, Huang X, Ma Y, Ma M (2018a) A weighted context graph model for fast data leak detection. In: IEEE international conference on communications (ICC), pp 1–6
Lu X, Wan X, Xiao L, Tang Y, Zhuang W (2018b) Learning-based rogue edge detection in VANETs with ambient radio signals. In: IEEE international conference on communications (ICC), pp 1–6
Mahfouz AM, Venugopal D, Shiva SG (2020) Comparative analysis of ML classifiers for network intrusion detection. In: 4th international congress on information and communication technology, pp 193–207
Mao Q, Hu F, Hao Q (2018) Deep learning for intelligent wireless networks: a comprehensive survey. IEEE Commun Surv Tutor 20(4):2595–2621
Martín ML, Carro B, Sánchez-Esguevillas AJ, Mauri JL (2017) Conditional variational auto-encoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors 112:2372–2381
Martinelli F, Marulli F, Mercaldo F (2017) Evaluating convolutional neural network for effective mobile malware detection. Procedia Comput Sci 112:2372–2381
McLaughlin N, Martinez del Rincon J, Kang B, Yerima S, Miller P, Sezer S, Safaei Y, Trickel E, Zhao Z, Doupé A, Joon Ahn G (2017) Deep android malware detection. In: Proceedings of the seventh ACM on data and application security and privacy, New York, NY, USA, pp 301–308
Mizuno S, Hatada M, Mori T, Goto S (2017) Botdetector: a robust and scalable approach toward detecting malware-infected devices. In: IEEE international conference on communications (ICC), pp 1–7
Moore AW, Atkeson CG (1993) Prioritized sweeping: reinforcement learning with less data and less time. Mach Learn 13(1):103–130
Narudin FA, Feizollah A, Anuar NB, Gani A (2016) Evaluation of machine learning classifiers for mobile malware detection. Soft Comput 20(1):343–357
Natalya VM (2019) Computer games to fill the gap in learning functional lexis at russian colleges and universities. In: International conference on quality management, transport and information security, information technologies, pp 639–643
Ni J, Zhang K, Vasilakos AV (2021) Security and privacy for mobile edge caching: challenges and solutions. IEEE Wirel Commun 28(3):77–83
Otoum S, Kantarci B, Mouftah HT (2019) On the feasibility of deep learning in sensor network intrusion detection. IEEE Netw Lett 1(2):68–71
Oulehla M, Oplatková ZK, Malanik D (2016) Detection of mobile botnets using neural networks. In: Future technologies conference (FTC), pp 1324–1326
Ozcelik H (2020) An analysis of fraudulent financial reporting using the fraud diamond theory perspective: an empirical study on the manufacturing sector companies listed on the Borsa Istanbul. In: Grima S, Boztepe E, Baldacchino PJ (eds) Contemporary issues in audit management and forensic accounting. Emerald Publishing Limited
Pan F, Wen H, Liao R, Jiang Y, Xu A, Ouyang K, Zhu X (2017) Physical layer authentication based on channel information and machine learning. In: IEEE conference on communications and network security (CNS), pp 364–365
Patel A, Tailor J (2020) A malicious activity monitoring mechanism to detect and prevent ransomware. Comput Fraud Secur 2020(1):14–19
Pei C, Zhang N, Shen XS, Mark JW (2014) Channel-based physical layer authentication. In: IEEE global communications conference, pp 4114–4119
Pihur UV, Korolova A (2014) Rappor: randomized aggregatable privacy-preserving ordinal response. In: Proceedings of the conference on computer and communications security. ACM, pp 1054–1067
Prasad R, Rohokale V (eds) (2020) Artificial intelligence and machine learning in cyber security. In: Cyber security: the lifeline of information and communication technology. Springer, pp 231–247
Rath M, Mishra S (2020) Security approaches in machine learning for satellite communication. Springer, Berlin, pp 189–204
Rehman S, Tu S, Waqas M, Huang Y, Rehman O, Ahmad B, Ahmad S (2019) Unsupervised pre-trained filter learning approach for efficient convolution neural networks. Neurocomputing 365:171–190
Ricci J, Breitinger F, Baggili I (2019) Survey results on adults and cybersecurity education. Educ Inf Technol 24(1):231–249
Rodríguez-Gómez RA, Maciá-Fernández G, García-Teodoro P (2013) Survey and taxonomy of botnet research through life-cycle. ACM Comput Surv 45(4):45:1-45:33
Roel M (2012) Physically unclonable functions: constructions, properties and applications. Katholieke Universiteit Leuven, Belgium
Sagduyu YE, Shi Y, Erpek T, Headley W, Flowers B, Stantchev G, Lu Z (2020) When wireless security meets machine learning: motivation, challenges, and research directions. arXiv preprint arXiv:2001.08883
Saied A, Overill RE, Radzik T (2016) Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing 172:385–393
Shakiba-Herfeh M, Chorti A, Poor HV (2020) Physical layer security: authentication, integrity and confidentiality. arXiv:2001.07153
Sharmeen S, Ahmed YA, Huda S, Koçer B, Hassan MM (2020) Avoiding future digital extortion through robust protection against ransomware threats using deep learning based adaptive approaches. IEEE Access 8:24522–24534
Singar AV, Akhilesh K (2020) Role of cyber-security in higher education. In: Akhilesh KB, Möller DPF (eds) Smart technologies. Springer, pp 249–264
Siponen M, Puhakainen P, Vance A (2020) Can individuals’ neutralization techniques be overcome? A field experiment on password policy. Comput Secur 88:101617
Smith SS (2020) Cybersecurity & insurance. In: Blockchain, artificial intelligence and financial services. Springer, Berlin, pp 193–200
Srinivas TAS, Somula R, Govinda K (2020) Privacy and security in Aadhaar. In: Howlett R, Jain LC (eds) Smart intelligent computing and applications. Springer, Berlin, pp 405–410
Steward D, Cavazos R (2019) Big data analytics in us courts: uses, challenges, and implications. Springer Nature, Berlin
Su X, Zhang D, Li W, Zhao K (2016) A deep learning approach to android malware feature learning and detection. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp 244–251
Sun Y, Yen GG, Yi Z (2018) Evolving unsupervised deep neural networks for learning meaningful representations. IEEE Trans Evol Comput 23(1):89–103
Sutton RS, Barto AG (1998) Introduction to reinforcement learning, vol 135. MIT Press, Cambridge
Taheri R, Ghahramani M, Javidan R, Shojafar M, Pooranian Z, Conti M (2020) Similarity-based android malware detection using Hamming distance of static binary features. Future Gener Comput Syst 105:230–247
Tam K, Feizollah A, Anuar NB, Salleh R, Cavallaro L (2017) The evolution of android malware and android analysis techniques. ACM Comput Surv 49(4):76:1-76:41
Tang TA, Mhamdi L, McLernon D, Zaidi SAR, Ghogho M (2016) Deep learning approach for network intrusion detection in software defined networking. In: International conference on wireless networks and mobile communications (WINCOM), pp 258–263
Tanveer M, Abbas G, Abbas ZH, Waqas M, Muhammad F, Kim S (2020) S6AE: securing 6LoWPAN using authenticated encryption scheme. Sensors 20(9):2707
Tello-Oquendo L, Pacheco-Paramo D, Pla V, Martinez-Bauset J (2018) Reinforcement learning-based ACB in LTE-A networks for handling massive M2M and H2H communications. In: IEEE international conference on communications (ICC), pp 1–7
Thing VLL (2017) IEEE 802.11 network anomaly detection and attack classification: a deep learning approach. In: 2017 IEEE wireless communications and networking conference (WCNC), pp 1–6
Thomas T, Vijayaraghavan AP, Emmanuel S (2020) Adversarial machine learning in cybersecurity. In: Machine learning approaches in cybersecurity analytics. Springer, Berlin, pp 185–200
Tomasin S (2018) Analysis of channel-based user authentication by key-less and key-based approaches. IEEE Trans Wirel Commun 17(9):5700–5712
Torres P, Catania C, Garcia S, Garino CG (2016) An analysis of recurrent neural networks for botnet detection behavior. In: IEEE Biennial Congress of Argentina (ARGENCON), pp 1–6
Tu S, Liu M, Waqas M, Rehman S, Zhu R, Liu L (2018a) FHC-PCIA: a physical cell identification allocation method based on fuzzy hierarchical clustering for heterogeneous cellular network. IEEE Access 6:46976–46987
Tu S, Huang X, Huang Y, Waqas M, Rehman SU (2018b) SSLSS: semi-supervised learning-based steganalysis scheme for instant voice communication network. IEEE Access 6:66 153-66 164
Tu S, Waqas M, Rehman SU, Aamir M, Rehman OU, Jianbiao Z, Chang C-C (2018c) Security in fog computing: a novel technique to tackle an impersonation attack. IEEE Access 6:74 993-75 001
Tu S, Waqas M, Meng Y, Rehman S, Ahmad I, Koubaa A, Halim Z, Hanif M, Chang CC, Shi C (2020a) Mobile fog computing security: a user-oriented smart attack defense strategy based on DQL. Comput Commun 160:790–798
Tu S, Rehman S, Waqas M, Rehman O, Yang Z, Ahmad B, Halim Z, Zhao W (2020b) Optimisation-based training of evolutionary convolution neural network for visual classification applications. IET Comput Vis 14(5):259–267
Tu S et al (2021) Reinforcement learning assisted impersonation attack detection in device-to-device communications. IEEE Trans Veh Technol 70(2):1474–1479
Tugnait JK (2013) Wireless user authentication via comparison of power spectral densities. IEEE J Sel Areas Commun 31(9):1791–1802
Valdeón RA (2019) Ad hoc corpora and journalistic translation research: BBC News and BBC Mundo’s coverage of Margaret Thatcher’s death and funeral. Across Lang Cult 20(1):79–95
Viganò E, Loi M, Yaghmaei E (2020) Cybersecurity of critical infrastructure. In: Christen M, Gordijn B, Loi M (eds) The ethics of cybersecurity. The international library of ethics, law and technology, vol 21. Springer, Cham
Wan X, Xiao L, Li Q, Han Z (2017) Fhy-layer authentication with multiple landmarks with reduced communication overhead. In: IEEE international conference on communications (ICC), pp 1–6
Wang Z (2015) The applications of deep learning on traffic identification, BlackHat USA, vol 24
Wang H, Yeung DY (2016) Towards Bayesian deep learning: a framework and some existing methods. IEEE Trans Knowl Data Eng 28(12):3395–3408
Wang N, Jiang T, Lv S, Xiao L (2017) Physical-layer authentication based on extreme learning machine. IEEE Commun Lett 21(7):1557–1560
Waqas M, Zeng M, Li Y (2017) Mobility-assisted device-to-device communications for content transmission. In: 13th international wireless communications and mobile computing conference (IWCMC), pp 206–211
Waqas M, Ahmed M, Li Y, Jin D, Chen S (2018a) Social-aware secret key generation for secure device-to-device communication via trusted and non-trusted relays. IEEE Trans Wirel Commun 17(6):3918–3930
Waqas M, Niu Y, Ahmed M, Li Y, Jin D, Han Z (2018b) Mobility-aware fog computing in dynamic environments: understandings and implementation. IEEE Access 7:38867–38879
Waqas M, Zeng M, Li Y, Jin D, Han Z (2018c) Mobility assisted content transmission for device-to-device communication underlaying cellular networks. IEEE Trans Veh Technol 67(7):6410–6423
Waqas M, Ahmed M, Zhang J, Li Y (2018d) Confidential information ensurance through physical layer security in device-to-device communication. In: IEEE global communications conference (GLOBECOM), pp 1–7
Waqas M, Niu Y, Li Y, Ahmed M, Jin D, Chen S, Han Z (2020a) A comprehensive survey on mobility-aware D2D communications: principles, practice and challenges. IEEE Commun Surv Tutor 22(3):1863–1886
Waqas M, Tu S, Rehman S, Halim Z, Anwar S, Abbas G, Abbas ZH (2020b) Authentication of vehicles and road side units in intelligent transportation system. Comput Mater Contin: CMC 64(1):359–371
Weinand A, Karrenbauer M, Sattiraju R, Schotten H (2017) Application of machine learning for channel based message authentication in mission critical machine type communication. In: European wireless; 23th European wireless conference, pp 1–5
Winfield A (2019) Ethical standards in robotics and AI. Nat Electron 2(2):46
Wu P, Guo H, Moustafa N (2020) Pelican: a deep residual network for network intrusion detection. In: 50th annual IEEE/IFIP international conference on dependable systems and networks workshops (DSN-W), pp 55–62
Xiao L, Greenstein L, Mandayam N, Trappe W (2007) Fingerprints in the ether: using the physical layer for wireless authentication. In: IEEE international conference on communications, pp 4646–4651
Xiao L, Li Y, Liu G, Li Q, Zhuang W (2015) Spoofing detection with reinforcement learning in wireless networks. In: IEEE global communications conference (GLOBECOM), pp 1–5
Xiao L, Li Y, Han G, Liu G, Zhuang W (2016a) PHY-layer spoofing detection with reinforcement learning in wireless networks. IEEE Trans Veh Technol 65(12):10037–10047
Xiao L, Chen T, Han G, Zhuang W, Sun L (2016b) Channel-based authentication game in MIMO systems. In: IEEE global communications conference (GLOBECOM), pp 1–6
Xiao L, Chen T, Han G, Zhuang W, Sun L (2017) Game theoretic study on channel-based authentication in MIMO systems. IEEE Trans Veh Technol 66(8):7474–7484
Xiao L, Wan X, Han Z (2018a) Phy-layer authentication with multiple landmarks with reduced overhead. IEEE Trans Wirel Commun 17(3):1676–1687
Xiao L, Li Y, Dai C, Dai H, Poor HV (2018b) Reinforcement learning-based NOME power allocation in the presence of smart jamming. IEEE Trans Veh Technol 67(4):3377–3389
Xiao L, Wan X, Su W, Tang Y (2018c) Anti-jamming underwater transmission with mobility and learning. IEEE Commun Lett 22(3):542–545
Xiao L, Jiang D, Xu D, Zhu H, Zhang Y, Poor HV (2018d) Two-dimensional anti-jamming mobile communication based on reinforcement learning. IEEE Trans Veh Technol 67(10):9499–9512
Xiao L, Zhuang W, Zhou S, Chen C (2019) Learning-based rogue edge detection in VANETs with ambient radio signals. In: Shen XS (ed) Learning-based VANET communication and security techniques. Springer, pp 13–47
Xu Z, Liu W, Huang J, Yang C, Lu J, Tan H (2020) Artificial intelligence for securing IoT services in edge computing: a survey. Secur Commun Netw 2020:8872586
Yang L, Lau L, Gan H (2020) Investors’ perceptions of the cybersecurity risk management reporting framework. Int J Account Inf Manag 28(1):167–183
Yousefi-Azar M, Varadharajan V, Hamey L, Tupakula U (May 2017) Autoencoder-based feature learning for cybersecurity applications. In: International joint conference on neural networks (IJCNN), pp 3854–3861
Yu M-D, Sowell R, Singh A, M’Raïhi D, Devadas S (2012) Performance metrics and empirical results of a PUF cryptographic key generation ASIC. In: IEEE international symposium on hardware-oriented security and trust, pp 108–115
Yuan Z, Lu Y, Wang Z, Xue Y (2014) Droid-sec: deep learning in android malware detection. SIGCOMM Comput Commun Rev 44(4):371–372
Yuan Z, Lu Y, Xue Y (2016) Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci Technol 21(1):114–123
Yuan S, Li L, Chigan C (2018) Maximum mean discrepancy based secure fusion strategy for robust cooperative spectrum sensing. In: IEEE international conference on communications (ICC), pp 1–6
Zaidi K, Milojevic MB, Rakocevic V, Nallanathan A, Rajarajan M (2016) Host-based intrusion detection for VANETs: a statistical approach to rogue node detection. IEEE Trans Veh Technol 65(8):6703–6714
Zeng M, Li Y, Zhang K, Waqas M, Jin D (2018) Incentive mechanism design for computation offloading in heterogeneous fog computing: a contract-based approach. In: IEEE international conference on communications (ICC), pp 1–6
Zhang Z, Ning H, Shi F, Farha F, Xu Y, Xu J, Zhang F, Choo KKR (2021) Artificial intelligence in cyber security: research advances, challenges, and opportunities. Artif Intell Rev
Zheng Z, Xie S, Dai H-N, Chen W, Chen X, Weng J, Imran M (2020) An overview on smart contracts: challenges, advances and platforms. Future Gener Comput Syst 105:475–491
Zhou L, Pan S, Wang J, Vasilakos AV (2017a) Machine Learning on big data: opportunities and challenges. Neurocomputing 237:350–361
Zhou T, Cai Z, Xiao B, Chen Y, Xu M (2017b) Detecting rogue AP with the crowd wisdom. In: IEEE 37th international conference on distributed computing systems (ICDCS), pp 2327–2332
Zong W, Chow Y-W, Susilo W (2020) Interactive three-dimensional visualization of network intrusion detection data for machine learning. Future Gener Comput Syst 102:292–306
Zou Y, Zhu J, Wang X, Hanzo L (2016) A survey on wireless security: technical challenges, recent advances, and future trends. Proc IEEE 104(9):1727–1765
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix 1: Recent attacks
There are several attacks on different applications and organizations in recent years. Some recent attacks are discussed as follows.
-
1.
In 2019, Instagram discovered that an unsecured server containing the personal information of millions of Instagram influencers, celebrities, and brand accounts had been found online (Fatma et al. 2020). The details revealed the biodata of users, profile photos, followers information, location, nation, and contact information (Jonathan and Oeldorf-Hirsch 2020).
-
2.
On 30 August 2019, I.T. managers in the headquarters of the United Nations in Geneva alerted their security departments of an instance of hacking. The authorities pointed out that the complex cyberattack on U.N. in Geneva and Vienna had started more than a month earlier (Caravelli and Jones 2019; Keetharuth et al. 2019).
-
3.
In 2019, one of the most significant breaches of “corporate data” was on the American medical collection agency, a massive debt collector in the field of healthcare (Connor 2019). The company found that the breach occurred in March, and a report to the U.S. Securities and exchange commission revealed that the breach into infrastructure lasted for almost eight months. The event was first publicly reported in early June 2019, and 7.7 million users had data exposed (Steward and Cavazos 2019).
-
4.
According to BBC News, Travelex’s U.K. international money transfer service and wire crippled by a ransomware attack (Valdeón 2019; Emami et al. 2019). The attacker forced the staff to use paper and pen to calculate currency exchanges. The cyberattack prompted the company to take off all its devices and caused chaos among new year holidaymakers and business travellers searching for electronic monetary services.
-
5.
Canva is the online design tool in Australia. In May 2019, Canva revealed that hackers break their network and steal the data of about 140 million users (Head 2019). They stole information contains the users’ usernames and email addresses. Fortunately, the hackers were unable to steal the users’ credit card details (Natalya 2019).
-
6.
DoorDash is a food delivery service provider in San Francisco. DoorDash faced a huge data breach by affecting the data of 4.9 million users on May 4, 2019 (Bill et al. 2019).
-
7.
On 28 Feb. 2018, GitHub was hit with a massive denial of service attack with a data rate of 1.35 TB/s (Gupta and Sharma 2018). Even if GitHub was intermittently knocked offline and managed to overthrow the attack after less than 20 minutes, the scale of the attack was devastating.
-
8.
WannaCry was a rapidly spreading ransomware attack in May 2017 (Patel and Tailor 2020). Like all ransomware, it took over malicious software, encrypted their hard drive files, and then requested payment in Bitcoin for decryption (Prasad and Rohokale 2020). The malware has taken a particular root in computers at facilities operated by the U.K.
-
9.
The massive breach into Yahoo’s email system receives an honorable mention because it happened way back in 2013—but the extent of it, involving almost 3 billion Yahoo email addresses, only became evident in October 2017 (Srinivas et al. 2020). Stolen information contained credentials and email addresses for protection, secured using old, easy-to-crack methods used by software criminals to hack other accounts (Siponen et al. 2020).
-
10.
In 2017, Equifax Inc. declared that there was a cyber-security breach between May and mid-July of the same year (Lohstroh 2017). As a result, about 145.5 million U.S. cybercriminals had reached personal data of Equifax customers, including their full names, social security numbers, credit card details, dates of birth, residences and, in some cases, the numbing of the driver’s license (Diesch et al. 2020).
Appendix 2: Security branches
-
1.
Communication security Communication security requires that physical as well as digital data must be secured or protected from any non-legitimate users, access, revelation, disturbance, alteration, inspection, recording, or demolition (Liu et al. 2020a; Waqas et al. 2018d). Communication security is different from other security in the sense that it keeps the data secure. For instance, it targets to keep the transmitted information protected while cyber-security fortifies only digital information. Therefore, the professionals in communication security acquire diverse strategies and practices for an actual information security paradigm (Haus et al. 2017), which is referred to as the CIA (confidentiality, integrity and availability) triad.
-
2.
Network security
Network security lies in the network layer to keep the network, and its reliability against hacking as well as unauthorized access (Chen et al. 2020; Ahmed et al. 2018a). It is aimed at preventing data transfer among devices in the network. Consequently, it makes sure the data is not altered/changed or interrupted. It is necessary for the security team to essentially implement the software and hardware to defend the system/organization’s infrastructure. Furthermore, network security detects the embryonic risks before the attackers penetrate the system and steal/destroy the users’ data. Moreover, the job of network security management is to ensure that the network is more secure by delivering technical expertise. The priority for the network security management is to get the attackers out as quickly as possible if the network security is compromised. This is necessary because as long as the attackers stay in the network, they can steal more data in more time available for them. Therefore, to alleviate the total cost, the best solution is to hastily recognize, stop and extrude the attacker from the network.
-
3.
Cybersecurity
Cybersecurity is the practice to defend any organizations’ network, workstations and information from any illegitimate digital access, attacks/impairment by imposing diverse procedures, engineering and practices. It is essential to secure the information technology infrastructure of any organization all the time from the prevention of full-scale attacks and hazards that expose the organization data, and repute (Kharraz et al. 2018). Cybersecurity protects the integrity of the networks from unauthorized electronic access by implementing various security measures and controls (Zhang et al. 2021). The threat players manipulate the users to give access to their sensitive data.
-
4.
Difference between cyber and network security
It is believed that the Internet has revolutionized everything by changing how we do things. Companies like Amazon, eBay, Ali Baba, JingDong, Google, Facebook and Twitter have made everything easily accessible at their fingertips. Our daily routine business becomes more digitally advanced, and as technology progress, the security infrastructure must be appropriately stiffened. Cybersecurity is a technique to keep interconnected systems/networks secure from digital attacks (Smith 2020). Cybersecurity assists the system/network from the external extortions. It defends the systems and programs from all sorts of digital attacks like phishing and baiting. On the other hand, network security exploits files and directories in the network against maltreatment and illegal access. Thus, network security is to defend the information technology of the organization from online threats.
Appendix 3: Security threats
We have amalgamated diverse types of security threats in this work. These attacks are interlinked and can attack communication security and attack in network and cyber warfare. These security threats are discussed point by point as follows.
-
1.
Rogue wireless devices
Rogue wireless devices might be access points or end-users that can pose security threats towards the wireless networks (Zaidi et al. 2016). These devices can reveal confidential information and is possibly damaging the wireless networks. The rogue devices intrude in the wireless communication, deprived of authentication and authorization to become the wireless access points. These rogue wireless access points can gather users’ private data (Lu et al. 2018b; Xiao et al. 2019) without the permission of the network administrator and avoid security policies. In addition, rogue devices can also permit other unauthorized users to become a part of the communication system and utilize the resources (Zhou et al. 2017b).
-
2.
Eavesdropping
In wireless communication, an eavesdropping attack is an incursion where unauthorized/non-legitimate users try to steal the information between two authorized/legitimate users, as depicted in Fig. 5. An eavesdropping attack is difficult to detect since it would not cause communications to be operated abnormally but trying to listen to the communication silently (Waqas et al. 2018a). Eavesdropping is an unauthorized digital communication, real-time interruption of private communication, for instance, audio and video calls, text or fax messages. Eavesdropping not only occurs in communication but is also a challenge in network security and cybersecurity. Network eavesdropping emphasizes capturing (without altering) small packets transmitted in the network to get valuable information. On the other hand, cyber attackers can record sensitive information by sniffing the insecure networks. The packets in networks are usually encrypted. However, they can be viewed by utilizing cryptographic tools.
Fig. 5 
Eavesdropping attack
-
3.
Man-in-the-middle attacks (MITM)
In a MITM attack, an unauthorized user jumps into the communication between authorized users and imitates both parties by pretending to be an authentic user, as shown in Fig. 6. In this way, MITM can gain access to information that the two authentic users are trying to communicate. However, MITM also permits malicious users to interrupt and transmit/receive data intended for authorized users. This attack is similar to the eavesdropping attack. However, eavesdropper only listens to the communication between the authentic users. On the other side, MITM can listen to the communication, but it imitates the authentic users and can alter the information of the authentic users.
Fig. 6 
Man-in-the-middle attack
-
4.
Data integrity attacks
Data integrity attacks compromise the reliability of transmitted data over wireless communication links. The data integrity attack is observed as message modification and jamming attacks in wireless networks. In the message modification, the attack is based on the addition or deletions of the actual data by adversaries. On the other hand, a jamming attack disrupts the communication link by transmitting jamming signals. It limits the signal to interference noise ratio (SINR) of the communication link and can also result in partial disruptions. The data integrity attacks are also linked with authentication-based attacks. The authentication attacks can lead to the data integrity problems, such as altering the data. Therefore, integrity checks, i.e., key-based techniques or pre-determined packets, are necessary to detect integrity attacks.
-
5.
Robustness attack
The primary robustness attacks are DoS, and disruptive denial of service (DDoS) (Yuan et al. 2018). A DoS targets the network resources to disrupt communication among the authentic users. In addition, DDoS attacks endeavour to devastate resources, such as websites, game servers, and DNS servers, with traffic flooding as illustrate in Fig. 7. Typically, the goal of DDoS is to slow down or destroy the system. The countermeasures of DoS and DDoS attacks are not clear, as these attacks can be implemented in different ways. Moreover, the inconsistency detection systems are a countermeasure if an attack is being held for any network resources. To preclude a detected DoS/DDoS attack, the resource procedure of the adversaries is blocked, or a backup resource is used. For example, a network controller node generally precludes the attackers by blocking their resource usages if the DoS/DDoS is detected in the network. Another technique is to differentiate the network resources by using backup resources to increase the vitality of the communication system.
Fig. 7 
Denial-of-Service attack
-
6.
Malware attack
A malware attack includes viruses, worms, spyware, trojans, and ransomware. Malware is a malicious software application to harm or hijack the network (Liu et al. 2020b). It is an extensive and well-known attack that includes the following three common ways.
-
(a)
Phishing e-mails: The attackers can generate an e-mail to entice the authentic users into a false sense of reassurance. The attackers also trick the target users into downloading the attached files that would be malware.
-
(b)
Malicious websites: The attackers can create websites that manipulate the kits designed to discover vulnerabilities in the system. It may motivate the victim to use those websites and automatically install malware onto their systems.
-
(c)
Malvertising: Some cunning attackers reveal different techniques to use the advertising to distribute their wares. By clicking the advertisement, the malicious adverts will redirect the users to malware-hosting websites.
-
(a)
-
7.
Data loss/leakage
Data leakage is an illegal data communication from network to peripheral recipient (Lu et al. 2018a). Alternatively, data loss is any activity that corrupts the data, erases the data or makes it unreadable to users, software or application (Huang et al. 2018). The threat usually occurs via the web and e-mail. However, it also happens via mobile data storage devices such as optical medium, USB, and PCs. Data exploitation, deliberation, and stealing are why data loss/leakage may occur. Therefore, defensive mechanisms are necessarily required to guarantee the prevention of common data leakage threats. In this regard, a data loss prevention (DLP) strategy is adopted to make it inevitable that authentic users do not convey their sensitive data outside the network.
-
8.
Brute force attack
In a brute force attack, the cryptanalyst will attempt to decrypt any encrypted data as shown in Fig. 8 (Ricci et al. 2019). The attacker attempts all conceivable passwords and pass-phrases until the attacker gets corrected one. Thus, the attacker can struggle to estimate the key predictably generated from the password utilizing the key derivation function, known as exhaustive key search. The attacker tries to discover the system or service’s password via trial and error rather than trick a user into downloading the malware.
Fig. 8 
Brute force attack
-
9.
Smurf attack
In a smurf attack, the network is deluged by fake messages. The Smurf attacks take specific distinguishing facts into consideration about the ICMP. In ICMP, the network administrators are responsible for exchanging the network state information and ping other nodes to control their operating status. A smurf attack transmits the spoofed network packets Anjomshoa et al. (2017) that include an ICMP ping as depicted in Fig. 9. As a result, the number of pings and subsequent echoes make the network unstable and not usable for real traffic. To avert a Smurf attack, the hosts and routers must be designed to not respond to external ping requests in the networks. The routers should configure to assure that the data are not forwarded to those external ping requests.
Fig. 9 
Smurf attack
-
10.
Spoofing attack
Spoofing is an attack that involves malicious users by impersonating the authentic device/users. The spoofer can introduce an impersonation attack in the network while stealing information and spread malware or bypass the access controls, as depicted in Fig. 10. Spoofing attacks can be distinguished into several common attacks, such as IP spoofing, address resolution protocol, e-mail and DNS server spoofing attacks. Spoofing attacks are also an extensive dilemma in wireless networks because they do not draw the same level of attention as other attacks. In many cases, this is worsened as the user is not safe from spoofing attacks without the proper training and equipment. A relatively skilled attacker can avoid the defense and access the correct data. Therefore, the awareness of the spoofing attacks and implementing measures to protect against diverse types of spoofing attacks are the only ways to protect the network.
Fig. 10 
Spoofing attack
-
11.
Hijacking Hijacking uses IP addresses to transmit the data over the Internet. It is a less known cyberattack that may have devastating consequences on the networks, such as financial institutions, commercial and government services. IP hacking manipulates some weaknesses in general IP networking and the border gateway protocol, which defines paths for transmitted data packets. IP hijacking can be used for several kinds of targeted activities, such as spamming, DoS, DDoS, malware and record-breaking data breaches attacks. These attacks are considered the most significant attack in history due to IP hijacking. Figure 11 shows two types of hijacking attacks, i.e., (a) shows the data hijacking while (b) illustrates the session hijacking.
Fig. 11 
Hijacking a data hijacking, b session hijacking
Rights and permissions
About this article
Cite this article
Waqas, M., Tu, S., Halim, Z. et al. The role of artificial intelligence and machine learning in wireless networks security: principle, practice and challenges. Artif Intell Rev 55, 5215–5261 (2022). https://doi.org/10.1007/s10462-022-10143-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10462-022-10143-2