Cross-Cutting Research Actions

The following is the list of the research actions that apply to more than one domain. More details about the identified research actions can be found in the domain-specific research actions sections.

• ML/AI. Machine learning and AI-based techniques have been used extensively in the prevention and detection of cybersecurity threats in all domains. ML and DL have the potential of leveraging privacy and access control issues, and reinforcing capabilities of attack detection, intrusion detection, malicious code identification, and malware analysis capabilities in IoT environments. However, they come with a significant number of issues that require further research, including the choice of the most suitable model, byproduct anomalies that affect critical infrastructure, and real-time applications, as well as legislative issues concerning validation and certification of different IoT components. In the network domain, ML can be utilized for autonomous detection and patching of vulnerabilities to eliminate network threats. However, more research is required in the topics of performing vulnerability assessment and management prioritization and finding efficient techniques for increasing detection accuracy for certain attack types against the overall detection accuracy of the used model. Even though there have already been some efforts of integrating ML and AI capabilities within clouds by tech giants such as Google and Microsoft, ML and AI techniques have to be further integrated to fully harness their potential of reinforcing the security and reliability of cloud solutions and preventing data breaches. In the data domain, the main research challenges include adaptability and introduction of complete automation without, i.e. removal of all human intervention. In the application domain, AI can aid in code analysis, continuous authentication, application, and user monitoring, just to name a few. However, related challenges, limitations, and ways that AI solutions can cause potential voluntary or involuntary damage still have to be better understood. Finally, ML techniques can be utilized for analyzing user interactions, as well as for deploying user identification through biological features, automatic source code, and software analysis, and security automation. Further research in this field is becoming increasingly necessary due to the growing number of ML-based attacks.
  Domains: Device/IoT, Network, System, Data, Application, User.
• Blockchain. At present, IoT devices experience an ununiform and inconsistent data flow due to conflicting protocols and unstandardized designs. Furthermore, most of the vendors do not follow any configuration standards, while IoT infrastructure is mostly centralized, making It susceptible to attacks. Similarly, storing data in centralized structures render it vulnerable to data breaches. Thus, there is a need to conduct more research on adopting decentralized solutions, such as blockchain technology. The benefits of blockchain technology include immutability, verifiability, and efficiency. The combination of blockchain and big data can ensure the trustworthiness and integrity of generated data, as well as keep an immutable record of IoT devices.
  Domains: Device/IoT, Data.
• Novel authentication schemes. It refers to novel forms of sophisticated authentication. The effectiveness of the existing protocols and schemes should be further analyzed against malicious activities and especially omnipresent DoS attacks. Future authentication schemes and protocols should be designed with low communication overhead and computation costs in mind. Moreover, future research should focus on the integration and the applicability of passwordless authentication in a larger number and more complex architectures. In the case of IoT environments, novel authentication schemes should be able to cater to all three layers of IoT architecture and should be operable with an increasing number of nodes without the need to be modified.
  Domains: Device/IoT, Application.