Abstract:Internet of Things (IoT) devices have grown in popularity since they can directly interact with the real world. Home automation systems automate these interactions. IoT events are crucial to these systems' decision-making but are often unreliable. Security vulnerabilities allow attackers to impersonate events. Using statistical machine learning, IoT event fingerprints from deployed sensors have been used to detect spoofed events. Multivariate temporal data from these sensors has structural and temporal properties that statistical machine learning cannot learn. These schemes' accuracy depends on the knowledge base; the larger, the more accurate. However, the lack of huge datasets with enough samples of each IoT event in the nascent field of IoT can be a bottleneck. In this work, we deployed advanced machine learning to detect event-spoofing assaults. The temporal nature of sensor data lets us discover important patterns with fewer events. Our rigorous investigation of a publicly available real-world dataset indicates that our time-series-based solution technique learns temporal features from sensor data faster than earlier work, even with a 100- or 500-fold smaller training sample, making it a realistic IoT solution.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is: **Detecting Internet of Things (IoT) event forgery attacks**. Specifically, the author focuses on how to identify and prevent malicious users from triggering unnecessary automation rules by forging events in smart home automation systems, thereby protecting the security and reliability of the system. ### Problem Background With the popularization of Internet of Things devices, smart home systems can achieve automated operations through the interaction between sensors and devices. However, events in these systems (such as door opening, light turning off, etc.) are often unreliable and vulnerable to attackers' tampering. Attackers can trigger unnecessary or harmful operations by forging events, which not only affects the normal operation of the system but also may bring security risks. ### Limitations of Existing Methods Although traditional statistical machine - learning methods can extract event fingerprints and use them to detect forged events, they cannot effectively capture the structural and temporal characteristics in multivariate time - series data. In addition, these methods rely on large - scale data sets, and in the field of Internet of Things, it is very difficult to obtain a large number of high - quality event samples, especially when new devices and new events keep emerging. ### Solutions Proposed in the Paper To solve the above problems, this paper proposes a method based on Time - Series Classification (TSC) to detect Internet of Things event forgery attacks. Specific contributions include: 1. **Using time - series classification to extract structural features**: Through time - series classification algorithms, the temporal and structural features of events can be successfully extracted from a small amount of training data. 2. **Designing and implementing a detection system based on Dynamic Time Warping (DTW)**: DTW can effectively compare the structural similarity of signals, even if the signals have time - shift or deformation. 3. **System evaluation**: Experimental results show that this method can still maintain considerable detection accuracy when using a training data set 100 - 500 times smaller than traditional methods. 4. **Verification in real - scene**: The research uses the PEEVES data set for testing to ensure the practical application value of the results. 5. **Making the solution public**: To promote further research, the authors make their solution public. ### Main Technical Details - **Time - series classification**: The paper defines univariate and multivariate time - series and explains the basic concepts of time - series classification. Due to the complexity and high - dimensional characteristics of time - series data, it is inappropriate to directly apply traditional machine - learning methods. - **Distance measurement**: Two distance measurement methods, Euclidean Distance (ED) and Dynamic Time Warping (DTW), are introduced. DTW can handle non - linear changes in time - series, so it is more suitable for Internet of Things event detection. - **Dissimilarity space mapping**: By selecting a set of prototype time - series, the original time - series is transformed into the dissimilarity space, thereby combining the advantages of structural representation and statistical learning. - **Model selection and optimization**: For highly imbalanced data sets, three classifiers, Linear Support Vector Machine (SVM), Random Forest (RF) and K - Nearest Neighbor (KNN), are selected, and the optimal model is selected through cross - validation. ### Experimental Results The paper verifies the effectiveness of the proposed method through experiments. Although using much smaller training samples than the original data set, this method can still accurately detect most events. Especially for some events that were originally difficult to detect (such as heater turning on), this method also shows significant improvement. In conclusion, this paper provides an efficient and practical solution that can detect Internet of Things event forgery attacks under limited data conditions and improve the security of smart home systems.

Towards Detecting IoT Event Spoofing Attacks Using Time-Series Classification

Using Machine Learning Multiclass Classification Technique to Detect IoT Attacks in Real Time

Detecting IoT Cyberattacks: Advanced Machine Learning Models for Enhanced Security in Network Traffic

Ensemble-Based Spam Detection in Smart Home IoT Devices Time Series Data Using Machine Learning Techniques

A data-driven approach for intrusion and anomaly detection using automated machine learning for the Internet of Things

IoT-Based Intrusion Detection System Using New Hybrid Deep Learning Algorithm

IoT Security Techniques Based on Machine Learning

Anomaly detection in IoT-based healthcare: machine learning for enhanced security

Efficient IoT Device Identification via Network Behavior Analysis Based on Time Series Dictionary

Using machine learning algorithms to enhance IoT system security

Enhancing IoT Device Security through Network Attack Data Analysis Using Machine Learning Algorithms

Evaluating deep learning variants for cyber-attacks detection and multi-class classification in IoT networks

Optimizing IoT Intrusion Detection Using Balanced Class Distribution, Feature Selection, and Ensemble Machine Learning Techniques

Feature Analysis for Machine Learning-based IoT Intrusion Detection

Health status of diabetic Mexican Americans: results from the Hispanic HANES.

Cyber Attacks Classification on Enriching IoT Datasets

Detecting Unusual Repetitive Patterns of Behavior Indicative of a Loop-Based Attack in IoT

Intrusion Detection using Network Traffic Profiling and Machine Learning for IoT

Machine learning-based attack detection for the Internet of Things

Improved temporal IoT device identification using robust statistical features

An Intelligent Digital Twin Method based on Spatio-Temporal Feature Fusion for IoT Attack Behavior Identification