Cyberattack Data Analysis in IoT Environments using Big Data

Neelam Patidar,Sally Zreiqat,Sirisha Mahesh,Jongwook Woo
2024-06-14
Abstract:In the landscape of the Internet of Things (IoT), transforming various industries, our research addresses the growing connectivity and security challenges, including interoperability and standardized protocols. Despite the anticipated exponential growth in IoT connections, network security remains a major concern due to inadequate datasets that fail to fully encompass potential cyberattacks in realistic IoT environments. Using Apache Hadoop and Hive, our in-depth analysis of security vulnerabilities identified intricate patterns and threats, such as attack behavior, network traffic anomalies, TCP flag usage, and targeted attacks, underscoring the critical need for robust data platforms to enhance IoT security.
Cryptography and Security,Distributed, Parallel, and Cluster Computing
What problem does this paper attempt to address?
This paper discusses the analysis of network attack data in the Internet of Things (IoT) environment and the use of big data technology to enhance security. The research team processed large-scale datasets on a cloud computing platform using Apache Hadoop and Hive to identify complex attack patterns and threats, such as attack behaviors, network traffic anomalies, TCP flag usage, and targeted attacks. The paper points out that existing IoT attack datasets often lack comprehensive coverage and real-world environments, which limits the development of effective security solutions. Compared to existing work, the innovations of this paper include: 1. Use of big data framework: Utilizing Apache Hadoop and Hive for scalable and flexible data processing, suitable for handling a large amount of data in real IoT environments. 2. Comprehensive dataset: The CICIoT2023 dataset provides a broader coverage of potential IoT attacks. 3. Focus on IoT devices as attackers: The dataset includes attacks initiated by malicious IoT devices, highlighting specific vulnerabilities in the IoT ecosystem. 4. Advanced data visualization: Transforming complex data into actionable insights through various visualization tools such as Microsoft Power BI, Tableau, and Excel, aiding in pattern recognition and development of security solutions. 5. Realistic IoT environment: The dataset is derived from the network topology of 105 real IoT devices, ensuring applicability to real-world scenarios. The research process includes data cleaning, analysis, and visualization. Through these steps, the paper reveals that DDoS attacks are the most common form of attack, and TCP protocol is the most targeted. It emphasizes the need to strengthen security measures against high-traffic DDoS and DoS attacks. Additionally, the usage of TCP flags is analyzed, finding that SYN and ACK flags are particularly prominent in certain attacks, while the FIN flag may be used to simulate normal user behavior or deplete server resources. Although HTTPS protocol is relatively more secure, it is not entirely immune to attacks, highlighting the continuous need for improving security practices. In summary, this paper aims to enhance the security of IoT environments through big data analysis and provides support for creating a more secure IoT ecosystem.