Hao Wu,Bo Zhou,Cong Zhang

DOI: https://doi.org/10.1109/tase.2021.3090416

IF: 6.636

2021-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:A secure distributed estimation method against data integrity attacks is presented for general Internet-of-Things (IoT) systems. By exploiting the spatial sparsity of the attacks, a robust optimal estimation objective to protect the entire IoT system is established. Then, a false data processor is developed to suppress the bad effects of the attacks. The convergence of the presented method is analyzed. It shows that, under accessible conditions, the estimation error will converge to be uniformly bounded for all cases, i.e., all communication links and transmitted data are arbitrarily compromised. Furthermore, by utilizing the property of persistence, a quantitative trust model is established for IoT systems based on the past behaviors of the nodes. Then, a trust-based distributed estimation method is proposed to enhance security. Simulation results by considering an IoT system with 50 nodes and 145 edges are also provided to verify our theoretical results. Note to Practitioners—The increasingly serious attack events that happened in recent years demonstrate the importance of security in the development of Internet-of-Things (IoT) systems. Different from the traditional Internet, IoT systems are usually constrained by computing and storage resources. Then, complex encryption and authentication algorithms or protocols will not be applicable to IoT systems. Distributed estimation plays an important role in the collaborative control, monitoring, and management of IoT systems. Inevitably, attacks to distributed estimation could make false data spread throughout the networks and further cause terrible consequences, while the issues of network security have not been yet taken into consideration in the existing design of distributed estimation. In this article, we propose a secure distributed estimation method. By adding a security mechanism into the distributed estimation algorithm, the ability of resistance to any data integrity attack- can be achieved. Moreover, the possible damage will be completely controllable for arbitrary attacks. That is, our method can guarantee that the estimation performance will always be acceptable even in the worst case. Besides, it is simple and lightweight, and no additional communication consumption and hardware devices are needed for its deployment and operations.

automation & control systems

Yuan Chen,Soummya Kar,Jos M.F. Moura,Jose M.F. Moura

DOI: https://doi.org/10.1109/msp.2018.2842097

IF: 15.204

2018-09-01

IEEE Signal Processing Magazine

Abstract:The growth in the number of devices connected to the Internet of Things (IoT) poses major challenges in security. The integrity and trustworthiness of data and data analytics are increasingly important concerns in IoT applications. These are compounded by the highly distributed nature of IoT devices, making it infeasible to prevent attacks and intrusions on all data sources. Adversaries may hijack devices and compromise their data. As a result, reactive countermeasures, such as intrusion detection and resilient analytics, become vital components of security. This article overviews algorithms for secure distributed inference in IoT.

engineering, electrical & electronic

Yalin E. Sagduyu,Yi Shi,Tugba Erpek

DOI: https://doi.org/10.48550/arXiv.1906.00076

2019-06-01

Abstract:Machine learning finds rich applications in Internet of Things (IoT) networks such as information retrieval, traffic management, spectrum sensing, and signal authentication. While there is a surge of interest to understand the security issues of machine learning, their implications have not been understood yet for wireless applications such as those in IoT systems that are susceptible to various attacks due the open and broadcast nature of wireless communications. To support IoT systems with heterogeneous devices of different priorities, we present new techniques built upon adversarial machine learning and apply them to three types of over-the-air (OTA) wireless attacks, namely jamming, spectrum poisoning, and priority violation attacks. By observing the spectrum, the adversary starts with an exploratory attack to infer the channel access algorithm of an IoT transmitter by building a deep neural network classifier that predicts the transmission outcomes. Based on these prediction results, the wireless attack continues to either jam data transmissions or manipulate sensing results over the air (by transmitting during the sensing phase) to fool the transmitter into making wrong transmit decisions in the test phase (corresponding to an evasion attack). When the IoT transmitter collects sensing results as training data to retrain its channel access algorithm, the adversary launches a causative attack to manipulate the input data to the transmitter over the air. We show that these attacks with different levels of energy consumption and stealthiness lead to significant loss in throughput and success ratio in wireless communications for IoT systems. Then we introduce a defense mechanism that systematically increases the uncertainty of the adversary at the inference stage and improves the performance. Results provide new insights on how to attack and defend IoT networks using deep learning.

Networking and Internet Architecture,Cryptography and Security,Machine Learning

Liang Xiao,Xiaoyue Wan,Xiaozhen Lu,Yanyong Zhang,Di Wu

DOI: https://doi.org/10.48550/arXiv.1801.06275

2018-01-19

Abstract:Internet of things (IoT) that integrate a variety of devices into networks to provide advanced and intelligent services have to protect user privacy and address attacks such as spoofing attacks, denial of service attacks, jamming and eavesdropping. In this article, we investigate the attack model for IoT systems, and review the IoT security solutions based on machine learning techniques including supervised learning, unsupervised learning and reinforcement learning. We focus on the machine learning based IoT authentication, access control, secure offloading and malware detection schemes to protect data privacy. In this article, we discuss the challenges that need to be addressed to implement these machine learning based security schemes in practical IoT systems.

Cryptography and Security

Su Wang,Keyang Yu,Qi Li,Dong Chen

2024-06-15

Abstract:The Internet traffic data produced by the Internet of Things (IoT) devices are collected by Internet Service Providers (ISPs) and device manufacturers, and often shared with their third parties to maintain and enhance user services. Unfortunately, on-path adversaries could infer and fingerprint users' sensitive privacy information such as occupancy and user activities by analyzing these network traffic traces. While there's a growing body of literature on defending against this side-channel attack-malicious IoT traffic analytics (TA), there's currently no systematic method to compare and evaluate the comprehensiveness of these existing studies. To address this problem, we design a new low-cost, open-source system framework-IoT Traffic Exposure Monitoring Toolkit (ITEMTK) that enables people to comprehensively examine and validate prior attack models and their defending approaches. In particular, we also design a novel image-based attack capable of inferring sensitive user information, even when users employ the most robust preventative measures in their smart homes. Researchers could leverage our new image-based attack to systematize and understand the existing literature on IoT traffic analysis attacks and preventing studies. Our results show that current defending approaches are not sufficient to protect IoT device user privacy. IoT devices are significantly vulnerable to our new image-based user privacy inference attacks, posing a grave threat to IoT device user privacy. We also highlight potential future improvements to enhance the defending approaches. ITEMTK's flexibility allows other researchers for easy expansion by integrating new TA attack models and prevention methods to benchmark their future work.

Cryptography and Security,Systems and Control

Liang Xiao,Xiaoyue Wan,Xiaozhen Lu,Yanyong Zhang,Di Wu

DOI: https://doi.org/10.1109/msp.2018.2825478

IF: 15.204

2018-01-01

IEEE Signal Processing Magazine

Abstract:The Internet of things (IoT), which integrates a variety of devices into networks to provide advanced and intelligent services, has to protect user privacy and address attacks such as spoofing attacks, denial of service (DoS) attacks, jamming, and eavesdropping. We investigate the attack model for IoT systems and review the IoT security solutions based on machine-learning (ML) techniques including supervised learning, unsupervised learning, and reinforcement learning (RL). ML-based IoT authentication, access control, secure offloading, and malware detection schemes to protect data privacy are the focus of this article. We also discuss the challenges that need to be addressed to implement these ML-based security schemes in practical IoT systems.

Chao Liu,Boxi Chen,Wei Shao,Chris Zhang,Kelvin Wong,Yi Zhang

2024-01-27

Abstract:The advent of the Internet of Things (IoT) has brought forth an era of unprecedented connectivity, with an estimated 80 billion smart devices expected to be in operation by the end of 2025. These devices facilitate a multitude of smart applications, enhancing the quality of life and efficiency across various domains. Machine Learning (ML) serves as a crucial technology, not only for analyzing IoT-generated data but also for diverse applications within the IoT ecosystem. For instance, ML finds utility in IoT device recognition, anomaly detection, and even in uncovering malicious activities. This paper embarks on a comprehensive exploration of the security threats arising from ML's integration into various facets of IoT, spanning various attack types including membership inference, adversarial evasion, reconstruction, property inference, model extraction, and poisoning attacks. Unlike previous studies, our work offers a holistic perspective, categorizing threats based on criteria such as adversary models, attack targets, and key security attributes (confidentiality, availability, and integrity). We delve into the underlying techniques of ML attacks in IoT environment, providing a critical evaluation of their mechanisms and impacts. Furthermore, our research thoroughly assesses 65 libraries, both author-contributed and third-party, evaluating their role in safeguarding model and data privacy. We emphasize the availability and usability of these libraries, aiming to arm the community with the necessary tools to bolster their defenses against the evolving threat landscape. Through our comprehensive review and analysis, this paper seeks to contribute to the ongoing discourse on ML-based IoT security, offering valuable insights and practical solutions to secure ML models and data in the rapidly expanding field of artificial intelligence in IoT.

Cryptography and Security,Artificial Intelligence

Fangyu Li,Aditya Shinde,Yang Shi,Jin Ye,Xiang-Yang Li,Wenzhan Song

DOI: https://doi.org/10.1109/jiot.2019.2897063

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Cyber attacks and malfunctions challenge the wide applications of Internet of Things (IoT). Since they are generally designed as embedded systems, typical auto-sustainable IoT devices usually have a limited capacity and a low processing power. Because of the limited computation resources, it is difficult to apply the traditional techniques designed for personal computers or super computers, like traffic analyzers and antivirus software. In this paper, we propose to leverage statistical learning methods to characterize the device behavior and flag deviations as anomalies. Because the system statistics, such as CPU usage cycles, disk usage, etc., can be obtained by IoT application program interfaces, the proposed framework is platform and deviceindependent. Considering IoT applications, we train multiple machine learning models to evaluate their feasibility and suitability. For the target auto-sustainable IoT devices, which operate well-planned processes, the normal system performances can be modeled accurately. Based on time series analysis methods, such as local outlier factor, cumulative sum, and the proposed adaptive online thresholding, the anomalous behaviors can be effectively detected. Comparing their performances on detecting anomalies as well as the computation sources required, we conclude that relatively simple machine learning models are more suitable for IoT security, and a data-driven anomaly detection method is preferred.

Chao Liu,Boxi Chen,Wei Shao,Chris Zhang,Kelvin K. L. Wong,Yi Zhang

DOI: https://doi.org/10.1109/jiot.2024.3377730

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The advent of the Internet of Things (IoT) has brought forth an era ofunprecedented connectivity, with an estimated 80 billion smart devices expectedto be in operation by the end of 2025. These devices facilitate a multitude ofsmart applications, enhancing the quality of life and efficiency across variousdomains. Machine Learning (ML) serves as a crucial technology, not only foranalyzing IoT-generated data but also for diverse applications within the IoTecosystem. For instance, ML finds utility in IoT device recognition, anomalydetection, and even in uncovering malicious activities. This paper embarks on acomprehensive exploration of the security threats arising from ML's integrationinto various facets of IoT, spanning various attack types including membershipinference, adversarial evasion, reconstruction, property inference, modelextraction, and poisoning attacks. Unlike previous studies, our work offers aholistic perspective, categorizing threats based on criteria such as adversarymodels, attack targets, and key security attributes (confidentiality,availability, and integrity). We delve into the underlying techniques of MLattacks in IoT environment, providing a critical evaluation of their mechanismsand impacts. Furthermore, our research thoroughly assesses 65 libraries, bothauthor-contributed and third-party, evaluating their role in safeguarding modeland data privacy. We emphasize the availability and usability of theselibraries, aiming to arm the community with the necessary tools to bolstertheir defenses against the evolving threat landscape. Through our comprehensivereview and analysis, this paper seeks to contribute to the ongoing discourse onML-based IoT security, offering valuable insights and practical solutions tosecure ML models and data in the rapidly expanding field of artificialintelligence in IoT.

Bassey Isong,Otshepeng Kgote,Adnan Abu-Mahfouz

DOI: https://doi.org/10.3390/electronics13122370

IF: 2.9

2024-06-18

Electronics

Abstract:The swift explosion of Internet of Things (IoT) devices has brought about a new era of interconnectivity and ease of use while simultaneously presenting significant security concerns. Intrusion Detection Systems (IDS) play a critical role in the protection of IoT ecosystems against a wide range of cyber threats. Despite research advancements, challenges persist in improving IDS detection accuracy, reducing false positives (FPs), and identifying new types of attacks. This paper presents a comprehensive analysis of recent developments in IoT, shedding light on detection methodologies, threat types, performance metrics, datasets, challenges, and future directions. We systematically analyze the existing literature from 2016 to 2023, focusing on both machine learning (ML) and non-ML IDS strategies involving signature, anomaly, specification, and hybrid models to counteract IoT-specific threats. The findings include the deployment models from edge to cloud computing and evaluating IDS performance based on measures such as accuracy, FP rates, and computational costs, utilizing various IoT benchmark datasets. The study also explores methods to enhance IDS accuracy and efficiency, including feature engineering, optimization, and cutting-edge solutions such as cryptographic and blockchain technologies. Equally, it identifies key challenges such as the resource-constrained nature of IoT devices, scalability, and privacy issues and proposes future research directions to enhance IoT-based IDS and overall ecosystem security.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ashish Koirala,Rabindra Bista,Joao C. Ferreira

DOI: https://doi.org/10.3390/fi15060210

2023-06-09

Future Internet

Abstract:The Internet of Things (IoT) shares the idea of an autonomous system responsible for transforming physical computational devices into smart ones. Contrarily, storing and operating information and maintaining its confidentiality and security is a concerning issue in the IoT. Throughout the whole operational process, considering transparency in its privacy, data protection, and disaster recovery, it needs state-of-the-art systems and methods to tackle the evolving environment. This research aims to improve the security of IoT devices by investigating the likelihood of network attacks utilizing ordinary device network data and attack network data acquired from similar statistics. To achieve this, IoT devices dedicated to smart healthcare systems were utilized, and botnet attacks were conducted on them for data generation. The collected data were then analyzed using statistical measures, such as the Pearson coefficient and entropy, to extract relevant features. Machine learning algorithms were implemented to categorize normal and attack traffic with data preprocessing techniques to increase accuracy. One of the most popular datasets, known as BoT-IoT, was cross-evaluated with the generated dataset for authentication of the generated dataset. The research provides insight into the architecture of IoT devices, the behavior of normal and attack networks on these devices, and the prospects of machine learning approaches to improve IoT device security. Overall, the study adds to the growing body of knowledge on IoT device security and emphasizes the significance of adopting sophisticated strategies for detecting and mitigating network attacks.

English Else

Mengyao Zheng,Dixing Xu,Linshan Jiang,Chaojie Gu,Rui Tan,Peng Cheng

DOI: https://doi.org/10.1145/3363347.3363357

2019-11-10

Abstract:The Internet of Things (IoT) will be a main data generation infrastructure for achieving better system intelligence. However, the extensive data collection and processing in IoT also engender various privacy concerns. This paper provides a taxonomy of the existing privacy-preserving machine learning approaches developed in the context of cloud computing and discusses the challenges of applying them in the context of IoT. Moreover, we present a privacy-preserving inference approach that runs a lightweight neural network at IoT objects to obfuscate the data before transmission and a deep neural network in the cloud to classify the obfuscated data. Evaluation based on the MNIST dataset shows satisfactory performance.

Salma Elhag,Amal Mahmoud Alghamdi,Norah Ahmad Al-Shomrani

DOI: https://doi.org/10.1007/s42979-022-01566-3

2022-12-29

SN Computer Science

Abstract:The Internet of Things (IoT) has evolved to the point that modern enterprises may now deploy large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT) (IIoT). The IIoT is susceptible to many cyber-attacks that hacker may use to cause significant reputational and financial harm to businesses. An anomaly-based intrusion detection system (IDS) may offer secure, dependable, and efficient IIoT ecosystems by preserving the confidentiality, integrity, and availability of IIoT networks. This study investigates the application of a security model for the IIoT that uses machine learning techniques to improve network and communication security by preventing malicious and infected nodes from spreading and infecting other nodes in the network. In this, four machine learning classifiers (SVM, DT, RF, and kNN) have been used to classify the attacks with three main attack scenarios. The results show that RF has a stable performance and accuracy of 99.5%, while the other classifiers show differences in accuracy and performance with each attack scenario.

Han Qiu,Qinkai Zheng,Tianwei Zhang,Meikang Qiu,Gerard Memmi,Jialiang Lu

DOI: https://doi.org/10.1109/JIOT.2020.3004498

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The rapid development of deep learning (DL) enables resource-constrained systems and devices [e.g., Internet of Things (IoT)] to perform sophisticated artificial intelligence (AI) applications. However, AI models, such as deep neural networks (DNNs), are known to be vulnerable to adversarial examples (AEs). Past works on defending against AEs require heavy computations in the model training or inference processes, making them impractical to be applied in IoT systems. In this article, we propose a novel method, Super-IoT, to enhance the security and efficiency of AI applications in distributed IoT systems. Specifically, Super-IoT utilizes a pixel drop operation to eliminate adversarial perturbations from the input and reduce network transmission throughput. Then, it adopts a sparse signal recovery method to reconstruct the dropped pixels and wavelet-based denoising method to reduce the artificial noise. Super-IoT is a lightweight method with negligible computation cost to IoT devices and little impact on the DNN model performance. Extensive evaluations show that it can outperform three existing AE defensive solutions against most of the AE attacks with better transmission efficiency.

Barjinder Kaur,Sajjad Dadkhah,Farzaneh Shoeleh,Euclides Carlos Pinto Neto,Pulei Xiong,Shahrear Iqbal,Philippe Lamontagne,Suprio Ray,Ali A. Ghorbani

DOI: https://doi.org/10.1016/j.iot.2023.100780

IF: 5.711

2023-07-01

Internet of Things

Abstract:The evolution of mobile technologies has introduced smarter and more connected objects into our day-to-day lives. This trend, known as the Internet of Things (IoT), has applications in smart homes, smart cities, industrial automation, health monitoring systems, and has become an essential component of the communication and networking industry. However, different communication and protocol standards, weak security defaults and the difficulty of distributing updates have exacerbated cybersecurity threats to critical applications that employ IoT. To mitigate the threats and counter these attacks, a promising approach is to develop a robust intrusion detection framework specifically aimed at securing IoT. This paper presents our efforts to catalogue and compare attacks, datasets and machine learning algorithms and architectures for intrusion detection systems for IoT devices. We classify attacks aimed at IoT devices at different layers and protocols. This work also highlights potential features that can be used by machine learning-based intrusion detection systems to detect different types of attacks. We provide a comparative study of IoT datasets used for model training and identify key properties which helps in assessing their suitability in particular scenarios. Finally, we discuss our observations and propose the research directions for building a robust IoT intrusion detection system.

DOI: https://doi.org/10.1007/s10922-024-09829-5

2024-06-10

Journal of Network and Systems Management

Abstract:The increasing use of intelligent devices connected to the internet has contributed to the introduction of a new paradigm: the Internet of Things (IoT). The IoT is a set of devices connected via the internet that cooperate to achieve a specific goal. Smart cities, smart airports, smart transportation, smart homes, and many applications in the medical and educational fields all use the IoT. However, one major challenge is detecting malicious intrusions on IoT networks. Intrusion Detection Systems (IDSs) should detect these types of intrusions. This work proposes an effective model for detecting malicious IoT activities using machine learning techniques. The ToN-IoT dataset, which consists of seven connected devices (subdatasets), is used to construct an IoT network. The proposed model is a multilevel classification model. The first level distinguishes between attack and normal network activities. The second level is to classify the types of detected attacks. The experimental results prove the effectiveness of the proposed model in terms of time and classification performance metrics. The proposed model and seven baseline techniques in the literature are compared. The proposed model outperformed the baseline techniques in all subdatasets except for the Garage Door dataset.

computer science, information systems,telecommunications

Sonam Bhardwaj,Mayank Dave

DOI: https://doi.org/10.1007/s11235-024-01105-w

2024-02-17

Telecommunication Systems

Abstract:This article focuses on the urgent cybersecurity concerns in the Internet of Things (IoT) environment, highlighting the crucial importance of protecting these networks in the face of increasing amounts of IoT data. The paper explores the intricacies of deploying security mechanisms for Internet of Things (IoT) devices, specifically those that are restricted by limited resources. This study examines the inherent weaknesses in IoT systems and analyses the strategies used by malicious individuals to gain control and privileges. In order to tackle these difficulties, the study suggests a sophisticated security system that combines artificial intelligence and an intelligent attack graph. An outstanding characteristic of the model incorporates a method devised to restrain virus spread and accelerate network restoration by introducing virtual nodes. The research showcases the results of the vulnerable attack path predictor (VAPP) module of the proposed model, emphasising its exceptional accuracy in distinguishing between black (0) and red (1) attack paths compared to alternative Machine Learning techniques. Moreover, a thorough evaluation of the module's performance is carried out, with a specific emphasis on security concerns and predictive capacities. Proverif is utilised to validate the security settings and evaluate the resilience of the secret keys. The findings demonstrate a detection rate of 98.48% and an authentication rate of 85%, outperforming the achievements of earlier studies. The contributions greatly enhance the ability of IoT networks to withstand challenges, and the use of cryptographic verification confirms its dependability in the ever-changing digital environment.

telecommunications

Mounika Jammula,Venkata Mani Vakamulla,Sai Krishna Kondoju

DOI: https://doi.org/10.1002/ett.4680

IF: 3.6

2022-11-16

Transactions on Emerging Telecommunications Technologies

Abstract:The Internet of Things is an enhanced intelligent infrastructure that is created through the use of a number of different devices that are capable of self‐organization. Data privacy and protection are the primary problems brought up by this enormous network. In addition, the devices in the network with constrained resources are battery‐powered, thus they only have a limited capacity to store resources internally. Because of this, it is vital to discover solutions that are more resource‐optimized and connected to security in order to solve the issues that were caused by the network. The devices are being forced to maintain more complicated cryptographic algorithms for higher security. Therefore, this article proposes an integrated communication protocol that requires only symmetric key‐based cryptography with a deep learning convolutional neural network, which is employed for predicting the normal and attacked data from the input requested data. Here, the logical map is used to produce the symmetric keys due to its resistance against the attacks of key reset and device capture. This integrated model provides an ultra‐lightweight communication protocol with reduced attack detection time while enhancing the attack detection parameters such as precision, accuracy, F1‐score, and recall. The Internet of Things is an enhanced intelligent infrastructure that is created through the use of a number of different devices that are capable of self‐organization. Data privacy and protection are the primary problems brought up by this enormous network. In addition, the devices in the network with constrained resources are battery‐powered, thus they only have a limited capacity to store resources internally. Because of this, it is vital to discover solutions that are more resource‐optimized and connected to security in order to solve the issues that were caused by the network. The devices are being forced to maintain more complicated cryptographic algorithms for higher security. Therefore, this article proposes an integrated communication protocol that requires only symmetric key‐based cryptography with a deep learning convolutional neural network, which is employed for predicting the normal and attacked data from the input requested data. Here, the logical map is used to produce the symmetric keys due to its resistance against the attacks of key reset and device capture. This integrated model provides an ultra‐lightweight communication protocol with reduced attack detection time while enhancing the attack detection parameters such as precision, accuracy, F1‐score, and recall.

telecommunications

Dianshi Yang,Abhinav Kumar,Stuart Ray,Wei Wang,Reza Tourani

DOI: https://doi.org/10.1109/icccn58024.2023.10230209

2023-01-01

Abstract:Security issues have become one of the major challenges for Internet-of-Things (IoT) networks. To overcome this challenge, the recent commonly-used approaches mainly focus on conducting encryption on IoT communication or performing continuous authentication for IoT devices by using pre-shared credentials (e.g., passcode and wireless channel signatures). However, these mechanisms are deemed insufficient, in part, due to the increasing number of data breaches and the recent proliferation of sensitive IoT devices and applications. We present IoT Sentinel - a novel security system that explores the correlation between IoT devices to effectively and efficiently secure IoT networks. Specifically, our system (i) detects potential attacks, (ii) localizes the attacker, and (iii) conducts dynamic implicit authentication at the same time. Moreover, instead of requiring full physical-layer access to IoT devices for finegrained measurement of the wireless signal, IoT Sentinel uses only coarse packet-level device correlation information to secure IoT networks with negligible overhead to the network. Thus, making our approach compatible with existing constrained IoT devices. We extensively evaluate the efficacy of IoT Sentinel in different scenarios and settings. The experiment results show that our approach achieves around 96% attack detection accuracy, more than 70% attacker localization accuracy, and around 100% device authentication accuracy.

Yizhen Sun,Jianjiang Yu,Jianwei Tian,Zhongwei Chen,Weiping Wang,Shigeng Zhang

DOI: https://doi.org/10.1155/2021/1828182

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. However, existing IoT device recognition approaches rarely consider traffic attacks, which might change the pattern of traffic and consequently decrease the recognition accuracy of different IoT devices. In this work, we first validate by experiments that traffic attacks indeed decrease the recognition accuracy of existing IoT device recognition approaches; then, we propose an approach called IoT-IE that combines information entropy of different traffic features to detect traffic anomaly. We then enhance the robustness of IoT device recognition by detecting and ignoring the abnormal traffic detected by our approach. Experimental evaluations show that IoT-IE can effectively detect abnormal behaviors of IoT devices in the traffic under eight different types of attacks, achieving a high accuracy value of 0.977 and a low false positive rate of 0.011. It also achieves an accuracy of 0.969 in a multiclassification experiment with 7 different types of attacks.