Abstract
Technology evolves quickly. Low-cost and ready-to-connect devices are designed to provide new services and applications. Smart grids or smart health care systems are some examples of these applications. In this totally connected scenario, some security issues arise due to the large number of devices and communications. In this way, new solutions for monitoring and detecting security events are needed to address new challenges brought about by this scenario, among others, the real-time requirement allowing quick security event detection and, consequently, quick response to attacks. In this sense, Intrusion Detection Systems are widely used though their evaluation often relies on the use of predefined network datasets that limit their application in real environments. In this work, a real-time and ready-to-use tool for monitoring and detecting security events is introduced. The Multivariate Statistical Network Monitoring–Sensor is based on the Multivariate Statistical Network Monitoring methodology and provides an alternative way for evaluating Multivariate Statistical Network Monitoring–based Intrusion Detection System solutions. Experimental results based on the detection of well-known attacks in hierarchical network systems prove the suitability of this tool for complex scenarios, such as those found in smart cities or Internet of Things ecosystems.
Highlights
Several technical reports forecast 30 billion IoT (Internet of Things) devices around the world by 2021 and more than 14 billion M2M (Machine to Machine) connections by 2023.1,2 This scenario enables new services and applications for improving people’s daily life as well as new business opportunities
In order to demonstrate its suitability to be used in complex network environments for real-time monitoring and anomaly detection, the Multivariate Statistical Network Monitoring (MSNM)-Sensor has been successfully tested in hierarchical networks and systems for detecting well-known attacks like DoS, port scanning, and data exfiltration
We show a hypothetical local data source LISv with Mv variables to monitor a total of Nv gathered observations, the latter being split into k batches
Summary
Several technical reports forecast 30 billion IoT (Internet of Things) devices around the world by 2021 and more than 14 billion M2M (Machine to Machine) connections by 2023.1,2 This scenario enables new services and applications for improving people’s daily life as well as new business opportunities. In order to demonstrate its suitability to be used in complex network environments for real-time monitoring and anomaly detection, the MSNM-Sensor has been successfully tested in hierarchical networks and systems for detecting well-known attacks like DoS, port scanning, and data exfiltration. The MSNM-Sensor itself is able to monitor and detect anomalous behaviors from a wide range of heterogeneous data sources.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
