Toward the Protection of IoT Networks: Introducing the LATAM-DDoS-IoT Dataset

Abstract

Anomaly detection is a well-known topic in cybersecurity. Its application to the Internet of Things can lead to suitable protection techniques against problems such as denial of service attacks. However, Intrusion Detection Systems based on Artificial Intelligence, as a defense mechanism, need robust data sources to achieve strong generalization levels from the knowledge domain of interest. Therefore, in this research we present the LATAM-DDoS-IoT dataset, which results from a collaboration among Aligo, Universidad de Antioquia, and Tecnologico de Monterrey. The LATAM-DDoS-IoT dataset includes attack traffic to physical Internet of Things devices and normal traffic from real external users consuming actual services from Aligo’s production network. We also compare this new dataset with the Bot-IoT dataset, as the latter is a collection of data used in recent approaches to create detection systems in the Internet of Things domain. Furthermore, we build a smart anomaly-based Intrusion Detection System from our new dataset, training Decision Tree and Multi-layer Perceptron models, for later deployment and evaluation on a Software Defined Networking architecture with physical and virtual components. Before deployment, we obtained an average accuracy of 99.967% and 98.872% with our new dataset’s balanced denial of service and distributed denial of service versions. After deployment, we show that our Intrusion Detection System does not misclassify legitimate traffic and detects more than 90% of the attacks.