Deep-learning approach to attack handling of IoT devices using IoT-enabled network services

Abstract

The Internet of Things (IoT) is an emerging technology for network devices. Most IoT devices are enabled to connect to the Internet and to external cloud servers purposely or incidentally. It is likely that an attack goes into IoT devices or it is initiated by IoT devices, which is unless otherwise handled by security rules in the legacy network equipment. Since IoT devices may appear or disappear with no prior notification or no proper authentication, firewall rules set up in a legacy network are unsatisfactory to handle the IoT attacks. It is in part because the firewall rules in legal network are defined not only for legacy computing but also they should serve for IoT devices (see Fig. 1). This paper proposes an IoT-enabled network infrastructure, which is a complementary service to the legacy network infrastructure, to handle the packets coming into or going out of IoT devices only (see Fig. 2). Attack models in IoT devices are described in this paper. A few models can be detected by rulesets, while others may not be and therefore analyzed by an artificial neural network approach: IoT packet sequence patterns are trained; and potentially attackable packets are identified. The contribution of this paper includes 1) the characterization of IoT attacks, 2) the formation of neural network nodes to train the IoT attack models, and 3) embedding the trained models to analyze real-time network-streaming data.