Yuchen Wong,Chen Yan,Shengfang Zhai,Cong Li,Qingni Shen

DOI: https://doi.org/10.1109/icassp48485.2024.10448244

2024-01-01

Abstract:The rise of new industries, such as the Internet of Things and Smart Healthcare, has brought many cross-cloud business opportunities for cloud computing and posed new challenges to the cloud security. Traditionally, security can be assessed by compliance checking when selecting cloud services. However, when facing cross-cloud security requirements, even if passing the compliance checking, it cannot prove that different clouds have the same security level since they pass different standards. Therefore, security equivalence assessment of different security standards is a fundamental issue. In order to solve the issue automatically, we first transform it into the problem of mapping between control items with respect to different standards. Then, we define three tasks to work out the mapping problem: a task for mapping searching and two for new mapping establishing. Next, we collect, organize, and expand a dataset of mappings between control items containing 21 standards and more than 100,000 pieces of mapping data. Subsequently, we experiment with four well-known models for each task to test their performance on the dataset of mappings: TF-IDF, Word2vec, BERT, and GPT-Neo. Experimental results indicate that the current models can perform very well on the first two tasks but need to be better on the last task.

Yanbing Gao,Rui Ma

DOI: https://doi.org/10.3233/jifs-237692

2024-03-02

Journal of Intelligent & Fuzzy Systems

Abstract:With the deepening development of the financial market, the role of regulatory systems in ensuring green and safe financial environment is becoming increasingly prominent. The traditional intelligent financial regulatory systems on the market lack precise and effective real-time monitoring and recognition capabilities, making it difficult to effectively process and analyze large-scale financial data. In order to improve the real-time recognition of abnormal situations or potential risks, achieve automation and intelligence of supervision, this article combines deep learning technology to study the deep practice of IoT image recognition technology in intelligent financial supervision systems. In response to the "data silos" and cross regional linkage issues faced by financial industry regulation, this article designs and implements an intelligent regulatory system based on IoT image recognition technology through deep learning. Using Convolutional Neural Network (CNN) algorithm to classify and analyze system images for regulatory and risk control purposes. The research results indicate that the intelligent financial regulatory system constructed in this article has high stability and responsiveness, which can effectively meet the real-time regulatory needs of finance and help promote the healthy development of the financial market.

Zhi Li,Yuemeng Ge,Jieying Guo,Mengyao Chen,Junwei Wang

DOI: https://doi.org/10.1007/s13198-021-01533-w

2022-01-21

International Journal of System Assurance Engineering and Management

Abstract:Under the background of information age, it is essential to cope with network security problems, ensure the popularization of Internet of Things (IoT) technology based on the Internet, and guarantee the information security, life security, and property security of all countries and individuals. Therefore, the principle and advantages of deep learning (DL) technology is expounded first, and then an IoT security threat model is established combined with edge computing (EC) technology. Additionally, the traditional algorithm is improved to be adapted to the application environment of the current United Nations cyberspace governance actions, and is trained and optimized by data sets. Finally, a modification plan is formulated according to the actual test results. In the experiment, EC is used to establish an excellent IoT security threat model with an efficient and accurate algorithm. The result shows that DL technology and EC technology significantly improve the judgment ability of the IoT security threat model and promote the efficiency of network space governance. This model can inspire the application of emerging computer technology to the IoT network and cyberspace governance, guarantee the construction of global information interconnection, and provide a reference for future research.

Jaidip Kotak,Yuval Elovici

DOI: https://doi.org/10.1007/s12652-022-04415-6

2023-03-02

Abstract:Attack vectors for adversaries have increased in organizations because of the growing use of less secure IoT devices. The risk of attacks on an organization's network has also increased due to the bring your own device (BYOD) policy which permits employees to bring IoT devices onto the premises and attach them to the organization's network. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the organization's network. To monitor compliance with such policies, it has become essential to distinguish IoT devices permitted within an organization's network from non white listed (unknown) IoT devices. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network. In contrast to existing methods, the proposed approach does not require complex feature engineering of the network communication, because the 'communication behavior' of IoT devices is represented as small images which are generated from the device's network communication payload. The proposed approach is applicable for any IoT device, regardless of the protocol used for communication. As our approach relies on the network communication payload, it is also applicable for the IoT devices behind a network address translation (NAT) enabled router. In this study, we trained various classifiers on a publicly accessible dataset to identify IoT devices in different scenarios, including the identification of known and unknown IoT devices, achieving over 99% overall average detection accuracy.

Networking and Internet Architecture,Artificial Intelligence,Cryptography and Security,Computer Vision and Pattern Recognition,Machine Learning

Jaidip Kotak,Yuval Elovici

DOI: https://doi.org/10.1007/978-3-030-57805-3_8

2020-02-25

Abstract:The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers due to the less secure nature of the devices. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In order to address this threat, organizations often implement security policies in which only the connection of white-listed IoT devices is permitted. To monitor adherence to such policies and protect their networks, organizations must be able to identify the IoT devices connected to their networks and, more specifically, to identify connected IoT devices that are not on the white-list (unknown devices). In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network. In contrast to previous work, our approach does not require that complex feature engineering be applied on the network traffic, since we represent the communication behavior of IoT devices using small images built from the IoT devices network traffic payloads. In our experiments, we trained a multiclass classifier on a publicly available dataset, successfully identifying 10 different IoT devices and the traffic of smartphones and computers, with over 99% accuracy. We also trained multiclass classifiers to detect unauthorized IoT devices connected to the network, achieving over 99% overall average detection accuracy.

Cryptography and Security,Machine Learning,Networking and Internet Architecture,Signal Processing

Xuanyu Duan,Mengmeng Ge,Triet Huynh Minh Le,Faheem Ullah,Shang Gao,Xuequan Lu,M. Ali Babar

DOI: https://doi.org/10.1109/prdc53464.2021.00016

2021-12-01

Abstract:Internet of Things (IoT) based applications face an increasing number of potential security risks, which need to be systematically assessed and addressed. Expert-based manual assessment of IoT security is a predominant approach, which is usually inefficient. To address this problem, we propose an automated security assessment framework for IoT networks. Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions for predicting vulnerability metrics. The predicted metrics are then input into a two-layered graphical security model, which consists of an attack graph at the upper layer to present the network connectivity and an attack tree for each node in the network at the bottom layer to depict the vulnerability information. This security model automatically assesses the security of the IoT network by capturing potential attack paths. We evaluate the viability of our approach using a proof-of-concept smart building system model which contains a variety of real-world IoT devices and poten-tial vulnerabilities. Our evaluation of the proposed framework demonstrates its effectiveness in terms of automatically predicting the vulnerability metrics of new vulnerabilities with more than 90% accuracy, on average, and identifying the most vulnerable attack paths within an IoT network. The produced assessment results can serve as a guideline for cybersecurity professionals to take further actions and mitigate risks in a timely manner.

João Vitorino,Rui Andrade,Isabel Praça,Orlando Sousa,Eva Maia

DOI: https://doi.org/10.1007/978-3-031-08147-7_13

2022-06-01

Abstract:The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considering both binary and multi-class classification scenarios. The developed models consisted of Support Vector Machine (SVM), Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), Isolation Forest (iForest), Local Outlier Factor (LOF) and a Deep Reinforcement Learning (DRL) model based on a Double Deep Q-Network (DDQN), adapted to the intrusion detection context. The most reliable performance was achieved by LightGBM. Nonetheless, iForest displayed good anomaly detection results and the DRL model demonstrated the possible benefits of employing this methodology to continuously improve the detection. Overall, the obtained results indicate that the analyzed techniques are well suited for IoT intrusion detection.

Cryptography and Security,Artificial Intelligence,Machine Learning

Fangfang Dang,Lijing Yan,Ying Yang,Shuai Li,Dingding Li,Dong Niu

DOI: https://doi.org/10.1088/1742-6596/2781/1/012024

2024-06-16

Journal of Physics Conference Series

Abstract:With the rapid development of Electric Power Internet of Things (IoT) technology, a large number of devices are being networked and exposed to cyberspace. Due to the disparity in security design levels and lax management during usage, electric power terminals are susceptible targets for network attackers. This not only causes losses to device owners but also poses a threat to the overall cybersecurity of the network, as compromised devices can serve as nodes for botnets. The importance of addressing this issue cannot be underestimated. Asset identification is a prerequisite for the secure management of IoT devices. This paper analyzes and studies existing asset identification technologies. Existing device identification methods based on message content features have problems such as reliance on textual features of message content and difficulties in labeling large-scale data. To overcome these limitations, a machine learning-based classification method for IoT devices is proposed. This method extracts features from the web homepage of devices and generates feature vector fingerprints. By leveraging the random forest algorithm, the accuracy of IoT device classification is improved. This approach is suitable for asset identification of IoT devices and provides support for the precise implementation of vulnerability scanning for IoT devices.

Yining Pang,Chenghan Li

2024-12-11

Abstract:With the proliferation of the Internet and smart devices, IoT technology has seen significant advancements and has become an integral component of smart homes, urban security, smart logistics, and other sectors. IoT facilitates real-time monitoring of critical production indicators, enabling businesses to detect potential quality issues, anticipate equipment malfunctions, and refine processes, thereby minimizing losses and reducing costs. Furthermore, IoT enhances real-time asset tracking, optimizing asset utilization and management. However, the expansion of IoT has also led to a rise in cybercrimes, with devices increasingly serving as vectors for malicious attacks. As the number of IoT devices grows, there is an urgent need for robust network security measures to counter these escalating threats. This paper introduces a deep learning model incorporating LSTM and attention mechanisms, a pivotal strategy in combating cybercrime in IoT networks. Our experiments, conducted on datasets including IoT-23, BoT-IoT, IoT network intrusion, MQTT, and MQTTset, demonstrate that our proposed method outperforms existing baselines.

Cryptography and Security,Machine Learning

Yongxin Liu,Jian Wang,Jianqiang Li,Shuteng Niu,Houbing Song

DOI: https://doi.org/10.48550/arXiv.2101.10181

2021-01-25

Cryptography and Security

Abstract:The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices' identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Non-cryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, continual learning, and abnormality detection.

Lei Meng

DOI: https://doi.org/10.1155/2022/4146042

2022-07-23

Mobile Information Systems

Abstract:In order to accurately predict the security situation of Internet of Things information network, a research method based on machine learning algorithm for security situational awareness of Internet of Things information network is proposed. The perception result is represented by the perception model, the sample data are preprocessed based on the linear discriminant analysis method, the sample data are optimized to obtain the combined features, and then the processed data are used as the training input of the RBF neural network to find out the mapping relationship with the network situation value, so as to quantify the security posture of the system. The results show that automatic discovery and classification of seven violations is achieved. Since the platform was launched in China Mobile, more than 65,000 suspected illegal IoT cards have been discovered, effectively monitoring and controlling the operation and behavior of IoT cards. The processing efficiency of IoT card violations has been increased by more than 20 times. After the system is put into use, the discovery of suspected illegal users and behaviors can be realized through full automation, and the process of analysis, confirmation, and disposal can be shortened to 2 hours, which effectively reduce the false alarm rate and reduce operator costs. In previous monitoring of IoT cards, the false-positive rate of illegal IoT cards was about 83%, while the false-positive rate of existing algorithms dropped to 20%.Monitoring shows that business abuse monitoring detects the highest proportion of illegal IoT cards, 59%; infractions of Internet of Things cards detected through Internet abuse monitoring accounted for 20%; the proportion of Internet of Things card with machine card separation is 8%; in the information security risk monitoring (including spam text messages and harassing phone calls), the number of illegal Internet of Things cards found is small, only 3% and 2%, respectively; other infractions, including unauthorized use in locations and user complaints, accounted for 8%. It can effectively improve the ability to discover illegal IoT cards, greatly improve the accuracy of judgment, and improve the efficiency of disposal. The comparison verifies that the method is reliable and effective in the security situation awareness of the Internet of Things information network. Using the Internet of Things information security management system software based on the machine learning algorithm, the system software suitable for anomaly data detection is trained by adjusting the main parameters of the algorithm, which improves the automation and intelligence degree of the system software.

computer science, information systems,telecommunications

D. Selvapandian,R. Santhosh

DOI: https://doi.org/10.1007/s10515-021-00298-7

IF: 1.677

2021-09-21

Automated Software Engineering

Abstract:The possibility of connecting billions of smart end devices in the Internet of Things (IoT) provides wide range of services to the user. But, the unlimited connectivity of devices in IoT brings security issues when it is connected to wireless networks. Integrating cloud with IoT networks gains more attention as it reduces the sensor node resource limitations. However, the network complexity, open broadcast characteristics of IoT networks are vulnerable to attacks. To ensure network security and reliable operations, Intrusion Detection Systems (IDS) are widely preferred. IDS identifies the anomalies effectively in complex network environments and ensures the security of the network. Traditional intrusion detection systems based on neural networks consume long training time and low classification accuracy. Recently, deep learning methods are widely used in various image and signal processing, security applications. This research work presents a deep learning-based intrusion detection system for multi-cloud IoT environment to overcome the limitations of neural network-based intrusion detection models. The proposed intrusion detection model improves the detection accuracy by improving the training efficiency. Experimental evaluation of proposed model using NSL-KDD dataset provides improved performance than conventional techniques attaining 97.51% of detection rate, 96.28% of detection accuracy, and 94.41% of precision.

Yongxin Liu,Jian Wang,Jianqiang Li,Shuteng Niu,Houbing Song

DOI: https://doi.org/10.1109/jiot.2021.3099028

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices’ identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Noncryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, continual learning, and abnormality detection.

William Grant Hatcher,Cheng Qian,Fan Liang,Weixian Liao,Wei Yu,Erik Blasch

DOI: https://doi.org/10.1109/jiot.2022.3153171

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) encompasses a near-incalculable collection of dispersed and embedded computing devices acting as sensors and actuators, generating data at an incredible scale. However, a lack of coherency and cross-compatibility in IoT deployments has lead to increasing redundancy and waste of resources. To combat this, various concepts have been proposed for an open IoT search engine (IoT-SE) that serves human and machine users. Invariably, the IoT-SE envisions distributed query retrieval to handle massive volumes of devices and data. Incorporating the massively heterogeneous protocols and properties of devices deployed, the search of such a system for timely and pertinent data is massively challenging, to provide useful knowledge and service for IoT systems. Moreover, enabling and maintaining security and privacy in an IoT-SE is likewise a prodigious task, as end users, IoT devices, and the search system itself, have different protocols and requirements. To this end, a study of security issues in IoT search is conducted to outline the challenges ahead, and a case study to resolve practical security vulnerabilities in an IoT-SE system is carried out. The pertinent issues of security in an IoT-SE system are reviewed. Particularly: 1) a taxonomy is detailed for IoT-SE security issues; 2) the vulnerabilities of machine learning (ML) models in the IoT-SE are considered; and 3) defensive mechanisms are presented for securing IoT Search. A case study is carried out to implement basic security features in the IoT search, addressing the risk of false queries through the design of ML-based solutions. Finally, a roadmap for future research is provided, including the security and privacy for IoT systems connected to the IoT-SE, distributed edge computing in IoT-SE, privacy-preserving data markets in IoT-SE, and distributed ML in IoT-SE.

computer science, information systems,telecommunications,engineering, electrical & electronic

Huiyao Dong,Igor Kotenko

DOI: https://doi.org/10.1016/j.future.2024.04.005

IF: 7.307

2024-04-22

Future Generation Computer Systems

Abstract:As a system allowing intra-network devices to automatically communicate over the Internet, the Internet of Things (IoT) faces increasing popularity in modern applications and security threats – particularly network intrusions that target both networks and devices. A major threat is network attacks that attempt to obtain unauthorised access and damage the networks or systems. To effectively safeguard against these attacks, it is essential to use efficient hybrid intrusion detection systems with advanced techniques. Deep learning-based algorithms, such as Autoencoders (AEs), have been recognised as efficient methods for intrusion detection. However, it is crucial to further analyse the impact of different structures on detection performance. This paper proposes a method combining AE for data reconstruction and anomaly detection and multi-task learning (MTL)-structured models for IoT traffic classification. Additionally, we suggest a hybrid resampling technique with the Synthetic Minority Over-Sampling Technique and Generative Adversarial Network (SMOTE-GAN) for enhanced training and conduct a comparative analysis of different neural networks with AEs. The experimental results on two publicly available datasets demonstrate the effectiveness and practicality of the proposed AE-MTL approach comparing with single-task learning. Additionally, while the performance varies on different datasets, Long Short-Term Memory (LSTM), Gated Recurrent Units (GRU) and Convolutional Neural Network (CNN) have improved the detection of minor classes.

computer science, theory & methods

Fangyu Li,Aditya Shinde,Yang Shi,Jin Ye,Xiang-Yang Li,Wenzhan Song

DOI: https://doi.org/10.1109/jiot.2019.2897063

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Cyber attacks and malfunctions challenge the wide applications of Internet of Things (IoT). Since they are generally designed as embedded systems, typical auto-sustainable IoT devices usually have a limited capacity and a low processing power. Because of the limited computation resources, it is difficult to apply the traditional techniques designed for personal computers or super computers, like traffic analyzers and antivirus software. In this paper, we propose to leverage statistical learning methods to characterize the device behavior and flag deviations as anomalies. Because the system statistics, such as CPU usage cycles, disk usage, etc., can be obtained by IoT application program interfaces, the proposed framework is platform and deviceindependent. Considering IoT applications, we train multiple machine learning models to evaluate their feasibility and suitability. For the target auto-sustainable IoT devices, which operate well-planned processes, the normal system performances can be modeled accurately. Based on time series analysis methods, such as local outlier factor, cumulative sum, and the proposed adaptive online thresholding, the anomalous behaviors can be effectively detected. Comparing their performances on detecting anomalies as well as the computation sources required, we conclude that relatively simple machine learning models are more suitable for IoT security, and a data-driven anomaly detection method is preferred.

Basharat Ahmad,Zhaoliang Wu,Yongfeng Huang,Sadaqat Ur Rehman

DOI: https://doi.org/10.1016/j.knosys.2024.112614

IF: 8.139

2024-10-21

Knowledge-Based Systems

Abstract:The Internet of Things (IoT) networks, which are defined by their interconnected devices and data streams are an expanding attack surface for cyber adversaries. Industrial Internet of Things (IIoT) is a subset of IoT and has significant importance in-terms of security. Robust intrusion detection systems (IDS) are essential for protecting these critical infrastructures. Our research suggests a novel approach to the detection of anomalies in IoT and IIoT networks that leverages the capabilities of deep transfer learning. Our methodology begins with the EdgeIIoT dataset, which serves as the basis for our data analysis. We convert the data into an appropriate image format to enable Convolutional Neural Network (CNN)-based processing. The hyper-parameters of individual machine learning models are subsequently optimized using a Random Search algorithm. This optimization phase optimizes the performance of each model by modifying the hyper-parameters that are unique to the learning algorithms. The performance of each model is meticulously assessed subsequent to hyper-parameter optimization. The top-performing models are subsequently, strategically selected and combined using the ensemble technique. The IDS scheme's overall detection accuracy and generalizability are improved by the integration of strengths from multiple models. The proposed scheme demonstrates significant effectiveness in identifying a broad spectrum of attacks, encompassing a total of 14 distinct attack types. This comprehensive detection capability contributes to a more secure and resilient IoT ecosystem. Furthermore, application of quantization to our best models reduces resource utilization significantly without compromising accuracy.

computer science, artificial intelligence

Yichao Wu,Chenglong Li,Jiahai Yang,Zhiliang Wang,Wei Hu,Ang Xia,Yong Jiang,Yao Wang,Liuli Wu

DOI: https://doi.org/10.1109/iscc55528.2022.9912915

2022-01-01

Abstract:The number of Internet of Things (IoT) devices connected to the Internet has been growing rapidly. Such a large number of IoT devices bring significant challenges to device man-agement and cyberspace security. The discovery and classification of IoT devices are the prerequisites for monitoring and protecting them. However, existing Internet-scale IoT device classification methods mainly rely on textual analysis of the device response data, whose performance can be affected by the complexity or the multilingualism of the response texts. In this paper, we propose WebIoT, which mainly utilizes the image characteristics of the IoT devices' web interfaces to classify them for the first time. We leverage the observation that many IoT devices have web interfaces for device configuration and device status display, whose visual presentations contain abundant characteristics for device classification. Experiment results show that our method achieves 95.4% precision and 91.5% recall, which significantly outperforms other text analysis-based methods.

Ying Zhang,Wenyuan Zhang,Xiaoyu Jiang,Yuzhong Sun,Baiming Feng,Naixue Xiong,Tianyu Wo

DOI: https://doi.org/10.1109/jsyst.2024.3437185

IF: 4.802

2024-09-14

IEEE Systems Journal

Abstract:As a pivotal component of Industry 4.0, the Industrial Internet of Things has significantly propelled the intelligent evolution of industrial systems. However, this advancement has led to increased system complexity and scale, consequently increasing the likelihood of operational failures and potential security threats. Performing an effective analysis of log information and accurately identifying system fault categories has become a substantial challenge for system administrators. To extract valuable insights from edge device logs more efficiently and ensure system security, we propose an intelligent method for system fault detection and localization. Our approach begins with an analysis of the system's source code to extract message and fault classification templates. Subsequently, real-time preprocessing of the log stream occurs, employing techniques, such as pattern matching and statistical grouping, to construct a feature vector–matrix. The detection and identification module then discerns abnormal feature vectors, using a fast classification algorithm to categorize these anomalies and determine fault types. The proposed methodology undergoes testing on our edge cloud platform. The experimental results demonstrate that the method achieves a fault detection and localization accuracy that exceeds 98%.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Jianjin Zhao,Qi Li,Jintao Sun,Mianxiong Dong,Kaoru Ota,Meng Shen

DOI: https://doi.org/10.1109/jiot.2023.3305585

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Due to hardware limitations, Internet of Things (IoT) devices without integrated security become easy targets for network attacks. IoT device identification is significant for network security management. Despite many efforts, previous studies either require excessive features raising concerns about efficiency and privacy, or underutilize the data resources to fulfill the potential of simple features. Moreover, the severe data imbalance problem is unaddressed. In this paper, we present IoTProfile, an efficient IoT device identification framework via time series dictionary. It only considers simple packet-level attributes and maps them into different time windows. On this basis, it further follows a shuffle&split organization scheme to structure the imbalanced data as multi-channel time series. By performing random convolutional kernel transformations in two ways and aggregations, IoTProfile captures discriminative patterns and forms the frequency count of recurring patterns to profile the network behaviors of IoT devices over a period of time. The experimental results show that IoTProfile is superior to the other state-of-the-art methods in terms of both identification effectiveness and time overhead, achieving 99.81% and 97.65% Macro-F1 scores on UNSW and UNB datasets in under four minutes.

computer science, information systems,telecommunications,engineering, electrical & electronic