Abstract
The rapid growth of Internet of Things (IoT) is expected to add billions of IoT devices connected to the Internet. These devices represent a vast attack surface for cyberattacks. For example, these IoT devices can be infected with botnets to enable Distributed Denial of Service (DDoS) attacks. Signature-based intrusion detection systems are traditional countermeasures for such attacks. However, these methods rely on human experts and are time-consuming in terms of updates and may not exhaust all attack types especially zero-day attacks. Deep learning has shown some promise in intrusion detection. This paper shows that it is possible to use generative deep learning methods like Adversarial Autoencoders (AAE) and Bidirectional Generative Adversarial Networks (BiGAN) to detect intruders based on an analysis of the network data. The recently posted full IoT-23 dataset based on Somfy door lock, Philips Hue and Amazon Echo devices was used to train generative deep learning models to detect a variety of attacks like DDoS, and various botnets like Mirai, Okiruk and Torii. Over 1.8 million network flows were used to train the various models. The resulting generative models outperform traditional machine learning techniques like Random Forests. Both AAE and BiGAN-based models were able to achieve an F1-Score of 0.99. A BiGAN to detect unknown attacks was also trained to detect novel zero-day attacks with an F1-Score from 0.85 to 1.
Highlights
Internet of things (IoT) is one of the leading technologies today and is considered a natural extension of the internet by incorporating machine to machine communications and sensors
Bidirectional Generative Adversarial Networks (BiGAN) with their proposed algorithm attained the best performance with an F1-score of 90.8
This paper has shown that for a limited set of attacks and Internet of Things (IoT) devices, it is possible to use generative deep learning methods like Adversarial Autoencoders (AAE) and BiGAN to classify attacks with a very high accuracy
Summary
Internet of things (IoT) is one of the leading technologies today and is considered a natural extension of the internet by incorporating machine to machine communications and sensors. The network/transport layer is considered a link between the perception layer and the cloud. This layer consists of many internet protocols and has to integrate communication technologies for information exchange such as Zigbee, 5G, MQTT, and Wi-Fi [2]. A surveillance camera may use the home router and Wi-Fi to send a motion detection event to the main server. The cloud service may send an alarm to a mobile application being used a home owner indicating that a movement was detected in one of their surveillance cameras. Scripting — Book of Zeek (git/master).” https://docs.zeek.org/en/master/scripting/intro.html#writingscripts-connection-record (accessed May 19, 2021).
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.