Elsevier

Computer Communications

Volume 151, 1 February 2020, Pages 495-517
Computer Communications

Review
Deep learning and big data technologies for IoT security

https://doi.org/10.1016/j.comcom.2020.01.016Get rights and content

Abstract

Technology has become inevitable in human life, especially the growth of Internet of Things (IoT), which enables communication and interaction with various devices. However, IoT has been proven to be vulnerable to security breaches. Therefore, it is necessary to develop fool proof solutions by creating new technologies or combining existing technologies to address the security issues. Deep learning, a branch of machine learning has shown promising results in previous studies for detection of security breaches. Additionally, IoT devices generate large volumes, variety, and veracity of data. Thus, when big data technologies are incorporated, higher performance and better data handling can be achieved. Hence, we have conducted a comprehensive survey on state-of-the-art deep learning, IoT security, and big data technologies. Further, a comparative analysis and the relationship among deep learning, IoT security, and big data technologies have also been discussed. Further, we have derived a thematic taxonomy from the comparative analysis of technical studies of the three aforementioned domains. Finally, we have identified and discussed the challenges in incorporating deep learning for IoT security using big data technologies and have provided directions to future researchers on the IoT security aspects.

Introduction

The swift growth in emerging technologies such as, sensors, smartphones, 5G communication, and virtual reality leads to innovative applications such as, connected industries, smart city, smart energy, connected automobiles, smart agriculture, connected building complexes, connected health care, smart retail outlets, and smart supply chain, which adversely contribute to the accumulation of massive amounts of data. A study conducted by the National Cable & Telecommunications Association (NCTA) predicts that by 2020, approximately 50.1 Billion Internet of Things (IoT) devices will be connected to the Internet. The growth of IoT devices makes the security of these devices debatable [1], [2]

According to McAfee (2018), there has been a barrage of cyberattacks and data breaches that has hit almost every industry since 1st of January 2018. Further, many of these attacks were targeted on IoT devices. The increasing use of IoT devices invites the cybercriminals to target them. Additionally, the prospect of interconnectivity among IoT devices makes them vulnerable [3]. Furthermore, VDC Research Group Inc. have also conducted a study to determine the obstacles in developing connected devices. The research has indicated that 60% of the obstacles are related to security requirements in developing connected devices [4]. In addition, based on Kaspersky Lab’s collection, the number of malware samples for IoT devices has seen a rapid increase from 3219 samples for the year 2016 to 121588 samples for the year 2018. It is clearly evident that there are huge number of vulnerabilities for the IoT devices [5].

According to [2], many organizations are exposed to greatest challenges in monitoring network based threats, prominently in the following sectors: government, energy, healthcare, banks, and research centres. Moreover, these sectors invest in security monitoring tools in order to protect and secure their infrastructure. As mentioned earlier, generally, the IoT devices generate immense amounts of data that flows through networks. Data that flows through a network is at the possible risk for network attacks. Further, the study has argued that the existing tools and techniques are insufficient to detect innovative attacks triggered by cybercriminals due to the volume, velocity, variety, and veracity of data. Moreover, when huge amounts of data are being handled by the network, the security analytics report on a weekly or monthly basis would not be sufficient enough to detect and mitigate the attacks. Furthermore, the study has asserted that big data technologies would be able to handle the challenges of the volume, velocity, variety and veracity of the data.

Data is generally categorized as big data based on the properties associated with it, commonly known as the V’s of big data [6]. Big data technologies are the tools or technologies used to efficiently process these data. Authors of [7], discuss that enterprises collect security related data for regulatory compliance and post hoc forensic analysis. Furthermore, these large enterprises generate approximately 10 to 100 billion events per day. The authors also assert that existing mechanisms lack processing at large scales and big data analytics have been used to analyse and correlate security-related data efficiently and at unprecedented scales.

In this context, this present study proposes to employ deep learning and big data technologies to strengthen the security of IoT devices. Off late, deep learning has gained recognition due to its non-manual feature engineering, unsupervised pre-training, and compression capabilities, these features make the employability of deep learning feasible even in resource constrained networks. Furthermore, deep learning has been widely implemented because of its self-learning capability, potential to yield highly accurate results, and faster processing time. This is vital, as resource constrained system may run into other issues such as out-of-memory access, unsafe programming languages, and so forth [8].

Most of the existing literature separately focuses on deep learning, big data, and IoT security. Some studies have either focused on deep learning [9], [10] or big data [11], [12] for IoT security. To the best of our knowledge, none of the existing studies have comprehensively reviewed the feasibility of employing both of these technologies in context of IoT security.

Table 1 summarizes most of the existing recent relevant studies and highlights the research gap. From Table 1, it is concludable that many studies have failed to consider the impact of volume, velocity, variety, and veracity of data generated by IoT devices, as against [2] who have highlighted the impacts in their study. Hence, inclusion of big data technologies becomes mandatory to address the impact of volume, velocity, variety, and veracity of data generated by IoT devices. Additionally, it is clearly evident in Table 1 that not many studies have focused on deep learning and big data technologies for IoT security.

This paper is intended to guide deep learning, big data, and IoT researchers and developers, to whom IoT security would be of primary concern. The contributions of this paper has been summarized below.

  • i

    We identified, and highlighted the key issues of IoT security.

  • ii

    We have picked five IoT security use cases where deep learning and big data technologies could be of potential solution.

  • iii

    We have surveyed the state-of-the-art researches focused on deep learning, big data technologies, and IoT security, to determine the technical applicability and limitations of these three aforementioned domains.

  • iv

    We have developed a thematic taxonomy by extracting valuable information from the state-of-the-art.

  • v

    We have analysed existing solutions based on the derived taxonomy.

  • vi

    We have highlighted the challenges and have proposed guidelines for future researchers to encourage the successful application of deep learning, big data technologies, and IoT security.

However, this study limits its scope only to deep learning and does not discuss on traditional machine learning algorithms with respect to big data technologies and IoT security. Additionally, this survey also does not go into detail about IoT security for each available smart application area, rather discusses in the networking and communications perspective.

This paper is structured as follows:

Section 2 details the motivation and use cases of, deep learning, big data technologies, and IoT security. Section 3 introduces deep learning, big data technologies, and IoT security. Section 4 provides the thematic taxonomy and discusses its components in detail. Section 5 critically analyses the state-of-the-art studies related to deep learning, big data technologies, and IoT security. Section 6 discusses the challenges and proposes future directions. Finally, Section 7 concludes this present study.

Section snippets

Motivation and use cases

In this section we have detailed on the motivation for our study and provided some use case scenarios that motivate the survey of deep learning and big data technologies for IoT security.

IoT devices have seen rapid growth in recent years, which is of a great concern in terms of the security risks associated with them. The rapid growth of these devices and the availability of modern hacking technologies have forced the necessity to ensure that IoT devices are not vulnerable to security breaches.

Background

This section contains a comprehensive description of deep learning, big data technologies, and IoT security. Additionally, the relationship between these three domains have been discussed, to provide fundamental knowledge and relationship mapping on these leading edge topics.

Taxonomy

This section highlights and proposes a taxonomy for deep learning, big data technologies, and IoT security. This taxonomy is classified into different categories namely, Deep Learning, IoT Security, and Big Data Technologies, and further sub categorized as Deep Learning Architectures, Frameworks, Model Evaluation, IoT Security Application Area, IoT Security Attacks, Datasets, Apache Hadoop, Apache Spark, and Apache Storm. Due to the limited studies that have been conducted by combining deep

State of the art deep learning for IoT security using big data technologies

This section comprises of three subsections. The first subsection presents insights of the state-of-the-art techniques in cases where deep learning has been applied for IoT security. The second subsection details on the application of deep learning along with big data technologies. Finally, a comprehensive review of deep learning, big data technologies and IoT security has been presented.

Open challenges and future directions

This section highlights the most significant research challenges in terms of IoT security using deep learning and big data technologies. The state of-the-art capabilities in IoT security, deep learning, and big data technologies have been examined to determine the major research challenges, suggestions, and future directions.

Conclusion

The expanding population of IoT devices has contributed to the consideration of security risks associated with them. IoT devices are proven to be vulnerable due to the recent increasing attacks such as, the Carna and Mirai botnets. Additionally, IoT devices produce large volume, velocity and variety of data. This makes existing solutions less efficient and require modern day solutions. In this regard, deep learning has been widely accepted amongst researchers and organizations due to their high

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgements

We would like to extend our sincere gratitude and appreciation to Dr. Ahmed Tajuddin Bin Samsuddin, Mr. Keng Chee Chan, Ir. Dr. Abdul Aziz Bin Abdul Rahman, Mrs. Azlinda Tee Binti Md Azlan Tee, and the members of editorial board, Telekom Research & Development Sdn. Bhd for their continuous support towards the publication of this manuscript. We would also like to thank the anonymous reviewers and the editors of this journal who helped us in improving the quality of our manuscript.

References (182)

  • ChoJ.-S. et al.

    Securing against brute-force attack: A hash-based rfid mutual authentication protocol using a secret value

    Comput. Commun.

    (2011)
  • KhattakH.A. et al.

    Perception layer security in internet of things

    Future Gener. Comput. Syst.

    (2019)
  • LiouC.-Y. et al.

    Modeling word perception using the elman network

    Neurocomputing

    (2008)
  • LiouC.-Y. et al.

    Autoencoder for words

    Neurocomputing

    (2014)
  • Abdel-ZaherA.M. et al.

    Breast cancer classification using deep belief networks

    Expert Syst. Appl.

    (2016)
  • DawoudA. et al.

    Deep learning and software-defined networks: Towards secure iot architecture

    Internet Things

    (2018)
  • HaddadPajouhH. et al.

    A deep recurrent neural network based approach for internet of things malware threat hunting

    Future Gener. Comput. Syst.

    (2018)
  • HomayounS. et al.

    DRTHIS: Deep ransomware threat hunting and intelligence system at the fog layer

    Future Gener. Comput. Syst.

    (2019)
  • MohanN. et al.

    Edge-fog cloud: A distributed cloud for internet of things computations

  • HabeebR.A.A. et al.

    Real-time big data processing for anomaly detection: A survey

    Int. J. Inf. Manage.

    (2019)
  • DavisG. et al.

    Trending: Iot malware attacks of 2018

    (2018)
  • WongW.G.

    Developers discuss iot security and platforms trends

    (2015)
  • New trends in the world of iot threats

    (2019)
  • KatalA. et al.

    Big data: Issues, challenges, tools and good practices

  • CardenasA.A. et al.

    Big data analytics for security

    IEEE Secur. Priv.

    (2013)
  • McDermottC.D. et al.

    Botnet detection in the internet of things using deep learning approaches

  • PanJ. et al.

    Cybersecurity challenges and opportunities in the new edge computing+ iot world

  • RahmanA.F.A. et al.

    Securing sensor to cloud ecosystem using internet of things (iot) security framework

  • PereraC. et al.

    Big data privacy in the internet of things era

    IT Prof.

    (2015)
  • HussainR. et al.

    Review of different encryptionand decryption techniques used for security and privacy of iot in different applications

  • MohammadiM. et al.

    Deep learning for iot big data and streaming analytics: A survey

    IEEE Commun. Surv. Tutor.

    (2018)
  • MarjaniM. et al.

    Big iot data analytics: architecture, opportunities, and open research challenges

    IEEE Access

    (2017)
  • GrammatikisP.I.R. et al.

    Securing the internet of things: Challenges, threats and solutions

    Internet Things

    (2019)
  • DeogirikarJ. et al.

    Security attacks in iot: A survey

  • KolosnjajiB. et al.

    Deep learning for classification of malware system call sequences

  • YuanZ. et al.

    Droid-sec: deep learning in android malware detection

  • YuanZ. et al.

    Droiddetector: android malware characterization and detection using deep learning

    Tsinghua Sci. Technol.

    (2016)
  • MeidanY. et al.

    N-baiot—network-based detection of iot botnet attacks using deep autoencoders

    IEEE Pervasive Comput.

    (2018)
  • RoyB. et al.

    A deep learning approach for intrusion detection in internet of things using bi-directional long short-term memory recurrent neural network

  • R.A. Ariyaluran Habeeb, F. Nasaruddin, A. Gani, M.A. Amanullah, I. Abaker Targio Hashem, E. Ahmed, M. Imran,...
  • JanejaV.P. et al.

    B-dids: Mining anomalies in a big-distributed intrusion detection system

  • VimalkumarK. et al.

    A big data framework for intrusion detection in smart grids using apache spark

  • VinayakumarR. et al.

    Deep learning approach for intelligent intrusion detection system

    IEEE Access

    (2019)
  • CimpanuC.

    Sirenjack attack lets hackers take control over emergency alert sirens

    (2018)
  • SandersJ.

    5 biggest iot security failures of 2018

    (2019)
  • MathewsL.

    Hackers use ddos attack to cut heat to apartments

    (2016)
  • Iot role in dyn cyberattack

    (2019)
  • EtheringtonD. et al.

    Large ddos attacks cause outages at twitter, spotify, and other sites – techcrunch

    (2016)
  • The possible vendetta behind the east coast web slowdown

    (2019)
  • SchifferA.

    How a fish tank helped hack a casino

    (2017)
  • Cited by (229)

    • Deep learning-enabled polar code decoders for 5G networks and beyond

      2024, AEU - International Journal of Electronics and Communications
    View all citing articles on Scopus
    View full text