Implementing a honeypot for IOT Smart Homes to cope with zero-day attacks

using Machine Learning

Problem Statement:
As the number of Internet of Things (IoT) devices in smart homes increases, the risk of zero-day
attacks also increases. Zero-day attacks exploit unknown vulnerabilities in software and
hardware, making them difficult to detect and defend against. IoT devices are often vulnerable to
such attacks due to their limited resources and lack of security updates. To address this problem,
implementing a honeypot for IoT smart homes can be an effective solution. A honeypot is a
security mechanism that creates a decoy system or application to attract attackers and detect their
activities. By implementing a honeypot, it is possible to identify zero-day attacks and gather
information about the attackers' methods and tactics. Machine learning techniques can be used to
develop a more effective honeypot for IoT smart homes. Machine learning algorithms can
analyse network traffic and identify patterns that indicate an attack. By training the machine
learning models on data from previous attacks, the honeypot can become more accurate and
effective in detecting zero-day attacks.

Research Questions:

 How effective are honeypots for cyber security for IOT devices in detecting and
mitigating cyber-attacks, and how does machine learning improve its performance?
 What are the design considerations for implementing a honeypot for cyber security?
 What are the limitations and challenges in implementing a honeypot for IOT devices
using machine learning, and how can they be addressed to improve its performance?
 How does the use of honeypots compare to other cyber security approaches, and what are
its advantages and disadvantages in different contexts?
Research Objectives:
Detect and mitigate zero-day attacks: The honeypot will act as a trap for attackers, and by
analysing the data collected by the honeypot, organizations can identify and mitigate zero-day
attacks.
Improve machine learning algorithms: The honeypot will use machine learning algorithms to
detect and classify the behaviour of the attackers. The data collected by the honeypot can be used
to improve the machine learning algorithms, making them more accurate and effective.
Enhance threat intelligence: By analysing the data collected by the honeypot, organizations can
gain valuable insights into the tactics, techniques, and procedures used by attackers. This
information can be used to enhance threat intelligence, enabling organizations to better protect
their IoT smart homes.
Provide early warning of attacks: The honeypot can provide early warning of attacks, allowing
organizations to take proactive measures to prevent the attacks from causing damage.
Identify vulnerable devices: By analysing the data collected by the honeypot, organizations can
identify vulnerable devices and take measures to patch or replace them.
Literature Review:

Review Questions
 What challenges existed in the ML based honeypots?
 How well do IOT honeypots detect and mitigate cyberattacks, and how does machine
learning improve their performance?
 Cybersecurity honeypot design considerations?
 How might machine learning honeypots for IOT devices be improved? What are their
limitations and challenges?

Research Selection Criteria

Research Exclusion Criteria

Targeted Area
 Honeypot for IOT Smart Homes.
 Honeypot and Machine Learning.

The Internet of Things (IoT) is everywhere now, but maybe nowhere is it more pervasive than in
the modern smart home. Cyberattacks on smart homes are on the rise due to the proliferation of
IoT devices. Cyber-attacks may be detected and monitored with the use of a honeypot. This
paper intends to critically examine the existing literature on utilising honeypots in IoT smart
homes as a means of mitigating the effects of zero-day attacks by means of machine learning
(Das, 2022).
In computer networks, one sort of security mechanism known as a honeypot is utilised to detect
and foil attempts to get into the network. It is a sham version of a network, service, or piece of
software that is used to probe for vulnerabilities in security. Honeypots are designed to uncover
trends in the behaviour of attackers by monitoring for and analysing attacks after they have
occurred. Honeypots are becoming increasingly used as a low-cost technique of detecting and
monitoring cyberattacks on Internet of Things (IoT) smart homes, which has contributed to their
rise in popularity in recent years (Ariffin, 2022).
The Internet of Things makes smart homes susceptible to zero-day assaults. An attack that takes
advantage of a flaw in the system's security that has never been discovered previously is known
as a "zero-day attack." It is common for these assaults to go undiscovered until after they have
already caused significant harm. Machine learning has been found to be an effective way for
detecting zero-day attacks, in contrast to the traditional security methodologies, which struggle to
identify these types of threats (Radoglou-Grammatikis, 2022).
In authors proposed a Include a graph-based modeling approach in the bytecode for smart
contracts which identifying the weak points uses it to identify several honeypot contracts. In
authors proposed a honeypot and machine learning-based DDoS detection system (Devi, 2020).
In authors present a WH deployment approach for tactical honeypots in very dense networks,
making use of two RL techniques to their maximum potential (Abdou, 2021). The deployment's
goal is to put in place a suitable tally of WHs. In authors present to identify malicious software
using machine learning and honeypots. Improved performance is achieved with the employment
of the (SVM) and Decision Tree methods (Qiu, 2020).
Addressing the vulnerabilities of IoT devices and improving their security is an important area of
research. The goals of this work are to (1) find security holes, (2) provide low-cost solutions to
those holes, and (3) document attacks on Internet of Things devices using deception techniques
like honeypots. In order to automatically detect and counteract intruders, the article suggests
building honeypots for Internet of Things (IoT) devices by employing the machine learning
technique of reinforcement learning.
The paper contends that honeypots, which trick attackers into thinking they are communicating
with genuine devices, might help strengthen IoT security. To lengthen attacker sessions and
capture more IoT network assaults, the suggested honeypot makes use of machine learning. The
authors stress the need of identifying security flaws in IoT devices quickly and affordably to
prevent cybercriminals from exploiting them. The authors show that conversation time and IoT
network assaults may be improved by using a machine learning powered IoT honeypot. They
recommend adding more machine learning techniques to the honeypot to increase its efficacy,
testing it in real-world IoT settings, constantly monitoring and upgrading it to adapt to new
attack techniques, and assessing the effect it has on IoT security. Finally, the economic viability
of the honeypot in IoT systems will be determined by a cost-benefit analysis (Mfogo, 2023).
Using a Robust Multi-cascaded CNN (RMC-CNN) classification system, we can detect network
intrusions during the transfer and storage of IoT cloud data. The suggested solution makes use of
dynamic honeypot encryption to keep transmitted and stored data safe. Existing methods are
compared to new ones using power, loop sensor, and land sensor datasets in terms of accuracy,
precision, recall, F1-score, throughput, latency, detection rate, encryption, decryption, and
execution time (Sankaran, 2023). The report recommends more research on prioritising problems
using real-time data, understanding the behaviour of microservices inside an IIoT network, and
developing a full framework for a robust detection algorithm to apply to such data. Furthermore,
the author suggests a low-power IIoT data transfer method that makes use of RMC-CNN to
detect network breaches and dynamic honeypot encryption to safeguard data. The encryption
keys are stored on a distributed ledger and the IoT cloud is encrypted. The results show that the
new technique is more efficient at transmitting secret data with a lower cost function. The
research highlights the need of a virtual data environment and real-time data study, as well as the
relevance of evaluating the behaviour of microservices in IIoT networks (Sankaran, 2023).
This study investigates whether adversarial training, using DoS attack strategies and adversary
samples, may strengthen supervised models' resistance to failure. To achieve excellent IDS
accuracy, the article employs XGBoost, a decision tree, and AdaBoost. It also shows how AML
may alter data and network traffic in an IoT situation, which may influence the selection of an
IDS. The potential impact of AML on IoT networks is acknowledged, as is the fact that machine
learning detectors are extremely vulnerable to being severely harmed or misled. The paper
explains how machine learning and deep learning may help with the identification of adversarial
attacks and why it's important to investigate such attacks on supervised classifiers (Iqbal, 2022).
The study investigates how adversarial attacks on IoT infrastructures might compromise users'
security and privacy by using IoT data to train and test intrusion detection systems. It
recommends safeguards against intrusion into IoT systems, such as traffic filtering, anomaly
detection, and device and network protection. The overarching goal of this study is to strengthen
adversarial attack detection in IoT IDS systems through the application of sophisticated machine
learning and deep learning models. The study underscores the need of safeguarding user
information and privacy in the context of IoT-based connected devices and the necessity of
creating efficient IDS to reduce vulnerability to malicious intrusion (Iqbal, 2022).
Reference
Abdou, A., 2021. HoneyModels: Machine Learning Honeypots. Special Topics in Military
Communications, p. 6.

Ariffin, T. A. M. T., 2022. IoT attacks and mitigation plan: A preliminary study with Machine
Learning Algorithms. p. 6.

BO-XIANG WANG, J.-L. C., 2022. An AI-Powered Network Threat Detection System. IEEE,
Issue May 25, 2022, p. 9.

Das, R. R., 2022. Securing IoT devices using Ensemble Machine Learning in Smart Home
Management System. p. 8.

Devi, B. T., 2020. An Appraisal over Intrusion Detection Systems in Cloud Computing Security
Attacks. Innovative Mechanisms for Industry Applications (ICIMIA 2020), p. 6.

Ellouh, M., 2022. IoTZeroJar: Towards a Honeypot Architecture for Detection of Zero-Day
Attacks in IoT. p. 7.

Huang, C., 2019. Automatic Identification of Honeypot Server Using Machine Learning
Techniques. Security and Communication Networks, Volume 9, p. 9.

Iqbal, Z., 2022. Denial of Service (DoS) Defences against Adversarial Attacks in IoT Smart
Home Networks using Machine Learning Methods. NUST Journal of Engineering Sciences,
Volume Vol. 15, No. 1, p. 8.

Jiang, K., 2020. Design and Implementation of A Machine Learning Enhanced Web Honeypot
System. 2020 13th International Congress on Image and Signal Processing, BioMedical
Engineering and Informatics (CISP-BMEI), p. 5.

Kostopoulos, A., 2020. Realising Honeypot-as-a-Service for Smart Home Solutions. p. 6.

Matin, I. M. M., 2019. Malware Detection Using Honeypot and Machine Learning. p. 4.

Mfogo, V. S., 2023. AIIPot: Adaptive Intelligent-Interaction Honeypot for IoT Devices. p. 7.

Qiu, T., 2020. An Adaptive Social Spammer Detection Model with Semi-supervised Broad
Learning. p. 14.
Radoglou-Grammatikis, P., 2022. Strategic Honeypot Deployment in Ultra-Dense Beyond 5G
Networks: A Reinforcement Learning Approach. IEEE, p. 12.

Sankaran, K. S., 2023. Deep learning-based energy efficient optimal RMC-CNN model for
secured data transmission and anomaly detection in industrial IOT. Sustainable Energy
Technologies and Assessments , Issue 4 January 2023, p. 8.

Sumadi, F. D. S., 2022. SD-Honeypot Integration for Mitigating DDoS Attack Using Machine
Learning Approaches. INTERNATIONAL JOURNAL ON INFORMATICS VISUALIZATION,
Issue March 2022, p. 6.

Tsochev, G., 2021. Using Machine Learning Reacted with Honeypot Systems for Securing
Network. International Conference AUTOMATICS AND INFORMATICS, Issue October 02,
2021, p. 4.

Vishwakarma, R., 2019. A Honeypot with Machine Learning based Detection Framework for
defending IoT based Botnet DDoS Attacks. Third International Conference on Trends in
Electronics and Informatics (ICOEI 2019), p. 6.

Wang, M. D. a. K., 2020. An SDN-Enabled Pseudo-Honeypot Strategy for Distributed Denial of

Zhang, J., 2021. AntiConcealer: Reliable Detection of Adversary Concealed Behaviors in

Vishwakarma, R. and Jain, A. K. (2019) “A Honeypot with Machine Learning based Detection
Framework for defending IoT based Botnet DDoS Attacks,” in 2019 3rd International
Conference on Trends in Electronics and Informatics (ICOEI). IEEE, pp. 1019–1024

AlMahmeed, Y. S. and Al-Omay, A. Y. (2022) “Zero-day attack solutions using threat hunting
intelligence: Extensive survey,” in 2022 International Conference on Data Analytics for Business
and Industry (ICDABI). IEEE, pp. 309–314.

Shahid, W. B. et al. (2022) “A deep learning assisted personalized deception system for
countering web application attacks,” Journal of information security and applications,
67(103169), p. 103169. doi: 10.1016/j.jisa.2022.103169
Lee, S. et al. (2021) “Classification of botnet attacks in IoT smart factory using honeypot
combined with machine learning,” PeerJ. Computer science, 7(e350), p. e350. doi:
10.7717/peerj-cs.350.

Ahmad, R. and Alsmadi, I. (2021) “Machine learning approaches to IoT security: A systematic
literature review,” Internet of Things, 14(100365), p. 100365. doi: 10.1016/j.iot.2021.100365.

Hamza, A. A. et al. (2022) “HSAS-MD analyzer: A hybrid security analysis system using model-
checking technique and deep learning for malware detection in IoT apps,” Sensors (Basel,
Switzerland), 22(3), p. 1079. doi: 10.3390/s22031079.

Gyamfi, E. and Jurcut, A. (2022) “Intrusion detection in Internet of Things systems: A review on
design approaches leveraging multi-access edge computing, machine learning, and
datasets,” Sensors (Basel, Switzerland), 22(10), p. 3744. doi: 10.3390/s22103744.

Sharma, S., Lone, F. R. and Lone, M. R. (2020) “Machine learning for enhancement of security
in internet of things based applications,” in Security and Privacy in the Internet of Things. 1st
Edition. Chapman and Hall/CRC, pp. 95–108.

Jha, C. K., Biswas, S. S. and Nafis, M. T. (2023) “A comprehensive system for smart homes
with a minimalist information security framework,” in Information and Communication
Technology for Competitive Strategies (ICTCS 2021). Singapore: Springer Nature Singapore,
pp. 401–411.

Scott, E. et al. (2022) “Optimising user security recommendations for AI-powered smart-
homes,” in 2022 IEEE Conference on Dependable and Secure Computing (DSC). IEEE, pp. 1–8.
Ali, S. S. and Choi, B. J. (2020) “State-of-the-art artificial intelligence techniques for distributed
smart grids: A review,” Electronics, 9(6), p. 1030. doi: 10.3390/electronics9061030.
Amraoui, N. and Zouari, B. (2022) “Securing the operation of Smart Home Systems: a literature
review,” Journal of reliable intelligent environments, 8(1), pp. 67–74. doi: 10.1007/s40860-021-
00160-3.
Viegas, E. K. et al. (2023) “A dynamic machine learning scheme for reliable network-based
intrusion detection,” in Advanced Information Networking and Applications. Cham: Springer
International Publishing, pp. 439–451.
Kavitha, A. and Priyanka, R. (2022) “Analysis of novel face recognition system to minimize the
false identification rate using fast Fourier transform in comparison with wavelet transform,”
in 2022 14th International Conference on Mathematics, Actuarial Science, Computer Science
and Statistics (MACS). IEEE, pp. 1–5.
El Kamel, N. et al. (2020) “A smart agent design for cyber security based on honeypot and
machine learning,” Security and communication networks, 2020, pp. 1–9. doi:
10.1155/2020/8865474.
Koroniotis, N., Moustafa, N. and Sitnikova, E. (2019) “Forensics and deep learning mechanisms
for botnets in internet of things: A survey of challenges and solutions,” IEEE access: practical
innovations, open solutions, 7, pp. 61764–61785. doi: 10.1109/access.2019.2916717.
Joseph, T. A. and Jayapandian, N. (2022) “Detection of various security threats in IoT and cloud
computing using machine learning,” in 2022 International Conference on Sustainable Computing
and Data Communication Systems (ICSCDS). IEEE, pp. 996–1001.
Meera, A. J., Kantipudi, M. V. V. P. and Aluvalu, R. (2021) “Intrusion detection system for the
IoT: A comprehensive review,” in Advances in Intelligent Systems and Computing. Cham:
Springer International Publishing, pp. 235–243.
Saad, R. M. A., Soufy, K. A. M. A. and Shaheen, S. I. (2023) “Security in smart home
environment: issues, challenges, and countermeasures - a survey,” International journal of
security and networks, 18(1), p. 1. doi: 10.1504/ijsn.2023.129887.
Dowling, S., Schukat, M. and Barrett, E. (2019) “Using reinforcement learning to conceal
honeypot functionality,” in Machine Learning and Knowledge Discovery in Databases. Cham:
Springer International Publishing, pp. 341–355