راهکار افزایش امنیت در شبکه‌های خانگی مبتنی بر اینترنت اشیا

گنج خانلو, حسین

doi:10.22034/apj.2026.735653

راهکار افزایش امنیت در شبکه‌های خانگی مبتنی بر اینترنت اشیا

نوع مقاله : مقاله پژوهشی

نویسنده

حسین گنج خانلو

گروه مهندسی برق و کامپیوتر ، واحد خدابنده، دانشگاه آزاد اسلامی، خدابنده، ایران

10.22034/apj.2026.735653

چکیده

رشد نفجاری دستگاه‌های اینترنت اشیا (IoT) در محیط‌های خانگی، همراه با محدودیت‌های ذاتی این دستگاه‌ها از نظر توان محاسباتی، حافظه و مصرف انرژی، سطح حملات سایبری را به طور بی‌سابقه‌ای افزایش داده است. شبکه‌های خانگی سنتی فاقد مکانیسم‌های امنیتی مناسب برای مقابله با تهدیدات نوظهور اختصاصی IoT هستند. این مقاله یک راهکار جامع و چندلایه برای افزایش امنیت در شبکه‌های خانگی مبتنی بر IoT ارائه می‌دهد. رویکرد پیشنهادی با عنوان "SecHome-IoT" از ترکیب سه لایه اصلی تشکیل شده است: اول لایه تشخیص ناهنجاری مبتنی بر یادگیری عمیق (پیش‌پردازش خودکار و شبکه عصبی کانولوشن یک‌بعدی به همراه حافظه کوتاه‌مدت طویل‌مدت)، دوم لایه مجازی‌سازی امن مبتنی بر میکروسرویس‌های سبک (با استفاده از کانتینرهای سخت‌افزاری و جداسازی مسیر بحرانی) و سومین لایه مدیریت خط‌مشی پویا و تطبیقی (با استفاده از سیستم استنتاج فازی تطبیقی-عصبی) انجام میدهد. ارزیابی سخت‌افزاری-نرم‌افزاری بر روی مجموعه داده‌های واقعی CICIDS2017، Bot-IoT و UNSW-NB15 به همراه پیاده‌سازی بر روی پلتفرم Raspberry Pi و سوییچ‌های هوشمند OpenWrt نشان می‌دهد که روش پیشنهادی با نرخ تشخیص حمله ۹۸.۷٪، نرخ هشدار اشتباه ۱.۴٪، و تأخیر پردازش میانگین ۴۲.۶ میلی‌ثانیه نسبت به بهترین روش‌های پیشین مانند IoT-IDSA و Deep-STM بهبودی بین ۱۲ تا ۲۵ درصدی در معیارهای امنیتی و کارایی دارد. این مقاله با ارائه تحلیل جامع تهدیدها، پیاده‌سازی واقعی و مقایسه کمی گسترده، نقشه راهی عملی برای تأمین امنیت شبکه‌های خانگی IoT فراهم می‌آورد.

کلیدواژه‌ها

امنیت شبکه خانگی

اینترنت اشیا

تشخیص نفوذ

یادگیری عمیق

جداسازی شبکه

عنوان مقاله English

Security Enhancement Solution in Home Networks, based on the Internet of Things

نویسنده English

Hossein Ganjkhanloo

Department of Computer Engineering, Khod.C., Islamic Azad University, Khodabandeh , Iran

چکیده English

The explosive growth of Internet of Things (IoT) devices in home environments, coupled with the inherent limitations of these devices in terms of computing power, memory, and energy consumption, has increased the level of cyberattacks to an unprecedented level. Traditional home networks lack adequate security mechanisms to deal with emerging IoT-specific threats. This paper presents a comprehensive and multi-layered solution to enhance security in IoT-based home networks. The proposed approach, titled "SecHome-IoT", is composed of three main layers: (1) a deep learning-based anomaly detection layer (automated preprocessing and 1D convolutional neural network with long-term short-term memory), (2) a secure virtualization layer based on lightweight microservices (using hardware containers and critical path isolation), and (3) Dynamic and adaptive policy management layer (using adaptive-neural fuzzy inference system). Best hardware-software simulation on real-world datasets CICIDS2017, Bot-IoT and UNSW-NB15 along with implementation on Raspberry Pi platform and OpenWrt smart switches shows that the proposed method is superior to the previous ones (such as IoT-IDSA and Deep-STM) with an attack detection rate of 98.6% and a false positive rate of 1.4%. It has an improvement of 25% in security and performance metrics. This paper provides a roadmap for the security of IoT home networks by providing a comprehensive threat analysis, real-world and similar implementations.

کلیدواژه‌ها English

Home Network Security

Internet of Things

Intrusion Detection

Network Isolation

[1] Atzori L, Iera A, Morabito G. The internet of things: A survey. Computer Networks. 2010 Oct 28;54(15):2787-805.

[2] Gubbi J, Buyya R, Marusic S, Palaniswami M. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems. 2013 Sep 1;29(7):1645-60.

[3] Statista Research Department. Number of connected IoT devices worldwide 2020-2030 [Internet]. New York: Statista; 2025 [cited 2026 Apr 25]. Available from: https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/

[4] Alaba FA, Othman M, Hashem IAT, Alotaibi F. Internet of Things security: A survey. Journal of Network and Computer Applications. 2017 Jun 1;88:10-28.

[5] Zhou W, Jia Y, Peng A, Zhang Y, Liu P. The effect of IoT new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet of Things Journal. 2018 Nov 1;6(2):1606-16.

[6] Trappe W, Howard R, Moore RS. Low-energy security: Limits and opportunities in the internet of things. IEEE Security & Privacy. 2015 Jan 22;13(1):14-21.

[7] Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A. Security, privacy and trust in Internet of Things: The road ahead. Computer Networks. 2015 Jan 15;76:146-64.

[8] Makhdoom I, Abolhasan M, Lipman J, Liu RP, Ni W. Anatomy of threats to the internet of things. IEEE Communications Surveys & Tutorials. 2018 Jul 16;21(2):1636-75.

[9] Bertino E, Islam N. Botnets and internet of things security. Computer. 2017 Feb 21;50(2):76-9.

[10] Kolias C, Kambourakis G, Stavrou A, Voas J. DDoS in the IoT: Mirai and other botnets. Computer. 2017 Jul 6;50(7):80-4.

[11] Antonakakis M, April T, Bailey M, Bernhard M, Bursztein E, Cochran J, et al. Understanding the mirai botnet. In: 26th USENIX Security Symposium (USENIX Security 17); 2017 Aug 16-18; Vancouver, BC. p. 1093-110.

[12] Andy S, Rahardjo B, Hanindhito B. Attack scenarios and security analysis of MQTT communication protocol in IoT system. In: 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI); 2017 Sep 19-21; Yogyakarta, Indonesia. IEEE; 2017. p. 1-6.

[13] Chen Y, Zhang Y, Wang S. Vulnerability assessment and mitigation for IoT firmware: A survey. Computers & Security. 2024 Mar 1;138:103674.

[14] Ziegeldorf JH, Morchon OG, Wehrle K. Privacy in the Internet of Things: threats and challenges. Security and Communication Networks. 2014 Dec;7(12):2728-42.

[15] Mohanty SN, Ramya KC, Rani SS, Gupta D, Shankar K, Lakshmanaprabu SK, Khanna A. An efficient lightweight integrated blockchain (ELIB) model for IoT security and privacy. Future Generation Computer Systems. 2020 Jan 1;102:1027-37.

[16] HaddadPajouh H, Dehghantanha A, Khayami R, Choo KKR. A deep recurrent neural network based approach for internet of things malware threat hunting. Future Generation Computer Systems. 2018 Aug 1;85:88-96.

[17] Mousavi SK, Ghaffari A, Besharat S, Afshari H. Security of internet of things using RC4 and LFSR lightweight hybrid algorithm (RLHA). Wireless Personal Communications. 2020 Dec;115(4):2953-67.

[18] McKay KA, Bassham LE, Sonmez Turan M, Mouha N. Report on lightweight cryptography (NIST IR 8114). Gaithersburg (MD): National Institute of Standards and Technology; 2017 Apr. 34 p.

[19] Dwivedi AD, Srivastava G, Dhar S, Singh R. A decentralized privacy-preserving healthcare blockchain for IoT. Sensors. 2019 Jan 18;19(2):326.

[20] Sivanathan A, Sherratt D, Gharakheili HH, Sivaraman V, Vishwanath A. Low-cost flow-based security for home IoT networks. In: 2019 IEEE 44th Conference on Local Computer Networks (LCN); 2019 Oct 14-17; Osnabrück, Germany. IEEE; 2019. p. 360-7.

[21] Sivanathan A, Gharakheili HH, Sivaraman V. Managing IoT cyber-security using programmable telemetry and data plane filtering. In: 2020 IEEE 28th International Conference on Network Protocols (ICNP); 2020 Oct 13-16; Madrid, Spain. IEEE; 2020. p. 1-6.

[22] Al-Garadi MA, Mohamed A, Al-Ali AK, Du X, Ali I, Guizani M. A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials. 2020 Apr 3;22(3):1646-85.

[23] Hasan M, Islam MM, Zarif MII, Hashem MMA. Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Internet of Things. 2019 Sep 1;7:100059.

[24] Anthi E, Williams L, Słowińska M, Theodorakopoulos G, Burnap P. A supervised intrusion detection system for smart home IoT devices. IEEE Internet of Things Journal. 2019 May 23;6(5):9042-53.

[25] Diro AA, Chilamkurti N. Distributed attack detection scheme using deep learning approach for Internet of Things. Future Generation Computer Systems. 2018 May 1;82:761-8.

[26] Ullah I, Mahmoud QH. A two-level flow-based anomalous activity detection system for IoT networks using deep learning. Journal of Network and Systems Management. 2021 Apr;29(2):1-27.

[27] Khan MA, Khan MA, Jan SU, Ahmad J, Jamal SS, Shah AA, Pitropakis N, Buchanan WJ. A deep learning-based intrusion detection system for MQTT enabled IoT. Sensors. 2021 Oct 18;21(20):7016.

[28] Roopak M, Tian GY, Chambers J. Deep learning models for cyber security in IoT networks. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC); 2019 Jan 7-9; Las Vegas, NV, USA. IEEE; 2019. p. 452-7.

[29] Ferrag MA, Maglaras L, Moschoyiannis S, Janicke H. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications. 2020 Feb 1;50:102419.

[30] Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS); 2015 Nov 10-12; Canberra, ACT, Australia. IEEE; 2015. p. 1-6.

[31] Sharafaldin I, Lashkari AH, Ghorbani AA. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018); 2018 Jan 22-24; Funchal, Portugal. p. 108-16.

[32] Koroniotis N, Moustafa N, Sitnikova E, Turnbull B. Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems. 2019 Nov 1;100:779-96.