Adaptive learning-based hybrid recommender system for deception in Internet of Thing

Abstract

In the rapidly evolving Internet of Things (IoT) security domain, device vulnerabilities pose significant risks, frequently exploited by cyberattackers. Traditional reactive security measures like patching often fall short against advanced threats. This paper introduces a proactive deception system enhanced by an innovative Adaptive Learning-based Hybrid Recommender System (AL-HRS), utilizing the vulnerability and attack repository for IoT (VARIoT) database. This advanced system identifies existing vulnerabilities and dynamically recommends additional deceptive vulnerabilities based on real-time analysis of attacker behavior and historical exploit data. These recommended vulnerabilities mislead attackers into engaging with controlled environments such as honeypots, effectively neutralizing potential threats. The AL-HRS combines the predictive strengths of content-based filtering (CBF) and collaborative filtering (CF) with an adaptive learning mechanism that adjusts recommendations based on ongoing attacker interactions, ensuring the system’s efficacy amidst changing attack patterns. Our approach innovatively combines these methodologies to provide a continuously evolving security strategy, significantly enhancing the deception capability of IoT systems. Initial evaluations demonstrate a potential reduction in device compromise, highlighting the effectiveness and strategic relevance of this adaptive deception framework in IoT cybersecurity.