Multiclass Classification Procedure for Detecting Attacks on MQTT-IoT Protocol

The large number of sensors and actuators that make up the Internet of Things obliges these systems to use diverse technologies and protocols. This means that IoT networks are more heterogeneous than traditional networks. This gives rise to new challenges in cybersecurity to protect these systems and devices which are characterized by being connected continuously to the Internet. Intrusion detection systems (IDS) are used to protect IoT systems from the various anomalies and attacks at the network level. Intrusion Detection Systems (IDS) can be improved through machine learning techniques. Our work focuses on creating classification models that can feed an IDS using a dataset containing frames under attacks of an IoT system that uses the MQTT protocol. We have addressed two types of method for classifying the attacks, ensemble methods and deep learning models, more specifically recurrent networks with very satisfactory results.

[1]  J. Friedman Greedy function approximation: A gradient boosting machine. , 2001 .

[2]  Cleotilde Gonzalez,et al.  Effects of cyber security knowledge on attack detection , 2015, Comput. Hum. Behav..

[3]  Sean Carlisto de Alvarenga,et al.  A survey of intrusion detection in Internet of Things , 2017, J. Netw. Comput. Appl..

[4]  Xing-Kong Ma,et al.  Attentional Payload Anomaly Detector for Web Applications , 2018, ICONIP.

[5]  Lei Yang,et al.  Sample Selected Extreme Learning Machine Based Intrusion Detection in Fog Computing and MEC , 2018, Wirel. Commun. Mob. Comput..

[6]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[7]  Nuno Santos,et al.  Effective Detection of Multimedia Protocol Tunneling using Machine Learning , 2018, USENIX Security Symposium.

[8]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[9]  P. J. García Nieto,et al.  A new improved study of cyanotoxins presence from experimental cyanobacteria concentrations in the Trasona reservoir (Northern Spain) using the MARS technique. , 2012 .

[10]  Martin J. Wainwright,et al.  Noisy matrix decomposition via convex relaxation: Optimal rates in high dimensions , 2011, ICML.

[11]  Jinoh Kim,et al.  A survey of deep learning-based network anomaly detection , 2017, Cluster Computing.

[12]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[13]  Tianqi Chen,et al.  XGBoost: A Scalable Tree Boosting System , 2016, KDD.

[14]  Mansour Ahmadi,et al.  Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification , 2015, CODASPY.

[15]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[16]  Yong Wang,et al.  A Big Network Traffic Data Fusion Approach Based on Fisher and Deep Auto-Encoder , 2016, Inf..

[17]  Jürgen Schmidhuber,et al.  Framewise phoneme classification with bidirectional LSTM and other neural network architectures , 2005, Neural Networks.

[18]  Jugal K. Kalita,et al.  Towards Generating Real-life Datasets for Network Intrusion Detection , 2015, Int. J. Netw. Secur..

[19]  Md. Al Mehedi Hasan,et al.  Support Vector Machine and Random Forest Modeling for Intrusion Detection System (IDS) , 2014 .

[20]  Yoshua Bengio,et al.  On the Properties of Neural Machine Translation: Encoder–Decoder Approaches , 2014, SSST@EMNLP.

[21]  Yuval Elovici,et al.  ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis , 2017, SAC.

[22]  Kwangjo Kim,et al.  Wi-Fi intrusion detection using weighted-feature selection for neural networks classifier , 2017, 2017 International Workshop on Big Data and Information Security (IWBIS).

[23]  Yu-Lin He,et al.  Fuzziness based semi-supervised learning approach for intrusion detection system , 2017, Inf. Sci..

[24]  Francisco Javier de Cos Juez,et al.  Missing data imputation of questionnaires by means of genetic algorithms with different fitness functions , 2017, J. Comput. Appl. Math..

[25]  Liejun Wang,et al.  Intrusion Detection System Based on Integration of Neural Network for Wireless Sensor Network , 2014 .

[26]  Jason B. Ernst,et al.  A Survey and Taxonomy of Classifiers of Intrusion Detection Systems , 2018, Computer and Network Security Essentials.

[27]  Yuancheng Li,et al.  A Hybrid Malicious Code Detection Method based on Deep Learning , 2015 .

[28]  François Chollet,et al.  Keras: The Python Deep Learning library , 2018 .

[29]  Budi Rahardjo,et al.  Attack scenarios and security analysis of MQTT communication protocol in IoT system , 2017, 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI).

[30]  Razvan Pascanu,et al.  On the difficulty of training recurrent neural networks , 2012, ICML.

[31]  Georgios Kambourakis,et al.  Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset , 2016, IEEE Communications Surveys & Tutorials.

[32]  Harish Kumar,et al.  An intrusion detection system using network traffic profiling and online sequential extreme learning machine , 2015, Expert Syst. Appl..

[33]  Smruti R. Sarangi,et al.  Internet of Things: Architectures, Protocols, and Applications , 2017, J. Electr. Comput. Eng..

[34]  Yong-Hyuk Kim,et al.  Machine-Learning Approach to Optimize SMOTE Ratio in Class Imbalance Dataset for Intrusion Detection , 2018, Comput. Intell. Neurosci..

[35]  Yoshua Bengio,et al.  Learning Phrase Representations using RNN Encoder–Decoder for Statistical Machine Translation , 2014, EMNLP.

[36]  Wenke Lee,et al.  McPAD: A multiple classifier system for accurate payload-based anomaly detection , 2009, Comput. Networks.

[37]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[38]  Tara N. Sainath,et al.  Improving deep neural networks for LVCSR using rectified linear units and dropout , 2013, 2013 IEEE International Conference on Acoustics, Speech and Signal Processing.

[39]  Yoshua Bengio,et al.  Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling , 2014, ArXiv.

[40]  Md. Saiful Islam,et al.  Anomaly based Intrusion Detection System using Genetic Algorithm and K-Centroid Clustering , 2017 .

[41]  Saleem Ullah,et al.  Security Issues in the Internet of Things (IoT): A Comprehensive Study , 2017 .

[42]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[43]  P. J. García Nieto,et al.  Using multivariate adaptive regression splines and multilayer perceptron networks to evaluate paper manufactured using Eucalyptus globulus , 2012, Appl. Math. Comput..