Features Quality Impact on Cyber Physical Security Systems

With the rapid growth of the number of connected devices on the internet, a significant increase in internet and network applications in the last decade led to the appearance of function-based networks called the Internet of Things (IoT). Such interest and dependency come with exponentially increasing security threats. Those threats are very dynamic, and change continuously despite the fact that IoT devices may not go through the same speed for security fixes, updates, etc. As a result, research trends focus on utilizing data analytics to build intelligence and autonomous mechanisms to enable IoT systems to respond to threats in real time. To this end, our project goal is to evaluate methods to build fast and efficient intrusion detection systems (IDS) that meet the high scalability and dynamicity of IoT environments.In this research, we studied three different datasets used to represent IoT network traffic and used them as a benchmark to evaluate many IDSs’ performances. Results showed that features’ quality has an impact on classification models and thus IDS performance. Our results showed also that the optimum time-window of an IDS preferred to be long (decay factor 0.01 or 0.1) when evaluating the BotNet_IoT dataset.

[1]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[2]  Monther Aldwairi,et al.  Anomaly Payload Signature Generation System Based on Efficient Tokenization Methodology , 2018 .

[3]  R.K. Cunningham,et al.  Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[4]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[5]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[6]  Durga Prasad Mohapatra,et al.  An SVM-Based Ensemble Approach for Intrusion Detection , 2019, Int. J. Inf. Technol. Web Eng..

[7]  Asaf Shabtai,et al.  MDGAN: Boosting Anomaly Detection Using Multi-Discriminator Generative Adversarial Networks , 2018, ArXiv.

[8]  Yuval Elovici,et al.  Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection , 2018, NDSS.

[9]  Marcelo R. Campo,et al.  Survey on network-based botnet detection methods , 2014, Secur. Commun. Networks.

[10]  Bartley D. Richardson,et al.  Sequence Aggregation Rules for Anomaly Detection in Computer Network Traffic , 2018, ArXiv.