Attack and Anomaly Detection in IoT Sites Using Machine Learning Techniques (original) (raw)

Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches

Internet of Things, 2019

Attack and anomaly detection in the Internet of Things (IoT) infrastructure is a rising concern in the domain of IoT. With the increased use of IoT infrastructure in every domain, threats and attacks in these infrastructures are also growing commensurately. Denial of Service, Data Type Probing, Malicious Control, Malicious Operation, Scan, Spying and Wrong Setup are such attacks and anomalies which can cause an IoT system failure. In this paper, performances of several machine learning models have been compared to predict attacks and anomalies on the IoT systems accurately. The machine learning (ML) algorithms that have been used here are Logistic Regression (LR), Support Vector Machine (SVM), Decision Tree (DT), Random Forest (RF), and Artificial Neural Network (ANN). The evaluation metrics used in the comparison of performance are accuracy, precision, recall, f1 score, and area under the Receiver Operating Characteristic Curve. The system obtained 99.4% test accuracy for Decision Tree, Random Forest, and ANN. Though these techniques have the same accuracy, other metrics prove that Random Forest performs comparatively better.

Detection of attacks in IoT sensors networks using machine learning algorithm

Assault and peculiar location on the Internet of Things (IoT) framework is an increasing worry in the IoT region. By the expanded IoT foundation utilization in every area, assaults, and dangers in these frameworks are likewise developing proportionately. Malicious control, Spying, Forswearing of Service, Scan, Data Type Probing, Wrong setup, and malicious operation are such assaults and irregularities that may source an IOT framework disappointment. This project proposes a few Machine learning (ML) module that is contrasted with foresee assault and abnormalities on the IoT frameworks precisely. The ML algorithms that have been utilized here are Artificial Neural Network (ANN), Logistic Regression (LR), Random Forest (RF), Support Vector Machine (SVM), Decision Tree (DT). The assessment measurements utilized in the examination of presentation are f1 score, exactness, area, recollect, and precision under the ROC Curve. Even though these strategies have similar accuracy, different measurements demonstrate that RF executes relatively preferable.

Attack and Anomaly Detection in IoT Networks using Machine Learning

International Journal of Computer Science and Mobile Computing, 2020

For quite a few years now the name Internet of Things (IoT) has been around. IoT is a technology capable of revolutionizing our way of life, in sectors ranging from transportation to health, from entertainment to our interactions with government. Even this great opportunity presents a number of critical obstacles. As we strive to develop policies, regulations, and governance that form this development without stifling creativity, the increase in the number of devices and the frequency of that increase presents problems to our security and freedom. This work attentions on the security aspect of IoT networks by examining the serviceability of machine learning algorithms in detecting anomalies that are contained within such network data. It discusses (Machine Learning (ML) algorithms which are used effectively in relatively similar situations and compares them using several parameters and methods. The following algorithms are implemented in this work: Random Forest (RF), Naive Bayes (NB), Support Vector Machine (SVM), and Decision tree Algorithm. The Random Forest algorithm obtained the best results, with an accuracy of 99.5 per cent.

Machine Learning Based Attack Detection in Internet of Things Network

Vol. 19 No. 8 AUGUST 2021 International Journal of Computer Science and Information Security (IJCSIS), 2021

In recent years, the Internet of Things (IoT) has grown up rapidly and tremendously. This growth has brought big and special problems. Two of the urgent topics of problems are security and privacy for IoT devices. Those devices are creating and gathering all data in their connections. For the security of IoT, detection of anomaly attacks is the first and crucial point for avoiding any interruption in the connection. Machine Learning algorithms have been rising and improving substantially year by year. Many classic tests can detect many attacks in the current time. However, those techniques are not enough for security since the types of attacks are changing and getting stronger frequently. In this study, we propose that how to detect a maximum number of attacks in IoT networks by applying machine learning techniques, especially K-Nearest Neighbors (KNN), Logistic Regression (LR), and Random Forest (RF) models. Dataset is presumably one of the most important starting points for the use of those techniques. UNSW-NB15 dataset which is publicly available has been used for this study. K-Nearest Neighbors algorithm shows 98.03% accuracy which is the best performance within the selected algorithms. Keywords- Internet of Things, Security, Attack detection, Machine Learning, Confusion matrix, Classification report

A Comparative Study of Machine Learning Algorithms for Intrusion Detection in IoT Networks

ria_37.03_05, 2023

The pervasive threat of cyberattacks jeopardizes the security and privacy of the Internet of Things (IoT) landscape, spanning devices to networks. To counter these attacks, research has been directed towards the development of effective and appropriate countermeasures. Intrusion Detection Systems (IDSs), particularly those leveraging Machine Learning (ML) techniques for expedited attack detection, are currently recognized as some of the most potent solutions for preserving the integrity of the IoT environment. This study was conducted with the objective of evaluating the efficacy of supervised Machine Learning techniques, specifically, Random Forest (RF), Decision Trees (DT), and XGBoost classifiers, in detecting attacks within the IoT network. Chi-square (Chi2) and Mutual Information served as the employed Feature Selection Techniques. The research utilized two recent datasets for model evaluation. In pursuit of an optimal solution and high IDS model accuracy, a comparison of different techniques was undertaken across each stage of the ML workflow. The performance of the algorithms was assessed using the Edge-IIoT and BoTNeTIoT datasets, and the results from the two were compared. The impact of each workflow step on the model's accuracy was also examined. According to the performance metrics, the best results were achieved with the Mutual Information and XGBoost combination, outperforming both the Random Forest and Decision Tree classifiers. This study thus contributes to the ongoing efforts to strengthen IoT security through enhanced intrusion detection techniques.

Using Machine Learning to Build a Classification Model for IoT Networks to Detect Attack Signatures

2020

Internet of things (IoT) has led to several security threats and challenges within society. Regardless of the benefits that it has brought with it to the society, IoT could compromise the security and privacy of individuals and companies at various levels. Denial of Service (DoS) and Distributed DoS (DDoS) attacks, among others, are the most common attack types that face the IoT networks. To counter such attacks, companies should implement an efficient classification/detection model, which is not an easy task. This paper proposes a classification model to examine the effectiveness of several machine-learning algorithms, namely, Random Forest (RF), k-Nearest Neighbors (KNN), and Naïve Bayes. The machine learning algorithms are used to detect attacks on the UNSW-NB15 benchmark dataset. The UNSW-NB15 contains normal network traffic and malicious traffic instants. The experimental results reveal that RF and KNN classifiers give the best performance with an accuracy of 100% (without nois...

An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks

Sensors

In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems (IDS) to cope with these attacks efficiently. In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS. In this work, ML algorithms are compared for both binary and multi-class classification on Bot-IoT dataset. Based on several parameters such as accur...

Detections of IoT Attacks via Machine Learning-Based Approaches with Cooja

EAI Endorsed Transactions on Internet of Things

Once hardware becomes "intelligent", it is vulnerable to threats. Therefore, IoT ecosystems are susceptible to a variety of attacks and are considered challenging due to heterogeneity and dynamic ecosystem. In this study, we proposed a method for detecting IoT attacks that are based on ML-based approaches that release the final decision to detect IoT attacks. However, we have implemented three attacks as a sample in the IoT via Contiki OS to generate a real dataset of IoT-based features containing a mix of data from malicious nodes and normal nodes in the IoT network to be utilized in the ML-based models. As a result, the multiclass random decision forest ML-based model achieved 98.9% overall accuracy in detecting IoT attacks for the real novel dataset compared to the decision tree jungle, decision forest tree regression, and boosted decision tree regression, which achieved 87.7%, 93.2%, and 87.1%, respectively. Thus, the decision tree-based approach efficiently manipulate...

Analysis of Machine Learning Classification Techniques for Iot Attack Vectors

2022

Internet of Things (IoT) revolution has challenged IoT security architects to great extent by exploiting the entire layered IoT architecture as attack surface for different cyber-attacks. Rather it has become easier to execute attacks due to non-standardized security architectures of IoT technologies. This study reviews the possibilities of attack surfaces available in IoT ecosystem and techniques used for early detection of malware or attacks. There are a number of attacks in which an IoT device is used as an attack surface for attacking some other system resource including attack vectors such as backdoor, password attacks, cross site scripting, ransomware, DDos, SQL injection, scanning, spying which can infect the IoT system as well as other paired devices through it. This work studies the possible attack types through IoT ecosystem and exploiting machine learning techniques in detection of attacks well in time. A set of machine learning algorithm from each family of machine learning is evaluated for one of the open-source data sets and their performance is compared for seven different IoT device types and eight types of attacks on each of the devices. The performance metrics used for evaluation of algorithms are recall, precision, F-score and accuracy. The study also presents issues related to the variation in performance of machine learning algorithms based on the composition of attributes of different types.

LRDDoS Attack Detection on SD-IoT Using Random Forest with Logistic Regression Coefficient

Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)

Software Defined Internet of Things (SD-IoT) is currently developed extensively. The architecture of the Software Defined Network (SDN) allows Internet of Things (IoT) networks to separate control and data delivery areas into different abstraction layers. However, Low-Rate Distributed Denial of Service (LRDDoS) attacks are a major problem in SD-IoT networks, because they can overwhelm centralized control systems or controllers. Therefore, a system is needed that can identify and detect these attacks comprehensively. In this paper, the authors built an LRDDoS detection system using the Random Forest (RF) algorithm as the classification method. The dataset used during the experiment was considered as a new dataset schema that had 21 features. The dataset was selected using feature importance - logistic regression with the aim of increasing the classification accuracy results as well as reducing the computational burden of the controller during the attack prediction process. The result...