Avaliação de Conjuntos de Atributos para a Detecção de Ataques de Personificação na Internet das Coisas
Resumo
Os Sistemas de Detecção de Intrusão (IDS) utilizam o mecanismo de seleção de atributos durante o processo de classificação de ameaças ou eventos de intrusão. Uma seleção adequada permite que o IDS processe somente os atributos relevantes para a classificação. Atualmente, com bilhões de novos dispositivos e objetos ingressando na Internet das Coisas (IoT), o papel da seleção de atributos ganha maior relevância devido as restrições de recursos impostas nesse ambiente. Este trabalho investiga diferentes conjuntos de atributos propostos na literatura para detectar ataques de personificação, quando se falsifica entidades legítimas da rede. A avaliação de desempenho do IDS considera os requisitos impostos pela IoT, enfatizando o papel da seleção de atributos. Os resultados indicam uma variação de até 49,99% na acurácia para os diferentes conjuntos de atributos, mesmo com a escolha do melhor classificador para cada conjunto. Adicionalmente, uma oscilação de até 85,43% foi observada no tempo de processamento. A melhor acurácia obtida foi de 99,99%, com uma redução de até 65,04% do tempo necessário para processamento.
Referências
M. E. Aminanto, H. Tanuwidjaja, P. Yoo, and K. Kim, “Weighted feature selection techniques for detecting impersonation attack in Wi-Fi networks,” in Proc. Symp. Cryptogr. Inf. Secur.(SCIS), 2017, pp. 1–8.
M. N. Napiah, M. Y. I. Idris, R. Ramli, and I. Ahmedy, “Compression header analyzer intrusion detection system (CHA-IDS) for 6LoWPAN communication protocol,” IEEE Access, 2018.
B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, “A survey of intrusion detection in internet of things,” Journal of Network and Computer Applications, vol. 84, pp. 25–37, 2017.
P. Nespoli, D. Papamartzivanos, F. G. Mármol, and G. Kambourakis, “Optimal countermeasures selection against cyber attacks: A comprehensive survey on reaction frameworks,” IEEE Communications Surveys & Tutorials, 2017.
B. Alotaibi, “Empirical techniques to detect rogue wireless devices,” Ph.D. dissertation, University of Bridgeport, 2016.
M. E. Aminanto, H. C. Tanuwidjaja, P. D. Yoo, and K. Kim, “Wi-Fi intrusion detection using weighted-feature selection for neural networks classifier,” in Big Data and Information Security (IWBIS), International Workshop on. IEEE, 2017, pp. 99–104.
D. Kaleem and K. Ferens, “A cognitive approach for attribute selection in internet dataset,” in Cognitive Informatics & Cognitive Computing (ICCI* CC), IEEE 16th International Conference on. IEEE, 2017, pp. 319–328.
A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153–1176, 2016.
S. A. R. Shah and B. Issac, “Performance comparison of intrusion detection systems and application of machine learning to snort system,” Future Generation Computer Systems, vol. 80, pp. 157–170, 2018.
J. Li, K. Cheng, S. Wang, F. Morstatter, R. P. Trevino, J. Tang, and H. Liu, “Feature selection: A data perspective,” ACM Computing Surveys (CSUR), vol. 50, no. 6, p. 94, 2017.
S. Ganapathy, K. Kulothungan, S. Muthurajkumar, M. Vijayalakshmi, P. Yogesh, and A. Kannan, “Intelligent feature selection and classification techniques for intrusion detection in networks: a survey,” EURASIP Journal on Wireless Communications and Networking, vol. 2013, no. 1, p. 271, 2013.
N. Hoque, D. Bhattacharyya, and J. K. Kalita, “MIFS-ND: a mutual information-based feature selection method,” Expert Systems with Applications, vol. 41, no. 14, pp. 6371–6385, 2014.
M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, “Building an intrusion detection system using a filter-based feature selection algorithm,” IEEE transactions on computers, vol. 65, no. 10, pp. 2986–2998, 2016.
B. Alotaibi and K. Elleithy, “A majority voting technique for wireless intrusion detection systems,” in Systems, Applications and Technology Conference (LISAT), IEEE Long Island. IEEE, 2016, pp. 1–6.
C. Kolias, G. Kambourakis, A. Stavrou, and S. Gritzalis, “Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset,” IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp. 184–208, 2016.
D. A. Dai Zovi and S. A. Macaulay, “Attacking automatic wireless network selection,” in Proceedings from the Sixth Annual IEEE SMC. Information Assurance Workshop. IAW’05. IEEE, 2005, pp. 365–372.
M. E. Aminanto, R. Choi, H. C. Tanuwidjaja, P. D. Yoo, and K. Kim, “Deep abstraction and weighted feature selection for Wi-Fi impersonation detection,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 3, pp. 621–636, 2018.
M. S. Ahmad and V. Ramachandran, “Cafe latte with a free topping of cracked wep retrieving wep keys from road warriors,” in Proc. Conf. ToorCon, 2007.
C. Buchanan and V. Ramachandran, Kali Linux Wireless Penetration Testing Beginner’s Guide: Master wireless testing techniques to survey and attack wireless networks with Kali Linux, including the KRACK attack. Packt Publishing, 2017. [Online]. Available: https://books.google.com.br/books?id=jsxPDwAAQBAJ
S. Tozlu, M. Senel, W. Mao, and A. Keshavarzian, “Wi-Fi enabled sensors for internet of things: A practical approach,” IEEE Communications Magazine, vol. 50, no. 6, 2012.
Wireless network mapping. Acessed 25th July 2018. [Online]. Available: http://wigle.net
H. O. Lancaster and E. Seneta, Chi-square distribution. Wiley Online Library, 1969.
D. Kaleem and K. Ferens, “A cognitive multi-agent model to detect malicious threats.”
U. S. K. P. M. Thanthrige, J. Samarabandu, and X. Wang, “Machine learning techniques for intrusion detection on public dataset,” in Electrical and Computer Engineering (CCECE), IEEE Canadian Conference on. IEEE, 2016, pp. 1–4.
M. E. Aminanto and K. Kim, “Detecting impersonation attack in WiFi networks using deep learning approach,” in International Workshop on Information Security Applications. Springer, 2016, pp. 136–147.