TY - GEN
T1 - Intrusion detection using network traffic profiling and machine learning for IoT
AU - Rose, Joseph
AU - Swann, Matthew
AU - Bendiab, Gueltoum
AU - Shiaeles, Stavros
AU - Kolokotronis, Nicholas
PY - 2021/7/26
Y1 - 2021/7/26
N2 - The rapid increase in the use of IoT devices brings many benefits to the digital society, ranging from improved efficiency to higher productivity. However, the limited resources and the open nature of these devices make them vulnerable to various cyber threats. A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber attacks. The proposed anomaly-based intrusion detection solution dynamically and actively profiles and monitors all networked devices for the detection of IoT device tampering attempts as well as suspicious network transactions. Any deviation from the defined profile is considered to be an attack and is subject to further analysis. Raw traffic is also passed on to the machine learning classifier for examination and identification of potential attacks. Performance assessment of the proposed methodology is conducted on the Cyber-Trust testbed using normal and malicious network traffic. The experimental results show that the proposed anomaly detection system delivers promising results with an overall accuracy of 98.35% and 0.98% of false-positive alarm
AB - The rapid increase in the use of IoT devices brings many benefits to the digital society, ranging from improved efficiency to higher productivity. However, the limited resources and the open nature of these devices make them vulnerable to various cyber threats. A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber attacks. The proposed anomaly-based intrusion detection solution dynamically and actively profiles and monitors all networked devices for the detection of IoT device tampering attempts as well as suspicious network transactions. Any deviation from the defined profile is considered to be an attack and is subject to further analysis. Raw traffic is also passed on to the machine learning classifier for examination and identification of potential attacks. Performance assessment of the proposed methodology is conducted on the Cyber-Trust testbed using normal and malicious network traffic. The experimental results show that the proposed anomaly detection system delivers promising results with an overall accuracy of 98.35% and 0.98% of false-positive alarm
KW - Machine Learning
KW - Intrusion Detection System
KW - Security
KW - Internet of Things
KW - network profiling
UR - https://netsoft2021.ieee-netsoft.org/wp-content/uploads/sites/274/2021/01/cfp_netsoft2021_flyer_r3.pdf
UR - https://netsoft2021.ieee-netsoft.org/
U2 - 10.1109/NetSoft51509.2021.9492685
DO - 10.1109/NetSoft51509.2021.9492685
M3 - Conference contribution
SN - 9781665446358
T3 - IEEE NetSoft Proceedings Series
SP - 409
EP - 415
BT - 2021 IEEE 7th International Conference on Network Softwarization (NetSoft)
PB - IEEE
T2 - IEEE 7th International Conference on Network Softwarization
Y2 - 28 June 2021 through 2 July 2021
ER -