Machine Learning-Based Security Resource Allocation for Defending against Attacks in the Internet of Things

Nowadays, the Internet of Things (IoT) has become the focus of security attacks due to the limitation of processing resources, heterogeneity, energy limitation in objects, and the lack of a single standard for implementing security mechanisms. In this article, a solution will be presented for the problem of security resources allocating to deal with attacks in the Internet of Things. Security Resource Allocation (SRA) problem in the IoT networks refers to the placement of the security resources in the IoT infrastructure. To solve this problem, it is mandatory to consider the dynamic nature of the communication environments and the uncertainty of the attackers' actions. In the traditional approaches for solving the SRA, the attacker works over based on his assumptions about the system conditions. Meanwhile, the defender collects the system's information with prior knowledge of the attacker's behavior and the targeted nodes. Unlike the mentioned traditional approaches, this research has adopted a realistic approach for the Dynamic Security Resources Allocation in the IoT to battle attackers with unknown behavior. In the stated problem, since there is a need to decide on deploying several security resources during the learning periods, the state space of the strategies is expressed in the combinatorial form. Also, the SRAIoT problem is defined as a combinatorial-adversarial multi-armed bandit problem. Since switching in the security resources has a high cost, in real scenarios, this cost is included in the utility function of the problem. Thus, the proposed framework considers the switching cost and the earned reward. The simulation results show a faster convergence of the weak regret criterion of the proposed algorithms than the basic combinatorial algorithm. In addition, in order to simulate the IoT network in a realistic context, the attack scenario has been simulated using the Cooja simulator.