AI and Cryptography in IoT Security: A Comprehensive Review of Authentication Approaches
DOI:
https://doi.org/10.46610/IJAITCI.2025.v01i01.005Keywords:
AI, Attack detection, Authentication scheme, Cryptography, Cyber security, Digital signature, Machine learning, Multifactor authenticationAbstract
Cybersecurity is crucial for safeguarding data, networks, and systems against cyber threats. However, cybersecurity solutions may not always align with existing hardware and software, potentially leading to security vulnerabilities. The advancements in artificial intelligence (AI) have significantly improved cyber-attack detection by leveraging machine learning, deep learning, and reinforcement learning algorithms. This article reviews various AI-driven approaches for cyber-attack detection, examining their efficiency and effectiveness. Additionally, various cryptographic techniques, including symmetric, asymmetric, and homomorphic encryption, are explored for security enhancement. Authentication schemes such as multifactor authentication, digital signatures, and biometric authentication are also studied to assess their reliability in securing sensitive information. The performance of these algorithms is analyzed based on key parameters, including accuracy (96.24%), positive predictive value (96.10%), hit rate (95.80%), F1 score (95.95%), error rate (21.33%), encryption time (96 sec), and decryption time (85 sec). The findings indicate that deep learning-based deep neural networks (DNN) outperform other models in cyber-attack detection. Additionally, the data encryption standard (DES) algorithm provides improved security, while biometric authentication offers enhanced security and user convenience compared to traditional authentication methods. This study highlights the effectiveness of AI and cryptographic approaches in strengthening cybersecurity frameworks.
References
F. Ullah, H. Naeem, S. Jabbar, S. Khalid, M. A. Latif, F. Al-Turjman, and L. Mostarda, “Cyber security threats detection in the Internet of Things using deep learning approach,” IEEE Access, vol. 7, pp. 124379–124389, Aug. 2019. Available at: https://ieeexplore.ieee.org/abstract/document/8812669
Y. Zacchia Lun, A. D’Innocenzo, F. Smarra, I. Malavolta, and M. D. Di Benedetto, “State of the art of cyber-physical systems security: An automatic control perspective,” Journal of Systems and Software, vol. 149, pp. 174–216, Mar. 2019, doi: https://doi.org/10.1016/j.jss.2018.12.006
J. Zhang, L. Pan, Q.-L. Han, C. Chen, S. Wen, and Y. Xiang, “Deep learning based attack detection for cyber-physical system cybersecurity: A survey,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 3, pp. 377-391, doi: https://doi.org/10.1109/jas.2021.1004261.
I. H. Sarker, M. H. Furhad, and R. Nowrozy, “AI-driven cybersecurity: An overview, security intelligence modeling and research directions,” SN Computer Science, vol. 2, no. 3, Mar. 2021, Available: https://link.springer.com/article/10.1007/s42979-021-00557-0
M. Z. Gunduz and R. Das, “Cyber-security on the smart grid: Threats and potential solutions,” Computer Networks, vol. 169, no. 107094, p. 107094, Mar. 2020, doi: https://doi.org/10.1016/j.comnet.2019.107094
I. H. Sarker, “CyberLearning: Effectiveness analysis of machine learning security modeling to detect cyber-anomalies and multi-attacks,” Internet of Things, vol. 14, p. 100393, Mar. 2021, doi: https://doi.org/10.1016/j.iot.2021.100393
Noemí DeCastro-García, L. Muñoz, and M. Fernández-Rodríguez, “Machine learning for automatic assignment of the severity of cybersecurity events,” vol. 2, no. 1, Jan. 2020, doi: https://doi.org/10.1002/cmm4.1072
Z. Wang, L. Chen, S. Song, P. X. Cong, and Q. Ruan, “Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations,” Alexandria Engineering Journal, vol. 59, no. 4, pp. 2725–2731, Aug. 2020, doi: https://doi.org/10.1016/j.aej.2020.05.014
J. Martínez Torres, C. Iglesias Comesaña, and P. J. García-Nieto, “Review: machine learning techniques applied to cybersecurity,” International Journal of Machine Learning and Cybernetics, vol. 10, no. 10, pp. 2823–2836, Jan. 2019, doi: https://doi.org/10.1007/s13042-018-00906-1
Y. B. Abushark, A. Irshad Khan, F. Alsolami, A. Almalawi, M. Mottahir Alam, A. Agrawal, R. Kumar, and R. Ahmad Khan, “Cyber security analysis and evaluation for intrusion detection systems," Comput. Mater. Contin., vol. 72, pp. 1765–1783, Jan. 2022. Available at: https://www.researchgate.net/publication/358832572_Cyber_Security_Analysis_and_Evaluation_for_Intrusion_Detection_Systems
T. W. Satyapanich, T. Finin, and F. Ferraro, “Extracting rich semantic information about cybersecurity events,” Maryland Shared Open Access Repository (USMAI Consortium), Dec. 2019, doi: https://doi.org/10.1109/bigdata47090.2019.9006444
A. S. Khan et al., “Lightweight multifactor authentication scheme for NextGen cellular networks,” IEEE Access, vol. 10, pp. 31273–31288, 2022, doi: https://doi.org/10.1109/ACCESS.2022.3159686
S. Atiewi et al., “Scalable and secure big data IoT system based on multifactor authentication and lightweight cryptography,” IEEE Access, pp. 1–1, 2020, doi: https://doi.org/10.1109/access.2020.3002815
M. Sajjad et al., “CNN-based anti-spoofing two-tier multi-factor authentication system,” Pattern Recognition Letters, vol. 126, pp. 123–131, Sep. 2019, doi: https://doi.org/10.1016/j.patrec.2018.02.015
A. Ometov, V. Petrov, S. Bezzateev, S. Andreev, Y. Koucheryavy, and M. Gerla, “Challenges of multi-factor authentication for securing advanced IoT Applications,” IEEE Network, vol. 33, no. 2, pp. 82–88, Mar. 2019, doi: https://doi.org/10.1109/MNET.2019.1800240
X. Zhang and X. Chen, “Data security sharing and storage based on a consortium blockchain in a vehicular Adhoc network,” IEEE Access, pp. 1–1, 2019, doi: https://doi.org/10.1109/access.2018.2890736
R. Tolosana, R. Vera-Rodriguez, J. Fierrez, and J. Ortega-Garcia, “DeepSign: Deep on-line signature verification,” IEEE Transactions on Biometrics, Behavior, and Identity Science, vol. 3, no. 2, pp. 229–239, Apr. 2021, doi: https://doi.org/10.1109/tbiom.2021.3054533
Md. A. Islam, T. Tabassum, Md. S. Hossein, S. Hossain, M. Hossain, and A. H. Jony, "A digital data hiding technique with missing puzzle and seek algorithm," 2020 4th International Conference on Electronics, Communication and Aerospace Technology (ICECA), pp. 1304–1309, Nov. 2020, doi: https://doi.org/10.1109/iceca49313.2020.9297600
Y. Zhang and X. Chen, “Explainable Recommendation: A Survey and New Perspectives,” Foundations and Trends® in Information Retrieval, vol. 14, no. 1, pp. 1–101, 2020, doi: https://doi.org/10.1561/1500000066.
S. S. Harakannanavar, P. C. Renukamurthy, and K. B. Raja, "Comprehensive study of biometric authentication systems, challenges, and future trends," Int. J. Adv. Netw. Appl., vol. 10, no. 4, pp. 3958–3968, 2019. Available at: https://www.researchgate.net/profile/Sunil-S-Harakannanavar/publication/333266096_Comprehensive_Study_of_Biometric_Authentication_Systems_Challenges_and_Future_Trends/links/5cffd843a6fdccd13093a10e/Comprehensive-Study-of-Biometric-Authentication-Systems-Challenges-and-Future-Trends.pdf
E. Al Alkeem et al., “An enhanced electrocardiogram biometric authentication system using machine learning,” IEEE Access, vol. 7, pp. 123069–123075, 2019, doi: https://doi.org/10.1109/access.2019.2937357
M. Zulfiqar, F. Syed, M. J. Khan, and K. Khurshid, “Deep face recognition for biometric authentication,” 2019 International Conference on Electrical, Communication, and Computer Engineering (ICECCE), Jul. 2019, doi: https://doi.org/10.1109/icecce47252.2019.8940725
S.-K. Kim, C. Y. Yeun, E. Damiani, and N.-W. Lo, “A machine learning framework for biometric authentication using electrocardiogram,” IEEE Access, vol. 7, pp. 94858–94868, 2019, doi: https://doi.org/10.1109/access.2019.2927079
M. Saharkhizan, A. Azmoodeh, A. Dehghantanha, K.-K. R. Choo, and R. M. Parizi, "An ensemble of deep recurrent neural networks for detecting IoT cyber attacks using network traffic," IEEE Internet Things J., vol. 7, no. 9, pp. 8852–8859, Sep. 2020, doi: https://doi.org/10.1109/jiot.2020.2996425
M. R. Habibi, H. R. Baghaee, F. Blaabjerg, and T. Dragicevic, “Secure control of DC microgrids for instant detection and mitigation of cyber-attacks based on artificial intelligence,” IEEE Systems Journal, pp. 1–12, 2021, doi: https://doi.org/10.1109/jsyst.2021.3119355
M. Elsisi, M.-Q. Tran, K. Mahmoud, D.-E. A. Mansour, M. Lehtonen, and M. M. F. Darwish, “Towards secured online monitoring for digitalized GIS against cyber-attacks based on IoT and machine learning,” IEEE Access, pp. 1–1, 2021, doi: https://doi.org/10.1109/access.2021.3083499
A. Gumaei, M. M. Hassan, S. Huda, M. R. Hassan, D. Camacho, J. Del Ser, and G. Fortino, "A robust cyberattack detection approach using optimal features of SCADA power systems in smart grids," Appl. Soft Comput., vol. 96, p. 106658, Nov. 2020 doi: https://doi.org/10.1016/j.asoc.2020.106658
A. Al-Abassi, H. Karimipour, A. Dehghantanha, and R. M. Parizi, “An ensemble deep learning-based cyber-attack detection in industrial control system,” IEEE Access, vol. 8, pp. 83965–83973, 2020, doi: https://doi.org/10.1109/access.2020.2992249
H. Bae, J. Jang, D. Jung, H. Jang, H. Ha, H. Lee, and S. Yoon, "Security and privacy issues in deep learning," arXiv preprint arXiv: 1807.11655, Jul. 2018. Available: https://arxiv.org/abs/1807.11655
F. Ullah, S. Jabbar, and F. Al-Turjman, “Programmers’ de-anonymization using a hybrid approach of abstract syntax tree and deep learning,” Technological Forecasting and Social Change, vol. 159, p. 120186, Oct. 2020, doi: https://doi.org/10.1016/j.techfore.2020.120186.
M. Roopak, G. Yun Tian, and J. Chambers, “Deep learning models for cyber security in IoT networks,” 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), Jan. 2019, doi: https://doi.org/10.1109/ccwc.2019.8666588
K. Ren, Y. Zeng, Z. Cao, and Y. Zhang, “ID-RDRL: A deep reinforcement learning-based feature selection intrusion detection model,” Scientific Reports, vol. 12, no. 1, Sep. 2022, doi: https://doi.org/10.1038/s41598-022-19366-3
Y. Liu, D. Zhang, and H. B. Gooi, "Optimization strategy based on deep reinforcement learning for home energy management," CSEE J. Power Energy Syst., vol. 6, no. 3, pp. 572–582, Sep. 2020. doi: https://doi.org/10.17775/CSEEJPES.2019.02890.
T. T. Nguyen and V. J. Reddi, “Deep reinforcement learning for cyber security,” IEEE Transactions on Neural Networks and Learning Systems, vol. 34, no. 8, pp. 1–17, 2021, doi: https://doi.org/10.1109/tnnls.2021.3121870
X. Liu, J. Ospina, and C. Konstantinou, “Deep reinforcement learning for cybersecurity assessment of wind integrated power systems,” IEEE Access, pp. 1–1, 2020, doi: https://doi.org/10.1109/access.2020.3038769
Agarwal P, Mittal S, Tiwari A, Gupta I, Singh AK, Sharma B. Authenticating cryptography over network in data. 2019 International Conference on Intelligent Computing and Control Systems (ICCS) 2019 May 15 (pp. 632-636). IEEE. Available at: https://ieeexplore.ieee.org/abstract/document/9065608
Kumar S, Gaur MS, Sharma PS, Munjal D. A novel approach of symmetric key cryptography. In2021 2nd International Conference on Intelligent Engineering and Management (ICIEM) 2021 Apr 28 (pp. 593-598). IEEE. Available at: https://ieeexplore.ieee.org/abstract/document/9445343.
D. Chen et al., “Privacy-preserving encrypted traffic inspection with symmetric cryptographic techniques in IoT,” IEEE Internet of Things Journal, pp. 1–1, 2022, doi: https://doi.org/10.1109/jiot.2022.3155355
Hamed NM, Yassin AA. Secure Patient authentication scheme in the healthcare system using symmetric encryption. Iraqi Journal for Electrical & Electronic Engineering. 2022 Jun 1;18(1). Available at: https://ijeee.edu.iq/Papers/Vol18-Issue1/1570789078.pdf
Al-Mahdi H, Alruily M, Shahin OR, Alkhaldi K. Design and analysis of DNA encryption and decryption technique based on asymmetric cryptography system. International Journal of Advanced Computer Science and Applications. 2019;10(2). Available at: https://thesai.org/Publications/ViewPaper?Volume=10&Issue=2&Code=IJACSA&SerialNo=64
Md. Ashiqul Islam, A. A. Kobita, Md. Sagar Hossen, L. S. Rumi, R. Karim, and T. Tabassum, “Data Security System for A Bank Based on Two Different Asymmetric Algorithms Cryptography,” Evolutionary Computing and Mobile Sustainable Networks, pp. 837–844, Aug. 2020, doi: https://doi.org/10.1007/978-981-15-5258-8_77
M. Lawnik and A. Kapczynski, “The application of modified Chebyshev polynomials in asymmetric cryptography,” Computer Science, vol. 20, no. 3, p. 367, 2019, doi: https://doi.org/10.7494/csci.2019.20.3.3307
D. Pointcheval, “Asymmetric cryptography and practical security,” Journal of Telecommunications and Information Technology, no. 4, pp. 41–56, Dec. 2002, doi: https://doi.org/10.26636/jtit.2002.4.146
S. Peng et al., “Blockchain Data Secure Transmission Method Based on Homomorphic Encryption,” Computational Intelligence and Neuroscience, vol. 2022, p. e3406228, Apr. 2022, doi: https://doi.org/10.1155/2022/3406228
Jain N, Pal SK, Upadhyay DK. Implementation and analysis of homomorphic encryption schemes. Intern. J. on Cryptography and Information Security (IJCIS). 2012 Jun;2(2):27-44. Available at: https://wireilla.com/papers/ijcis/V2N2/2212ijcis03.pdf
X. Yi, R. Paulet, and E. Bertino, “Homomorphic Encryption,” Homomorphic Encryption and Applications, pp. 27–46, 2014, doi: https://doi.org/10.1007/978-3-319-12229-8_2
Alkharji M, Liu H, Washington CU. Homomorphic encryption algorithms and schemes for secure computations in the cloud. In Proceedings of 2016 International Conference on Secure Computing and Technology 2016 Nov (Vol. 19).
