Abstract
The Internet of Things has known an important development. However, security management is still a key challenge in particular for deploying complex IoT systems that provide sophisticated services. In this paper, we design an ensemble learning-based architecture to support early security detection in the context of multi-step attacks, by leveraging the performance of different detection techniques. The architecture relies on a total of five major methods, including process mining, elliptic envelope, one class support vector machine, local outlier factor and isolation forest. We describe the main components of this architecture and their interactions, from the data preprocessing to the generation of alerts, through the calculation of scores. The different detection methods are executed in parallel, and their results are combined by an ensemble learning strategy in order to improve the overall detection performance. We develop a proof-of-concept prototype and perform a large set of experiments to quantify the benefits and limits of this approach based on industrial datasets.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
