A Hybrid Alarm Association Method Based on AP Clustering and Causality

Internet of Things (IoT) brought great convenience to people’s daily lives. Meanwhile, the IoT devices are facing severe attacks from hackers and malicious attackers. Hackers and malicious attackers use various methods to invade the Internet of Things system, causing the Internet of Things to face a large number of targeted, concealed, and penetrating potential threats, which makes the privacy problem of the Internet of Things suffers serious challenges. But the existing methods and technologies cannot fully identify the attacker’s attack process and protect the privacy of the Internet of Things. Alarm correlation method can construct a complete attack scenario and identify the attacker’s intention by alarming the alarm data which provides an effective protection for user privacy. However, the existing alarm correlation methods still have the disadvantages of low correlation accuracy, poor correlation efficiency, and strong dependence on the knowledge base. To address these issues, we propose an alarm correlation method based on Affinity Propagation (AP) clustering algorithm and causal relationship. Our method considers that the alarm data triggered by the same attack process has high similarity characteristics, adopts the AP algorithm to improve the correlation efficiency, and at the same time constructs a complete attack process based on the causal correlation idea. The new alarm correlation method has a high correlation effect and builds a complete attack process to help managers identify attack intentions and prevent attacks.

Download Full-text

Algorithms Optimization for Intelligent IoV Applications

Handbook of Research on Innovations and Applications of AI, IoT, and Cognitive Technologies - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-7998-6870-5.ch001 ◽

2021 ◽

pp. 1-25

Author(s):

Elmustafa Sayed Ali Ahmed ◽

Zahraa Tagelsir Mohammed ◽

Mona Bakri Hassan ◽

Rashid A. Saeed

Keyword(s):

Quality Of Service ◽

Internet Of Things ◽

Network Topology ◽

Clustering Algorithm ◽

Clustering Algorithms ◽

The Internet ◽

Internet Of Vehicles ◽

Topology Changes ◽

The Internet Of Things

Internet of vehicles (IoV) has recently become an emerging promising field of research due to the increasing number of vehicles each day. It is a part of the internet of things (IoT) which deals with vehicle communications. As vehicular nodes are considered always in motion, they cause frequent changes in the network topology. These changes cause issues in IoV such as scalability, dynamic topology changes, and shortest path for routing. In this chapter, the authors will discuss different optimization algorithms (i.e., clustering algorithms, ant colony optimization, best interface selection [BIS] algorithm, mobility adaptive density connected clustering algorithm, meta-heuristics algorithms, and quality of service [QoS]-based optimization). These algorithms provide an important intelligent role to optimize the operation of IoV networks and promise to develop new intelligent IoV applications.

Download Full-text

Development and Design of Intelligent Gymnasium System Based on K-Means Clustering Algorithm Under the Internet of Things

Advances in Intelligent Systems and Computing - Big Data Analytics for Cyber-Physical System in Smart City ◽

10.1007/978-981-33-4572-0_229 ◽

2020 ◽

pp. 1568-1573

Author(s):

Han Yin ◽

Jian Xu ◽

Zebin Luo ◽

Yiwen Xu ◽

Sisi He ◽

...

Keyword(s):

Internet Of Things ◽

Clustering Algorithm ◽

The Internet ◽

The Internet Of Things

Download Full-text

GroupTracer: Automatic Attacker TTP Profile Extraction and Group Cluster in Internet of Things

Security and Communication Networks ◽

10.1155/2020/8842539 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14

Author(s):

Yixin Wu ◽

Cheng Huang ◽

Xing Zhang ◽

Hongyi Zhou

Keyword(s):

Internet Of Things ◽

Clustering Algorithm ◽

Ground Truth ◽

The Internet ◽

Internal Validation ◽

Advanced Persistent Threat ◽

Attack Trees ◽

Hierarchical Clustering Algorithm ◽

Short Time ◽

The Internet Of Things

As Advanced Persistent Threat (APT) becomes increasingly frequent around the world, security experts are starting to look at how to observe, predict, and mitigate the damage from APT attacks. In the meantime, the Internet of things devices are also risky and heavily exposed to the Internet, making them more easily used by hacker organizations to launch APT attacks. An excellent attacker can take down millions of Internet of things devices in a short time. Once the IoT botnet is built, attackers can use it to launch complex attacks which could damage Internet infrastructure and cause network disconnection. This paper proposes GroupTracer, a framework for observing and predicting the Internet of things attacks. GroupTracer is designed to automatically extract the TTP profiles (i.e., tactics, techniques, and procedures) that can describe the behavior of attackers through their tactics, techniques, and processes and dig out the potential attacker groups behind complex attacks. Firstly, it captures attacks by IoT honeypots and extracts relevant fields from logs. Then, attack behaviors are automatically mapped to the ATT&CK framework to achieve automatic TTP profiles extraction. After that, GroupTracer presents four feature groups, including TTP profiles, Time, IP, and URL features, a total of 18 features, mines potential attack groups through hierarchical clustering algorithm, and compares the clustering results with two baseline algorithms. As the ground truth labels are unknown, we apply three internal validation indexes to evaluate the cluster quantity. Experimental results showed that the proposed framework has achieved an excellent performance in exploiting potential groups as the Calinski–Harabasz index reaches 3416.93. Eventually, attack trees are generated for each cluster where nodes indicate attack commands and edges represent command sequences. These attack trees could help better understand each attack group’s actions and techniques.

Download Full-text

Fog Task Scheduling using Clustering based Randomized Round Robin

Scalable Computing Practice and Experience ◽

10.12694/scpe.v22i3.1891 ◽

2021 ◽

Vol 22 (3) ◽

pp. 295-302

Author(s):

Shahid Sultan Hajam ◽

Shabir Ahmad Sofi

Keyword(s):

Internet Of Things ◽

Task Scheduling ◽

Clustering Algorithm ◽

Scheduling Algorithm ◽

Fog Computing ◽

Round Robin ◽

The Internet ◽

Delay Sensitive ◽

Task Scheduling Algorithm ◽

The Internet Of Things

Fog computing serves the delay-sensitive applications of the Internet of Things (IoT) in more efficient means than the cloud. The heterogeneity of the tasks and the limited fog resources make task scheduling a complicated job. This paper proposes a clustering based task scheduling algorithm. Specifically, the K-Means++ clustering algorithm is used for clustering the fog nodes. Randomized round robin, a task scheduling algorithm is applied to each cluster. The results show that the proposed algorithm reduces the system's average waiting time.

Download Full-text

IOT MODEL WITH MULTIMODAL NODE ALLOCATION AND THE METHOD OF USING MOBILE HEAD NODES FOR DATA COLLECTION

Электросвязь ◽

10.34832/elsv.2021.23.10.004 ◽

2021 ◽

Author(s):

Д.М. ВОРОБЬЕВА ◽

А.И. ПАРАМОНОВ ◽

А.Е. КУЧЕРЯВЫЙ

Keyword(s):

Data Collection ◽

Internet Of Things ◽

Heterogeneous Network ◽

Clustering Algorithm ◽

Service Area ◽

The Internet ◽

Multimodal Distribution ◽

Dbscan Clustering ◽

Head Node ◽

The Internet Of Things

Рассмотрена задача организации движения головных узлов (ГУ) в сети интернета вещей (ИВ) при неоднородном (мультимодальном) распределении узлов в зоне обслуживания. Предложен метод кластеризации неоднородной сети, позволяющий выделить кластеры (отличающиеся плотностью узлов) и выбирать скорость движения ГУ в соответствии с плотностью в каждом кластере. Метод основан на использовании алгоритма кластеризации DBSCAN, позволяет повысить эффективность использования подвижных ГУ и может быть применен при организации сбора данных в сети ИВ. The paper is devoted to the problem of organizing the movement of head nodes in the Internet of Things (IoT) network with a heterogeneous (multimodal) distribution of nodes in the service area. A method for clustering a heterogeneous network is proposed, which makes it possible to distinguish clusters that differ in the density of nodes and select the speed of movement of the head node in accordance with the density in each cluster. The proposed method is based on the use of the DBSCAN clustering algorithm and makes it possible to increase the efficiency of the use of mobile head nodes. The method can be applied in organizing data collection in the IoT network.

Download Full-text

RFID Protocol Design, Optimization, and Security for the Internet of Things

10.1049/pbce112e ◽

2017 ◽

Author(s):

Alex X. Liu ◽

Muhammad Shahzad ◽

Xiulong Liu ◽

Keqiu Li

Keyword(s):

Internet Of Things ◽

Design Optimization ◽

Protocol Design ◽

The Internet ◽

The Internet Of Things ◽

Rfid Protocol

Download Full-text

Multimedia system and database simulation based on internet of things and cloud service platform

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189253 ◽

2020 ◽

pp. 1-12

Author(s):

Zhang Caiqian ◽

Zhang Xincheng

Keyword(s):

Internet Of Things ◽

Cloud Service ◽

Multimedia System ◽

The Internet ◽

Multimedia Database ◽

Cloud Platform ◽

Service Platform ◽

Device Management ◽

Cloud Service Platform ◽

The Internet Of Things

The existing stand-alone multimedia machines and online multimedia machines in the market have certain deficiencies, so they cannot meet the actual needs. Based on this, this research combines the actual needs to design and implement a multi-media system based on the Internet of Things and cloud service platform. Moreover, through in-depth research on the MQTT protocol, this study proposes a message encryption verification scheme for the MQTT protocol, which can solve the problem of low message security in the Internet of Things communication to a certain extent. In addition, through research on the fusion technology of the Internet of Things and artificial intelligence, this research designs scheme to provide a LightGBM intelligent prediction module interface, MQTT message middleware, device management system, intelligent prediction and push interface for the cloud platform. Finally, this research completes the design and implementation of the cloud platform and tests the function and performance of the built multimedia system database. The research results show that the multimedia database constructed in this paper has good performance.

Download Full-text

Review of the Current State and Future Development in Standardising Artificial Lighting

Light & Engineering ◽

10.33383/2019-011 ◽

2019 ◽

pp. 4-44 ◽

Cited By ~ 1

Author(s):

Peter Thorns

Keyword(s):

Internet Of Things ◽

Future Development ◽

Best Practice ◽

The Internet ◽

Artificial Lighting ◽

Current State ◽

Internal Structures ◽

European Regulations ◽

The Internet Of Things

This paper discusses the organisations involved in the development of application standards, European regulations and best practice guides, their scope of work and internal structures. It considers their respective visions for the requirements for future standardisation work and considers in more detail those areas where these overlap, namely human centric or integrative lighting, connectivity and the Internet of Things, inclusivity and sustainability.

Download Full-text