A Survey on Different Methods for Zero-Day Attack Detection in IoT Edge Devices

An innovative idea with many potential uses of IoT, has assimilated into our way of existence. Many functions are made possible by complex networks made up of millions of intelligent devices, including infrastructure control and monitoring as well as communication. Due to limited bandwidth and resources, sophisticated centralized computing in the cloud architecture faced major obstacles as a result of the exponential proliferation of IoT devices and the massive data traffic they created at the network edge. With the emergence in the referred to as EC-assist IoT, Edge Computing (EC) is being recognized as a cutting-edge strategy that bridges the gap created by consumer's insufficient ability to access data to be processed and saved. The improved Quality of Service (also known as QoS) and distinctive aspects of this paradigm make data security more dangerous. Thus, this vulnerability makes a variety of assaults conceivable. Due to their explicit reliance on attack signature repositories, use of out-of-date datasets, or failure to take into account zero-day (unknown) assaults during model development, training, or testing, many of the newly presented solutions lack a comprehensive IDS strategy. If these aspects are ignored, the suggested IDS is not as reliable or useful in real-time situations. However, identifying zero-day attacks remains a difficult topic even with the numerous solutions that have been put out over the years. This article presents a thorough review of strategies for identifying zero-day attacks, comparing and contrasting their benefits and drawbacks. Potential research areas for the future have been addressed, along with the challenges that researchers have encountered in the past while trying to detect zero-day attacks.