Unraveling Attacks in Machine Learning-based IoT Ecosystems: A Survey and the Open Libraries Behind Them

TL;DR

This survey addresses the security implications of integrating machine learning into IoT by offering a holistic taxonomy of six attack families (membership inference, adversarial, reconstruction, property inference, model extraction, and poisoning) and a structured threat model that accounts for attacker goals, knowledge, abilities, and strategies. It combines theoretical taxonomy with an empirical evaluation of 65 open-source libraries, distinguishing original versus unoriginal implementations and examining their usability, hardware support, and reproducibility. The authors provide practical guidelines for library selection, Python-version considerations, and parameter tuning, alongside concrete insights into how IoT-specific constraints (edge devices, SDN, and cloud-edge orchestration) shape attack surfaces and defenses. Overall, the work centralizes defense-oriented resources and methods for ML-enabled IoT ecosystems, promoting privacy-preserving, robust ML deployment and informing researchers and practitioners about actionable security tooling. These contributions advance the state of ML-based IoT security by linking attack taxonomies to concrete open-source defenses and deployment considerations, with significant implications for practice and policy in privacy and integrity protection.

Abstract

The advent of the Internet of Things (IoT) has brought forth an era of unprecedented connectivity, with an estimated 80 billion smart devices expected to be in operation by the end of 2025. These devices facilitate a multitude of smart applications, enhancing the quality of life and efficiency across various domains. Machine Learning (ML) serves as a crucial technology, not only for analyzing IoT-generated data but also for diverse applications within the IoT ecosystem. For instance, ML finds utility in IoT device recognition, anomaly detection, and even in uncovering malicious activities. This paper embarks on a comprehensive exploration of the security threats arising from ML's integration into various facets of IoT, spanning various attack types including membership inference, adversarial evasion, reconstruction, property inference, model extraction, and poisoning attacks. Unlike previous studies, our work offers a holistic perspective, categorizing threats based on criteria such as adversary models, attack targets, and key security attributes (confidentiality, availability, and integrity). We delve into the underlying techniques of ML attacks in IoT environment, providing a critical evaluation of their mechanisms and impacts. Furthermore, our research thoroughly assesses 65 libraries, both author-contributed and third-party, evaluating their role in safeguarding model and data privacy. We emphasize the availability and usability of these libraries, aiming to arm the community with the necessary tools to bolster their defenses against the evolving threat landscape. Through our comprehensive review and analysis, this paper seeks to contribute to the ongoing discourse on ML-based IoT security, offering valuable insights and practical solutions to secure ML models and data in the rapidly expanding field of artificial intelligence in IoT.

Figures (11)

• Figure 1: Typical scenarios and ML-based IoT visions.
• Figure 2: Different attack models targeting ML-based IoT.
• Figure 3: The structure of this article.
• Figure 4: Different categories in attack and threat models.
• Figure 5: Number of libraries for each attack. Membership Inference Attacks (MIA), Adversarial Attacks (AA), Reconstruction Attacks (RA), Property Inference Attacks (PIA), Model Extraction Attacks (MEA), and Poisoning Attacks (PA). We categorize libraries as original library if they were developed by the authors of the paper, unoriginal library if provided by other individuals or entities, and N/A if the source of the library's origin cannot be determined.