IoTDS: A One-Class Classification Approach to Detect Botnets in Internet of Things Devices

Internet of Things (IoT) devices have become increasingly widespread. Despite their potential of improving multiple application domains, these devices have poor security, which can be explored by attackers to build large-scale botnets. In this work, we propose a host-based approach to detect botnets in IoT devices, named IoTDS (Internet of Things Detection System). It relies on one-class classifiers, which model only the legitimate device behaviour for further detection of deviations, avoiding the manual labelling process. The proposed solution is underpinned by a novel agent-manager architecture based on HTTPS, which prevents the IoT device from being overloaded by the training activities. To analyse the device’s behaviour, the approach extracts features from the device’s CPU utilisation and temperature, memory consumption, and number of running tasks, meaning that it does not make use of network traffic data. To test our approach, we used an experimental IoT setup containing a device compromised by bot malware. Multiple scenarios were made, including three different IoT device profiles and seven botnets. Four one-class algorithms (Elliptic Envelope, Isolation Forest, Local Outlier Factor, and One-class Support Vector Machine) were evaluated. The results show the proposed system has a good predictive performance for different botnets, achieving a mean F1-score of 94% for the best performing algorithm, the Local Outlier Factor. The system also presented a low impact on the device’s energy consumption, and CPU and memory utilisation.

Download Full-text

A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

Electronics ◽

10.3390/electronics8111210 ◽

2019 ◽

Vol 8 (11) ◽

pp. 1210 ◽

Cited By ~ 11

Author(s):

Khraisat ◽

Gondal ◽

Vamplew ◽

Kamruzzaman ◽

Alazab

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

False Positive Rate ◽

Support Vector ◽

Detection Accuracy ◽

Lower False Positive Rate ◽

Positive Rate ◽

Iot Devices

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

Download Full-text

Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01893-8 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Muhammad Ahmad ◽

Qaiser Riaz ◽

Muhammad Zeeshan ◽

Hasan Tahir ◽

Syed Ali Haider ◽

...

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Detection System ◽

Transport Layer ◽

Supervised Machine Learning ◽

Support Vector ◽

Data Set ◽

Network Intrusion ◽

Iot Devices

AbstractInternet of Things (IoT) devices are well-connected; they generate and consume data which involves transmission of data back and forth among various devices. Ensuring security of the data is a critical challenge as far as IoT is concerned. Since IoT devices are inherently low-power and do not require a lot of compute power, a Network Intrusion Detection System is typically employed to detect and remove malicious packets from entering the network. In the same context, we propose feature clusters in terms of Flow, Message Queuing Telemetry Transport (MQTT) and Transmission Control Protocol (TCP) by using features in UNSW-NB15 data-set. We eliminate problems like over-fitting, curse of dimensionality and imbalance in the data-set. We apply supervised Machine Learning (ML) algorithms, i.e., Random Forest (RF), Support Vector Machine and Artificial Neural Networks on the clusters. Using RF, we, respectively, achieve 98.67% and 97.37% of accuracy in binary and multi-class classification. In clusters based techniques, we achieved 96.96%, 91.4% and 97.54% of classification accuracy by using RF on Flow & MQTT features, TCP features and top features from both clusters. Moreover, we show that the proposed feature clusters provide higher accuracy and requires lesser training time as compared to other state-of-the-art supervised ML-based approaches.

Download Full-text

Applying Machine Learning for Improving Performance Classification on Driving Behavior

IJITEE (International Journal of Information Technology and Electrical Engineering) ◽

10.22146/ijitee.56919 ◽

2021 ◽

Vol 4 (1) ◽

pp. 8

Author(s):

Ahmad Iwan Fadli ◽

Selo Sulistyo ◽

Sigit Wibowo

Keyword(s):

Machine Learning ◽

Traffic Accident ◽

Large Scale ◽

Detection System ◽

Difficult Problem ◽

Sensor Data ◽

Driving Safety ◽

Support Vector ◽

Classification Methods ◽

Machine Learning Classification

Traffic accident is a very difficult problem to handle on a large scale in a country. Indonesia is one of the most populated, developing countries that use vehicles for daily activities as its main transportation. It is also the country with the largest number of car users in Southeast Asia, so driving safety needs to be considered. Using machine learning classification method to determine whether a driver is driving safely or not can help reduce the risk of driving accidents. We created a detection system to classify whether the driver is driving safely or unsafely using trip sensor data, which include Gyroscope, Acceleration, and GPS. The classification methods used in this study are Random Forest (RF) classification algorithm, Support Vector Machine (SVM), and Multilayer Perceptron (MLP) by improving data preprocessing using feature extraction and oversampling methods. This study shows that RF has the best performance with 98% accuracy, 98% precision, and 97% sensitivity using the proposed preprocessing stages compared to SVM or MLP.

Download Full-text

iBitter-Fuse: A Novel Sequence-Based Bitter Peptide Predictor by Fusing Multi-View Features

International Journal of Molecular Sciences ◽

10.3390/ijms22168958 ◽

2021 ◽

Vol 22 (16) ◽

pp. 8958

Author(s):

Phasit Charoenkwan ◽

Chanin Nantasenamat ◽

Md. Mehedi Hasan ◽

Mohammad Ali Moni ◽

Pietro Lio’ ◽

...

Keyword(s):

Machine Learning ◽

Large Scale ◽

De Novo ◽

Predictive Performance ◽

Support Vector ◽

Sufficient Information ◽

Self Assessment ◽

Accurate Identification ◽

Bitter Peptides ◽

Accurate Performance

Accurate identification of bitter peptides is of great importance for better understanding their biochemical and biophysical properties. To date, machine learning-based methods have become effective approaches for providing a good avenue for identifying potential bitter peptides from large-scale protein datasets. Although few machine learning-based predictors have been developed for identifying the bitterness of peptides, their prediction performances could be improved. In this study, we developed a new predictor (named iBitter-Fuse) for achieving more accurate identification of bitter peptides. In the proposed iBitter-Fuse, we have integrated a variety of feature encoding schemes for providing sufficient information from different aspects, namely consisting of compositional information and physicochemical properties. To enhance the predictive performance, the customized genetic algorithm utilizing self-assessment-report (GA-SAR) was employed for identifying informative features followed by inputting optimal ones into a support vector machine (SVM)-based classifier for developing the final model (iBitter-Fuse). Benchmarking experiments based on both 10-fold cross-validation and independent tests indicated that the iBitter-Fuse was able to achieve more accurate performance as compared to state-of-the-art methods. To facilitate the high-throughput identification of bitter peptides, the iBitter-Fuse web server was established and made freely available online. It is anticipated that the iBitter-Fuse will be a useful tool for aiding the discovery and de novo design of bitter peptides

Download Full-text

Very large scale integration implementation of seizure detection system with on‐chip support vector machine classifier

IET Circuits Devices & Systems ◽

10.1049/cds2.12077 ◽

2021 ◽

Author(s):

Shalini Shanmugam ◽

Selvathi Dharmar

Keyword(s):

Support Vector Machine ◽

Large Scale ◽

Support Vector Machine Classifier ◽

Detection System ◽

Seizure Detection ◽

Very Large Scale Integration ◽

Support Vector ◽

Large Scale Integration ◽

On Chip ◽

Scale Integration

Download Full-text

Credit Card Fraud Detection System

International Journal for Modern Trends in Science and Technology - RTT2020 ◽

10.46501/ijmtst061205 ◽

2020 ◽

Vol 6 (12) ◽

pp. 24-27

Author(s):

Shashank Singh and Meenu Garg

Keyword(s):

Machine Learning ◽

Credit Card ◽

Data Science ◽

Detection System ◽

Fraud Detection ◽

Detection Problem ◽

Credit Card Fraud ◽

Local Outlier Factor ◽

Local Outlier ◽

Isolation Forest

It is essential that Visa organizations can distinguish false Mastercard exchanges so clients are not charged for things that they didn't buy. Such issues can be handled with Data Science and its significance, alongside Machine Learning, couldn't be more important. This undertaking expects to outline the demonstrating of an informational collection utilizing AI with Credit Card Fraud Detection. The Credit Card Fraud Detection Problem incorporates demonstrating past Visa exchanges with the information of the ones that ended up being extortion. This model is then used to perceive if another exchange is fake. Our target here is to identify 100% of the fake exchanges while limiting the off base misrepresentation arrangements. Charge card Fraud Detection is an average example of arrangement. In this cycle, we have zeroed in on examining and pre- preparing informational indexes just as the sending of numerous irregularity discovery calculations, for example, Local Outlier Factor and Isolation Forest calculation on the PCA changed Credit Card Transaction

Download Full-text

Edge Computing: A Survey On the Hardware Requirements in the Internet of Things World

Future Internet ◽

10.3390/fi11040100 ◽

2019 ◽

Vol 11 (4) ◽

pp. 100 ◽

Cited By ~ 20

Author(s):

Maurizio Capra ◽

Riccardo Peloso ◽

Guido Masera ◽

Massimo Ruo Roch ◽

Maurizio Martina

Keyword(s):

Internet Of Things ◽

Mobile Devices ◽

Information Exchange ◽

Large Scale ◽

Operating Time ◽

Edge Computing ◽

The Internet ◽

Power Load ◽

Battery Capacity ◽

Iot Devices

In today’s world, ruled by a great amount of data and mobile devices, cloud-based systems are spreading all over. Such phenomenon increases the number of connected devices, broadcast bandwidth, and information exchange. These fine-grained interconnected systems, which enable the Internet connectivity for an extremely large number of facilities (far beyond the current number of devices) go by the name of Internet of Things (IoT). In this scenario, mobile devices have an operating time which is proportional to the battery capacity, the number of operations performed per cycle and the amount of exchanged data. Since the transmission of data to a central cloud represents a very energy-hungry operation, new computational paradigms have been implemented. The computation is not completely performed in the cloud, distributing the power load among the nodes of the system, and data are compressed to reduce the transmitted power requirements. In the edge-computing paradigm, part of the computational power is moved toward data collection sources, and, only after a first elaboration, collected data are sent to the central cloud server. Indeed, the “edge” term refers to the extremities of systems represented by IoT devices. This survey paper presents the hardware architectures of typical IoT devices and sums up many of the low power techniques which make them appealing for a large scale of applications. An overview of the newest research topics is discussed, besides a final example of a complete functioning system, embedding all the introduced features.

Download Full-text

Dynamics and an efficient malware detection system using opcode sequence graph generation and ml algorithm

E3S Web of Conferences ◽

10.1051/e3sconf/202018401009 ◽

2020 ◽

Vol 184 ◽

pp. 01009

Author(s):

Bharathi Panduri ◽

Madhurika Vummenthala ◽

Spoorthi Jonnalagadda ◽

Garwandha Ashwini ◽

Naruvadi Nagamani ◽

...

Keyword(s):

Detection System ◽

Future Research ◽

Support Vector ◽

Web Page ◽

Code Injection ◽

Mission Success ◽

Sequence Graph ◽

N Gram ◽

Iot Devices ◽

Garbage Code

IoT(Internet of things), for the most part, comprises of the various scope of Internet-associated gadgets and hubs. In the context of military and defence systems (called as IoBT) these gadgets could be personnel wearable battle outfits, tracking devices, cameras, clinical gadgets etc., The integrity and safety of these devices are critical in mission success and it is of utmost importance to keep them secure. One of the typical ways of the attack on these gadgets is through the use of malware, whose aim could be to compromise the device and or breach the communications. Generally, these IoBT gadgets and hubs are a much more significant target for cyber criminals due to the value they pose, more so than IoT devices. In this paper we attempt at creating a significant learning based procedure to distinguish, classify and tracksuch malware in IoBT(Internet of battlefield things) through operational codes progression. This is achieved by transforming the aforementioned OpCodes into a vector space, upon which a Deep Eigen space learning technique is applied to differentiate between harmful and safe applications. For robust classification, Support vector machine and n gram Sequencing algorithms are proposed in this paper. Moreover, we evaluate the quality of our proposed approach in malware recognition and also its maintainability against garbage code injection assault. These results are presented on a web page which has separate components and levels of accessibility for user and admin credentials. For the purpose of tracking the prevalence of various malwares on the network, counts and against garbage code injection assault. These results are presented on a web page which has separate components and levels of accessibility for user and admin credentials. For the purpose of tracking the prevalence of various malwares on the network, counts and trends of different malicious opcodes are displayed for both user and admin. Thereby our proposed approach will be beneficial for the users, especially for those who want to communicate confidential information within the network. It is also beneficial if a user wants to know whether a message is secure or not. This has also been made malware test accessible, which ideally will profit future research endeavors.

Download Full-text

Internet of Things: A Comprehensive Study on Machine Learning-based Intrusion Detection approaches

10.21467/proceedings.114.29 ◽

2021 ◽

Author(s):

Priyanka Gupta ◽

Lokesh Yadav ◽

Deepak Singh Tomar

Keyword(s):

Machine Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Real Time ◽

Detection System ◽

Research Work ◽

Security And Privacy ◽

Iot Security ◽

Advantages And Disadvantages ◽

Iot Devices

The Internet of Things (IoT) connects billions of interconnected devices that can exchange information with each other with minimal user intervention. The goal of IoT to become accessible to anyone, anytime, and anywhere. IoT has engaged in multiple fields, including education, healthcare, businesses, and smart home. Security and privacy issues have been significant obstacles to the widespread adoption of IoT. IoT devices cannot be entirely secure from threats; detecting attacks in real-time is essential for securing devices. In the real-time communication domain and especially in IoT, security and protection are the major issues. The resource-constrained nature of IoT devices makes traditional security techniques difficult. In this paper, the research work carried out in IoT Intrusion Detection System is presented. The Machine learning methods are explored to provide an effective security solution for IoT Intrusion Detection systems. Then discussed the advantages and disadvantages of the selected methodology. Further, the datasets used in IoT security are also discussed. Finally, the examination of the open issues and directions for future trends are also provided.

Download Full-text

An Efficient Data Stream Analytics Model for Real Time Internet of Things (Iot) Applications

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f7359.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 495-500

Keyword(s):

Big Data ◽

Internet Of Things ◽

Real Time ◽

Private Information ◽

Large Scale ◽

Layer System ◽

Collection Data ◽

Efficient Data ◽

Multiple Environments ◽

Iot Devices

Internet of Things (IoT), data analytics is supporting multiple applications. These numerous applications try to gather data from different environments, here the gathered data may be homogeneous or heterogeneous, but most of the data collected from multiple environments were heterogeneous, the task of gathering, processing, storing and the analysis that is being performed on data are still challenging. Providing security to all these things is also a challenging task due to untrusted networks and big data. Big data management in the ever-expanding network may rise several non-trivial concerns on data collection, data-efficient processing, analytics, and security. However, the above said scenarios depends on large scale sensor deployed. Sensors continuously transmit data to clouds for real time use, which can raise the issue of privacy disclosure because IoT devices may gather data including a kind of sensitive private information. In this context, we propose a two-layer system or model for analyzing IoT data, collected from multiple applications. The first layer is mainly used for gathering data from multiple environments and acts as a service-oriented interface to ingest data. The second layer is responsible for storing and analyses data securely. The Proposed solutions are implemented by the use of open source components.

Download Full-text