Journal of Cybersecurity and Information Management

Journal DOI

https://doi.org/10.54216/JCIM

Submit Your Paper

2690-6775ISSN (Online) 2769-7851ISSN (Print)

Volume 13 , Issue 2 , PP: 30-49, 2024 | Cite this article as | XML | Html | PDF | Full Length Article

Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks

Abedallah Zaid Abualkishik 1 * , Nodira Zikrillaeva 2 , Gulyamova Gulnora 3

  • 1 American University in the Emirates, Dubai, UAE - (abedallah.abualkishik@aue.ae)
  • 2 Tashkent State University of Economics, Uzbekistan - (ziknadine1106@gmail.com)
  • 3 International Islamic Academy of Uzbekistan, Uzbekistan - (g.gulyamova@iiau.uz)
  • Doi: https://doi.org/10.54216/JCIM.130203

    Received: July 14, 2023 Revised: November 19, 2023 Accepted: February 19, 2024
    Abstract

    This research shows a complete security design for Internet of Things (IoT) devices. It improves security by using five methods that work together. At the beginning of the process, a machine learning-based method for ranking changes is used. Then, architectures are put in place for scalable patch distribution, anomaly detection, dynamic risk assessment, and integrating threat data. Using five connected algorithms, the purpose of this research is to create a complete security framework for Internet of Things devices. Dynamic risk assessment, scalable patch delivery, integration with threat intelligence, and anomaly detection for zero-day vulnerabilities are among its characteristics. It also identifies zero-day vulnerabilities. Furthermore, it prioritises repairs using machine learning data. Every solution seeks to address a specific component of IoT security, such as dynamic risk assessments, effective patch distribution, and patch prioritisation based on vulnerability data. It is critical to maintain the Internet of Things ecosystem's safety, flexibility, and efficiency. An integrated approach provides a strong defence against cyberattacks, which is crucial for ecosystem preservation.With this system, you can get better accuracy, flexibility, and resource use than with other methods. To help explain how the methods work, charts and flowcharts are used. The ablation study indicates that each method is important because it shows how they all help keep IoT devices safe. The suggested design considers how cyber risks are always changing to protect connected devices in a lot of different places from hackers.

    Keywords :

    Security Framework , IoT Devices , Machine Learning , Patch Prioritization , Anomaly Detection , Dynamic Risk Assessment , Scalable Patch Deployment , Threat Intelligence Integration , Comparative Performance Evaluation , Continuous Monitoring.

    References

    [1]     A. Jacovi, A. Marasovi’c, T. Miller, and Y. Goldberg, “Formalizing K. Zhang, X. Liang, R. Lu, and X. Shen, "Sybil attacks and their defenses in the internet of things," IEEE Internet of Things Journal, vol. 1, no. 5, pp. 372–383, 2014.

    [2]     V. Sharma, J. D. Lim, J. N. Kim, and I. You, "SACA: Self-Aware Communication Architecture for IoT Using Mobile Fog Servers," Mobile Information Systems, vol. 2017, pp. 1–17, 2017.

    [3]     A.-R. Sadeghi, C. Wachsmann, and M. Waidner, "Security and privacy challenges in industrial internet of things," in Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference (DAC '15), pp. 1–6, IEEE, San Francisco, Calif, USA, June 2015.

    [4]     V. Desnitsky, D. Levshun, A. Chechulin, and I. Kotenko, "Design technique for secure embedded devices: Application for creation of integrated cyber-physical security system," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 7, no. 2, pp. 60–80, 2016.

    [5]     D. Pathak and R. Kashyap, "Neural correlate-based E-learning validation and classification using convolutional and Long Short-Term Memory networks," Traitement du Signal, vol. 40, no. 4, pp. 1457-1467, 2023. [Online]. Available: https://doi.org/10.18280/ts.400414

    [6]     R. Kashyap, "Stochastic Dilated Residual Ghost Model for Breast Cancer Detection," J Digit Imaging, vol. 36, pp. 562–573, 2023. [Online]. Available: https://doi.org/10.1007/s10278-022-00739-z

    [7]     D. Bavkar, R. Kashyap, and V. Khairnar, "Deep Hybrid Model with Trained Weights for Multimodal Sarcasm Detection," in Inventive Communication and Computational Technologies, G. Ranganathan, G. A. Papakostas, and Á. Rocha, Eds. Singapore: Springer, 2023, vol. 757, Lecture Notes in Networks and Systems. [Online]. Available: https://doi.org/10.1007/978-981-99-5166-6_13

    [8]     I. Agrafiotis, A. Erola, M. Goldsmith, and S. Creese, "Formalizing policies for insider-threat detection: A tripwire grammar," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 8, no. 1, pp. 26–43, 2017.

    [9]     F. Kammüller, M. Kerber, and C. W. Probst, "Insider threats and auctions: Formalization, mechanized proof, and code generation," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 8, no. 1, pp. 44–78, 2017.

    [10]   R. Tian, L. Batten, R. Islam, and S. Versteeg, "An automated classification system based on the strings of trojan and virus families," in Proceedings of the 2009 4th International Conference on Malicious and Unwanted Software, MALWARE 2009, pp. 23–30, Canada, October 2009.

    [11]   D. Bilar, "Opcodes as predictor for malware," International Journal of Electronic Security and Digital Forensics, vol. 1, pp. 156–168, 2007.

    [12]   J. G. Kotwal, R. Kashyap, and P. M. Shafi, "Artificial Driving based EfficientNet for Automatic Plant Leaf Disease Classification," Multimed Tools Appl, 2023. [Online]. Available: https://doi.org/10.1007/s11042-023-16882-w

    [13]   V. Roy et al., “Detection of sleep apnea through heart rate signal using Convolutional Neural Network,” International Journal of Pharmaceutical Research, vol. 12, no. 4, pp. 4829-4836, Oct-Dec 2020.

    [14]   R. Kashyap, "Machine Learning, Data Mining for IoT-Based Systems," in Research Anthology on Machine Learning Techniques, Methods, and Applications, Information Resources Management Association, Ed. IGI Global, 2022, pp. 447-471. [Online]. Available: https://doi.org/10.4018/978-1-6684-6291-1.ch025

    [15]   M. Egele, E. Kirda, and C. Kruegel, "Mitigating drive-by download attacks: Challenges and open problems," IFIP Advances in Information and Communication Technology, vol. 309, pp. 52–62, 2009.

    [16]   A. Niki, "Drive-by download attacks: Effects and detection methods," in Proceedings of the 3rd IT Security Conference for the Next Generation, 2009.

    [17]   H. P. Sahu and R. Kashyap, "FINE_DENSEIGANET: Automatic medical image classification in chest CT scan using Hybrid Deep Learning Framework," International Journal of Image and Graphics [Preprint], 2023. [Online]. Available: https://doi.org/10.1142/s0219467825500044

    [18]   S. Stalin, V. Roy, P. K. Shukla, A. Zaguia, M. M. Khan, P. K. Shukla, A. Jain, "A Machine Learning-Based Big EEG Data Artifact Detection and Wavelet-Based Removal: An Empirical Approach," Mathematical Problems in Engineering, vol. 2021, Article ID 2942808, 11 pages, 2021. [Online]. Available: https://doi.org/10.1155/2021/2942808

    [19]   T. Dube, R. Raines, G. Peterson, K. Bauer, M. Grimaila, and S. Rogers, "Malware target recognition via static heuristics," Computers & Security, vol. 31, no. 1, pp. 137–147, 2012.

    Cite This Article As :
    Zaid, Abedallah. , Zikrillaeva, Nodira. , Gulnora, Gulyamova. Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks. Journal of Cybersecurity and Information Management, vol. , no. , 2024, pp. 30-49. DOI: https://doi.org/10.54216/JCIM.130203
    Zaid, A. Zikrillaeva, N. Gulnora, G. (2024). Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks. Journal of Cybersecurity and Information Management, (), 30-49. DOI: https://doi.org/10.54216/JCIM.130203
    Zaid, Abedallah. Zikrillaeva, Nodira. Gulnora, Gulyamova. Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks. Journal of Cybersecurity and Information Management , no. (2024): 30-49. DOI: https://doi.org/10.54216/JCIM.130203
    Zaid, A. , Zikrillaeva, N. , Gulnora, G. (2024) . Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks. Journal of Cybersecurity and Information Management , () , 30-49 . DOI: https://doi.org/10.54216/JCIM.130203
    Zaid A. , Zikrillaeva N. , Gulnora G. [2024]. Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks. Journal of Cybersecurity and Information Management. (): 30-49. DOI: https://doi.org/10.54216/JCIM.130203
    Zaid, A. Zikrillaeva, N. Gulnora, G. "Optimizing AI-Based Automated Security Patch Deployment in IoT Devices to Combat Zero-Day Exploits and Advanced Cyber Attacks," Journal of Cybersecurity and Information Management, vol. , no. , pp. 30-49, 2024. DOI: https://doi.org/10.54216/JCIM.130203