INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

A Comprehensive Analysis On Intrusion

Detection In Iot Based Smart Environments
Using Machine Learning Approaches
Umar Albalawi
Abstract— With the expansion in the quantity of Internet-connected devices, security and privacy concerns were the important obstructions hindering
the extensive adoption of the IoT. Security in IoT has become a major consideration for all, including the organizations, consumers, and the government.
While attacks on any system can't be completely secured perpetually, real-time detection of the attacks are significant to protect the systems in a
compelling way. Privacy and security are the major important concerns in the domain of real-time communication and predominantly on IoTs. With the
development of IoT, the security of network layer has drawn better focus. The vulnerabilities of security in the IoT can create security threats dependent
on any application. In this manner there is a basic prerequisite for security development and enhancement for the IoT system for preventing security
attacks dependent on vulnerabilities of security. In this study we reviewed IoT system, security attacks, security requirements and its applications based
on Machine learning approaches. The goal of this review was to analyze the Machine learning techniques that could be utilized to develop and enhance
the security techniques for IoT systems.

Index Terms— Cyber-attacks, Internet of Things, Intrusion, Anomaly, Machine Learning, Security attacks, Smart Environment
——————————  ——————————
1 INTRODUCTION gathering, combining, and dissecting the major measures of
THE concept of IoT was created by an individual from the our own data. Such data may contain our place, browsing
RFID group in 1999, and it has presently turned out pattern, contact list, and fitness and health data. The sensing,
increasingly significant to the practical world to a great extent gathering, and proliferating of such individual information by
on account of the development of mobile phones, embedded calculating devices are essentially propelled by
and universal communication, cloud computing and data accommodation: as devices gets smarter, they could respond
analysis [1]. The IoT assumes a significant part in all aspects better to our requirements, wishes, and even states of mind
of our day-to-day lives. It covers several domains including and deal with emergencies. However, this comfort comes at
industrial appliances, automobiles, healthcare, sports, the cost of privacy and security difficulties: the private,
entertainment, smart homes, and so on. The prevalence of IoT customized data, if access to an unapproved, malicious
facilitates some daily activities, enhances the manner in which operator, could lead to critical harm to our wealth, status, and
humans collaborate with the world and environment, and personal security. Moreover, to our very own information,
expands our social communications with others and objects these devices additionally incorporate resources presented by
[2]. The concept behind the IoT was to connect not just its producers at different levels during their production
humans and computers as well as day-to-day objects to the distribution chain. (Fig. 1)
Internet. This could be accomplished with outfitting things with
computing and communication capacities hence altogether IoT Devices
mapping the physical world to the digital one. This vision has 60
originated from the way that individuals have constraints in
time and precision with regards to information collection and 50
generation, although if these procedures should be possible 40
In Billions

with no human intervene (i.e., by having exceptionally

recognizable objects to report the condition, area, address, 30
and so forth.), at that point the expenses and losses could be 20
minimized significantly. The IoT can possibly change the
methods for living and working with its new parts of interaction 10
and communication, and creative service and application, e.g.,
0
practical objects observation, the web search engine for
things, and so on. [3].
The initial years of the IoT mainly included data Fig. 1. Graphical representation of connected IoT devices World-wide
communication through machine to machine (M2M)
communication. Though, the idea has developed quickly to These comprises fuses, firmware, and troubleshoot modes.
incorporate human communication also, introducing a Unapproved access to these resources could lead to the loss
generation of IoE. Currently, our world incorporates billions of of a million of dollars in stolen copyrights, just as possibly
processing devices and sensors that are consistently sensing, critical exploitation of the resources. With the worldwide
implementation of these devices, such security vulnerabilities
could be disastrous [4].

2 MATERIAL AND METHODS

————————————————
2.1 Architectures of IoT
 Umar Albalawi is currently Assistant Professor Department of
Computer Engineering, Faculty of Computers and Information The architecture of IoT is discussed as Three-layer, Four-layer
Technology, University of Tabuk, Kingdom of Saudi Arabia. E-mail: and Five-layer as represented below. These types of
[email protected] architectures are used for the IoT system development based
1646
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

on the performance model. The three different layers of IoT 2.4 Different Cyber Attacks on Applications of IoT
architecture is represented in fig.2. IoT networks are presented to different sorts of attacks both
external and internal. Attacks are for the most part arranged by
two type external and internal attacks. In external attack, the
attacker is not a part of the network while in an internal attack
the attack can be started through undermined or malignant
nodes which are a segment of the network. In the
accompanying, we analyze some potential digital attacks on
IoT applications [7] [8]:

 Sinkhole Attack
 Wormhole Attack
 Selective Forwarding Attack
 Sybil Attack
 Hello Flood Attack
 DOS Attack

2.5 Intrusion Detection system

Fig. 2. Architecture Types of IoT The Connection of intrusion detection was first presented by
Anderson in 1980 and is acquainted with the network system
2.2 Requirements of Security by Heberlein in 1990. An IDS is a mechanism or tool utilized to
Authenticity: Only valid users must be permitted to use the avoid unapproved access and for detecting attacks over a
system or sensible data. system or a network by determining the activity in the system
Authorization: The benefits of device segments and or in the network [9]. The IDS is utilized to check the malignant
applications must be restricted so they can access just the traffic in the specific node and network. It could play as the
resources they have to do their considered tasks. second line of defense that could protect the network from
Confidentiality: Data transmission among the nodes must be attackers. Intrusion was an undesirable or malevolent action
secured from intruders. that was dangerous for sensor nodes. IDS can be a hardware
Integrity: Related data must not be altered or software tools. IDS could review and analyze machines and
Availability and Continuity: So as to ignore any potential actions of user, find labels of well-known attacks and detect
operational error and interference, accessibility and continuity malignant network action. The IDS’s objective was to monitor
in the arrangement of security services must be guaranteed [5] the networks and nodes, find various interruptions in the
network, and alert the user after interruptions had been
2.3 Challenges of Security identified. The IDS performs as an alarm or network perceiver.
Interoperability: Related security solutions must not secure It prevents from harm to the system through creating the alert
the function of interconnected heterogeneous devices in the previously the attacker ready to attack. It distinguishes both
system of IoT network. inside and outside attacks. Internal attacks were initiated
Resource constraints: In IoT architecture, the vast majority through malignant or undermined nodes that are segment of
of the nodes need storage capability, power, and CPU. They the network while external attacks are initiated by third parties
commonly utilize less-bandwidth transmission channel. Thus, who are initiated by the external networks. IDS distinguish the
it was unable to utilize some security strategies like frequency network packet and determine if they are real users or
hopping transmission and the public key encryption algorithm. intruders. There are mostly three parts of IDS: Monitoring,
The arrangement of security system was very challenging Analysis and detection, and Alarm. The monitoring module
under these conditions. observes the network traffics, patterns and resources. The
Data volumes: Although some IoT applications utilize brief detection and analysis are the key part of IDS that identifies
and rare communication channel, there are an extensive the intrusions as per specific algorithm. The alert module
quantity of IoT systems like logistics, sensor-based, and large- raises an alert if the intrusion was identified [10]. A normal IDS
scale frameworks which have the possibilities to involve large is made out of an analysis engine, sensors, and the reporting
volumes of information on servers or central network. system. Sensor placed at various network locations or host
Privacy protection: Since a large amount of RFID systems and its primary objective is to gather information. The
were limited of appropriate authentication system, anybody information gathered are transmitted to the analysis engine,
could track labels and discover the ID of the objects which was capable to analyze the gathered information and
transferring them. Hackers cannot just read the information as identify intrusions. Once an intrusion is identified by the
well as change or even delete information likewise. analysis engine, the reporting system produces an alert to the
Scalability: The network of IoT comprises of several nodes. admin of network. IDSs could be divided as Network-based
Autonomic control: Conventional computers require users IDS (NIDS) and Host-based IDS (HIDS). The implement of
for designing and adjust them to various application fields and IDS relies upon environment. The NIDS absorbs network
distinctive transmission conditions. Nonetheless, objects in the traffic packets to identify malignant attacks and intrusions. A
network of IoT must setup links precipitously, and NIDS could be software or else hardware-based system. (Fig.
compose/design themselves to match for the stage they were 3)
working in. This sort of control additionally includes a few
methods and systems like self-arranging, self-improving, self-
management, self-protecting and self-healing [6].
1647
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

3 DISCUSSION
TABLE 1 Learning algorithms have been broadly accepted in several
PERFORMANCE COMPARISON OF NIDS AND HIDS practical applications on account of their remarkable quality of
solving issues. These algorithms deal with the development of
Performances Network-Based IDS Host-Based IDS machines which develops automatically by learning. Recently,
Intruder deterrence Solid deterrence for Solid deterrence for learning algorithms have been broadly used practically. The
external internal intruders
Intruders present improvement of learning algorithms has been directed
Response time of Strong response time Weak real-time through the advancement of new algorithms and the
threat against response but accessibility of big data, besides the development of less-
external intruders performs better for a computation cost algorithm. Commonly, learning algorithms
long term attack intend to enhance execution in achieving the task with the
Assessing damage Very weak in Excellent in assessing
assessing level of level of damage
assistance of training and learning from knowledge. For
damage example, in learning intrusion identification, the task was for
Prevention from Better at avoiding Better at avoiding classifying the system’s activity as abnormal or normal. An
Intruder external intruders internal intruders enhancement in execution could be accomplished through
Predicting Threat Both good at predicting and identifying malicious enhancing accuracy of classification, and experiences out of
behavior patterns
which the algorithms learn were an assortment of typical
system activity. As discussed before Learning algorithms are
The HIDS was developed to be implement on a single system characterized into four primary classes: Supervised, Semi-
and to secure that system from malignant attacks or intrusions supervised, Unsupervised and Reinforcement Learning (RL).
that would damage its OS or information [16], [17]. A HIDS Machine Learning relates to intelligent techniques used to
normally relies upon features in the host condition, like the optimize the condition of the performance utilizing sample
activity files in the PC system. These features or metrics were information or previous experience(s) through learning. All the
utilized as input to the HIDS decision engine. Along these, more exactly, machine learning algorithms develop models of
extraction of features from the host environment functions as behaviors utilizing mathematical methods on large data
the reason for any HIDS [11],[12],[13],[14]. collections. Machine learning additionally allows the capacity
for learning without being specifically programmed. These
Fig. 3. Classification of IDS methods were utilized as the reason for creating future
expectations dependent on the new input information. Machine
learning was interdisciplinary in quality and acquires its roots
from numerous specialties of engineering and science that
incorporate AI, data theory, optimization theory, and
psychological science, to name the few.

TABLE II.
ML TECHNIQUES UTILIZED IN SECURITY ISSUES OF IOT

ML Technique Description Advantages Disadvantages

SVMs are known for their The optimal
SVM is the algorithm of supervised model with speculation capacity and determination of a kernel
less computational complexity, utilized for appropriateness for information is complex.
SVM
regression and classification. It can perform with comprising of an enormous number Comprehending and
binary just as with multi-class conditions. of feature qualities however few interpreting SVM-based
sample points. models are challenging.
The optimal k value for
It is a basic and powerful supervised model and
the most part differs
was utilized for connecting new data-points to the
starting with one data set
current comparative points via seeking through KNN is a mainstream and
then onto the next; in this
K-NN accessible data set. The system was trained and successful machine learning
way, deciding the optimal
grouped by certain criteria and approaching strategy for intrusion detection.
estimation of k might be
information is analyzed for similarity in K
a difficult and tedious
neighbors.
procedure.
It is the algorithm of classification utilized with the NB handles features
multi-class and binary condition. It is called as NB is familiar for its simpleness, autonomously and in this
"Naive", as over-rearranged suppositions are simple of usage, less training way can't catch valuable
Naive Bayes
made for the computation of probabilities for the sample prerequisite and solid to parts of information from
particular theory. Each feature is considered to inappropriate features. the connections and
be restrictively independent as opposed to cooperation’s between

1648
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

figuring the real values. features.

PCA an unsupervised model and a multivariate
method for compression of data. It executes
dimensionality reduction in huge datasets and
PCA was the feature
extricates valuable data as the set included
reduction strategy. It
orthogonal factors called as "principal
PCA could accomplish must be utilized with
component". These components were composed
PCA dimensionality reduction and various machine learning
in the expanding order of variation where the
subsequently decrease difficulty. strategies to build up a
initial component was related with the most
compelling security
elevated difference of the information and it
approach.
proceeds to the last. The least difference
component having the least data could be
removed.
RF depends on
developing many DTs;
RF was a supervised technique. It characterizes
therefore, it might be
a model through actualizing specific rules RF was strong to over-fitting. RF
unreasonable in
Random Forest deriving from the data features. Hence, this derives feature selection and needs
particular practical
method was utilized to anticipate new variable just some input parameters.
application in which the
targeted value.
necessary training data
set was enormous.
DT requires huge storage
as a result of its
The decision tree is utilized in regression and
construction nature.
just as classification issues. Basically, these DT was a simple and transparent
Decision Tree Understanding DT based
trees are utilized to divide the data set into many strategy.
techniques are simple
branches dependent on specific principles.
just if not many DTs are
included.
NN was the supervised technique to create the
decision units in the form of cascaded chain to It was computationally
NN were flexible and could be
solve difficult issues. It basically builds network more costly and time
Neural Network utilized for both regression and
with a specific number of input to trigger output. consuming to train with
classification issues.
Different sorts of NN have been proposed, for regular CPUs.
example, MLP, CNNs, and RNNs.
Unsupervised techniques are
The most widely utilized familiar procedure is the commonly a better decision while
It was less viable than
K-mean clustering, the unsupervised class of the creating the labelled information is
supervised techniques,
K-means Clustering machine learning family. It is utilized to classify or complex. It could be utilized for
particularly in recognizing
aggregate devices dependent on features or private information anonymization
familiar attacks.
parameters. in an IoT framework since it doesn't
need labelled information.
It was utilized for scheduling resource in It is not suitable for
It is referred to attain long-term
spectrum management as well as security in IoT. solving simple issues and
Q-Learning results which are very difficult to
It is associated to reinforcement learning class of needs huge data and
achieve.
the machine learning. huge computation.

ML was used if human skill either doesn't exist or can't be contextual support [22],[24].
utilized like exploring a hostile location where people can't
utilize their skill, for example, robotics, speech recognition, and Table III. MACHINE LEARNING TECHNIQUES FOR SECURITY ISSUES
so forth. It was likewise applied in circumstances where the IN IOT
solutions for some particular issue change in time (directing in Objective/Issues Machine Learning Methods Used
the network of computer or discovering malignant code in an Intrusion/Anomaly  K-means Clustering and DT [27]
application or software) [29], [32], [33]. Moreover, it was Detection  ANN [15]
utilized in real-time smart devices, for example, Google utilizes  Naive Bayes [30]
 Decision Tree [19]
machine learning to dissect threats over mobile endpoint and DDOS Attack  KNN [23]
application performing on Android. It was likewise utilized for  SVM [23]
distinguishing and eliminating malwares from infected devices.  Random Forest and Decision Tree [23]
Moreover, Amazon has started the service Macie which utilizes  Neural Network [23]
machine learning to order and classify information saved in its  Q-Learning [31]
cloud storage services. However, machine learning methods Attack Detection and  SVM [23]
perform well in numerous domains; although, there was a Mitigation  K-NN and SVM [28]
possibility of FP and TN (Table. I). In this manner, machine Authentication  Recurrent Neural Network [21]
learning methods need direction and changes to the model if  Q-Learning and Dyna-Q [31]
 DNN [28]
the wrong prediction is made. Contrarily, in Deep Learning,
Malware Analysis  SVM and PCA [25]
another type of machine learning, the model could decide the
 Recurrent Neural Network [27]
precision of anticipation by itself. Because of self-service  Ensemble Learning Algorithm Random
quality of deep learning methods, it was rendered as Forest supervised classifier [18]
increasingly appropriate for classifications and task of  Artificial Neural Network [30]
prediction in new IoT applications with customized and  Linear SVM [20]

1649
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

Machine learning is utilized to make methods that were utilized security and privacy arrangements affects from various issues
to configuration, analyze, and train the datasets. These that are identified with the dynamic quality of the IoT networks.
machine learning algorithms were utilized to distinguish In this survey deep review of IoT system is discussed and
potential patterns and similitudes in huge datasets and can various IoT security threats and IoT security attacks are
perform predictions in new upcoming information. In any case, discussed. A brief review of machine learning techniques
the basic confinement of machine learning technique is that it based on IoT security was analyzed in terms of its
for the most part needs a data set to learn from, and afterward applications, objectives, advantages and disadvantages on IoT
the method learned was utilized for real information. This security. Different techniques are analyzed based on learning
occurrence might not enclose entire scope of properties and techniques.
features of the information. In such manner, deep learning
methods have been utilized to address the constraints of the 5 FUTURE SCOPE
machine learning methods (Table. II). Machine learning is We have discussed various Machine learning methods and its
viewed as major reasonable computational ideal models to applications for IoT security. We have additionally revealed
present embedded intelligence in IoT systems. Machine insight into the confinements of the conventional machine
learning could support smart devices and machines to induce learning techniques. Hence we have discussed the current
valuable information out of the device or human-created security solutions. So as to alleviate a portion of drawbacks of
information. It could likewise be characterized as capacity of machine learning techniques to deal with IoT security, the
the smart device to differ or computerize circumstance or hypothetical establishments should be improved so the
conduct dependent on knowledge that was seen as a performances of the machine learning and deep learning
fundamental segment of the IoT solution. Machine learning models can be evaluated dependent on specific parameters.
methods have been utilized in operations like regression, In future Machine learning and Deep learning techniques can
classification, and density evaluation. Assortment of be combined with innovative and sophisticated techniques like
applications like computer vision, scam identification, block-chain for IoT to enhance the security.
bioinformatics, malware identification, validation, and speech
recognition use machine learning algorithms and methods. 5 REFERENCES
Along these, machine learning can be utilized in IoT for giving [1] K. K. Patel and S. M. Patel, ―Internet of Things-IOT:
intelligent services [26]. Definition, Characteristics, Architecture, Enabling
Technologies, Application & Future Challenges‖,
Table IV. APPLICATIONS OF MACHINE LEARNING TECHNIQUES IN International Journal of Engineering Science and
IOT Computing, Vol. 6, Issue No. 5, pp.6122-6131, 2016.
Techniques Applications in IoT
SVM Identification of intrusions, malwares [2] M. Ammar, G. Russello, and B. Crispo, ―Internet of Things:
and attack in smart grid A survey on the security of IoT frameworks‖, Journal of
KNN Identification of intrusions and Information Security and Applications, Elsevier, Vol.38,
anomalies pp.8-27, 2018.
NB Detection of network Intrusion [3] I. Alqassem and D. Svetinovic, ―A Taxonomy of Security
RF Identification of intrusions, DDoS and Privacy Requirements for the Internet of Things (IoT)‖,
attack, anomalies, and unapproved
IoT device
Proceedings of the 2014 IEEE IEEM, pp.1244-1248,
DT Identification of intrusions and 2014.
suspicious traffic sources [4] K. Chen, S. Zhang, Z. Li, Y. Zhang, Q. Deng, S. Ray, and
K-means Clustering Detection of Sybil in industrial WSNs Y. Jin, ―Internet-of-Things Security and Vulnerabilities:
and private data anonymization in an Taxonomy, Challenges, and Practice‖, Journal of
IoT system Hardware and Systems Security, Vol.2, pp.97–110, 2018.
PCA It could be utilized for real-time
detection models in IoT environments
[5] J. K. Amfo and J. B. Hayfron-Acquah, ―Modeling of Hybrid
by reducing the model features Intrusion Detection System in Internet of Things using
Support Vector Machine and Decision Tree‖, International
Journal of Computer Applications, Volume 181 – No. 15,
This review intends to present a usable manual which could pp.45-52, 2018.
motivate researchers to enhance the security of IoT from [6] S. Geetha and A. V. Phamila, ―Countering Cyber Attacks
basically enabling secure transmission among IoT and Preserving the Integrity and Availability of Critical
components to creating smart end-to-end IoT security-based Systems‖, Network Intrusion Detection and Prevention
methodologies (Tables III and IV). Systems for Attacks in IoT Systems, Chapter-6, IGI
Global, pp.128-141, 2019.
[7] H. Jayakumar, K. Lee, W. S. Lee, A. Raha, Y. Kim, and V.
4 CONCLUSION
Raghunathan, ―Powering the Internet of Things‖, ACM
The necessities for securing IoT systems have become
Transactions, pp.375-380, 2014.
challenge due to many advances, from physical devices and
[8] E. Leloglu, ―A Review of Security Concerns in Internet of
wireless communication to mobile and cloud models, should
Things‖, Journal of Computer and Communications, Vol.5,
be protected and combined with different technologies. The
pp.121-136, 2017.
development in Machine Learning has enabled the
[9] B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. de
improvement of different incredible analytical strategies that
Alvarenga, ―A survey of intrusion detection in Internet of
could be utilized to upgrade IoT security. IoT privacy and
Things‖, Journal of Network and Computer Applications,
security were fundamental significance and assume a critical
Elsevier, pp.1-13, 2017.
role in the commercialization of IoT innovation. Conventional
[10] M. A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, and M.
1650
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

Guizani, ―A Survey of Machine and Deep Learning [25] N. Nesa, T. Ghosh, and I. Banerjee, ―Non-parametric
Methods for Internet of Things (IoT) Security‖, arXiv.org, sequence-based learning approach for outlier detection in
pp.1-42, 2018. IoT‖,FutureGenerationComputerSystems,Elsevier,2017,htt
[11] M. Hasan, Md. M. Islam, Md I. I. Zarif, and M.M.A. ps://doi.org/10.1016/j.future.2017.11.021.
Hashem, ―Attack and anomaly detection in IoT sensors in [26] M. Ozay, I. Esnaola, F. T. Y. Vural, S. R. Kulkarni, and H.
IoT sites using machine learning approaches‖, Internet of V. Poor, ―Machine Learning Methods for Attack Detection
Things, Elsevier, Vol.7, pp.1-14, 2019. in the Smart Grid‖, IEEE Transactions on Neural Networks
[12] S. Jaiswal and D. Gupta, ―Security Requirements for and Learning Systems, pp.1-14, 2015,.
Internet of Things (IoT)‖, Proceedings of International [27] P. Shukla, ―ML-IDS: A Machine Learning Approach to
Conference on Communication and Networks, Advances Detect Wormhole Attacks in Internet of Things‖, Intelligent
in Intelligent Systems and Computing, Springer, pp.419- Systems Conference, IEEE, pp.234-240, 2017.
427, 2017. [28] C. Shi, J. Liu, H. Liu, and Y. Chen, ―Smart User
[13] M. S. Alam and S. T. Vuong, ―Random Forest Authentication through Actuation of Daily Activities
Classification for Detecting Android Malware‖, IEEE Leveraging WiFi-enabled IoT‖, In Proceedings of Mobihoc
International Conference on Green Computing and ’17, ACM, pp.1-10, 2017.
Communications and IEEE Internet of Things and IEEE [29] J. Su et al., ―Lightweight Classification of IoT Malware
Cyber, Physical and Social Computing, IEEE, pp.663- Based on Image Recognition‖, IEEE International
6692013. Conference on Computer Software & Applications, IEEE,
[14] A. Azmoodeh, A. Dehghantanha, and K. R. Choo, ―Robust pp.664-669, 2018.
Malware Detection for Internet of (Battlefield) Things [30] E. Viegas, A. Santin, L. Oliveira, A. Francüa, R. Jasinski,
Devices Using Deep Eigenspace Learning‖, IEEE and V. Pedroni, ―A Reliable and Energy-Efficient Classifier
Transactions on Sustainable Computing, vol.4, no.1, Combination Scheme for Intrusion Detection in Embedded
pp.88-95, 2019. Systems‖, Computers & Security, Elsevier, pp.1-15, 2018.
[15] J. Canedo and A. Skjellum, ―Using Machine Learning to [31] L. Xiao, Y. Li, G. Han, G. Liu, and W. Zhuang, ―PHY-layer
Secure IoT Systems‖, Annual Conference on Privacy, Spoofing Detection with Reinforcement Learning in
Security and Trust (PST), IEEE, pp. 219-222, 2016. Wireless Networks‖, IEEE Globecom 2015, IEEE, pp.1-11,
[16] S. Rathore and J. H. Park, ―Semi-supervised learning 2015.
based distributed attack detection framework for IoT‖, [32] W. Zhou and B. Yu, ―A Cloud-Assisted Malware Detection
Applied Soft Computing, Elsevier, pp.1-20, 2018. and Suppression Framework for Wireless Multimedia
[17] M. Esmalifalak, L. Liu, N. Nguyen, R. Zheng, and Z. Han, System in IoT Based on Dynamic Differential Game‖,
―Detecting Stealthy False Data Injection using Machine Computer System Security, China Communications, IEEE,
Learning in Smart Grid‖, IEEE Systems Journal, pp.1-9, pp.209-223, 2018.
2014. [33] Saad Almutairi, S. Manimurugan, Majed Aborokbah, ―A
[18] H. H. Pajouh, R. Javidan, R. Khaymi, A. Dehghantanha New Secure Transmission Scheme between Senders and
and K. R. Choo, ―A Two-layer Dimension Reduction and Receiver Using HVCHC without Any Loss‖, EURASIP
Two-tier Classification Model for Anomaly-Based Intrusion Journal on Wireless Communications and Networking,
Detection in IoT Backbone Networks‖, IEEE, pp.1-11, 2019:88, 2019, https://doi.org/10.1186/s13638-019-1399-
2016. z
[19] H. H. Pajouh, A. Dehghantanha, R. Khayami, and K. R. [34] S.Manimurugan and C.Narmatha., ―Secure and Efficient
Choo, ―A deep Recurrent Neural Network based approach Medical Image Transmission by New Tailored Visual
for internet of things malware threat hunting‖, Future Cryptography Scheme with LS Compressions‖,
Generation Computer Systems, Elsevier,2018, International Journal of Digital Crime and Forensics
https://doi.org/10.1016/j.future.2018.03.007 (IJDCF), Volume 7, Issue 1, Pp 26-50, 2015.
[20] H. S. Ham, H. H. Kim, M.S. Kim, and M. J. Choi, ―Linear
SVM-Based Android Malware Detection for Reliable IoT
Services‖, Journal of Applied Mathematics, Hindawi, pp.1-
10, 2014.
[21] F. Hussain, A. Anpalagan, A. S. Khwaja, and M. Naeem,
―Resource allocation and congestion control in clustered
M2M communication using Q-learning‖, Transactions on
Emerging Telecommunications Technologies, Wiley Online
Library, pp.1-12, 2016,.
[22] E. B. Karbab, M. Debbabi, A. Derhab, and D. Mouheb,
―MalDozer: Automatic framework for android malware
detection using deep learning‖, Digital Investigation,
Elsevier, pp.48-59, 2018.
[23] Y. Li, D. E. Quevedo, S. Dey, and L. Shi, ―SINR-based
DoS Attack on Remote State Estimation: A Game-theoretic
Approach‖, IEEE, pp.1-10, 2015.
[24] N. An, A. Duff, G. Naik, M. Faloutsos, S. Weber, and S.
Mancoridis, ―Behavioral Anomaly Detection of Malware on
Home Routers, International Conference on Malicious and
Unwanted Software (MALWARE)‖, IEEE, pp. 47-54, 2017.

1651
IJSTR©2020
www.ijstr.org
 INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 04, APRIL 2020 ISSN 2277-8616

AUTHOR BIOGRAPHY

UMAR A. ALBALAWI (M’15) received the

bachelor's degree in Computer Science from
the University of Tabuk, Saudi Arabia, in
2006, and the master's degree in Computer
Science from Texas A&M University, in 2013,
and the Ph.D. degree in Computer Science
and Engineering from the University of North
Texas in 2016. He is currently an Assistant
Professor with Department of Computer
Engineering.
He is the Chairman of Computer Engineering and the Vice-
Dean for Graduate Studies and Research Faculty of
Computers and Information Technology, The University of
Tabuk, Saudi Arabia. His research is in Security and Privacy
for Internet of Things (IoT), Big Data and Machine Learning
Algorithm, and Cryptography. He has authored 20 peer-
reviewed research articles. The publications are well-received
by the world-wide peers with a total of 86 citations (from
Google Scholar). He served on the Editorial Boards of Several
peer-reviewed international journals and magazine.

1652
IJSTR©2020
www.ijstr.org