A Hybrid Approach for Anomaly Detection in the Internet of Things

The Internet of Things (IoT) and sensors are becoming increasingly popular, especially in monitoring large and ambient environments. Applications that embrace IoT and sensors often require mining the data feeds that are collected at frequent intervals for intelligence. Despite the fact that such sensor data are massive, most of the data contents are identical and repetitive; for example, human traffic in a park at night. Most of the traditional classification algorithms were originally formulated decades ago, and they were not designed to handle such sensor data effectively. Hence, the performance of the learned model is often poor because of the small granularity in classification and the sporadic patterns in the data. To improve the quality of data mining from the IoT data, a new pre-processing methodology based on subspace similarity detection is proposed. Our method can be well integrated with traditional data mining algorithms and anomaly detection methods. The pre-processing method is flexible for handling similar kinds of sensor data that are sporadic in nature that exist in many ambient sensing applications. The proposed methodology is evaluated by extensive experiment with a collection of classical data mining models. An improvement over the precision rate is shown by using the proposed method.

Download Full-text

System Log Detection Model Based on Conformal Prediction

Electronics ◽

10.3390/electronics9020232 ◽

2020 ◽

Vol 9 (2) ◽

pp. 232 ◽

Cited By ~ 2

Author(s):

Yitong Ren ◽

Zhaojun Gu ◽

Zhi Wang ◽

Zhihong Tian ◽

Chunbo Liu ◽

...

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Anomaly Detection ◽

Statistical Learning ◽

The Internet ◽

Learning Method ◽

Log Data ◽

Detection Model ◽

Statistical Learning Method ◽

The Internet Of Things

With the rapid development of the Internet of Things, the combination of the Internet of Things with machine learning, Hadoop and other fields are current development trends. Hadoop Distributed File System (HDFS) is one of the core components of Hadoop, which is used to process files that are divided into data blocks distributed in the cluster. Once the distributed log data are abnormal, it will cause serious losses. When using machine learning algorithms for system log anomaly detection, the output of threshold-based classification models are only normal or abnormal simple predictions. This paper used the statistical learning method of conformity measure to calculate the similarity between test data and past experience. Compared with detection methods based on static threshold, the statistical learning method of the conformity measure can dynamically adapt to the changing log data. By adjusting the maximum fault tolerance, a system administrator can better manage and monitor the system logs. In addition, the computational efficiency of the statistical learning method for conformity measurement was improved. This paper implemented an intranet anomaly detection model based on log analysis, and conducted trial detection on HDFS data sets quickly and efficiently.

Download Full-text

Attack and Anomaly Detection in IoT Networks using Machine Learning Techniques: A Review

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2021/v9i230218 ◽

2021 ◽

pp. 30-46

Author(s):

Saad Hikmat Haji ◽

Siddeeq Y. Ameen

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Anomaly Detection ◽

Attack Detection ◽

Machine Learning Techniques ◽

Smart Devices ◽

The Internet ◽

Business Services ◽

Industrial Services ◽

The Internet Of Things

The Internet of Things (IoT) is one of today's most rapidly growing technologies. It is a technology that allows billions of smart devices or objects known as "Things" to collect different types of data about themselves and their surroundings using various sensors. They may then share it with the authorized parties for various purposes, including controlling and monitoring industrial services or increasing business services or functions. However, the Internet of Things currently faces more security threats than ever before. Machine Learning (ML) has observed a critical technological breakthrough, which has opened several new research avenues to solve current and future IoT challenges. However, Machine Learning is a powerful technology to identify threats and suspected activities in intelligent devices and networks. In this paper, various ML algorithms have been compared in terms of attack detection and anomaly detection, following a thorough literature review on Machine Learning methods and the significance of IoT security in the context of various types of potential attacks. Furthermore, possible ML-based IoT protection technologies have been introduced.

Download Full-text

Blockchains: Improve the Scalability and Efficiency of Conventional Blockchain by Providing a Lightweight Block Mining and Communication Algorithm

Ingénierie des systèmes d information ◽

10.18280/isi.250604 ◽

2020 ◽

Vol 25 (6) ◽

pp. 737-745

Author(s):

Subba Rao Peram ◽

Premamayudu Bulla

Keyword(s):

Internet Of Things ◽

Smart City ◽

Smart Cities ◽

Hybrid Approach ◽

Security And Privacy ◽

Public Key ◽

The Internet ◽

Byzantine Fault Tolerance ◽

Complex Issue ◽

The Internet Of Things

To provide secure and reliable services using the internet of things (IoT) in the smart cities/villages is a challenging and complex issue. A high throughput and resilient services are required to process vast data generated by the smart city/villages that felicitates to run the applications of smart city. To provide security and privacy a scalable blockchain (BC) mechanism is a necessity to integrate the scalable ledger and transactions limit in the BC. In this paper, we investigated the available solutions to improve its scalability and efficiency. However, most of the algorithms are not providing the better solution to achieve scalability for the smart city data. Here, proposed and implemented a hybrid approach to improve the scalability and rate of transactions on BC using practical Byzantine fault tolerance and decentralized public key algorithms. The proposed Normachain is compares our results with the existing model. The results show that the transaction rate got improved by 6.43% and supervision results got improved by 17.78%.

Download Full-text

Cluster-based Ensemble Classification Approach for Anomaly Detection in the Internet of Things

International Journal of Sensors Wireless Communications and Control ◽

10.2174/2210327909666190416141309 ◽

2020 ◽

Vol 10 (4) ◽

pp. 594-604

Author(s):

Mostafa Hosseini ◽

Hamidreza Shayegh Brojeni

Keyword(s):

Internet Of Things ◽

Anomaly Detection ◽

Smart Grids ◽

False Positive Rate ◽

Ensemble Classification ◽

Misclassification Rate ◽

The Internet ◽

Classification Approach ◽

Detection Techniques ◽

The Internet Of Things

Background & Objective: The next generation of the internet where physical things or objects are going to interact with each other without human interventions is called the Internet of Things (IoT). Its presence can improve the quality of human lives in different domains and environments such as agriculture, smart homes, intelligent transportation systems, and smart grids. : In the lowest layer of the IoT architecture (i.e., the perception layer), there are a variety of sensors which are responsible for gathering data from their environment to provide service for customers. However, these collected data are not always accurate and may be infected with anomalies for some reasons such as limited sensor’s resources and environmental influences. : Accordingly, anomaly detection can be used as a preprocessing phase to prevent sending inappropriate data for the processing. Methods: Since distributed characteristic and its heterogeneous elements complicate the application of anomaly detection techniques, in this paper, a cluster-based ensemble classification approach has been presented. Results & Conclusion: Will possessing low complexity, the proposed method has high accuracy in detecting anomalies. This method has been tested on the data collected from sensors in the Intel Berkley research laboratory which is one of the free and available datasets in the domain of IoT. The results indicated that the proposed technique could achieve an accuracy of 99.9186%, a positive detection rate of 99.7459%, while reducing false positive rate and misclassification rate to 0.0025% and 0.0813% respectively.

Download Full-text

QoS Enabled Layered Based Clustering for Reactive Flooding in the Internet of Things

Symmetry ◽

10.3390/sym11050634 ◽

2019 ◽

Vol 11 (5) ◽

pp. 634 ◽

Cited By ~ 1

Author(s):

Fawad Ali Khan ◽

Rafidah Md Noor ◽

Miss Laiha Mat Kiah ◽

Noorzaily Mohd Noor ◽

Saleh M. Altowaijri ◽

...

Keyword(s):

Energy Consumption ◽

Internet Of Things ◽

Research Work ◽

Hybrid Approach ◽

Computational Time ◽

The Internet ◽

Wide Range ◽

Iot Devices ◽

The Internet Of Things ◽

Network Flooding

The Internet of Things has gained substantial attention over the last few years, because of connecting daily things in a wide range of application and domains. A large number of sensors require bandwidth and network resources to give-and-take queries among a heterogeneous IoT network. Network flooding is a key questioning strategy for successful exchange of queries. However, the risk of the original flooding is prone to unwanted and redundant network queries which may lead to heavy network traffic. Redundant, unwanted, and flooded queries are major causes of inefficient utilization of resources. IoT devices consume more energy and high computational time. More queries leads to consumption of more bandwidth, cost, and miserable QoS. Current existing approaches focused primarily on how to speed up the basic routing for IoT devices. However, solutions for flooding are not being addressed. In this paper, we propose a cluster-based flooding (CBF) as an interoperable solution for network and sensor layer devices which is also capable minimizing the energy consumption, cost, network flooding, identifying, and eliminating of redundant flooding queries using query control mechanisms. The proposed CBF divides the network into different clusters, local queries for information are proactively maintained by the intralayer cluster (IALC), while the interlayer cluster (IELC) is responsible for reactively obtain the routing queries to the destinations outside the cluster. CBF is a hybrid approach, having the potential to be more efficient against traditional schemes in term of query traffic generation. However, in the absence of appropriate redundant query detection and termination techniques, the CBF may generate more control traffic compared to the standard flooding techniques. In this research work, we used Cooja simulator to evaluate the performance of the proposed CBF. According to the simulation results the proposed technique has superiority in term of traffic delay, QoS/throughput, and energy consumption, under various performance metrics compared with traditional flooding and state of the art.

Download Full-text