scholarly journals Network Anomaly Detection inside Consumer Networks—A Hybrid Approach

Electronics ◽  
2020 ◽  
Vol 9 (6) ◽  
pp. 923
Author(s):  
Darsh Patel ◽  
Kathiravan Srinivasan ◽  
Chuan-Yu Chang ◽  
Takshi Gupta ◽  
Aman Kataria
Keyword(s):  
Anomaly Detection ◽  
Network Traffic ◽  
Transmission Control Protocol ◽  
Hybrid Approach ◽  
Network Information ◽  
Digital World ◽  
Commercial Networks ◽  
Consumer Networks ◽  
Attack Surface ◽  
Iot Devices

With an increasing number of Internet of Things (IoT) devices in the digital world, the attack surface for consumer networks has been increasing exponentially. Most of the compromised devices are used as zombies for attacks such as Distributed Denial of Services (DDoS). Consumer networks, unlike most commercial networks, lack the infrastructure such as managed switches and firewalls to easily monitor and block undesired network traffic. To counter such a problem with limited resources, this article proposes a hybrid anomaly detection approach that detects irregularities in the network traffic implicating compromised devices by using only elementary network information like Packet Size, Source, and Destination Ports, Time between subsequent packets, Transmission Control Protocol (TCP) Flags, etc. Essential features can be extracted from the available data, which can further be used to detect zero-day attacks. The paper also provides the taxonomy of various approaches to classify anomalies and description on capturing network packets inside consumer networks.

A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection

2014 ◽  
Vol 6 (1) ◽  
pp. 17-53 ◽  
Author(s):  
Stevan Novakov ◽  
Chung-Horng Lung ◽  
Ioannis Lambadaris ◽  
Nabil Seddigh
Keyword(s):  
Spectral Analysis ◽  
Statistical Analysis ◽  
Wavelet Analysis ◽  
Anomaly Detection ◽  
Network Traffic ◽  
Hybrid Approach ◽  
Haar Wavelet ◽  
Wavelet Filtering ◽  
Analysis Technique ◽  
Network Anomaly Detection

Research into network anomaly detection has become crucial as a result of a significant increase in the number of computer attacks. Many approaches in network anomaly detection have been reported in the literature, but data or solutions typically are not freely available. Recently, a labeled network traffic flow dataset, Kyoto2006+, has been created and is publicly available. Most existing approaches using Kyoto2006+ for network anomaly detection apply various clustering techniques. This paper leverages existing well known statistical analysis and spectral analysis techniques for network anomaly detection. The first popular approach is a statistical analysis technique called Principal Component Analysis (PCA). PCA describes data in a new dimension to unlock otherwise hidden characteristics. The other well known spectral analysis technique is Haar Wavelet filtering analysis. It measures the amount and magnitude of abrupt changes in data. Both approaches have strengths and limitations. In response, this paper proposes a Hybrid PCA–Haar Wavelet Analysis. The hybrid approach first applies PCA to describe the data and then Haar Wavelet filtering for analysis. Based on prototyping and measurement, an investigation of the Hybrid PCA–Haar Wavelet Analysis technique is performed using the Kyoto2006+ dataset. The authors consider a number of parameters and present experimental results to demonstrate the effectiveness of the hybrid approach as compared to the two algorithms individually.

scholarly journals A Novel Hifi-Hacking Interrupter for Iot Devices

2020 ◽  
Vol 9 (4) ◽  
pp. 1771-1775
Keyword(s):  
Data Communication ◽  
Normal Operation ◽  
Modern World ◽  
Cyber Attack ◽  
Real World Data ◽  
Digital World ◽  
Flow Through ◽  
Attack Surface ◽  
Iot Devices ◽  
Internet Networks

Internet of Things (IoT) is a very relevant technology used by internet networks to send and receive sensed data via a sensor. The same relates to common data communication except that sensors and microcontrollers are commonly used in IoT. It is supposed to explore, and there will be developing interest in the IoT framework which gives frequent IoT system capabilities. It connects us to the Internet and also helps us to reveal and manage the actual world by using sharing its info. IoT systems make use of real-world data, so device-collected data may also be a tool for cyber attack. The attack surface also expands as IoT expands and all the vulnerabilities present in the digital world flow through our modern world. DDoS attacks built on compromised IoT systems emerge as a serious problem. There are many technological solutions, but technology has changed a lot, so software solution can be in risk as well. The proposed system will serve as a prevention tool for DDoS attack and send the admin an alert when an attempt is made to hack the IoT device. In this proposed system, intend to provide a highly secured platform that will clean out all the unnecessary data without disrupting IoT’s normal operation.

A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection

2015 ◽  
pp. 758-786
Author(s):  
Stevan Novakov ◽  
Chung-Horng Lung ◽  
Ioannis Lambadaris ◽  
Nabil Seddigh
Keyword(s):  
Spectral Analysis ◽  
Statistical Analysis ◽  
Wavelet Analysis ◽  
Anomaly Detection ◽  
Network Traffic ◽  
Hybrid Approach ◽  
Haar Wavelet ◽  
Wavelet Filtering ◽  
Analysis Technique ◽  
Network Anomaly Detection

Research into network anomaly detection has become crucial as a result of a significant increase in the number of computer attacks. Many approaches in network anomaly detection have been reported in the literature, but data or solutions typically are not freely available. Recently, a labeled network traffic flow dataset, Kyoto2006+, has been created and is publicly available. Most existing approaches using Kyoto2006+ for network anomaly detection apply various clustering techniques. This paper leverages existing well known statistical analysis and spectral analysis techniques for network anomaly detection. The first popular approach is a statistical analysis technique called Principal Component Analysis (PCA). PCA describes data in a new dimension to unlock otherwise hidden characteristics. The other well known spectral analysis technique is Haar Wavelet filtering analysis. It measures the amount and magnitude of abrupt changes in data. Both approaches have strengths and limitations. In response, this paper proposes a Hybrid PCA–Haar Wavelet Analysis. The hybrid approach first applies PCA to describe the data and then Haar Wavelet filtering for analysis. Based on prototyping and measurement, an investigation of the Hybrid PCA–Haar Wavelet Analysis technique is performed using the Kyoto2006+ dataset. The authors consider a number of parameters and present experimental results to demonstrate the effectiveness of the hybrid approach as compared to the two algorithms individually.

scholarly journals IoT Botnet Anomaly Detection Using Unsupervised Deep Learning

Electronics ◽  
2021 ◽  
Vol 10 (16) ◽  
pp. 1876
Author(s):  
Ioana Apostol ◽  
Marius Preda ◽  
Constantin Nila ◽  
Ion Bica
Keyword(s):  
Deep Learning ◽  
Detection System ◽  
False Positive Rate ◽  
Empirical Evaluation ◽  
Learning Approaches ◽  
Promising Alternative ◽  
Positive Rate ◽  
Unsupervised Deep Learning ◽  
Attack Surface ◽  
Iot Devices

The Internet of Things has become a cutting-edge technology that is continuously evolving in size, connectivity, and applicability. This ecosystem makes its presence felt in every aspect of our lives, along with all other emerging technologies. Unfortunately, despite the significant benefits brought by the IoT, the increased attack surface built upon it has become more critical than ever. Devices have limited resources and are not typically created with security features. Lately, a trend of botnet threats transitioning to the IoT environment has been observed, and an army of infected IoT devices can expand quickly and be used for effective attacks. Therefore, identifying proper solutions for securing IoT systems is currently an important and challenging research topic. Machine learning-based approaches are a promising alternative, allowing the identification of abnormal behaviors and the detection of attacks. This paper proposes an anomaly-based detection solution that uses unsupervised deep learning techniques to identify IoT botnet activities. An empirical evaluation of the proposed method is conducted on both balanced and unbalanced datasets to assess its threat detection capability. False-positive rate reduction and its impact on the detection system are also analyzed. Furthermore, a comparison with other unsupervised learning approaches is included. The experimental results reveal the performance of the proposed detection method.

scholarly journals Packet-level and IEEE 802.11 MAC frame-level Network Traffic Traces Data of the D-Link IoT devices

Data in Brief ◽  
2021 ◽  
pp. 107208
Author(s):  
Rajarshi Roy Chowdhury ◽  
Sandhya Aneja ◽  
Nagender Aneja ◽  
Pg Emeroylariffion Abas
Keyword(s):  
Ieee 802.11 ◽  
Network Traffic ◽  
Ieee 802.11 Mac ◽  
Iot Devices ◽  
802.11 Mac

Hubble: An End to End Approach for Anomaly Detection in Network Traffic

2021 ◽  
Author(s):  
Shiwei Wang ◽  
Haizhou Du ◽  
Lin Liu ◽  
Zhenyu Lin
Keyword(s):  
Anomaly Detection ◽  
Network Traffic ◽  
End To End
Sign in / Sign up

Export Citation Format

Share Document