Hrishitva Patel
The era of the so-called “Internet of Things” (IoT) has resulted in an ever-increasing number of connected people and devices. In 2015, more than 15 billion devices were connected, and in 2019 that number reached nearly 26 billion. By 2025, this number may reach 75 billion devices worldwide. While enjoying the services brought about by the IoT, there is increasing scrutiny on the security of its technologies, especially after infamous hacks and leaks of the prominent social media sites, celebrity personal devices, and even our own university.
The following lists some of the ways in which devices connected to the IoT are vulnerable to threats and attacks: First, hackers can physically access devices, as most of them operate without human engagement; second, attackers can spy on devices while linked to wireless networks (e.g. unsecure public WiFi); finally, malware can damage and disrupt a computer system through encryption of data, theft of sensitive data, and keylogging and cataloguing user activities. To ensure security of the IoT, confidentiality, safety, and availability of data remain paramount for the users thereof. Though encryption algorithms are used for ensuring confidentiality, for instance, these encryption techniques decrease availability. Likewise, digital signatures and Message Authentication Code (MAC) are used for safety purposes, at the expense of confidentiality and availability.
In many cases, traditional security systems are not enough to stop hackers who steal sensitive information. Thus, while systems may vary in requirements, IoT security-technology must be used to build protective frameworks such as smart-home security and smart-car safety. Encryption-decryption technology plays a vital role in protecting our personal information and sensitive data, with algorithms being the keystone of this technology. Therefore, if these algorithms are implemented efficiently, then an effective security system is almost guaranteed.
When data is transferred over different computer networks, it is necessary to protect it through encryption. The most common algorithm for doing so is called Advanced Encryption Standard (AES). Some other types of security include symmetric encryption, asymmetric encryption, Digital Signature Algorithm (DSA), and Elliptic Curve Digital Signature Algorithm (ECDSA). The AES algorithm includes a complete structure for encryption and decryption of sensitive data, which is the reason it is used worldwide. It can be easily implemented in software or hardware while also able to meet both modern security requirements and speed of communication required by modern applications. When using AES, it is near-impossible for potential hackers to gain access to the original data. In fact, there is no evidence attackers have been able to decrypt sensitive data while AES is implemented. AES has the ability to handle three key sizes: 128 bits, 192 bits, and 256 bits. Encryption at 128 bits (AES-128 encryption) is implemented on the MicroSD card module with ESP32. This has many advantages because it includes Bluetooth and Wi-Fi accessibility, a 32-bit CPU, support for various protocols [such as Inter-Integrated Circuit Protocol (I2C), Serial Peripheral Interface (SPI), and Universal Asynchronous Receiver-Transmitter (UART)], and also it is designed to support the work done for projects of IoT. AES is trusted as a standard by the US government and many other institutions. It is more than six times faster than the Triple Data Encryption Standard (TripleDES), and is used in many texting applications (such as WhatsApp), computer platforms such as VeraCrypt, and many other technologies. AES-128 is thus the most accepted encryption standard in the world for cyber security due to its performance, as only one key is used for encryption and decryption so the key is the same on both ends of users. It is highly efficient in 128-bit format, but it also uses 192-bit and 256-bit keys for the encryption of heavy-duty tasks. AES can largely be used to tackle all attacks, except for the attack which attempts to decrypt data using all possible combinations of 128-bit, 192-bit or 256-bit encryption.
On the other hand, a Generative Adversarial Network (GAN) is also commonly used around the world. A GAN effectively trains itself to achieve its programmed end through repetitive trial-and-error and immense sample sizes. GAN’s algorithm is made up of two internal sub-models: the generator and the discriminator. The generator is able to create fake “samples” with random noise, while the discriminator differentiates between samples to determine whether a given sample is fake (i.e. not in alignment with its target) or real. After various samples are differentiated, the generator “forwards” the feedback generated from the discriminator, and enhances the subsequent fake sample such that it is more difficult for the discriminator to differentiate between real and fake samples.
There are different types of GANs used for various purposes. The “Vanilla” GAN is the simplest type, made up of two internal models’ generator and discriminator. The generator and discriminator do the job of classification and generation of images by using multi-layer “perceptrons” (the algorithm by which a discriminator differentiates samples). Conditional GAN (CGAN) is the supervised technique by which the generator and discriminator is provided with additional information (e.g. class, label, etc.) to find the conditional. Deep Convolutional GAN (DCGAN) is an experimental GAN in which the generator uses a “deep convolutional network” which results in the generation of high-resolution images that can then be differentiated. The activation function of Rectifier linear units (ReLU) is used in the generator in all but the last layer. This is because in the last layer a Tanh activation function is used, whereas in “Discriminator Leaky-ReLU,” an activation function is used across all layers, cycle GAN is made for translations of images to other images. Take a dataset of horse images, for instance: one can create “mapping functions” to translate the images into zebra images. Generative Adversarial Text to Image Synthesis GANs are capable of finding a similar image to another image in a dataset based only on a text description of the image. Info GAN is an advanced version of GANs which are capable of an unsupervised learning approach that allows it to disentangle representations. Super Resolution GAN (SRGAN) is a type of GAN used to make low quality pictures into more detailed pictures in a process known as Domain Transformation.
A GAN framework was first proposed in 2014 in which two models were trained: the first model trained was a generative model and its purpose was to capture the data distribution; the second model was the discriminative model which calculated the probability of a sample of the data collected. Multilayer Perceptron defined both networks, and the whole system was trained with Back Propagation. For the training of the GAN, a Minibatch Stochastic Gradient Descent algorithm was implemented. A Gaussian Parzen Window was set up to calculate the probability of the test’s data set.
An Adversarial Learned Inference (ALI) within the GANs framework was proposed in 2016. Four datasets were used: CIFAR-10, CelebA, SVHN, and ImageNet. In the CelebA dataset, a lower misclassification rate of 3.00 ± 0.50% was achieved. CelebA achieves 17.05 ± 1.49, and SVHN achieves 7.42 ± 0.65.
A Randomised Neural Network (Rand NET) was proposed in 2017 to perform unsupervised outlier detection. Auto encoders with ensemble frameworks based on reconstruction error rate were used. These encoders were connected with each other randomly to achieve improved training time and diversity. Adaptive sampling methods were used to increase the speed of the training process and they led to major gains.
A Conditional GAN was proposed in 2018 that jointly learns the generation of high dimensional image space and the inference of latent space. This model consists of two encoders, a decoder and a discriminator. Three types of dataset were used: MNIST, CIFAR and X-ray security screening. To compare the effectiveness of the model on the three datasets, AUC and Runtime were implemented. The Conditional GAN model proved itself to be able to achieve both high Runtime and AUC.
A Bidirectional GAN (BiGAN) was developed in 2018 which utilises an encoder to simultaneously learn to map input samples (x) to a representation (z). This was done to avoid recovering unapparent representations, a computationally expensive step. Two Datasets, MNIST and KDD99, were used in this method. The highest anomaly scores known as A(x) were calculated and classification were done in terms of the anomalies.
An entropy based K-NN model was proposed in 2018 to perform outlier detection in Wireless Sensor Networks by measuring the distance types and value of K (the number of the nearest neighbour). A real time dataset was used to achieve a highest accuracy of almost 86 %, with K’s value approaching the limit of 2 as the euclidean distance was approached.
In 2019, various machine learning techniques, and their respective patterns of scanning data, were used to detect malware in large scale IoT networks. Three Machine Learning classification algorithms were implemented including: K-NN, Random Forest and Gaussian Naive Bayes approaches. Performance of K-NN was best among them, achieving the highest accuracy, F1 score, precision, and recall.
The Hidden Markov Model (HMM) approach was implemented in 2019 to identify abnormal activities that can occur in a smart home environment. Two kinds of data were used, Behavioural data and Network data, to detect the abnormal behaviour. This approach achieved 97 % of accuracy.
References
Agrawal, R. (2021, November 12). An End-to-End Introduction to Generative Adversarial Networks(GANs). Retrieved from www.analyticsvidhya.com: https://www.analyticsvidhya.com/blog/2021/10/an-end-to-end-introduction-to-generative-adversarial-networksgans/
B. Joyce Beula Rani, P. L. (2020). Outlier Detection in IoT Using Generative Adversarial Network. International Journal of Scientific Research in Computer Science, Engineering and Information Technology.
Chunxue Wu, B. J. (2020). WGAN-E: A Generative Adversarial Networks for Facial Feature Security.
Kiya, W. S. (2020). A GAN-Based Image Transformation Scheme for Privacy-Preserving Deep Neural Networks. 28th European Signal Processing Conference (EUSIPCO 2020).
Mohammad Al-Mashhadani, M. S. (2022). IoT Security Using AES Encryption Technology based ESP32 Platform. The International Arab Journal of Information Technology, Vol. 19, No. 2, March 2022.
Rizky Riyaldhia, R. A. (2017). IMPROVEMENT OF ADVANCED ENCRYPTION STANDARD ALGORITHM WITH SHIFT ROW AND S.BOX MODIFICATION MAPPING IN MIX COLUMN. 2nd International Conference on Computer Science and Computational Intelligence 2017, ICCSCI 2017, 13-14 October 2017, Bali, Indonesia.
Santosh Kumar Nukavarapu, T. N. (2021). Securing Edge-based IoT Networks with Semi-Supervised GANs. The Fifth IEEE International Workshop on Smart & Green Edge Computing and Networking.
Tewari, A. (n.d.). types-of-gans. Retrieved from iq.opengenus.org: https://iq.opengenus.org/types-of-gans/