A Supervised Intrusion Detection System for Smart Home IoT Devices

The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate every day tasks, they also introduce tremendous security flaws. Current insufficient security measures employed to defend smart devices make IoT the “weakest” link to breaking into a secure infrastructure, and therefore an attractive target to attackers. This paper proposes a three layer intrusion detection system (IDS) that uses a supervised approach to detect a range of popular network based cyber-attacks on IoT networks. The system consists of three main functions: 1) classify the type and profile the normal behavior of each IoT device connected to the network; 2) identifies malicious packets on the network when an attack is occurring; and 3) classifies the type of the attack that has been deployed. The system is evaluated within a smart home testbed consisting of eight popular commercially available devices. The effectiveness of the proposed IDS architecture is evaluated by deploying 12 attacks from 4 main network based attack categories, such as denial of service (DoS), man-in-the-middle (MITM)/spoofing, reconnaissance, and replay. Additionally, the system is also evaluated against four scenarios of multistage attacks with complex chains of events. The performance of the system’s three core functions result in an ${F}$ -measure of: 1) 96.2%; 2) 90.0%; and 3) 98.0%. This demonstrates that the proposed architecture can automatically distinguish between IoT devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device connected to the network successfully.

[1]  Rajeev Kumar Kanth,et al.  Distributed internal anomaly detection system for Internet-of-Things , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[2]  Tommaso Melodia,et al.  Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking , 2018, IEEE Internet of Things Journal.

[3]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[4]  Sarmad Ullah Khan,et al.  Future Internet: The Internet of Things Architecture, Possible Applications and Key Challenges , 2012, 2012 10th International Conference on Frontiers of Information Technology.

[5]  Vijay Sivaraman,et al.  Characterizing and classifying IoT traffic in smart cities and campuses , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[6]  George C. Hadjichristofi,et al.  Internet of Things: Security vulnerabilities and challenges , 2015, 2015 IEEE Symposium on Computers and Communication (ISCC).

[7]  San Cristóbal Mateo,et al.  The Lack of A Priori Distinctions Between Learning Algorithms , 1996 .

[8]  Sushanta Karmakar,et al.  A Neural Network based system for Intrusion Detection and attack classification , 2016, 2016 Twenty Second National Conference on Communication (NCC).

[9]  Pieter H. Hartel,et al.  Panacea: Automating Attack Classification for Anomaly-Based Network Intrusion Detection Systems , 2009, RAID.

[10]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[11]  Ioannis D. Moscholios,et al.  A Signature-based Intrusion Detection System for the Internet of Things , 2018 .

[12]  Sean Carlisto de Alvarenga,et al.  A survey of intrusion detection in Internet of Things , 2017, J. Netw. Comput. Appl..

[13]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.

[14]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[15]  Liang Xiao,et al.  IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? , 2018, IEEE Signal Processing Magazine.

[16]  Gürsel Serpen,et al.  Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context , 2003, MLMTA.

[17]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[18]  Andrei Petrovski,et al.  Botnet Detection in the Internet of Things using Deep Learning Approaches , 2018, 2018 International Joint Conference on Neural Networks (IJCNN).

[19]  George Theodorakopoulos,et al.  Secure Data Sharing and Analysis in Cloud-Based Energy Management Systems , 2017, IISSC/CN4IoT.

[20]  Schahram Dustdar,et al.  LEONORE -- Large-Scale Provisioning of Resource-Constrained IoT Deployments , 2015, 2015 IEEE Symposium on Service-Oriented System Engineering.

[21]  Chen Jun,et al.  Design of Complex Event-Processing IDS in Internet of Things , 2014, 2014 Sixth International Conference on Measuring Technology and Mechatronics Automation.

[22]  Tanupriya Choudhury,et al.  Securing the Internet of Things: A proposed framework , 2017, 2017 International Conference on Computing, Communication and Automation (ICCCA).

[23]  Maurizio A. Spirito,et al.  Denial-of-Service detection in 6LoWPAN based Internet of Things , 2013, 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[24]  Thiemo Voigt,et al.  Intrusion Detection in the RPL-connected 6LoWPAN Networks , 2017, IoTPTS@AsiaCCS.

[25]  Ramiro Gonçalves,et al.  Intrusion detection systems in Internet of Things: A literature review , 2018, 2018 13th Iberian Conference on Information Systems and Technologies (CISTI).

[26]  Nick Feamster,et al.  Machine Learning DDoS Detection for Consumer Internet of Things Devices , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[27]  J. Ross Quinlan,et al.  Induction of Decision Trees , 1986, Machine Learning.

[28]  Peter Burnap,et al.  Pulse: an adaptive intrusion detection for the internet of things , 2018, IoT 2018.

[29]  Hardik Upadhyay,et al.  Intrusion Detection System for Internet of Things , 2016 .

[30]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[31]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[32]  Rajiv Ranjan,et al.  Cloud Infrastructures, Services, and IoT Systems for Smart Cities , 2017, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.

[33]  Di Wu,et al.  IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? , 2018, IEEE Signal Processing Magazine.

[34]  Yu Chen,et al.  Ultra-lightweight deep packet anomaly detection for Internet of Things devices , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[35]  Elisa Bertino,et al.  Kalis — A System for Knowledge-Driven Adaptable Intrusion Detection for the Internet of Things , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[36]  Salvatore D. Morgera,et al.  Cross layer-based intrusion detection based on network behavior for IoT , 2018, 2018 IEEE 19th Wireless and Microwave Technology Conference (WAMICON).

[37]  Erol Gelenbe,et al.  Deep Learning with Dense Random Neural Network for Detecting Attacks against IoT-connected Home Environments , 2018, FNC/MobiSPC.

[38]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[39]  Pete Burnap,et al.  EclipseIoT: A secure and adaptive hub for the Internet of Things , 2018, Comput. Secur..

[40]  Deokho Kim,et al.  A Malicious Pattern Detection Engine for Embedded Security Systems in the Internet of Things , 2014, Sensors.

[41]  Hon Sun Chiu,et al.  Real Time Intrusion and Wormhole Attack Detection in Internet of Things , 2015 .

[42]  Prachi Shukla,et al.  ML-IDS: A machine learning approach to detect wormhole attacks in Internet of Things , 2017, 2017 Intelligent Systems Conference (IntelliSys).