Machine Learning-Enabled IoT Security: Open Issues and Challenges Under Advanced Persistent Threats

Despite its technological benefits, the Internet of Things (IoT) has cyber weaknesses due to vulnerabilities in the wireless medium. Machine Larning (ML)-based methods are widely used against cyber threats in IoT networks with promising performance. An Advanced Persistent Threat (APT) is prominent for cybercriminals to compromise networks, and it is crucial to long-term and harmful characteristics. However, it is difficult to apply ML-based approaches to identify APT attacks to obtain a promising detection performance due to an extremely small percentage among normal traffic. There are limited surveys that fully investigate APT attacks in IoT networks due to the lack of public datasets with all types of APT attacks. It is worth bridging the state of the art in network attack detection with APT attack detection in a comprehensive review article. This survey article reviews the security challenges in IoT networks and presents well-known attacks, APT attacks, and threat models in IoT systems. Meanwhile, signature-based, anomaly-based, and hybrid intrusion detection systems are summarized for IoT networks. The article highlights statistical insights regarding frequently applied ML-based methods against network intrusion. Finally, open issues and challenges for common network intrusion and APT attacks are presented for future research.