Detecção de Ataques a Redes IoT Usando Técnicas de Aprendizado de Máquina e Aprendizado Profundo
Abstract
The vulnerabilities of IoT devices make them a simple target for intrusion and control by hackers. At the same time, the dynamics of IoT networks make it hard to develop rule-based security systems. This scenario is an invitation to the use of machine learning techniques. Nevertheless, the lack of public datasets becomes an obstacle for assessing attack detection on IoT networks. Also, it is observed that the performance of learning models are not quantitatively compared, which can affect the validity of conclusions. This paper, therefore, evaluates the performance of multiple traditional and deep machine learning models, based on public traces, for attack detection. Models such as convolutional, recurrent, and autoencoder neural networks are used. The comparison shows that traces grouped by flow or by packet have a direct impact on the choice of detection techniques. Also, deep autoencoders are shown to be effective in online attack detection.
References
AL-Hawawreh, M., Moustafa, N. e Sitnikova, E. (2018). Identification of malicious activities in industrial internet of things based on deep learning models. Journal of Information Security and Applications, 41:1–11.
Almomani, I., Al-Kasasbeh, B. e Al-Akhras, M. (2016). WSN-DS: A dataset for intrusion detection systems in wireless sensor networks. Journal of Sensors, 2016.
Bezerra, H., da Costa, V., Turrisi, V., Martins, A., Barbon, S. R., Rodrigo, M. e Zarpelão, B. B. (2018). Providing IoT host-based datasets for intrusion detection research. Em Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais.
Bezerra, V. H., da Costa, V. G. T., Barbon Junior, S., Miani, R. S. e Zarpelão, B. B. (2019). IoTDS: A one-class classification approach to detect botnets in internet of things devices. Sensors (Basel, Switzerland), 19(14).
Bochie, K., Gilbert, M. S., Gantert, L., Barbosa, M. S. M., Medeiros, D. S. V. e Campista, M. E. M. (2020). Aprendizado profundo em redes desafiadoras: Conceitos e aplicações. Em Minicursos do XXXVIII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos (SBRC).
Buczak, A. L. e Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys Tutorials, 18(2):1153–1176.
Chalapathy, R. e Chawla, S. (2019). Deep learning for anomaly detection: A survey.
Goasduff, L. (2019). Gartner says 5.8 billion enterprise and automotive IoT endpoints will be in use in 2020. Gartner. Acessado em 22/05/2020.
Guan, Y. e Ge, X. (2018). Distributed attack detection and secure estimation of networked cyber-physical systems against false data injection attacks and jamming attacks. IEEE Transactions on Signal and Information Processing over Networks, 4(1):48–59.
Haddadpajouh, H., Dehghantanha, A., Khayami, R. e Choo, K.-K. R. (2018). A deep recurrent neural network based approach for internet of things malware threat hunting. Future Generation Computer Systems, 85:88–96.
Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P. e Sikdar, B. (2019). A survey on IoT security: Application areas, security threats, and solution architectures. IEEE Access, 7:82721–82743.
Huang, H., Ding, S., Zhao, L., Huang, H., Chen, L., Gao, H. e Ahmed, S. H. (2020). Real-time fault detection for IIoT facilities using GBRBM-based DNN. IEEE Internet of Things Journal, 7(7):5713–5722.
Koroniotis, N., Moustafa, N., Sitnikova, E. e Turnbull, B. (2019). Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems, 100:779–796.
Luo, T. e Nagarajan, S. G. (2018). Distributed anomaly detection using autoencoder neural networks in WSN for IoT. Em 2018 IEEE International Conference on Communications (ICC), p. 1–6.
Purohit, H., Tanabe, R., Ichige, T., Endo, T., Nikaido, Y., Suefusa, K. e Kawaguchi, Y. (2019). MIMII dataset: Sound dataset for malfunctioning industrial machine investigation and inspection. Em Proceedings of the Detection and Classification of Acoustic Scenes and Events 2019 Workshop (DCASE2019), p. 209–213, New York University, NY, USA.
Sharafaldin, I., Lashkari, A. H. e Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy, p. 108–116.
Sivanathan, A., Sherratt, D., Gharakheili, H. H., Radford, A., Wijenayake, C., Vishwanath, A. e Sivaraman, V. (2017). Characterizing and classifying iot traffic in smart cities and campuses. Em 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), p. 559–564.
Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, L. e Polosukhin, I. (2017). Attention is all you need. ArXiv, abs/1706.03762.
Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A. e Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7:41525–41550.
Almomani, I., Al-Kasasbeh, B. e Al-Akhras, M. (2016). WSN-DS: A dataset for intrusion detection systems in wireless sensor networks. Journal of Sensors, 2016.
Bezerra, H., da Costa, V., Turrisi, V., Martins, A., Barbon, S. R., Rodrigo, M. e Zarpelão, B. B. (2018). Providing IoT host-based datasets for intrusion detection research. Em Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais.
Bezerra, V. H., da Costa, V. G. T., Barbon Junior, S., Miani, R. S. e Zarpelão, B. B. (2019). IoTDS: A one-class classification approach to detect botnets in internet of things devices. Sensors (Basel, Switzerland), 19(14).
Bochie, K., Gilbert, M. S., Gantert, L., Barbosa, M. S. M., Medeiros, D. S. V. e Campista, M. E. M. (2020). Aprendizado profundo em redes desafiadoras: Conceitos e aplicações. Em Minicursos do XXXVIII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos (SBRC).
Buczak, A. L. e Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys Tutorials, 18(2):1153–1176.
Chalapathy, R. e Chawla, S. (2019). Deep learning for anomaly detection: A survey.
Goasduff, L. (2019). Gartner says 5.8 billion enterprise and automotive IoT endpoints will be in use in 2020. Gartner. Acessado em 22/05/2020.
Guan, Y. e Ge, X. (2018). Distributed attack detection and secure estimation of networked cyber-physical systems against false data injection attacks and jamming attacks. IEEE Transactions on Signal and Information Processing over Networks, 4(1):48–59.
Haddadpajouh, H., Dehghantanha, A., Khayami, R. e Choo, K.-K. R. (2018). A deep recurrent neural network based approach for internet of things malware threat hunting. Future Generation Computer Systems, 85:88–96.
Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P. e Sikdar, B. (2019). A survey on IoT security: Application areas, security threats, and solution architectures. IEEE Access, 7:82721–82743.
Huang, H., Ding, S., Zhao, L., Huang, H., Chen, L., Gao, H. e Ahmed, S. H. (2020). Real-time fault detection for IIoT facilities using GBRBM-based DNN. IEEE Internet of Things Journal, 7(7):5713–5722.
Koroniotis, N., Moustafa, N., Sitnikova, E. e Turnbull, B. (2019). Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems, 100:779–796.
Luo, T. e Nagarajan, S. G. (2018). Distributed anomaly detection using autoencoder neural networks in WSN for IoT. Em 2018 IEEE International Conference on Communications (ICC), p. 1–6.
Purohit, H., Tanabe, R., Ichige, T., Endo, T., Nikaido, Y., Suefusa, K. e Kawaguchi, Y. (2019). MIMII dataset: Sound dataset for malfunctioning industrial machine investigation and inspection. Em Proceedings of the Detection and Classification of Acoustic Scenes and Events 2019 Workshop (DCASE2019), p. 209–213, New York University, NY, USA.
Sharafaldin, I., Lashkari, A. H. e Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy, p. 108–116.
Sivanathan, A., Sherratt, D., Gharakheili, H. H., Radford, A., Wijenayake, C., Vishwanath, A. e Sivaraman, V. (2017). Characterizing and classifying iot traffic in smart cities and campuses. Em 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), p. 559–564.
Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, L. e Polosukhin, I. (2017). Attention is all you need. ArXiv, abs/1706.03762.
Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A. e Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7:41525–41550.
Published
2020-10-13
How to Cite
BOCHIE, Kaylani; GONZALEZ, Ernesto R.; GISERMAN, Luiz F.; CAMPISTA, Miguel Elias M.; COSTA, Luís Henrique M. K..
Detecção de Ataques a Redes IoT Usando Técnicas de Aprendizado de Máquina e Aprendizado Profundo. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 20. , 2020, Petrópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 257-270.
DOI: https://doi.org/10.5753/sbseg.2020.19242.
