Coleção de dados sobre ataques a dispositivos de Internet das Coisas
Resumo
The number of Internet of Things (IoT) devices has increased every day and along with this growth arises the security concerns. Several techniques have been studied for the prevention, detection and treatment of attacks in conventional networks, such as the work of KDD CUP 99 that proposed a labeled collection, which has been quite exploited in recent decades. A good evaluation of techniques and algorithms of intrusion detection systems is related to the existence of good datasets. However, few works exploit the detection of attacks on Internet of Things and until now no collection of data has been proposed for this problem. Along with new technologies and devices arise new techniques of invasion, and even more elaborated. Therefore, it is necessary to treat the attack detection problem in a special way. In view of this, this work is dedicated to setting up a test environment that represents an Internet of Things network, collecting normal device traffic, simulating attacks, assembling a collection of data and analyzing it. For this, we run invasion tests on emulated devices, resulting in a new collection of data. We validate the new collection by applying machine learning algorithms and comparing with the KDD collection.
Referências
Abreu, M. (2018). Idsiot. https://github.com/marcosfelipp/IDSIoT. Acesso: 2019-03-08.
Bezerra, V. H., da Costa, V. G. T., Martins, R. A., Junior, S. B., Miani, R. S., and Zarpelao, B. B. (2018). Providing iot host-based datasets for intrusion detection research. In SBSeg 2018, pages 15-28. SBC.
Chen, D. D., Woo, M., Brumley, D., and Egele, M. (2016). Towards automated dynamic analysis for linux-based embedded firmware. In NDSS.
Garcia, S., Grill, M., Stiborek, J., and Zunino, A. (2014). An empirical comparison of botnet detection methods. computers & security, 45:100-123.
Gomez, C. and Paradells, J. (2010). Wireless home automation networks: A survey of architectures and technologies. volume 48, pages 92-101. IEEE.
Gu, G., Perdisci, R., Zhang, J., and Lee, W. (2008). Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection.
Ismail, N. (2018). The internet of things: The security cri-sis of 2018? https://www.information-age.com/ internet-things-security-crisis-123470475/. Acesso: 2019-01-03.
J. Gubbi, R. Buyya, S. M. M. P. (2013). Internet of things (iot): A vision, architectural elements, and future directions in future generation computer systems. volume 29, pages 1645-1660.
Kaspersky (2016). 2016 dyn cyberattack. https://www.kaspersky.com/blog/ attack-on-dyn-explained/13325/. Acesso: 2018-10-14.
Kohavi, R. et al. (1995). A study of cross-validation and bootstrap for accuracy estimation and model selection. volume 14, pages 1137-1145. Montreal, Canada.
Maciá-Fernández, G., Camacho, J., Magán-Carrión, R., García-Teodoro, P., and Therón, R. (2018). Ugr '16: A new dataset for the evaluation of cyclostationarity-based network idss. Computers & Security, 73:411-424.
Maynor, D. (2011). Metasploit toolkit for penetration testing, exploit development, and vulnerability research. Elsevier.
Micro, T. (2017). Securing your routers. https://www.trendmicro.
Qemu (2018). Qemu v3.1. https://qemu.weilnetz.de/doc/qemu-doc. html. Acesso: 2018-11-20.
Shodan (2013). Shodan. https://www.shodan.io/. Acesso: 2019-01-10.
Singh, V. (2014). Sensor traffic generator. https://github.com/vr000m/ SensorTrafficGenerator. Acesso: 2018-11-16.
Sommer, R. and Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 305-316. IEEE.
Stolfo, J., Fan, W., Lee, W., Prodromidis, A., and Chan, P. K. (2000). Cost-based mode-ling and evaluation for data mining with application to fraud and intrusion detection. Results from the JAM Project by Salvatore, pages 1-15.
Stolfo, S. et al. (1999). Kdd cup 1999 dataset. UCI KDD repository. http://kdd. ics. uci. edu.
Tavallaee, M., Bagheri, E., Lu, W., and Ghorbani, A. A. (2009). A detailed analysis of the kdd cup 99 data set. In Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on, pages 1-6. IEEE. tcpdump (2017). tcpdump version: 4.9.2. http://www.tcpdump.org/. Acesso: 2019-01-10.
Wang, W., Sun, Z., Ren, K., and Zhu, B. (2016). Increasing user capacity of wireless physical-layer identification in internet of things. In Global Communications Confe-rence (GLOBECOM), 2016 IEEE, pages 1-6. IEEE.
wikipedia (2018). Arbitrary code execution. https://en.wikipedia.org/ wiki/Arbitrary_code_execution. Acesso: 2018-10-14.