Skip to main content


Log in

Internet of Things (IoT) Security Intelligence: A Comprehensive Overview, Machine Learning Solutions and Research Directions

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript


The Internet of Things (IoT) is one of the most widely used technologies today, and it has a significant effect on our lives in a variety of ways, including social, commercial, and economic aspects. In terms of automation, productivity, and comfort for consumers across a wide range of application areas, from education to smart cities, the present and future IoT technologies hold great promise for improving the overall quality of human life. However, cyber-attacks and threats greatly affect smart applications in the environment of IoT. The traditional IoT security techniques are insufficient with the recent security challenges considering the advanced booming of different kinds of attacks and threats. Utilizing artificial intelligence (AI) expertise, especially machine and deep learning solutions, is the key to delivering a dynamically enhanced and up-to-date security system for the next-generation IoT system. Throughout this article, we present a comprehensive picture on IoT security intelligence, which is built on machine and deep learning technologies that extract insights from raw data to intelligently protect IoT devices against a variety of cyber-attacks. Finally, based on our study, we highlight the associated research issues and future directions within the scope of our study. Overall, this article aspires to serve as a reference point and guide, particularly from a technical standpoint, for cybersecurity experts and researchers working in the context of IoT.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others


  1. Alexa top sites. Available online: Accessed 20 Oct 2019

  2. Bambenek consulting-master feeds. Available online: Accessed 20 Oct 2019

  3. Caida anonymized internet traces 2008 dataset. Accessed 20 Oct 2019

  4. Caida ddos attack 2007 dataset. passive/ddos-20070804-dataset.xml/. Accessed 20 Oct 2019

  5. Canadian institute of cybersecurity, university of new brunswick, iscx dataset. Accessed 20 Oct 2019

  6. Cic-ddos2019 [online]. Available: Accessed 28 March 2020

  7. Comodo. Available online: Accessed 20 Oct 2019

  8. Contagio. Available online: Accessed 20 Oct 2019

  9. Cse-cic-ids2018 [online]. Available: datasets/ids-2018.html/. Accessed 20 Oct 2019

  10. The ctu-13 dataset. Available online: Accessed 20 Oct 2019

  11. Dgarchive. Available online: Accessed 20 Oct 2019

  12. Enronspam. Available online: Accessed 20 Oct 2019

  13. The honeynet project. Accessed 20 Oct 2019

  14. Isot botnet dataset. datasets/index.php/. Accessed 20 Oct 2019

  15. Lingspam. Available online: Accessed 20 Oct 2019

  16. Microsoft malware classification (big 2015). Available online: arXiv:1802.10135. Accessed 20 Oct 2019

  17. Spamassassin. Available online: Accessed 20 Oct 2019

  18. Virusshare. Available online: Accessed 20 Oct 2019

  19. Virustotal. Available online: Accessed 20 Oct 2019

  20. Agrawal R, Imieliński T, Swami A (1993) Mining association rules between sets of items in large databases. In: ACM SIGMOD record, vol 22. ACM, pp 207–216

  21. Agrawal R, Srikant R, et al. (1994) Fast algorithms for mining association rules. In: Proc. 20th int. conf. very large data bases, VLDB, vol 1215. pp 487–499

  22. Aha DW, Kibler D, Albert MK (1991) Instance-based learning algorithms. Machine Learning 6(1):37–66

    Article  Google Scholar 

  23. Ahmed E, Yaqoob I, Gani A, Imran M, Guizani M (2016) Internet-of-things-based smart environments: state of the art, taxonomy, and open research challenges. IEEE Wireless Communications 23(5):10–16

    Article  Google Scholar 

  24. Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M (2015) Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys & Tutorials 17(4):2347–2376

    Article  Google Scholar 

  25. Al-Garadi MA, Mohamed A, Al-Ali A, Du X, Ali I, Guizani M (2020) A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun Surv Tutorials

  26. Alaba FA, Othman M, Hashem IAT, Alotaibi F (2017) Internet of things security: A survey. Journal of Network and Computer Applications 88:10–28

    Article  Google Scholar 

  27. Alazab M, Venkatraman S, Watters P, Alazab M, et al (2010) Zero-day malware detection based on supervised learning algorithms of api call signatures

  28. Alrashdi I, Alqazzaz A, Aloufi E, Alharthi R, Zohdy M, Ming H (2019) Ad-iot: Anomaly detection of iot cyberattacks in smart city using machine learning. In: 2019 IEEE 9th annual computing and communication workshop and conference (CCWC). IEEE, pp 0305–0310

  29. Atzori L, Iera A, Morabito G (2010) The internet of things: A survey. Computer networks 54(15):2787–2805

    Article  MATH  Google Scholar 

  30. Balakrishnan N, Rajendran A, Pelusi D, Ponnusamy V (2019) Deep belief network enhanced intrusion detection system to prevent security breach in the internet of things. Internet of Things:100112

  31. Bapat R, Mandya A, Liu X, Abraham B, Brown DE, Kang H, Veeraraghavan M (2018) Identifying malicious botnet traffic using logistic regression. In: 2018 systems and information engineering design symposium (SIEDS). IEEE, pp 266–271

  32. Bélissent J et al (2010) Getting clever about smart cities: New opportunities require new business models. Cambridge, Massachusetts, USA 193:244–77

    Google Scholar 

  33. Bilge L, Dumitraş T (2012) Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp 833–844

  34. Bolic M, Rostamian M, Djuric PM (2015) Proximity detection with rfid: A step toward the internet of things. IEEE Pervasive Computing 14(2):70–76

    Article  Google Scholar 

  35. Bonomi F, Milito R, Natarajan P, Zhu J (2014) Fog computing: A platform for internet of things and analytics. In: Big data and internet of things: A roadmap for smart environments. Springer, pp 169–186

  36. Bradley J, Loucks J, Macaulay J, Noronha A (2013) Internet of everything (ioe) value index. White Paper CISCO and/or its affiliates

  37. Breiman L (2001) Random forests. Machine Learning 45(1):5–32

    Article  MATH  Google Scholar 

  38. Chaabouni N, Mosbah M, Zemmari A, Sauvignac C, Faruki P (2019) Network intrusion detection for IoT security based on learning techniques. IEEE Communications Surveys & Tutorials 21(3):2671–2701

    Article  Google Scholar 

  39. Chang Y, Li W, Yang Z (2017) Network intrusion detection based on random forest and support vector machine. In: 2017 IEEE international conference on computational science and engineering (CSE) and IEEE international conference on embedded and ubiquitous computing (EUC), vol 1. IEEE, pp 635–638

  40. Das A, Ng W-K, Woon Y-K (2001) Rapid association rule mining. In: Proceedings of the tenth international conference on Information and knowledge management. ACM, pp 474–481

  41. Doshi R, Apthorpe N, Feamster N (2018) Machine learning ddos detection for consumer internet of things devices. In: 2018 IEEE security and privacy workshops (SPW). IEEE, pp 29–35

  42. Dua S, Du X (2016) Data mining and machine learning in cybersecurity. CRC Press, Boca Raton

    Book  MATH  Google Scholar 

  43. Elrawy MF, Awad AI, Hamed HFA (2018) Intrusion detection systems for iot-based smart environments: a survey. Journal of Cloud Computing 7(1):21

    Article  Google Scholar 

  44. Flach PA, Lachiche N (2001) Confirmation-guided discovery of first-order rules with tertius. Machine Learning 42(1–2):61–95

    Article  MATH  Google Scholar 

  45. De Almeida Florencio F, Moreno ED, Macedo HT, Salgueiro RJ, Do Nascimento FB, Santos FA (2018) Intrusion detection via mlp neural network using an arduino embedded system. In: 2018 VIII Brazilian symposium on computing systems engineering (SBESC). IEEE, pp 190–195

  46. Freund Y, Schapire RE, et al (1996) Experiments with a new boosting algorithm. In: ICML, vol 96. Citeseer, pp 148–156

  47. García-Magariño I, Muttukrishnan R, Lloret J (2019) Human-centric AI for trustworthy IoT systems with explainable multilayer perceptrons. IEEE Access 7:125562–125574

    Article  Google Scholar 

  48. Glasser J, Lindauer B (2013) Bridging the gap: A pragmatic approach to generating insider threat data. In: 2013 IEEE security and privacy workshops. IEEE, pp 98–104

  49. Gratian M, Bandi S, Cukier M, Dykstra J, Ginther A (2018) Correlating human traits and cyber security behavior intentions. Computers & Security 73:345–358

    Article  Google Scholar 

  50. Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems 29(7):1645–1660

    Article  Google Scholar 

  51. Gupta BB, Tewari A, Jain AK, Agrawal DP (2017) Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications 28(12):3629–3654

    Article  Google Scholar 

  52. Hagos DH, Yazidi A, Kure Ø, Engelstad PE (2017) Enhancing security attacks analysis using regularized machine learning techniques. In: 2017 IEEE 31st international conference on advanced information networking and applications (AINA). IEEE, pp 909–918

  53. Ham H-S, Kim H-H, Kim M-S, Choi M-J (2014) Linear svm-based android malware detection for reliable IOT services. J Appl Math:2014

  54. Han J, Pei J, Kamber M (2011) Data mining: concepts and techniques. Elsevier, New York

    MATH  Google Scholar 

  55. Han J, Pei J, Yin Y (2000) Mining frequent patterns without candidate generation. In: ACM sigmod record, vol 29. ACM, pp 1–12

  56. Hassan WH et al (2019) Current research on internet of things (IoT) security: A survey. Computer Networks 148:283–294

    Article  Google Scholar 

  57. Hassija V, Chamola V, Saxena V, Jain D, Goyal P, Sikdar B (2019) A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7:82721–82743

    Article  Google Scholar 

  58. Hoang DH, Nguyen HD (2018) A PCA-based method for IoT network traffic anomaly detection. In: 2018 20th international conference on advanced communication technology (ICACT). IEEE, pp 381–386

  59. Hodo E, Bellekens X, Hamilton A, Dubouilh P-L, Iorkyase E, Tachtatzis C, Atkinson R (2016) Threat analysis of iot networks using artificial neural network intrusion detection system. In: 2016 international symposium on networks, computers and communications (ISNCC). IEEE, pp 1–6

  60. Houtsma M, Swami A (1995) Set-oriented mining for association rules in relational databases. In: Proceedings of the eleventh international conference on data engineering, 1995. IEEE, pp 25–33

  61. Hussain F, Hussain R, Hassan SA, Hossain E (2020) Machine learning in IoT security: current solutions and future challenges. IEEE Commun Surv Tutorials

  62. Jaganathan V, Cherurveettil P, Sivashanmugam PM (2015) Using a prediction model to manage cyber security threats. The Scientific World Journal, 2015

  63. Javed Y, Rajabi N (2019) Multi-layer perceptron artificial neural network based IoT botnet traffic classification. In: Proceedings of the future technologies conference. Springer, pp 973–984

  64. Jing X, Yan Z, Jiang X, Pedrycz W (2019) Network traffic fusion and analysis against ddos flooding attacks with a novel reversible sketch. Information Fusion 51:100–113

    Article  Google Scholar 

  65. John GH, Langley P (1995) Estimating continuous distributions in bayesian classifiers. In: Proceedings of the Eleventh conference on Uncertainty in artificial intelligence. Morgan Kaufmann Publishers Inc., pp 338–345

  66. Karbab EB, Debbabi M, Derhab A, Mouheb D (2018) Maldozer: Automatic framework for android malware detection using deep learning. Digital Investigation 24:S48–S59

    Article  Google Scholar 

  67. Keerthi SS, Shevade SK, Bhattacharyya C, Murthy KRK (2001) Improvements to platt’s smo algorithm for svm classifier design. Neural Computation 13(3):637–649

    Article  MATH  Google Scholar 

  68. Khan MA, Salah K (2018) Iot security: Review, blockchain solutions, and open challenges. Future Generation Computer Systems 82:395–411

    Article  Google Scholar 

  69. Khan R, Khan S, Zaheer R, Khan S (2012) Future internet: The internet of things architecture, possible applications and key challenges. In: 2012 10th international conference on frontiers of information technology. IEEE, Islamabad, pp 257–260

  70. Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 international conference on platform technology and service (PlatCon). IEEE, pp 1–5

  71. Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2019) Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Future Generation Computer Systems 100:779–796

    Article  Google Scholar 

  72. Krčo S, Pokrić B, Carrez F (2014) Designing IoT architecture (s): A european perspective. In: 2014 IEEE World forum on internet of things (WF-IoT). IEEE, pp 79–84

  73. Kügler D (2003) “man in the middle” attacks on bluetooth. In: International conference on financial cryptography. Springer, pp 149–161

  74. Kumar R, Xiaosong Z, Khan RU, Kumar J, Ahad I (2018) Effective and explainable detection of android malware based on machine learning algorithms. In: Proceedings of the 2018 international conference on computing and artificial intelligence. ACM, pp 35–40

  75. Kumar SA, Vealey T, Srivastava H (2016) Security in internet of things: Challenges, solutions and future directions. In: 2016 49th Hawaii international conference on system sciences (HICSS). IEEE, pp 5772–5781

  76. Lalou M, Kheddouci H, Hariri S (2017) Identifying the cyber attack origin with partial observation: a linear regression based approach. In: 2017 IEEE 2nd international workshops on foundations and applications of self* systems (FAS* W). IEEE, pp 329–333

  77. Landauer M, Skopik F, Wurzenberger M, Rauber A (2020) System log clustering approaches for cyber security applications: A survey. Computers & Security 92:101739

    Article  Google Scholar 

  78. Le Cessie S, Van Houwelingen JC (1992) Ridge estimators in logistic regression. Journal of the Royal Statistical Society: Series C (Applied Statistics) 41(1):191–201

    MATH  Google Scholar 

  79. LeCun Y, Bottou L, Bengio Y, Haffner P (1998) Gradient-based learning applied to document recognition. Proceedings of the IEEE 86(11):2278–2324

    Article  Google Scholar 

  80. Lee S-Y, Wi S-R, Seo E, Jung J-K, Chung T-M (2017) Profiot: Abnormal behavior profiling (abp) of IoT devices based on a machine learning approach. In: 2017 27th international telecommunication networks and applications conference (ITNAC). IEEE, pp 1–6

  81. Li S, Da Xu L (2017) Securing the internet of things. Syngress

  82. Li S, Da Xu L, Zhao S (2015) The internet of things: a survey. Information Systems Frontiers 17(2):243–259

    Article  Google Scholar 

  83. Li Y, Xu Y, Liu Z, Hou H, Zheng Y, Xin Y, Zhao Y, Cui L (2020) Robust detection for network intrusion of industrial IoT based on multi-CNN fusion. Measurement 154:107450

    Article  Google Scholar 

  84. Lindauer B, Glasser J, Rosen M, Wallnau KC, ExactData L (2014) Generating test data for insider threat detectors. JoWUA 5(2):80–94

    Google Scholar 

  85. Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall KR, McClung D, Weber D, Webster SE, Wyschogrod D, Cunningham RK, et al. (2000) Evaluating intrusion detection systems: The 1998 darpa off-line intrusion detection evaluation. In: Proceedings DARPA information survivability conference and exposition. DISCEX’00, vol 2. IEEE, pp 12–26

  86. Liu L, Xu B, Zhang X, Wu X (2018) An intrusion detection method for internet of things based on suppressed fuzzy clustering. EURASIP Journal on Wireless Communications and Networking 2018(1):113

    Article  Google Scholar 

  87. Lu Y, Da Xu L (2018) Internet of things (IoT) cybersecurity research: A review of current research topics. IEEE Internet of Things Journal 6(2):2103–2115

    Article  Google Scholar 

  88. Liu B, Hsu W, Ma Y (1998) Integrating classification and association rule mining. In: Proceedings of the fourth international conference on knowledge discovery and data mining

  89. Ma Z, Xiao M, Xiao Y, Pang Z, Poor HV, Vucetic B (2019) High-reliability and low-latency wireless communication for internet of things: challenges, fundamentals, and enabling technologies. IEEE Internet of Things Journal 6(5):7946–7970

    Article  Google Scholar 

  90. MacQueen J (1967) Some methods for classification and analysis of multivariate observations. In: Fifth Berkeley symposium on mathematical statistics and probability, vol 1

  91. Mahmoud R, Yousuf T, Aloul F, Zualkernan I (2015) Internet of things (IoT) security: Current status, challenges and prospective measures. In: 2015 10th international conference for internet technology and secured transactions (ICITST). IEEE, pp 336–341

  92. McLaughlin N, Martinez del Rincon J, Kang B, Yerima S, Miller P, Sezer S, Safaei Y, Trickel E, Zhao Z, Doupé A, et al (2017) Deep android malware detection. In: Proceedings of the seventh ACM on conference on data and application security and privacy. pp 301–308

  93. Minerva R, Biru A, Rotondi D (2015) Towards a definition of the internet of things (IoT). IEEE Internet Initiative 1(1):1–86

    Google Scholar 

  94. Minoli D, Occhiogrosso B (2018) Blockchain mechanisms for IoT security. Internet of Things 1:1–13

    Article  Google Scholar 

  95. Moganedi S (2018) Undetectable data breach in iot: Healthcare data at risk. In: ECCWS 2018 17th european conference on cyber warfare and security V2. Academic Conferences and publishing limited, p 296

  96. Mohamed T, Otsuka T, Ito T (2018) Towards machine learning based iot intrusion detection service. In: International conference on industrial, engineering and other applications of applied intelligent systems. Springer, pp 580–585

  97. Moustafa N. Slay J (2015) Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: 2015 military communications and information systems conference (MilCIS). IEEE, pp 1–6

  98. Muhammad F, Anjum W, Mazhar KS (2015) A critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications 111(7):1–6

    Article  Google Scholar 

  99. Neshenko N, Bou-Harb E, Crichigno J, Kaddoum G, Ghani N (2019) Demystifying IoT security: an exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Communications Surveys & Tutorials 21(3):2702–2733

    Article  Google Scholar 

  100. Ozawa S, Ban T, Hashimoto N, Nakazato J, Shimamura J (2020) A study of IoT malware activities using association rule learning for darknet sensor data. International Journal of Information Security 19(1):83–92

    Article  Google Scholar 

  101. La Torre Parra GD, Rad P, Choo K-KR, Beebe N (2020) Detecting internet of things attacks using distributed deep learning. J Netw Comput Appl:102662

  102. Pour MS, Bou-Harb E, Varma K, Neshenko N, Pados DA, Choo K-KR (2019) Comprehending the IoT cyber threat landscape: A data dimensionality reduction technique to infer and characterize internet-scale IoT probing campaigns. Digital Investigation 28:S40–S49

    Article  Google Scholar 

  103. Primartha R, Tama BA (2017) Anomaly detection using random forest: A performance revisited. In: 2017 International conference on data and software engineering (ICoDSE). IEEE, pp 1–6

  104. Prokofiev AO, Smirnova YS, Surov VA (2018) A method to detect internet of things botnets. In: 2018 IEEE conference of russian young researchers in electrical and electronic engineering (EIConRus). IEEE, pp 105–108

  105. Quinlan JR (1993) C4.5: Programs for machine learning. Mach Learn

  106. Resende PAA, Drummond AC (2018) A survey of random forest based methods for intrusion detection systems. ACM Computing Surveys (CSUR) 51(3):1–36

    Article  Google Scholar 

  107. Rokach L (2010) A survey of clustering algorithms. In: Data mining and knowledge discovery handbook. Springer, pp 269–298

  108. Saeed A, Ahmadinia A, Javed A, Larijani H (2016) Intelligent intrusion detection in low-power IoTs. ACM Transactions on Internet Technology (TOIT) 16(4):1–25

    Article  Google Scholar 

  109. Sarker IH (2019) Context-aware rule learning from smartphone data: survey, challenges and future directions. Journal of Big Data 6(1):95

    Article  Google Scholar 

  110. Sarker IH (2019) A machine learning based robust prediction model for real-life mobile phone data. Internet of Things 5:180–193

    Article  Google Scholar 

  111. Sarker IH (2021) Data science and analytics: An overview from data-driven smart computing, decision-making and applications perspective. SN Comput Sci

  112. Sarker IH (2021) Deep cybersecurity: a comprehensive overview from neural network and deep learning perspective. SN Computer Science 2(3):1–16

    Article  MathSciNet  Google Scholar 

  113. Sarker IH (2021) Deep learning: A comprehensive overview on techniques, taxonomy, applications and research directions. SN Comput Sci

  114. Sarker IH (2021) Machine learning: Algorithms, real-world applications and research directions. SN Computer Science 2(3):1–21

    Article  MathSciNet  Google Scholar 

  115. Sarker IH, Abushark YB, Alsolami F, Khan AI (2020) Intrudtree: A machine learning based cyber security intrusion detection model. Symmetry 12(5):754

    Article  Google Scholar 

  116. Sarker IH, Colman A, Han J (2019) Recencyminer: mining recency-based personalized behavior from contextual smartphone data. Journal of Big Data 6(1):49

    Article  Google Scholar 

  117. Sarker IH, Colman A, Han J, Khan AI, Abushark YB, Salah K (2020) Behavdt: a behavioral decision tree learning to build user-centric context-aware predictive model. Mobile Networks and Applications 25(3):1151–1161

    Article  Google Scholar 

  118. Sarker IH, Colman A, Kabir MA, Han J (2018) Individualized time-series segmentation for mining mobile phone user behavior. The Computer Journal 61(3):349–368

    Article  Google Scholar 

  119. Sarker IH, Furhad MdH, Nowrozy R (2021) Ai-driven cybersecurity: an overview, security intelligence modeling and research directions. SN Computer Science 2(3):1–18

    Article  Google Scholar 

  120. Sarker IH, Hoque MM, Uddin MdK, Alsanoosy T (2020) Mobile data science and intelligent apps: Concepts, AI-based modeling and research directions. Mob Netw Appl:1–19

  121. Sarker IH, Kayes ASM (2020) Abc-ruleminer: User behavioral rule-based machine learning method for context-aware intelligent services. Journal of Network and Computer Applications 168:102762

    Article  Google Scholar 

  122. Sarker IH, Kayes ASM, Badsha S, Alqahtani H, Watters P, Ng A (2020) Cybersecurity data science: an overview from machine learning perspective. Journal of Big Data 7(1):1–29

    Article  Google Scholar 

  123. Sarker IH, Kayes ASM, Watters P (2019) Effectiveness analysis of machine learning classification models for predicting personalized context-aware smartphone usage. Journal of Big Data 6(1):57

    Article  Google Scholar 

  124. Schaffers H, Komninos N, Pallot M, Trousse B, Nilsson M, Oliveira A (2011) Smart cities and the future internet: Towards cooperation frameworks for open innovation. In: The future internet assembly. Springer, Berlin, Heidelberg, pp 431–446

  125. Sellappan D, Srinivasan R (2020) Association rule-mining-based intrusion detection system with entropy-based feature selection: Intrusion detection system. In: Handbook of research on intelligent data processing and information security systems. IGI Global, pp 1–24

  126. Sharma V, Lee K, Kwon S, Kim J, Park H, Yim K, Lee S-Y (2017) A consensus framework for reliability and mitigation of zero-day attacks in IoT. Secur Commun Netw:2017

  127. Shaw A (2009) Data breach: from notification to prevention using PCI DSS. Colum JL & Soc Probs 43:517

    Google Scholar 

  128. Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security 31(3):357–374

    Article  Google Scholar 

  129. Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A (2015) Security, privacy and trust in internet of things: The road ahead. Computer networks 76:146–164

    Article  Google Scholar 

  130. Ślusarczyk B (2018) Industry 4.0: Are we ready? Pol J Manag Stud:17

  131. Sneath PHA (1957) The application of computers to taxonomy. J Gen Microbiol 17(1)

  132. Sorensen T (1948) method of establishing groups of equal amplitude in plant sociology based on similarity of species. Biol Skr:5

  133. Sundmaeker H, Guillemin P, Friess P, Woelfflé S (2010) Vision and challenges for realising the internet of things. Cluster of European Research Projects on the Internet of Things, European Commision 3(3):34–36

    Google Scholar 

  134. Susilo B, Sari RF (2020) Intrusion detection in IoT networks using deep learning algorithm. Information 11(5):279

    Article  Google Scholar 

  135. Swarnkar M, Hubballi N (2016) Ocpad: One class naive bayes classifier for payload based anomaly detection. Expert Systems with Applications 64:330–339

    Article  Google Scholar 

  136. Taherkordi A, Eliassen F (2016) Scalable modeling of cloud-based iot services for smart cities. In: 2016 IEEE international conference on pervasive computing and communication workshops (PerCom Workshops). IEEE, pp 1–6

  137. Tahsien SM, Karimipour H, Spachos P (2020) Machine learning based solutions for security of internet of things (IoT): A survey. Journal of Network and Computer Applications 161:102630

    Article  Google Scholar 

  138. Tajbakhsh A, Rahmati M, Mirzaei A (2009) Intrusion detection using fuzzy association rules. Applied Soft Computing 9(2):462–469

    Article  Google Scholar 

  139. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD cup 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. IEEE, pp 1–6

  140. Tewari A, Gupta BB (2020) Security, privacy and trust of different layers in internet-of-things (IoTs) framework. Future Generation Computer Systems 108:909–920

    Article  Google Scholar 

  141. Thiesse F, Michahelles F (2006) An overview of EPC technology. Sensor Review 26(2):101–105

    Article  Google Scholar 

  142. Vinayakumar R, Soman KP, Poornachandran P (2017) Deep android malware detection and classification. In: 2017 International conference on advances in computing, communications and informatics (ICACCI). IEEE, pp 1677–1683

  143. Welbourne E, Battle L, Cole G, Gould K, Rector K, Raymer S, Balazinska M, Borriello G (2009) Building the internet of things using rfid: the rfid ecosystem experience. IEEE Internet Computing 13(3):48–55

    Article  Google Scholar 

  144. Witten IH, Frank E, Trigg LE, Hall MA, Holmes G, Cunningham SJ (1999) Weka: Practical machine learning tools and techniques with java implementations

  145. Xiao L, Wan X, Lu X, Zhang Y, Wu D (2018) Iot security techniques based on machine learning: How do IoT devices use AI to enhance security? IEEE Signal Processing Magazine 35(5):41–49

    Article  Google Scholar 

  146. Xie M, Hu J, Yu X, Chang E (2015) Evaluating host-based anomaly detection systems: Application of the frequency-based algorithms to adfa-ld. In: International conference on network and system security. Springer, pp 542–549

  147. Xin Y, Kong L, Liu Z, Chen Y, Li Y, Zhu H, Gao M, Hou H, Wang C (2018) Machine learning and deep learning methods for cybersecurity. IEEE Access 6:35365–35381

    Article  Google Scholar 

  148. Xu D, Tian Y (2015) A comprehensive survey of clustering algorithms. Annals of Data Science 2(2):165–193

    Article  MathSciNet  Google Scholar 

  149. Xu Q, Ren P, Song H, Du Q (2016) Security enhancement for IoT communications exposed to eavesdroppers with uncertain locations. IEEE Access 4:2840–2853

    Article  Google Scholar 

  150. Yan J, Qi Y, Rao Q (2018) Detecting malware with an ensemble method based on deep neural network. Secur Commun Netw:2018

  151. Zago M, Pérez MG, Pérez GM (2020) Umudga: A dataset for profiling algorithmically generated domain names in botnet detection. Data in Brief:105400

  152. Zaki MJ (2000) Scalable algorithms for association mining. IEEE Transactions on Knowledge and Data Engineering 12(3):372–390

    Article  Google Scholar 

  153. Zhang Z-K, Cho MCY, Wang C-W, Hsu C-W, Chen C-K, Shieh S (2014) Iot security: ongoing challenges and research opportunities. In: 2014 IEEE 7th international conference on service-oriented computing and applications. IEEE, pp 230–234

  154. Zhou W, Jia Y, Peng A, Zhang Y, Liu P (2018) The effect of IoT new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet of Things Journal 6(2):1606–1616

    Article  Google Scholar 

  155. Zhou Y, Jiang X (2012) Dissecting android malware: Characterization and evolution. In: 2012 IEEE symposium on security and privacy. IEEE, pp 95–109

  156. Zhou Z-J, Hu G-Y, Hu C-H, Wen C-L, Chang L-L (2019) A survey of belief rule-base expert system. IEEE Trans Syst Man Cybern Syst

Download references


This Project was funded by the Deanship of Scientific Research (DSR), King Abdulaziz University, Jeddah, under Grant D-059-611-1443. The authors, therefore, gratefully acknowledge DSR technical and financial support.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Iqbal H. Sarker.

Ethics declarations

Competing interests

The authors declare that they have no competing interests.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sarker, I.H., Khan, A.I., Abushark, Y.B. et al. Internet of Things (IoT) Security Intelligence: A Comprehensive Overview, Machine Learning Solutions and Research Directions. Mobile Netw Appl 28, 296–312 (2023).

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: