Share, , Google Plus, Pinterest,


Posted in:

Utilising Machine Learning To Combat IoT Security Nightmare

There can be no doubt: inanimate objects are getting ‘smarter’.

First there were smartphones, mobile telephones designed to cram in features such as web browsing, email and camera technology. These features have since become so standardised that any phone that does not encompass this level of connectivity is referred to as a ‘dumbphone’. Then there were smart televisions, allowing full access to internet services and with enough processing power to compete with traditional set-top boxes.

Then the real advancement was unleashed to the unsuspecting world: the internet connected toaster. This breakthrough in particular points to an increasingly connected future where every device in the home will be connected to the internet and able to be remotely controlled. This is the crux of ‘The Internet of Things’ (IoT), with no limit on the type of device or appliance.

There is, however, a number of glaring security issues that have yet to be fully addressed. Many smart televisions, for example, are running widely adopted operating systems that rely on software updates to patch any potential security loopholes. With such a range of devices, the necessary software updates require extensive testing on each model to ensure full compatibility, slowing the release of future software updates. There are also smart televisions that contain a built-in camera and microphone for video calling and voice control. How would a user know if their device is hacked and is recording their living room? The small print of some manufacturers even points to built-in third-party access.

While this Orwellian fear may sound farfetched, it is not completely unfounded. Widespread reports of laptops having their webcams and microphones hacked, highlighted by Facebook CEO Mark Zuckerberg taking evasive action and physically cover both on his laptop, are evidence that any internet-enabled device has the potential to be under the control of a hacker. If devices are linked, it would only take the weakest link to be breached for every other device to be under control and a user’s privacy breached. This was evidenced when US retailer, Target, was hacked in 2013 through the internet-enabled climate-control systems.

With more mature operating systems, antivirus software will offer a degree of protection. This is not yet an option for the internet devices that have only been released for a short time, such as the multimedia computer in a range of cars for sale in the USA. The threat that hackers pose over the future of IoT devices was highlighted in an experiment where a car was remotely controlled, with the exploit allowing full control over the car while it was being driven. As the car was being driven at 70 mph, the screen wash was activated, covering the windscreen, the radio turned up to maximum volume and the accelerator pedal disabled – all possible over the internet.

So what’s next for IoT devices in drastic need of robust security? One potential solution is to harness the power of machine learning to significantly increase the speed of identifying potentially vulnerable devices.

As many devices rely on stable internet connection to function correctly, it would not be difficult for each device to upload diagnostic reports to a unified database of devices that could, in turn, identify devices with potential issues, such as running out-of-date firmware. By utilising machine learning to calculate shared issues, patches could be issued at a much faster rate due to the testing stage effectively being analysed and ‘learned’ from the continually updating database.

This approach could also be used to empower the user, as developers could actively encourage their customers to report any issues. This has a two-pronged effect on security – users are made aware that security is of great importance and they are partly responsible for its maintenance, and the machine learning process is more effective because of the increase in data available for analysis.

Dynamic Bayesian Networks (DBNs) also offer a means to enhance security while offering an approach to the interconnected nature of devices rather than a single-view of individual cases that only evolve over time. Determining causal relationships between security breaches would enable manufacturers to be prepared for particular variables, such as location, and alter firmware updates accordingly to target specific vulnerabilities or device-specific security flaws that are taken advantage of in specific locations. In practise, a network would grow naturally to allow for reliable information on specific security measures that are required, allowing manufacturers to stay one step ahead of potential hacks.

IoT devices have a unique opportunity to enhance everyday items for consumers. For manufacturers, however, the rush to include a multitude of features has backfired spectacularly, leaving devices wide open to hackers on an industrial scale. Without the right level of technical support, IoT devices will not mature and will not be recognised by the mainstream audience this technology deserves. For a long-term investment such as IoT, companies must invest in technology, such as machine learning, that will enhance their security in the long run and not just fix each issue one at a time.


Leave a Reply
  1. Every new technology comes with the initial threats and security loopholes. That is one thing which is gonna take place every time. But machine learning is itself a budding tech. Although it is getting pretty famous for its applications and proving itself useful, i thing its just not the right time say that “using machine learning to combat security threats is a full proof solution.”

  2. I think, we are not far off from a world that provides us with completely interconnected devices and that can be operated remotely with the help of internet. However, like there is always an other side to the coin, the biggest challenged of the community that is involved in IoT and connected devices is, it needs to address the potential issues of security flaws that come with a completely connected world. Once the security of the a singe device is breached, it exposes all the devices that are connected. Also the another challenge would be to make the communication across wide range of devices written in different languages possible. Once these issues are addressed, connected devices would no longer remain a dream.

  3. Jenny,

    I am happy to read your article.

    It brought my images of sci-fi movies where, where built robotic technology is being hacked by hackers.

    So, I believe their is a good scope of data intelligent companies that will just focus on Anti-hacking machine learning.

  4. The way technology is advancing and going by the prevalent trend, it is imperative to use Machine Learning to beef up security to deter potential hackers to help realize the dream of a mature IoT.
    Machine Learning(ML) would help in uncovering trends of vulnerabilities, and would thus enable the vendors to provide specific security patch for such cases, and in time that could save a rabbit!
    A chain is as strong as its weakest link, it is said, and with the data volume available at its disposal ML could help identify and isolate the issue and could serve as a potential case study of the DO’s & DON’Ts for the consumers and even for manufacturers of devices that form part of the IoT.

  5. Machine learning is a good solution for combating IOT issues. In fact, it should be implemented by all the companies who are likely to be affected by security threats, as there is a faster improvement in the future technologies. Amazon does machine learning and so are the big giants. Recently apple acquired an Indian/us based machine learning team, Tuplejump. It’s not like they are not aware, they know and they would. Like the author said, companies should implement machine learning and keep them secured and stay updated as the future techs are increasing day by day and so are the threats. To keep them unharmed from future security threats and to improve their security measures machine learning is definitely a solution that can be implemented by the companies.

Leave a Reply

Your email address will not be published. Required fields are marked *