IoT is a communal network of connected devices which facilitates communication between the cloud and the devices, as well as between the connected devices themselves. Distributed Intelligent Systems are becoming popular with the advancements in Artificial Intelligence (AI). A huge amount of data is travelling over millions of distributed heterogeneous networks. IoT and cloud services lead the users to deal with enormous data on daily basis. As the horizon of devices is increasing so is the concern towards security breaches. In today’s world cybersecurity services are essential because of massive collection of crucial data over computers and other devices which is used in government sector, business, healthcare, military and financial organizations (Sarker et al., 2021).
In large scale networks, cyber-attacks like computer malware, unauthorized login or denial-of-service (DoS) attack cause huge financial losses (Tariq, 2018). It becomes essential to protect IoT devices against different types of known and unknown attacks in order to gain maximum benefit from emerging technologies. Threat identification systems play a vital role in protecting IoT devices. These systems check whether the traffic, coming in a network is benign or malicious. These are also capable of identifying the type of threat. In this chapter, the researchers have explained the basics of IoT, ML and threat identification system i.e IDS. ML based decision tree approach is used while designing IDS utilizing KDD dataset.
Internet of Things
The Internet of Things (IoT) is a network of connected devices that can sense, act and converse with one another and with the outside world (i.e smart objects). It enables the sharing of information. IoT can develop services either with or without direct human involvementLarge companies, service providers, and sectors like manufacturing, healthcare, smart grids, digital agriculture, and many more are now paying attention to IoT. “Things” are a collection of nodes that have the ability to communicate with one another, either with or without human participation. (HaddadPajouh, 2021). The term things include sensors, smart televisions, smart refrigerators and smart vehicles etc. These things also known as objects or nodes can talk, listen, hear and act in smart manners. The industry 4.0 revolution is beginning to include this usage. There are three layers in the IoT architecture. Several levels of security are needed. Several security issues at each tier of the IoT architecture are depicted in Figure 1.
Application Layer
This layer offers a variety of facilities for use in many IoT applications including smart homes, smart self-driving cars, smart parking systems, etc. This layer ensures the authenticity, privacy and reliability of the data. In order to communicate data over the network, the application layer protocols define how the application interacts with the lower layer protocols. Process-to-process communications are made possible via application layer protocols using ports (Swamy et al., 2017).
Figure 1. Security concerns at different layers of IoT
Network Layer
In IoT, the network layer connects all things and enables them to be aware of their environment (Gokhale et al., 2018). Data routing and transmission to various hubs and devices across the Internet is this layer's primary role. At this layer, data transmission, data aggregation, and data filtering are also performed. Yet, the most often used security mechanisms in IoT architectures' network layers are key management and encryption systems, blockchain technology, and intrusion detection systems.
Edge Layer
End-user IoT devices (cloud-edge) can communicate with clients in this layer as well as their working domains, such as sensors, smart metres, or IoT edge layer servers of a gateway (Portilla et al., 2019). Information from the real-time objects is gathered by the Edge or perception layer. The “Sensors” layer of the Internet of things is another name for this layer. This layer's primary objective is to gather data from the environment using sensors and actuators. It gathers information and sends it to the network layer for additional processing. Also, it manages Node collaboration in local and short-range networks for the internet of things. The edge-layer in the IoT architecture is vulnerable to numerous assaults because of its physical accessibility.