The expansion of IoT device networks increases the demand for security systems that detect attacks against these new targets. These devices have simple hardware, limited memory and processing power, and often are required to have low energy consumption. Batch supervised learning algorithms have been employed to address this issue, but they present some limitations. These algorithms demand benign and malicious labeled samples to be trained, which can be hard to obtain in real networks. Also, once they are trained, it is hard to update the learning model with newly found behaviors. In this work, we propose an online and unsupervised scheme to detect attacks in smart home IoT networks. This scheme is based on the combination of two algorithms: CluStream and Page-Hinkley Test. It does not require labeled samples to be trained and learns incrementally as it is used. Tests were performed over data obtained from publicly available datasets consisting of multiple smart home devices and the results are encouraging. Different types of attacks were detected with an overall detection rate around 97%, while the precision stayed above 87%.

Attack Detection in Smart Home IoT Networks using CluStream and Page-Hinkley Test

Barbon Junior S.;
2021-01-01

Abstract

The expansion of IoT device networks increases the demand for security systems that detect attacks against these new targets. These devices have simple hardware, limited memory and processing power, and often are required to have low energy consumption. Batch supervised learning algorithms have been employed to address this issue, but they present some limitations. These algorithms demand benign and malicious labeled samples to be trained, which can be hard to obtain in real networks. Also, once they are trained, it is hard to update the learning model with newly found behaviors. In this work, we propose an online and unsupervised scheme to detect attacks in smart home IoT networks. This scheme is based on the combination of two algorithms: CluStream and Page-Hinkley Test. It does not require labeled samples to be trained and learns incrementally as it is used. Tests were performed over data obtained from publicly available datasets consisting of multiple smart home devices and the results are encouraging. Different types of attacks were detected with an overall detection rate around 97%, while the precision stayed above 87%.
2021
978-1-6654-4035-6
File in questo prodotto:
File Dimensione Formato  
Attack_Detection_in_Smart_Home_IoT_Networks_using_CluStream_and_Page-Hinkley_Test.pdf

Accesso chiuso

Tipologia: Documento in Versione Editoriale
Licenza: Copyright Editore
Dimensione 812.39 kB
Formato Adobe PDF
812.39 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
3014629_Attack_Detection_in_Smart_Home_IoT_Networks_using_CluStream_and_Page-Hinkley_Test-Post_print.pdf

accesso aperto

Tipologia: Bozza finale post-referaggio (post-print)
Licenza: Digital Rights Management non definito
Dimensione 898.85 kB
Formato Adobe PDF
898.85 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11368/3014629
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? 2
social impact