A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection
The Internet of Things (IoT) and Industrial Internet of Things (IIoT) have drastically transformed industries by enhancing efficiency and flexibility but have also introduced substantial cybersecurity risks. The rise of zero-day attacks, which exploit unknown vulnerabilities, poses significant threa...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-01-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/25/1/216 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841548923115667456 |
|---|---|
| author | Promise Ricardo Agbedanu Shanchieh Jay Yang Richard Musabe Ignace Gatare James Rwigema |
| author_facet | Promise Ricardo Agbedanu Shanchieh Jay Yang Richard Musabe Ignace Gatare James Rwigema |
| author_sort | Promise Ricardo Agbedanu |
| collection | DOAJ |
| description | The Internet of Things (IoT) and Industrial Internet of Things (IIoT) have drastically transformed industries by enhancing efficiency and flexibility but have also introduced substantial cybersecurity risks. The rise of zero-day attacks, which exploit unknown vulnerabilities, poses significant threats to these interconnected systems. Traditional signature-based intrusion detection systems (IDSs) are insufficient for detecting such attacks due to their reliance on pre-defined attack signatures. This study investigates the effectiveness of Adaptive SAMKNN, an adaptive k-nearest neighbor with self-adjusting memory (SAM), in detecting and responding to various attack types in Internet of Things (IoT) environments. Through extensive testing, our proposed method demonstrates superior memory efficiency, with a memory footprint as low as 0.05 MB, while maintaining high accuracy and F1 scores across all datasets. The proposed method also recorded a detection rate of 1.00 across all simulated zero-day attacks. In scalability tests, the proposed technique sustains its performance even as data volume scales up to 500,000 samples, maintaining low CPU and memory consumption. However, while it excels under gradual, recurring, and incremental drift, its sensitivity to sudden drift highlights an area for further improvement. This study confirms the feasibility of Adaptive SAMKNN as a real-time, scalable, and memory-efficient solution for IoT and IIoT security, providing reliable anomaly detection without overwhelming computational resources. Our proposed method has the potential to significantly increase the security of IoT and IIoT environments by enabling the real-time, scalable, and efficient detection of sophisticated cyber threats, thereby safeguarding critical interconnected systems against emerging vulnerabilities. |
| format | Article |
| id | doaj-art-651abdaea1484916a54b8588b66abe92 |
| institution | Kabale University |
| issn | 1424-8220 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj-art-651abdaea1484916a54b8588b66abe922025-01-10T13:21:15ZengMDPI AGSensors1424-82202025-01-0125121610.3390/s25010216A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack DetectionPromise Ricardo Agbedanu0Shanchieh Jay Yang1Richard Musabe2Ignace Gatare3James Rwigema4African Centre of Excellence for Internet of Things, University of Rwanda, Kigali P.O. Box 4285, RwandaInstitute for Informatics and Applied Technology, Gonzaga University, Spokane, WA 99258, USACollege of Science and Technology, University of Rwanda, Kigali P.O. Box 4285, RwandaCollege of Science and Technology, University of Rwanda, Kigali P.O. Box 4285, RwandaAfrican Centre of Excellence for Internet of Things, University of Rwanda, Kigali P.O. Box 4285, RwandaThe Internet of Things (IoT) and Industrial Internet of Things (IIoT) have drastically transformed industries by enhancing efficiency and flexibility but have also introduced substantial cybersecurity risks. The rise of zero-day attacks, which exploit unknown vulnerabilities, poses significant threats to these interconnected systems. Traditional signature-based intrusion detection systems (IDSs) are insufficient for detecting such attacks due to their reliance on pre-defined attack signatures. This study investigates the effectiveness of Adaptive SAMKNN, an adaptive k-nearest neighbor with self-adjusting memory (SAM), in detecting and responding to various attack types in Internet of Things (IoT) environments. Through extensive testing, our proposed method demonstrates superior memory efficiency, with a memory footprint as low as 0.05 MB, while maintaining high accuracy and F1 scores across all datasets. The proposed method also recorded a detection rate of 1.00 across all simulated zero-day attacks. In scalability tests, the proposed technique sustains its performance even as data volume scales up to 500,000 samples, maintaining low CPU and memory consumption. However, while it excels under gradual, recurring, and incremental drift, its sensitivity to sudden drift highlights an area for further improvement. This study confirms the feasibility of Adaptive SAMKNN as a real-time, scalable, and memory-efficient solution for IoT and IIoT security, providing reliable anomaly detection without overwhelming computational resources. Our proposed method has the potential to significantly increase the security of IoT and IIoT environments by enabling the real-time, scalable, and efficient detection of sophisticated cyber threats, thereby safeguarding critical interconnected systems against emerging vulnerabilities.https://www.mdpi.com/1424-8220/25/1/216iInternet of ThingsIndustrial Internet of Thingscybersecurityonline machine learningzero-day attacksintrusion detection system |
| spellingShingle | Promise Ricardo Agbedanu Shanchieh Jay Yang Richard Musabe Ignace Gatare James Rwigema A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection Sensors iInternet of Things Industrial Internet of Things cybersecurity online machine learning zero-day attacks intrusion detection system |
| title | A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection |
| title_full | A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection |
| title_fullStr | A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection |
| title_full_unstemmed | A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection |
| title_short | A Scalable Approach to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting Memory K-Nearest Neighbor for Zero-Day Attack Detection |
| title_sort | scalable approach to internet of things and industrial internet of things security evaluating adaptive self adjusting memory k nearest neighbor for zero day attack detection |
| topic | iInternet of Things Industrial Internet of Things cybersecurity online machine learning zero-day attacks intrusion detection system |
| url | https://www.mdpi.com/1424-8220/25/1/216 |
| work_keys_str_mv | AT promisericardoagbedanu ascalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT shanchiehjayyang ascalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT richardmusabe ascalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT ignacegatare ascalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT jamesrwigema ascalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT promisericardoagbedanu scalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT shanchiehjayyang scalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT richardmusabe scalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT ignacegatare scalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection AT jamesrwigema scalableapproachtointernetofthingsandindustrialinternetofthingssecurityevaluatingadaptiveselfadjustingmemoryknearestneighborforzerodayattackdetection |