research-article

Public Access

Adversarial machine learning based partial-model attack in IoT

Authors:

Shangqing Zhao,

Yalin E. Sagduyu,

Jie XuAuthors Info & Claims

WiseML '20: Proceedings of the 2nd ACM Workshop on Wireless Security and Machine Learning

Pages 13 - 18

https://doi.org/10.1145/3395352.3402619

Published: 16 July 2020 Publication History

Abstract

As Internet of Things (IoT) has emerged as the next logical stage of the Internet, it has become imperative to understand the vulnerabilities of the IoT systems when supporting diverse applications. Because machine learning has been applied in many IoT systems, the security implications of machine learning need to be studied following an adversarial machine learning approach. In this paper, we propose an adversarial machine learning based partial-model attack in the data fusion/aggregation process of IoT by only controlling a small part of the sensing devices. Our numerical results demonstrate the feasibility of this attack to disrupt the decision making in data fusion with limited control of IoT devices, e.g., the attack success rate reaches 83% when the adversary tampers with only 8 out of 20 IoT devices. These results show that the machine learning engine of IoT system is highly vulnerable to attacks even when the adversary manipulates a small portion of IoT devices, and the outcome of these attacks severely disrupts IoT system operations.

References

[1]

L. Atzori, A. Iera, and G. Morabito, "The internet of things: A survey," Computer networks, vol. 54, no. 15, pp. 2787--2805, 2010.

Digital Library

[2]

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, "Internet of things (iot): A vision, architectural elements, and future directions," Future generation computer systems, vol. 29, no. 7, pp. 1645--1660, 2013.

[3]

W. Khan, M. Rehman, H. Zangoti, M. Afzal, N. Armi, and K. Salah, "Industrial internet of things: Recent advances, enabling technologies and open challenges," Computers & Electrical Engineering, vol. 81, p. 106522, 2020.

Digital Library

[4]

E. Fernandes, J. Jung, and A. Prakash, "Security analysis of emerging smart home applications," in 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 2016, pp. 636--654.

[5]

A. Zanella, N. Bui, A. Castellani, L. Vangelista, and M. Zorzi, "Internet of things for smart cities," IEEE Internet of Things journal, vol. 1, no. 1, pp. 22--32, 2014.

[6]

Z. B. Celik, E. Fernandes, E. Pauley, G. Tan, and P. McDaniel, "Program analysis of commodity iot applications for security and privacy: Challenges and opportunities," ACM Computing Surveys (CSUR), vol. 52, no. 4, pp. 1--30, 2019.

Digital Library

[7]

M. S. Mahdavinejad, M. Rezvan, M. Barekatain, P. Adibi, P. Barnaghi, and A. P. Sheth, "Machine learning for internet of things data analysis: A survey," Digital Communications and Networks, vol. 4, no. 3, pp. 161--175, 2018.

[8]

Y. Vorobeychik and M. Kantarcioglu, Adversarial machine learning. Morgan & Claypool Publishers, 2018.

Digital Library

[9]

J. K. D. Barriga, C. D. G. Romero, and J. I. R. Molano, "Proposal of a standard architecture of iot for smart cities," in International Workshop on Learning Technology for Education Challenges. Springer, 2016, pp. 77--89.

[10]

H. Liu, H. Ning, Y. Zhang, Q. Xiong, and L. T. Yang, "Role-dependent privacy preservation for secure v2g networks in the smart grid," IEEE Transactions on Information Forensics and Security, vol. 9, no. 2, pp. 208--220, 2013.

Digital Library

[11]

A. P. Plageras, K. E. Psannis, B. Gupta, C. Stergiou, B.-G Kim, and Y. Ishibashi, "Solutions for inter-connectivity and security in a smart hospital building," in 2017 IEEE 15th International Conference on Industrial Informatics (INDIN). IEEE, 2017, pp. 174--179.

[12]

C. L. Stergiou, A. P. Plageras, K. E. Psannis, and B. B. Gupta, "Secure machine learning scenario from big data in cloud computing via internet of things network," in Handbook of Computer Networks and Cyber Security. Springer, 2020, pp. 525--554.

[13]

C. Stergiou and K. E. Psannis, "Recent advances delivered by mobile cloud computing and internet of things for big data applications: a survey," International Journal of Network Management, vol. 27, no. 3, p. e1930, 2017.

[14]

F. Firouzi, B. Farahani, F. Ye, and M. Barzegari, "Machine learning for iot," in Intelligent Internet of Things. Springer, 2020, pp. 243--313.

[15]

A. Krizhevsky, I. Sutskever, and G. E. Hinton, "Imagenet classification with deep convolutional neural networks," in Advances in neural information processing systems, 2012, pp. 1097--1105.

Digital Library

[16]

T. Erpek, T. J. O'Shea, Y. E. Sagduyu, Y. Shi, and T. C. Clancy, "Deep learning for wireless communications, in development and analysis of deep learning architectures." Springer, 2020, pp. 223--266.

[17]

N. Papernot, P. McDaniel, I. Goodfellow, S. Jha, Z. B. Celik, and A. Swami, "Practical black-box attacks against machine learning," in Proceedings of the 2017 ACM on Asia conference on computer and communications security, 2017, pp. 506--519.

[18]

A. Kurakin, I. Goodfellow, and S. Bengio, "Adversarial examples in the physical world," arXiv preprint arXiv:1607.02533, 2016.

[19]

Y. Shi, Y. E. Sagduyu, and A. Grushin, "How to steal a machine learning classifier with deep learning," in IEEE Symposium on Technologies for Homeland Security (HST), 2017.

[20]

Y. Shi, Y. E. Sagduyu, K. Davaslioglu, and R. Levy, "Vulnerability detection and analysis in adversarial deep learning, in guide to vulnerability analysis for computer networks and systems." Springer, 2018, pp. 211--234.

[21]

Y. E. Sagduyu, Y. Shi, T. Erpek, W. Headley, B. Flowers, G. Stantchev, and Z. Lu, "When wireless security meets machine learning: Motivation, challenges, and research directions," 2020, available on arXiv:2001.08883.

[22]

Y. Shi, Y. E. Sagduyu, T. Erpek, K. Davaslioglu, Z. Lu, and J. Li, "Adversarial deep learning for cognitive radio security: Jamming attack and defense strategies," in IEEE ICC 2018 Workshop on Promises and Challenges of Machine Learning in Communication Networks, 2018.

[23]

T. Erpek, Y. E. Sagduyu, and Y. Shi, "Deep learning for launching and mitigating wireless jamming attacks," IEEE Transactions on Cognitive Communications and Networking, vol. 5, no. 1, pp. 2--14, March 2019.

[24]

B. Kim, Y. E. Sagduyu, K. Davaslioglu, T. Erpek, and S. Ulukus, "Over-the-air adversarial attacks on deep learning based modulation classifier over wireless channels," in Conference on Information Sciences and Systems (CISS), 2020.

[25]

B. Kim, Y. E. Sagduyu, K. Davaslioglu, T. Erpek, and S. Ulukus, "Channel-aware adversarial attacks against deep learning-based wireless signal classifiers," 2020, available on arXiv:2005.05321.

[26]

Y. E. Sagduyu, Y. Shi, and T. Erpek, "IoT network security from the perspective of adversarial deep learning," in IEEE SECON Workshop on Machine Learning for Communication and Networking in IoT, 2019.

[27]

Y. E. Sagduyu, T. Erpek, and Y. Shi, "Adversarial deep learning for over-the-air spectrum poisoning attacks," IEEE Transactions on Mobile Computing, no. 1, pp. 2--14, 2019.

[28]

Y. Shi, T. Erpek, Y. E. Sagduyu, and J. Li, "Spectrum data poisoning with adversarial deep learning," in IEEE Military Communications Conference (MILCOM), 2018.

[29]

Z. Luo, S. Zhao, Z. Lu, J. Xu, and Y. E. Sagduyu, "When attackers meet AI: Learning-empowered attacks in cooperative spectrum sensing," 2019, available on arXiv:1905.01430.

[30]

K. Davaslioglu and Y. E. Sagduyu, "Trojan attacks on wireless signal classification with adversarial machine learning," in IEEE DySPAN Workshop on Data-Driven Dynamic Spectrum Sharing, 2019.

[31]

Y. Shi, K. Davaslioglu, and Y. E. Sagduyu, "Generative adversarial network for wireless signal spoofing," in ACM WiSec Workshop on Wireless Security and Machine Learning, 2019.

[32]

Y. E. Sagduyu, R. Berry, and A. Ephremides, "Jamming games in wireless networks with incomplete information," IEEE Communications Magazine, vol. 49, no. 8, pp. 112--118, 2008.

[33]

K. Davaslioglu and Y. E. Sagduyu, "Generative adversarial learning for spectrum sensing," in IEEE International Conference on Communications (ICC), 2018.

[34]

Z. B. Celik, L. Babun, A. K. Sikder, H. Aksu, G. Tan, P. McDaniel, and A. S. Uluagac, "Sensitive information tracking in commodity iot," in 27th USENIX Security Symposium (USENIX Security 18), 2018, pp. 1687--1704.

[35]

S. Kubler, K. Främling, and A. Buda, "A standardized approach to deal with firewall and mobility policies in the iot," Pervasive and Mobile Computing, vol. 20, pp. 100--114, 2015.

Digital Library

[36]

B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, "A survey of intrusion detection in internet of things," Journal of Network and Computer Applications, vol. 84, pp. 25--37, 2017.

Digital Library

[37]

D. Goad, A. Collins, and U. Gal, "Privacy and the internet of things-an experiment in discrete choice," Information & Management, p. 103292, 2020.

[38]

S. Stillman and I. Essa, "Towards reliable multimodal sensing in aware environments," in Proceedings of the 2001 workshop on Perceptive user interfaces, 2001, pp. 1--6.

[39]

W. Ding, X. Jing, Z. Yan, and L. T. Yang, "A survey on data fusion in internet of things: Towards secure and privacy-preserving fusion," Information Fusion, vol. 51, pp. 129--144, 2019.

Digital Library

[40]

Y. E. Sagduyu, "Securing cognitive radio networks with dynamic trust against spectrum sensing data falsification," in IEEE Military Communications Conference (MILCOM), 2014.

[41]

M. Fredrikson, S. Jha, and T. Ristenpart, "Model inversion attacks that exploit confidence information and basic counter-measures," in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015, pp. 1322--1333.

[42]

R. Doshi, N. Apthorpe, and N. Feamster, "Machine learning ddos detection for consumer internet of things devices," in 2018 IEEE Security and Privacy Workshops (SPW). IEEE, 2018, pp. 29--35.

Cited By

Khazane HRidouani MSalahdine FKaabouch N(2024)A Holistic Review of Machine Learning Adversarial Attacks in IoT NetworksFuture Internet10.3390/fi1601003216:1(32)Online publication date: 19-Jan-2024
https://doi.org/10.3390/fi16010032
Ojo SKrichen MAlamro MMihoub A(2024)TXAI-ADV: Trustworthy XAI for Defending AI Models against Adversarial Attacks in Realistic CIoTElectronics10.3390/electronics1309176913:9(1769)Online publication date: 3-May-2024
https://doi.org/10.3390/electronics13091769
Han DBabaei RZhao SCheng S(2024)Exploring the Efficacy of Learning Techniques in Model Extraction Attacks on Image Classifiers: A Comparative StudyApplied Sciences10.3390/app1409378514:9(3785)Online publication date: 29-Apr-2024
https://doi.org/10.3390/app14093785
Show More Cited By

Index Terms

Adversarial machine learning based partial-model attack in IoT
1. Networks
  1. Network properties
    1. Network reliability
2. Security and privacy
  1. Network security
    1. Mobile and wireless security

Recommendations

Low-cost Influence-Limiting Defense against Adversarial Machine Learning Attacks in Cooperative Spectrum Sensing
WiseML '21: Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning

Cooperative spectrum sensing aims to improve the reliability of spectrum sensing by individual sensors for better utilization of the scarce spectrum bands, which gives the feasibility for secondary spectrum users to transmit their signals when primary ...
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain

In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the ...
Adversarial machine learning in IoT from an insider point of view
Abstract
With the rapid progress and significant successes in various applications, machine learning has been considered a crucial component in the Internet of Things ecosystem. However, machine learning models have recently been vulnerable to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiseML '20: Proceedings of the 2nd ACM Workshop on Wireless Security and Machine Learning

July 2020

91 pages

ISBN:9781450380072

DOI:10.1145/3395352

General Chairs:
René Mayrhofer
Johannes Kepler University Linz, Linz, AT
,
Michael Roland
Johannes Kepler University Linz, Linz, AT

Copyright © 2020 ACM.

© 2020 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of the United States government. As such, the United States Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 July 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

WiSec '20

Sponsor:

SIGSAC

WiSec '20: 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks

July 13, 2020

Linz, Austria

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
943
Total Downloads

Downloads (Last 12 months)216
Downloads (Last 6 weeks)18

Reflects downloads up to 21 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Khazane HRidouani MSalahdine FKaabouch N(2024)A Holistic Review of Machine Learning Adversarial Attacks in IoT NetworksFuture Internet10.3390/fi1601003216:1(32)Online publication date: 19-Jan-2024
https://doi.org/10.3390/fi16010032
Ojo SKrichen MAlamro MMihoub A(2024)TXAI-ADV: Trustworthy XAI for Defending AI Models against Adversarial Attacks in Realistic CIoTElectronics10.3390/electronics1309176913:9(1769)Online publication date: 3-May-2024
https://doi.org/10.3390/electronics13091769
Han DBabaei RZhao SCheng S(2024)Exploring the Efficacy of Learning Techniques in Model Extraction Attacks on Image Classifiers: A Comparative StudyApplied Sciences10.3390/app1409378514:9(3785)Online publication date: 29-Apr-2024
https://doi.org/10.3390/app14093785
MWANGI JKURIA JWANDETO J(2024)Block Switching: Defying Fast Gradient Sign Resistance2024 IST-Africa Conference (IST-Africa)10.23919/IST-Africa63983.2024.10569920(1-12)Online publication date: 20-May-2024
https://doi.org/10.23919/IST-Africa63983.2024.10569920
Liu CChen BShao WZhang CWong KZhang Y(2024)Unraveling Attacks to Machine-Learning-Based IoT Systems: A Survey and the Open Libraries Behind ThemIEEE Internet of Things Journal10.1109/JIOT.2024.337773011:11(19232-19255)Online publication date: 1-Jun-2024
https://doi.org/10.1109/JIOT.2024.3377730
Rachakonda LSiddula MSathya V(2024)A comprehensive study on IoT privacy and security challenges with focus on spectrum sharing in Next-Generation networks (5G/6G/beyond)High-Confidence Computing10.1016/j.hcc.2024.1002204:2(100220)Online publication date: Jun-2024
https://doi.org/10.1016/j.hcc.2024.100220
Haque NRahman MUluagac S(2024)Formal Threat Analysis of Machine Learning-Based Control Systems: A Study on Smart Healthcare SystemsComputers & Security10.1016/j.cose.2024.103709(103709)Online publication date: Jan-2024
https://doi.org/10.1016/j.cose.2024.103709
Utomo SRouniyar AHsu HHsiung P(2023)Federated Adversarial Training Strategies for Achieving Privacy and Security in Sustainable Smart City ApplicationsFuture Internet10.3390/fi1511037115:11(371)Online publication date: 20-Nov-2023
https://doi.org/10.3390/fi15110371
Alkadi SAl-Ahmadi SBen Ismail M(2023)Toward Improved Machine Learning-Based Intrusion Detection for Internet of Things TrafficComputers10.3390/computers1208014812:8(148)Online publication date: 27-Jul-2023
https://doi.org/10.3390/computers12080148
Alkadi SAl-Ahmadi SIsmail M(2023)Better Safe Than Never: A Survey on Adversarial Machine Learning Applications towards IoT EnvironmentApplied Sciences10.3390/app1310600113:10(6001)Online publication date: 13-May-2023
https://doi.org/10.3390/app13106001
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents