Intelligent Adaptive Optimisation Method for Enhancement of Information Security in IoT-Enabled Environments

Abstract

The usage of the Internet increased dramatically during the start of the twenty-first century, entangling the system with a variety of services, including social media and e-commerce. These systems begin producing a large volume of data that has to be secured and safeguarded from unauthorised users and devices. In order to safeguard the information of the cyber world, this research suggests an expanded form of differential evolution (DE) employing an intelligent mutation operator with an optimisation-based design. It combines a novel mutation technique with DE to increase the diversity of potential solutions. The new intelligent mutation operator improves the security, privacy, integrity, and authenticity of the information system by identifying harmful requests and responses and helping to defend the system against assault. When implemented on an e-commerce application, the performance of the suggested technique is assessed in terms of confidentiality, integrity, authentication, and availability. The experimental findings show that the suggested strategy outperforms the most recent evolutionary algorithm (EA).

1. Introduction

Technology and statistics advance quickly in the contemporary day, where the Internet is everywhere. The Internet is becoming increasingly important to organisations, governments, enterprises, and educational institutions. Although there may be a positive side, some of its negative aspects can not be ignored, which can seriously impact a person or an organisation. Malevolent systems are primarily responsible for tasks such as creating bogus websites, spreading infections, listening in on conversations, modification of data, etc. Some of these operations risk national security and military structure, which might result in significant losses since in IoT-enabled applications data or information mostly are transient and updated by anonymous self-governing devices. With such a large number of devices, terminals, and machines connecting to an Internet of Things (IoT) network, a huge amount of data and security vulnerability makes security a burning issue [1,2].

Confidentiality may be obtained through cryptography, which means “strange texts”. Cryptography has advanced to new levels in the modern world, offering businesses and people privacy to the point that only authorised staff may access the data [3]. With a lengthy history, strong fundamentals, and ongoing development, cryptography is still evolving today. The “secret” hieroglyphics utilised by the Egyptians are one of the first instances of encryption. The most popular method used today, the Caesar cypher, was also employed by the people of Rome in ancient times [4]. Ancient Greeks also used a scytale for cryptographic encryptions. Worldwide, people use cryptography to safeguard their data and information on a daily basis without even recognising that they are doing something so complex. While cryptography offers advantages, it also has certain disadvantages. Because cryptographic systems are so fragile, even a small alteration or mistake can have disastrous effects and result in system breaches [5].

Even though most systems no longer know that they are using it, cryptography is used daily to safeguard information and records by billions of systems worldwide. Although it is extremely advantageous, it is also seen as being rather brittle since cryptographic systems can be broken by a programming or specification error. Different kinds of assaults on information systems that undermine security, integrity, confidentiality, and availability are the work of the hostile system.

Therefore, the security of the system or application cannot be compromised; hence, it requires implementing the optimisation algorithm into the information system to recognise requests from these dangerous nodes and assist systems in warning them before the assault.

Although other classes of optimisation techniques are accessible in the literature, DE is one of the key strategies [6]. Numerous non-deterministic polynomial-time (NP)-complete problems in optimisation methods can be resolved using the population-based meta-heuristic method known as DE. It functions well across a variety of test areas. The optimisation method considers several operations for exploration and exploitation, such as mutation, crossover, and selection. A new vector known as the donor vector is produced during the mutation process. A crossover is then performed on the donor vector to generate a new vector known as the trailing vector. The target, donor, and trail vectors are ultimately picked as the three vectors’ most tasteful solutions. Based on the fitness value, they are then included in the population for the subsequent generations.

1.1. Problem Statement

Highlights of the problem description are as follows.

• The time complexity of the existing evolutionary algorithms [7,8,9,10,11,12,13,14,15,16,17,18] is high. This is because of the several iterations to locate the ideal value. This difficulty worsens with a bigger population and a non-continuous function.
• Security keeps up with the impressive advancements being made in the field of information systems [19]. Intelligent attacks in the IoT environment are viable by sending malicious requests and responses. As a result, it is necessary to safeguard the information by recognising the assaults before they are carried out.

The following is a list of improvements over existing approaches:

• Most existing techniques are based on non-continuous functions, which increases the complexity of optimisation algorithms [10,11,12,13,20,21,22]. In contrast, the proposed method is based on the new automatic adaptation-based strategy, which is incorporated with DE to overcome the searching strategy, which reduces time complexity and provides diversity and convergence rate.
• The methods available in the literature [5,19,23,24,25,26], when applied in the e-commerce application of information systems, are found to be insecure in terms of confidentiality, authenticity, availability, and integrity. In comparison, the proposed method optimises the best fitness function of the different generations of e-commerce applications, achieving better confidentiality, authenticity, availability, and integrity.

The proposed method is incorporated into the security framework to provide security for IoT-enabled applications. These can be any modern IoT applications because in the IoT network devices work independently, hence the possibilities of security attacks increase. This method is specially designed, keeping in the mind the requirements of IoT-enabled e-commerce applications such as supply chain management, banking, retail management, inventory management, etc., rather than general applications. IoT devices exchange data with each other, which helps retail and e-commerce firms to execute their operations smoothly and efficiently. As e-commerce grows in popularity, the possibilities for IoT use in the industry expand. This application can be handy in remote access management, tracking of product in journey, enhanced personalised experience about the customers and products, etc.

With the advancement of technologies such as artificial intelligence (AI), machine learning (ML), and data analytics the possibility of security attacks in IoT-enabled applications is increasing, hence it requires an advanced-level security shield which can cope with the coming challenges. Keeping the security vulnerability of IoT-enabled applications, this work proposed a new AI-based DE method to shield from the security attacks.

1.2. Author’s Contribution

Highlights of the author’s contribution are as follows:

• A novel adaption-based strategy is devised and incorporated with the DE algorithm to identify the request of the malicious node to mitigate security attacks.
• The devised mutation operator considers the environment factor, i.e., an internal environment that maintains the diversity in an initial generation and gives impetus to the convergence speed of the DE algorithm.
• In the performance analysis of confidentiality, integrity, authentication, and availability, the proposed approach is tested on an e-commerce application.
• The observed result shows that the proposed approach obtains a better solution in terms of best, average, and worst fitness functions on a 3-dimension application-based test.

1.3. Article Organisation

The organisation of the rest of the paper is as follows: Section 2 presents a description of existing DE variants and recent approaches devised for information security. Section 3 describes an application for an information security-based evolutionary model. Section 4 outlines a description of the proposed methodology. Section 5 describes the experimental result, in which the obtained results are compared with existing DE, and related standard cost estimation approaches. Finally, Section 6 concludes the study and paves future work paths.

2. Literature Review

The goal of the evolutionary algorithm is to solve the overall optimisation issue. The research makes it quite evident that DE has an issue with stagnation. To deal with these issues, a handful of multi-objective differential evolutionary (MODE) strategies and Pareto-based strategies have been suggested [6,7,8,9,10,11,12,27]. According to the population, the existing MODE-based technique [11] executes mutation and crossover. Additionally, non-dominating sorting was used to reduce the temporal complexity.

The authors of [16] proposed a homeostatic factor-based method to increase the diversity of NASA 93 projects. This method performs better than multi-objective-based software cost-estimating techniques. The authors of [18,19] presented a hybrid technique that controlled two distinct operators and can be applied in many applications. This method performs better than a number of earlier multi-objective algorithms. For multi-objective situations, the authors of [10] created a brand-new Pareto-based (PBDE) differential evolution approach.

Susan et al. [26] stated that computer security is a target that keeps evolving as time goes on. Various mathematical and algorithmic functions are significant concerns in several security tutorials, including hashing techniques and encryption. Othman O. Khalifa et al. [23] illustrated the main components, plans, and characteristics of cryptography are security and privacy. In this era, the age of information communication has played a significant role in the evolution and development of technology. Therefore, the data must be protected and kept secure while transferring through the communication source.

Nitin Jirwan et al. [24] stated that when the data is transmitted, the highest priority is given to data encryption among all the processes present, and an encryption algorithm is applied to data in order to reach the end-user without being interrupted or compromised. Various asymmetric and symmetric cryptographic techniques are used and demonstrated in information transmission.

Callas, J. [25] studied and discussed matters such as privacy enhancement using cryptography, laws related to cryptography, legal changes related to cryptography, reliability of algorithms, and privacy enhancement technologies. He determined and stated that the use of cryptography by society at this time would determine the future of cryptography. This includes the current laws and regulations on cryptography and what the community wants to achieve by using cryptography. He also stated that even with the recent progress of cryptographic algorithms, the field has a lot of things to be improved and new things to be discovered for future generations. He said that the future of cryptography depends on the machines producing strong and secure keys and the rightful owners of the keys to access the information, while others without the keys should not be able to access it. He also tried to explain the view of people on the privacy of messages and security such that any unauthorised person cannot read them.

Cryptography wants to achieve two primary goals: authenticity and privacy, as outlined by different authors [26,28,29,30,31]. The amount of security provided can be expressed in terms of the theoretical secrecy of Shannon and the theoretical authenticity of Simmon.

Schneier [32] stated that topics such as security should not be kept secret as they can be very brittle, and security secrecy is a matter to be made known and not kept secret. If by any means secrecy is lost or inaccessible, then getting it back would be nearly impossible. Schneier cited that encryption and decryption using more minor keys can be transmitted easily and must use a principle. The algorithm used for cryptography must be secure enough to be displayed to the public and still offer such security that no one can crack it. Public scrutiny is the only reliable method to be followed to make more and more improvements in security.

Cloud computing can be used for the secure transmission of cryptography, as cited by Chachapara K. et al. [33,34,35] and illustrated the frameworks such as AES and RSA. AES is, to date, one of the most robust cryptographic algorithms. Users using the cloud have the accessibility to generate various keys for different users and allow different types of permissions to access the files.

As stated in [36], many discussions about cryptography are being developed. The author mentioned that the hash function plays a significant role in cryptography, generating numbers for any piece of data. As the years passed, the weakness of MD5’s algorithm became known, and now a situation arose about how to create secure hash functions.

Gennaro, R. [37,38] cited the role of randomness in cryptography. A random process is one whose outcome or result is unknown and can vary from time to time. He stated that randomness is necessary for cryptography so that the output cannot be predicted, or any user cannot learn the pattern.

Preneel, B. [39] stated how cryptography was after the Snowden era was over. He discussed practices such as the security of ICT systems, surveillance of systems as a whole, and the methods through which the cryptographic systems could be attacked. From the literature study, various types of security taxonomy have been identified. These security threats can be classified into different groups, as depicted in Figure 1.

Figure 1. Information system security taxonomy of smart applications.

From the literature review, the following shortcomings have been identified, as shown in Table 1.

Table 1. Technical gaps within existing techniques.

Existing Method	Year	Approach	Gap
[7]	2015	The proposed method provides sufficient diversity for search space.	This approach is better in performance, but it suffers from the lack of convergence rate.
[8]	2015	The proposed method was the design and implementation of the new mutation operator.	This approach was not satisfactory for some multi-objective problems.
[9]	2022	The proposed method designs a new operator called the environment mutation operator. This operator helps to enhance the diversity and convergence rate.	This approach is better in performance, but some benchmark functions do not provide good diversity.
[10]	2017	The proposed method designs a new mutation strategy called the homeostasis mutation operator. This operator found the first-ranking Pareto front.	The homeostasis operator provides sufficient diversity in the ZDT series, but it does not sufficiently provide the DTLZ series.
[11]	2014	The proposed algorithms design the new swarm optimisation algorithm. This algorithm achieves the best optimum value from search space.	On some benchmark functions, the performance of this method is limited.
[12]	2015	This work proposed a new strategy called the whale optimisation algorithm. This approach provided a convergence rate according to the swarm behaviour for global search space.	This approach performs better on some benchmark functions. However, its convergence rate is not satisfactory.
[13]	2002	The proposed work designed a new operator called the dynamics-based control parameter. This parameter enhanced the convergence rate and diversity for a given search space.	The proposed method performs better, but its diversity and convergence rate are unsatisfactory.
[21]	2017	Optimisation model to schedule the malicious risk according to high to low risk. It also maximises alert coverage.	Its performance is limited to a specific application.
[22]	2019	Proposed an integrated framework to alert and schedule the risk at cyber security Data canter.	Its performance is limited to a specific application.
[2]	2009	The proposed work designs a firewall technology. The purpose of this method is the protection of information from the attack of malicious systems.	The accuracy of identifying the high-risk attack is limited.
[40]	2022	It has proposed a probabilistic cyber attack alert management system by formulating the problem as a bi-level non-linear optimization problem. It solves complex issues with a linear solution.	Complexity is high, and performance is also limited.
[33,36,37,39,41]	2013, 2014,  2006, 2015	AES, RSA, cryptography (MD5), randomness in cryptography, attacks on cryptography	These methods do not deal with identifying attacks but rather encrypt them from unauthorised access.

• The modern information system not only requires the robust protection of data but also needs to identify the malicious attacks that will breach security.
• The optimisation technique-based threat identification systems are now evolving. This technique can be used in information systems to maintain the integrity, authenticity, confidentiality, and availability of data. However, the existing methods suffer from the diversity issue in finding the optimal solution (threats) to secure the system.
• The second issue with the existing optimisation technique is the non-constraints solution, hence delaying the search capability to identify the optimal solution. It also causes the local optimal problem in finding the optimal solution.
• The tuning of security parameters in optimisation techniques is complex when identifying malicious attacks on data.

3. Related Terminologies of the Proposed Work

This section presents the different terminologies related to the proposed work and IoT-enable applications.

3.1. Deployment Scenario

The proposed method incorporated the security framework to check the validity of data from e-commerce sites. The proposed framework of the security model is designed according to the deployment scenario of different objects, as shown in Figure 2. In this figure, different components (along with attackers) are mounted in different locations and environments to access services. The attackers can disrupt the normal services of a user or devices, hence needs to prevent these attacks. This model represents the confidentiality of data according to the visit to an e-commerce site. Therefore, the optimisation-based security framework checked the confidentiality and integrity of data: these checks, the acceptance rate of different authenticated users and hackers, and the confidentiality and integrity level of requests, and the response of data for different users and malicious systems.

Figure 2. Proposed model of the security overview of smart applications.

3.2. Layered Stack of Information Security Model

The layered protocol stack of modern IoT-based information security systems is depicted in Figure 3. This layered architecture is proposed keeping in mind the security management requirements of different components. In modern IoT-enabled applications, individual devices request multiple services and need to respond independently without interaction with a human. The top-most layer of this architecture provides smart collaboration and coordination between the different applications and services.

Figure 3. Proposed model of the security layer architecture.

The confidentiality, integrity, availability, and authenticity of service requests are managed by the security management layer. This layer is in charge of accurately mapping, evaluating, and processing service requests prior to execution in order to achieve the necessary level of security to serve a request. Consequently, this layer handles the generation, administration, and implementation of service requests as well as object virtualisation. The major methods used to ensure security include optimisation, surveillance, translation, coordination, etc. This layer employs a more expressive security policy for use control, which allows event-based authorisations and responsibilities with temporal operators.

The data generated from various sources are stored in the cloud/middle layer. To deliver effective services, this layer manages, purifies, transforms, and analyses data. The communication between the devices is established via the perception and communication layers.

4. Materials and Methods

4.1. Materials

This section describes the data sets used for the experimental evaluation of the proposed work. The data set used for evaluation consists of requests from different sources, including malicious requests to access the information system’s data. An automatic request generator system generates these requests [21,22]. The data sets are taken over a two-month time period. These requests are passed to our proposed optimisation technique to identify malicious requests. These malicious request attacks can be related to authenticity, integrity, confidentiality, or data availability.

4.2. Proposed Method

This section presents the detailed work of the proposed optimisation technique. The DE algorithm is a global optimisation algorithm that tackles constraint and unconstrained issues. However, solving real-world application-based problems with evolutionary algorithms such as DE, particle swarm optimisation (PSO), whale optimisation (WOA) algorithm, and artificial bee (ABCO) colony optimisation is challenging.

Therefore, it is inevitable to design a new evolutionary algorithm that must protect real-world information from malicious attacks. Hence, this work outlines a novel agile adaption-based operator (AABO). This operator automates the adaptation technique to select the best vector from the global search space. It enhances the maintenance of diversity and convergence speeds. This paper presents a better environment for automatically adapting to the environment. The proposed work creates a feasible solution for global search space according to agile adaption-based selection. The process of selection strategy is explained step by step, as given below:

4.2.1. Initialisation

This section outlines random population members of the particular problem or application. This application randomly initialised population members with tuning parameters of problem specification. This problem lies between the lower and upper bound values. Let $f{v}_i$ = $\{{\beta }_{i,1}(t)$, ${\beta }_{i,2}(t)$, ${\beta }_{i,3}(t)$, ${\beta }_{i,4}(t)$, …, ${\beta }_{i,D}(t)\}$ be the $i\mathrm{th}$ vector, where individual component ${\beta }_{i,d}(t)$ values are assigned using Equation (2). After that, the vector can be re-formulated as follows:

$$f{v}_i=\{{\beta }_{i,1}(t),{\beta }_{i,2}(t),{\beta }_{i,3}(t),{}_{i,4}(t),\dots ,{}_{i,D}(t)\}$$

(1)

The starting population is selected randomly between lower and upper bound

$${\beta }_{i,d}=X_{i,d}^L+rand()\times ({\beta }_{i,d}^U-{\beta }_{i,d}^L)$$

(2)

where ${\beta }_{i,d}^U$ depicts the variable’s value of the upper bound according to the taken problem area and ${\beta }_{i,d}^L$ denotes the lower bound value of the variable according to the taken problem. These vectors are used in application-based problems.

4.2.2. Agile Adaption-Based Operators (AABO)

This section presents the design of a modified version of the original mutation operator of the DE algorithm. This operator modifies the best vector of the standard DE algorithm. This operator incorporates the agile-based adaption techniques according to the feasible search area. The agile adaption-based fitness function to select the best vector and the process is explained in Equation (3):

$$Aut=Automaticrandomvector\times (A_{i,d}^U-A_{i,d}^L)$$

(3)

where $Aut$ denotes the feasible solution of the current environment, and Automatic random vector denotes the selection random best vector according to the lower bound and upper bound.

4.2.3. Generation of New Donor Vector(DV)

The DE method is used to construct a DE/BEST/1 mutation scheme. The scheme incorporates the agile adaption vector for a specific mutation, which provides sufficient diversity. Equations (5) and (6) define the donor vector and the viable environment, respectively.

$${\overrightarrow{DV}}_{i,G}={\overrightarrow{\alpha }}_{r_1^i,G}+{\delta }_1·({\overrightarrow{\alpha }}_{r_2^i,G}-{\overrightarrow{\alpha }}_{r_3^i,G})$$

(4)

Update the adaption operator:

$${\overrightarrow{Av}}_{i,G}={\overrightarrow{Aut}}_{r_1^i,G}+{\delta }_1·({\overrightarrow{fv1}}_{r_2^i,G}-{\overrightarrow{fv2}}_{r_3^i,G})$$

(5)

$${\overrightarrow{Av}}_{i,G}={\overrightarrow{Aut}}_{r_1^i,G}+{\delta }_1·({\overrightarrow{fv3}}_{r_2^i,G}-{\overrightarrow{fv4}}_{r_3^i,G})$$

(6)

where ${\overrightarrow{AV}}_{i,G}$ represents the donor vector used in the agile adaption concept for heuristic search and G is iteration or generation. ${\overrightarrow{Aut}}_{r_1^i,G}$ represents the agile adaption-based vector, which is selected according to the best fitness value. ${\delta }_1$ is a mutant factor; it selects a random value between 0.1 to 1.8. This value helps the optimum search from the difference vector of the mutation operator. ${\overrightarrow{fv1}}_{r_2^i,G}$, ${\overrightarrow{fv2}}_{r_3^i,G}$, ${\overrightarrow{fv3}}_{r_2^i,G}$, and ${\overrightarrow{fv4}}_{r_3^i,G}$ denote the difference vector of mutation strategy. These mutation strategies (Equations (5) and (6)) provide sufficient diversity for the donor vector and also enhance the convergence rate.

4.3. The Proposed Algorithm

The pseudo-code of the proposed algorithm is shown in the Algorithm 1. This algorithm will be incorporated into the e-commerce-based application to enhance security by considering the set objective functions.

Crossover: It applies the crossover operator after completing the mutation operator. The operator compares the mutant vector to the original vector to find the best adaption value and selects the best ideal value of the search space. It can stop iterating when it finds the best search space value.

Selection: After completing the crossover operator, AAOB applies the selection process of the best optimum vector. This operator compares mutant and offspring vectors. AAOB selects the best optimum vectors or values according to the fitness function. In the operator selection, the concept of the survival of the fittest is generally used. This idea is used in choosing the best optimum value. Still, if it does not produce an optimal value, then this operator finally chooses the original vectors. The whole process is outlined using Algorithm 1 and a flowchart, as shown in Figure 4.

Algorithm 1: Proposed DE-Based Evolutionary Algorithm

Figure 4. Flowchart of the proposed algorithm.

4.4. Algorithm of Information Security Model

As shown in Algorithm 1, the proposed method is used in an IoT-enabled e-commerce application to estimate data during data requests and responses to multiple users to improve the system’s security. Various constraint functions, such as secrecy and integrity, were added to this technique. This e-commerce-based technique is discussed step-by-step in Algorithm 2. The objective functions such as $integrity$ and $confidentiality$ were optimised using this proposed technique. The following is a complete description in the form of pseudo-code of the new $proposed\_Security$ algorithm:

• In step 1, the initial input of data requests and data responses of the e-commerce-based application are determined.
• In the second step, the newly obtained vector from various constraint functions is added to the population.
• Afterward, weights assigned to each objective function are done using Equation (13).
• Finally, Step x.1 to Step x.6 are iterated to find optimum solution for $integrity$, $confidentiality$, etc.

Algorithm 2: Proposed Information Security-Based Evolutionary Algorithm

4.5. System Model: Objectives Function of Information Security Model

This section presents five different types of objectives function used for the information service framework, i.e., confidentiality (CONF), integrity (INT), authentication (AUTH), and information request and response $(I{S}_{req},I{S}_{res})$ metrics. These are used to evaluate the proposed algorithm’s effectiveness. The detailed specifications of these objectives are available in [3,8]:

(I) 

Confidentiality of Data (CONF): The first objective (C1), the confidentiality of the system is represented as CONF($I{S}_i^t$, $I{S}_j^t$). Information requests $I{S}_i^t$ and data responses $I{S}_j^t$ are transmitted between requesting and responding nodes. The C1 in terms of cost is obtained by applying Equation (9):

$$CONF(I{S}_i^t,I{S}_j^t)=\sqrt{(}I{S}_i^t-I{S}_j^t{)}^2+{(I{S}_i^t-I{S}_j^t)}^2$$

(9)

where $I{S}_i^t$ denotes information request and $I{S}_j^t$ denotes information respond and service cost calculated by CONF($I{S}_i^t$, $I{S}_j^t$) during the data transmission.

(II) 

Integrity of Data (INT): The second objective (C2) is calculated in terms of modifying data communication per unit time of node using Equation (10):

$$IN{T}_{i,j}=(CONF{(I{S}_i^t,I{S}_j^t)}^2)\times I{S}_{i,j}$$

(10)

where $IN{T}_{i,j}$ denotes the integrity or rate of data modification between insecure nodes i and j, $I{S}_{i,j}$ denotes the modified transmitted and responded on devices(systems), and CONF($I{S}_i^t$, $I{S}_j^t$) denotes the confidentiality of nodes in the information system.

(III) 

Availability of Data (AVL): The third objective is the availability of data services within the e-commerce framework. In terms of the availability of data from the server or cloud, the third objective (C3) is computed as follows: Equation (11):

$$AVL=\sum _{i=1}^t\sum _{j=1}^t(CONF(I{S}_i^t,I{S}_j^t)+IN{T}_{i,j})$$

(11)

where $CONF(I{S}_i^t,I{S}_j^t)$ is respond data for $I{S}_i^t$ to different request information system ($I{S}_j^t$). $IN{T}_{i,j}$ denotes modified data per unit time between different nodes i and j.

(IV) 

Authentication of Data (AUTH): The third objective is the authenticity of data services within the e-commerce framework. In terms of the authenticity of data from nodes, the third objective (C4) is computed as follows: Equation (12):

$$AUTH=\sum _{i=1}^t\sum _{j=1}^t(CONF(I{S}_i^t,I{S}_j^t)+IN{T}_{i,j})/I{S}_{req}·I{S}_{res}$$

(12)

where $CONF(I{S}_i^t,I{S}_j^t)$ is respond data for $I{S}_i^t$ to different request information systems ($I{S}_j^t$). $IN{T}_{i,j}$ denotes modified data per unit time between different nodes i and j. $I{S}_{req}$ denotes the number of requests for nodes, and $I{S}_{res}$ denotes the number of responses (the connection between nodes) for nodes from the system.

4.6. Formulation of Fitness Function of Information System

The fitness functions of the IoT-enabled services obtained by applying Equations (9)–(12) are non-contradictory. Hence, a summation of the weighted approach is applied using Equation (13), for all the objectives ($C1,C2,C3,$ and $C4$) and these objectives are turned into a single function to evaluate the final performance.

$$\begin{array}{c}Fitness=fu{n}_1\times C1+fu{n}_2\times C2+fu{n}_3\times C3+fu{n}_4\times C4\end{array}$$

(13)

where values of $fu{n}_1$, $fu{n}_1$, $fu{n}_3$, and $fu{n}_4$ are the weights assigned to each of the objective functions. The weight factor is crucial to evaluate the performance from one to another objective in multi-objective problems. The proposed IoT-enabled system is compared based on the fitness function with PSO, DE, and the whale optimisation method (WOA).

5. Experimentation and Analysis

5.1. Simulation Framework

The description of the simulation framework considered to execute the proposed and existing algorithms are as follows:

• The test-bed was conducted using a Windows 10 Pro 64-bit operating system, an Intel Core i7-8850H processor, and 8 GB of RAM.
• Every benchmark serves as a test-bed in the specified search space, which is ${[10,-10]}^D$, with D standing for dimension.
• For the comparative analysis, the proposed algorithm is computed 30 times, with the best, average, and worst fitness functions.
• Each test function’s initial population is set at 100. For the maximising the problem, the exploration and exploitation phases are carried out across it.

5.2. Experimental Setup

This section presents a designed simulation framework of the security model based on the line of the optimisation model. This framework works with the proposed method and tests the security function and parameters, as shown in Table 2. It also checks the performance of standard evolutionary optimisation algorithms in the same simulation framework [7,18,40]. The previous section explained the algorithm’s parameters for different scenarios, such as confidentiality, integrity, availability, and authentication functions. The results of the proposed method are compared in several scenarios of information systems (e-commerce) on these parameters. Furthermore, each goal function was performed ten times in succession, and the statistics values were calculated. The proposed method uses 100 generations for testing the confidentiality, data integrity, availability, and authentication indicator, which are shown in Figure 5, Figure 6, Figure 7, Figure 8, Figure 9 and Figure 10.

Table 2. Parameter of the proposed algorithm.

Sr. No.	Parameter Name	Description of Terminology Used	Defined Value and Syntax
1	Population (Pop)	Population size	100
2	objective (obj)	Number of four objectives	CONF, INT, AUTH, and AVL
3	Search space(s)	Decision variable(s)	Search area
4	Gen	Number of iterations or generations	50 to 500
5	$\delta 1$	Mutant value	Mutant value (0.23 to 1.4)
6	2-D	Two-dimension-based scenario	2-Dimension
7	3-D	Three-dimension-based scenario	3-Dimension
8	Crossover rate (Cr)	Enhanced the convergence rate	Cr (0.2 to 0.5)
9	IE1	Enhanced the convergence rate of search environment	rand (0, 1)

Figure 5. Information security framework: mumber of generations versus fitness value.

Figure 6. Information security framework: number of generations versus fitness value of e-commerce.

Figure 7. Information security framework: number of generations versus fitness value of the confidentiality of data.

Figure 8. Information security framework: number of generations versus fitness value of the integrity of data.

Figure 9. Information security framework: number of generations versus fitness value of the availability of data.

Figure 10. Information security framework: number of generations versus fitness value of the authentication of data.

In order to compare the best front method with other ones, convergence speed is employed. This method employs an adaptation-based approach to get the most optimal front. The first rank value from the global search area is chosen as the best ideal front indicator. Its vector is a workable optimum solution in the search space because of this. Therefore, the suggested algorithms must identify the best rank in the region of the global search in order to obtain the best optimisation solution. Otherwise, these solutions are not feasible for search purposes.

5.3. Comparison of Fitness Function of the Proposed Work with Referenced Methods

The fitness function of the proposed method is used to compare the performance using Equation (13). When the local optimal problem is evaluated, then it provides sufficient diversity. The reason behind this is that it uses environmental factors to evaluate the convergence speed. The result of the performance is observed in Figure 5.

In Figure 5, the X-axis and Y-axis represent the number of generations and the fitness value, respectively. It shows the performance of algorithms in terms of the security of the data from e-commerce applications. Figure 5 depicts the comparison of all algorithms in terms of the fitness function; it also shows the convergence rate. For all of the security objective issues, the proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values to enhance the security of the system achieve encouraging performance, which shows that the suggested methodology has a high convergence speed and diversity.

In Figure 6, the X-axis and Y-axis denote the number of generations and the fitness value of the IoT-enabled e-commerce application, respectively. It shows the performance of the algorithms in terms of the security of the data from e-commerce applications. Figure 6 presents the comparative analysis of all algorithms regarding the improved security fitness rate. The proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values enhance the system’s security and achieve encouraging performance for the fitness value, which shows that the suggested methodology has a high convergence speed and variety.

In Figure 7, the X-axis and Y-axis denote the number of generations and the fitness value of confidentiality of data. This figure shows the performance of the algorithms in terms of the confidentiality of the data from e-commerce applications. The results shown in Figure 7 depict the comparison of all algorithms in terms of the fitness function. The proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values for enhancing the system’s confidentiality achieve encouraging performance, which shows that the suggested methodology has a high convergence speed and diversity.

In Figure 8, the X-axis and Y-axis denote the number of generations and the fitness value of integrity of data, respectively. This figure shows the performance of the algorithms in terms of the integrity of the data from e-commerce applications. The results in Figure 8 depict the comparison of all algorithms in terms of the fitness function. The proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values for enhancing the system’s integrity achieve encouraging performance, which shows that the suggested methodology has a high convergence speed and diversity.

In Figure 9, the X-axis and Y-axis denote the number of generations and the fitness value of data availability, respectively. This shows the performance of the algorithms in terms of the availability of data from e-commerce applications. Figure 9 compares all algorithms in terms of the fitness function. The proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values for enhancing the system’s service availability achieve encouraging performance, which shows that the suggested methodology has a high convergence speed and diversity.

In Figure 10, the X-axis and Y-axis denote the number of generations and the fitness value of data authentication, respectively. Figure 10 shows the performance of the algorithms in terms of the authenticity of the data from e-commerce applications. The results shown in Figure 10 depicted the comparison of all algorithms in terms of the fitness function. The proposed algorithm delivers superior fitness values compared to DE [7], PSO [18], and WOA [40]. The fitness values enhance the authenticity of the system and achieve encouraging performance, which shows that the suggested methodology has a high convergence speed and diversity.

The proposed method is compared with the standard evolutionary algorithms. The results show that it gives better performance in terms of conversion speed and diversity for all fitness values, as shown in Figure 9 and Figure 10.

5.4. Result Analysis of IoT-Enabled Application

To ensure the security performance of the proposed optimisation technique, a double-check is done by applying it to the IoT-based e-commerce information system. The performance is checked on all set objectives and control parameters as shown in Table 3.

Table 3. Control parameters of the proposed algorithm.

Sr. No.	Parameter	Type
1	DE algorithm environmental factor1 [EF1]	rand (0, 1)
2	DE algorithm environmental factor2 [EF2]	rand (0.01–0.5)
3	DE algorithm scale factor ($\delta 1$)	(0.2–1.8)
4	DE algorithm crossover Rate (Cr)	(0.1–0.8)
5	Dimension (D)	(3)
6	Function evaluations	100 to 500
7	Number of iteration	50, 100, 150, 200, 250, 300, 350, 400, 450, 500
8	Search space	(100, −100)
9	Number of runs	30
10	Experimental matrix area	($100\times 100$)
11	$IS$	Smart information system
12	$CONF,INT,AVL$ & $AUTH$	Objective function of smart information security
13	$\alpha$	Number of requests from nodes
14	$\beta$	Number of requests from malicious nodes
15	$(100\times 100)$	Smart information system framework
16	$\beta \_id$	Identification service
17	$\beta \_Type$	Types of services of smart agriculture
18	$AVL$	The serviceability of the different devices or objects
19	$CONF$	The service request of the confidentiality from nodes
20	$INT$	The service request modified from nodes
21	$AUTH$	The service request of the authentication from nodes
22	$DATASET$	The service request from the nodes

5.4.1. Result Analysis of the Confidentiality

The confidentiality is incorporated into the IoT-based network model with Equation (9) to produce the values. These values are available in Table 4 according to the best, average, and worst-case fitness functions. The performance is evaluated in all cases of 50, 100, 150, 200, 250, 300, 350, 400, 450, and 500 generations in three dimensions. From the observed results shown in the table, it is clear that the confidentiality of the proposed method is better than referenced optimisation methods. The best-case scenario represents the high confidentiality of the systems. The average case represents the mean confidentiality of the systems. The worst-case scenario represents the low confidentiality of the systems. Finally, it can be concluded from Table 2 and Table 3 that the proposed method achieves higher confidentiality than existing methods.

Table 4. Confidentiality in three dimensions. The proposed algorithm compared with the evolutionary algorithm on a security model.

Generation	PSO Algo			WOA Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	3.255923	2.604738	2.282857	1.302369	3.880856	3.228611
100	3.261224	2.608979	2.155006	1.304489	3.663509	3.047794
150	3.078579	2.462864	1.903279	1.231432	3.235574	2.69178
200	2.718969	2.175176	1.75754	1.087588	2.987818	2.485664
500	2.510772	2.008617	1.61754	1.004309	2.749818	2.287664
300	2.310772	1.848617	1.600538	0.924309	2.720914	2.263618
350	2.286483	1.829186	1.495925	0.914593	2.543073	2.115666
400	2.137036	1.709629	1.493396	0.854815	2.538773	2.112089
450	2.133423	1.706738	1.465396	0.853369	2.491173	2.072489
500	2.093423	1.674738	1.465396	0.837369	2.491173	2.072489
Generation	DE Algo			Proposed Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	2.289705	1.940428	2.522556	4.304815	2.716599	2.833025
100	2.161471	1.831755	2.381281	4.063725	2.564457	2.674362
150	1.908988	1.617787	2.103123	3.58904	2.264902	2.361969
200	1.762813	1.493909	1.942082	3.314219	2.091473	2.181107
500	1.622393	1.374909	1.787382	3.050219	1.924873	2.007367
300	1.605339	1.360457	1.768594	3.018157	1.90464	1.986267
350	1.500413	1.271537	1.652998	2.820888	1.780151	1.856444
400	1.497876	1.269387	1.650203	2.816118	1.777141	1.853304
450	1.469792	1.245587	1.619263	2.763318	1.743821	1.818556
500	1.469792	1.245587	1.619263	2.763318	1.743821	1.818556

In Figure 11, the X-axis and Y-axis represent the number of generations and fitness value of confidentiality of data, respectively. Figure 11 shows the performance of the algorithms in terms of confidentiality and security of the data from e-commerce applications. The fitness values achieve encouraging performance, which indicates that the proposed method achieves a high convergence speed and diversity.

Figure 11. Data confidentiality in terms of the number of generations in three dimensions.

5.4.2. Result Analysis of the Integrity

This section outlines the application of optimised techniques to check the integrity of the e-commerce system. This method is incorporated into the network model with Equation (10) to generate the value. These values are mentioned in Table 5 according to the best, average, and worst-case fitness functions. The performance is evaluated in all cases of 50, 100, 150, 200, 250, 300, 350, 400, 450, and 500 generations in three dimensions. From this table, it is clear that the best-case scenario represents high integrity, the average case represents mean integrity, and the worst-case scenario represents the low integrity of the systems. The observed values available in Table 5 indicate that the proposed method gives higher performance than other standard optimisation algorithms in terms of integrity.

Table 5. Integrity in three dimensions. The proposed algorithm compared with the evolutionary algorithm on a security model.

Generation	PSO Algo			WOA Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	2.093423	1.674738	1.451396	0.837369	1.233687	1.603793
100	2.073423	1.658738	1.437396	0.829369	1.221787	1.588323
150	2.053423	1.642738	1.437396	0.821369	1.221787	1.588323
200	2.053423	1.642738	1.423396	0.821369	1.209887	1.572853
500	2.033423	1.626738	1.409396	0.813369	1.197987	1.557383
300	2.013423	1.610738	1.40587	0.805369	1.194989	1.553486
350	2.008386	1.606708	1.401741	0.803354	1.19148	1.548924
400	2.002487	1.60199	1.373456	0.800995	1.167438	1.517669
450	1.96208	1.569664	1.388596	0.784832	1.180307	1.534399
500	1.983709	1.586967	1.330955	0.793483	1.131312	1.470705
Generation	DE Algo			Proposed Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	1.45575	1.727161	1.801182	2.736918	2.467373	2.052689
100	1.441708	1.710501	1.783808	2.710518	2.443573	2.032889
150	1.441708	1.710501	1.783808	2.710518	2.443573	2.032889
200	1.427666	1.693841	1.766434	2.684118	2.419773	2.013089
500	1.413624	1.677181	1.74906	2.657718	2.395973	1.993289
300	1.410088	1.672985	1.744685	2.651069	2.389979	1.988302
350	1.405946	1.668072	1.739561	2.643283	2.38296	1.982462
400	1.377577	1.634413	1.704459	2.589946	2.334876	1.94246
450	1.392762	1.652429	1.723248	2.618495	2.360613	1.963872
500	1.334948	1.583836	1.651715	2.5098	2.262623	1.88235

In Figure 12, the X-axis and the Y-axis represents the number of generations and fitness value of the integrity of the data, respectively. Figure 12 shows the performance of the algorithms regarding the integrity and security of the data from e-commerce applications. The fitness values achieve pretty encouraging performance, which indicates the proposed method has high convergence speed and diversity.

Figure 12. Data integrity in terms of the number of generations in three dimensions.

5.4.3. Result Analysis of the Availability of Information System

In this section, the method is applied the optimised techniques and we checked the availability of the information system. This method is applied to the IoT-based network model with Equation (11) to produce the values. The values are available in Table 6 according to the best, average, and worst-case fitness functions. The performance is evaluated in all cases of 50, 100, 150, 200, 250, 300, 350, 400, 450, and 500 generations in three dimensions. This table shows the best-case scenario represents the high availability of the systems, the average case represents the mean availability, and The worst-case scenario represents the low availability of the systems. Table 6 shows that the performance of the proposed method is better than that of other standard optimisation algorithms in terms of availability.

Table 6. Availability in three dimensions. The proposed algorithm compared with the evolutionary algorithm on a security model.

Generation	PSO Algo			WOA Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	0.692819	0.554255	0.470829	0.277128	0.800409	0.665887
100	0.672613	0.53809	0.462637	0.269045	0.786483	0.654301
150	0.66091	0.528728	0.458738	0.264364	0.779854	0.648786
200	0.65534	0.524272	0.45627	0.262136	0.775659	0.645296
500	0.651814	0.521451	0.445819	0.260726	0.757892	0.630515
300	0.636884	0.509507	0.437903	0.254754	0.744434	0.619319
350	0.625575	0.50046	0.436884	0.25023	0.742703	0.617879
400	0.62412	0.499296	0.436884	0.249648	0.742703	0.617879
450	0.62412	0.499296	0.434577	0.249648	0.73878	0.614616
500	0.620824	0.496659	0.420577	0.24833	0.71498	0.594816
Generation	DE Algo			Proposed Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	0.472242	0.400205	0.520266	0.887849	0.560287	0.584299
100	0.464025	0.393242	0.511214	0.872401	0.550538	0.574133
150	0.460114	0.389927	0.506905	0.865049	0.545898	0.569294
200	0.457639	0.387829	0.504178	0.860394	0.542961	0.566231
500	0.447156	0.378946	0.49263	0.840687	0.530524	0.553261
300	0.439216	0.372217	0.483882	0.825759	0.521104	0.543437
350	0.438195	0.371352	0.482757	0.823839	0.519892	0.542173
400	0.438195	0.371352	0.482757	0.823839	0.519892	0.542173
450	0.43588	0.36939	0.480207	0.819487	0.517146	0.53931
500	0.421838	0.35749	0.464737	0.793087	0.500486	0.521936

In Figure 13, the X-axis represents the number of generations and the Y-axis represents the fitness value of the availability of the data. Figure 13 shows the performance of the algorithms in terms of the availability and security of the data from e-commerce applications. The fitness values for enhancing the system’s security achieve pretty encouraging performance, which shows that the suggested methodology has high convergence speed and variety.

Figure 13. Data availability in terms of the number of generations in three dimensions.

5.4.4. Result Analysis of the Authentication of Information System

This section checks the authenticity of the e-commerce system. This method is incorporated into the network model with Equation (12) to generate the value. These values are mentioned in Table 7 according to the best, average, and worst fitness functions, which check the performance of different generations such as 50, 100, 150, 200, 250, 300, 350, 400, 450, and 500 in three dimensions. This table shows that the performance of the proposed method is better than that of other standard optimisation algorithms in terms of authenticity. The best, average, and worst cases represent the systems’ high, mean, and low authenticity. Table 7 shows that the performance of the proposed method is better than that of other standard optimisation algorithms in terms of authenticity.

Table 7. Authentication in three dimensions. The proposed algorithm compared with the evolutionary algorithm on a security model.

Generation	PSO Algo			WOA Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	1.901364	1.521091	1.350856	0.760546	1.607519	1.910496
100	1.929794	1.543836	1.318662	0.771918	1.569207	1.864964
150	1.883802	1.507042	1.178662	0.753521	1.402607	1.666964
200	1.683802	1.347042	1.374662	0.673521	1.635847	1.944164
500	1.963802	1.571042	1.110618	0.785521	1.321636	1.570731
300	1.586597	1.269278	1.345741	0.634639	1.601431	1.903262
350	1.922487	1.537989	1.193062	0.768995	1.419744	1.68733
400	1.704374	1.363499	1.331385	0.68175	1.584348	1.882958
450	1.901978	1.521583	1.188673	0.760791	1.414521	1.681123
500	1.698104	1.358484	0.484973	0.679242	0.577118	0.685891
Generation	DE Algo			Proposed Algo
	Best Fit Fun	Averge Fit Fun	Worse Fit Fun	Best Fit Fun	Averge Fit Fun	Worse Fit Fun
50	1.354909	1.148228	1.492696	2.547329	2.296455	1.676412
100	1.322618	1.120862	1.457121	2.486619	2.241725	1.636459
150	1.182198	1.001862	1.302421	2.222619	2.003725	1.462719
200	1.378786	1.168462	1.519001	2.592219	2.336925	1.705955
500	1.11395	0.944025	1.227233	2.094309	1.888051	1.378277
300	1.349778	1.14388	1.487043	2.537682	2.287759	1.670064
350	1.196641	1.014103	1.318333	2.249774	2.028205	1.48059
400	1.335379	1.131677	1.47118	2.510611	2.263354	1.652248
450	1.192239	1.010372	1.313484	2.241498	2.020744	1.475143
500	0.486428	0.412227	1.535895	1.914521	1.824454	1.601852

In Figure 14, the X-axis represents the number of generations and the Y-axis represents the fitness value of the authenticity of the data. Figure 14 shows the performance of the algorithms in terms of authenticity and security of the data from e-commerce applications. The fitness values for enhancing the system’s authenticity show encouraging performance and show that the suggested methodology has a high convergence speed and diversity.

Figure 14. Data authentication in terms of the number of generations in three dimensions.

6. Conclusions

Nearly all industries have some sort of operation on the Internet and with that arises a need for basic security features such as confidentiality, authenticity, availability, and integrity. Cryptography aims to achieve these features with the help of evolutionary algorithms. This paper introduced a new variant of the mutation operator that provides sufficient diversity for the DE algorithm and enhances the optimal convergence rate for confidentiality, authenticity, availability, and integrity. In addition, the introduced approach is also used to evaluate security problems for enhanced confidentiality, authenticity, availability, and data integrity and accurately predicts the security fitness cost by optimizing the tuning parameters. The findings on several benchmark functions show that the proposed technique performs much better than previous DE algorithm versions on maximal variants, which is very encouraging. The proposed method is applied and tested in IoT-enabled e-commerce applications but in future it can be extended into other applications by incorporating the input parameters according to the requirements.