Article Preview
TopIntroduction
Internet of Things (IoT) is an intelligent and interoperability node interconnected in a dynamic global infrastructure network. As a things-connected ecosystem, the devices are linked wirelessly via various smart sensors (Anthi, Williams, & Burnap, 2018) to exchange information among themselves. IoT seeks to implement the connectivity concept of anything from anywhere at any time (Ali, Ali, & Badawy, 2015). It is applied in several fields, including healthcare (smart health care systems), smart homes, smart cities, finances, energy distribution, and tourism (Chaabouni et al., 2020) to increase efficiency and performance. Developments and advancements in IoT devices and their connectivity via the Internet to exchange information across the network expose them to cyber-attacks and privacy violations. The attackers usually target the network, putting sensitive information and critical infrastructure on the network at risk. There are various IoT network attacks, include routing attacks, Denial of Service (DoS) attacks, hello flood attacks, data leakage, Distributed Denial of Service (DDoS), spoofing, wormhole attacks, and insecure gateways.
A successful attack on a single device or component in an IoT environment can cripple part or the complete IoT network (Chaabouni et al., 2020), interfering with the network’s services’ operations. Hence, there is a need to develop effective security systems to detect and prevent attacks in the IoT environment. Recent studies have used various approaches such as deep learning techniques (Al-hawawreh, Sitnikova, & Hartog, 2019), random neural networks (Saeed, Ahmadinia, Javed, & Larijani, 2016), binary logistic regression (Ioannou & Vassiliou, 2018), K-Nearest Neighbor (KNN) (Li, Yi, Wu, Pan, & Li, 2014), Naïve Bayes classification (Mehmood, Mukherjee, Ahmed, Song, & Malik, 2018), and neighbor discovery protocol (Alsadhan et al., 2019) to detect intrusion and attacks in IoT environment.
This paper reviews journal articles and conference papers on network intrusion detection in the Internet of Things (IoT) environment to assess the current developments and to provide future research direction of IoT security. The review aims to evaluate studies used in network intrusion detection of published papers on IoT. Papers published from 2012 to 2019 were evaluated using methods, datasets, metrics, and attack types. Six research questions and the motivations which aided in collecting the necessary information from papers for the review are summarized in Table 1.
Table 1. | Research Questions | Motivation |
| RQ1 | Which journals are the leading publishers of network intrusion detection in IoT? | Identification of the vital network intrusion detection in IoT journals. |
| RQ2 | What kind of datasets are mostly used for network intrusion detection? | Identifying whether detection models are repeatable or not by checking the use of datasets. |
| RQ3 | What kind of methods are mostly used for network intrusion detection in the IoT network? | Identifying trends and opportunities for network intrusion detection in the IoT environment. |
| RQ4 | What kind of metrics are mostly used for network intrusion detection in IoT network? | Identifying trends and opportunities for network intrusion detection of the metrics used in IoT. |
| RQ5 | What is the percentage of papers published after the year 2016? | Identifying if papers published after 2016 represent the larger portion of papers in literature or not. |
| RQ6 | What kind of issues or anomalies detected in IoT network? | Identifying the issues or anomalies detected in IoT network. |