Modelling DDoS Attacks in IoT Networks using Machine Learning
- URL: http://arxiv.org/abs/2112.05477v1
- Date: Fri, 10 Dec 2021 12:09:26 GMT
- Title: Modelling DDoS Attacks in IoT Networks using Machine Learning
- Authors: Pheeha Machaka, Olasupo Ajayi, Hloniphani Maluleke, Ferdinand Kahenga,
Antoine Bagula, Kyandoghere Kyamakya
- Abstract summary: TCP-specific attacks are one of the most plausible tools that attackers can use on Cyber-Physical Systems.
This study compares the effectiveness of supervised, unsupervised, and semi-supervised machine learning algorithms for detecting DDoS attacks in CPS-IoT.
- Score: 21.812642970826563
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: In current Internet-of-Things (IoT) deployments, a mix of traditional IP
networking and IoT specific protocols, both relying on the TCP protocol, can be
used to transport data from a source to a destination. Therefore, TCP-specific
attacks, such as the Distributed Denial of Service (DDoS) using the TCP SYN
attack, are one of the most plausible tools that attackers can use on
Cyber-Physical Systems (CPS). This may be done by launching an attack from its
IoT subsystem, here referred to as the "CPS-IoT", with potential propagation to
the different servers located in both fog and the cloud infrastructures of the
CPS. This study compares the effectiveness of supervised, unsupervised, and
semi-supervised machine learning algorithms for detecting DDoS attacks in
CPS-IoT, particularly during data transmission to and from the physical space
to the cyber space via the Internet. The algorithms considered are broadly
grouped into two: i) Detection algorithms, which include Logistic Regression
(LGR), K-Means, and Artificial Neural Networks (ANN). We also looked into the
effectiveness of semi-supervised hybrid learning models, which use unsupervised
K-Means to label data, then feed the output to a supervised learning model for
attack detection. ii.) Prediction algorithms - LGR, Kernel Ridge Regression
(KRR) and Support Vector Regression (SVR), which were used to predict imminent
attacks. Experimental tests were carried out and obtained results showed that
the hybrid model was able to achieve 100% accuracy with zero false positives;
while all the prediction models were able to achieve over 94% attack prediction
accuracy.
Related papers
- MDHP-Net: Detecting Injection Attacks on In-vehicle Network using Multi-Dimensional Hawkes Process and Temporal Model [44.356505647053716]
In this paper, we consider a specific type of cyberattack known as the injection attack.
These injection attacks have effect over time, gradually manipulating network traffic and disrupting the vehicle's normal functioning.
We propose an injection attack detector, MDHP-Net, which integrates optimal MDHP parameters with MDHP-LSTM blocks to enhance temporal feature extraction.
arXiv Detail & Related papers (2024-11-15T15:05:01Z) - Beyond Detection: Leveraging Large Language Models for Cyber Attack Prediction in IoT Networks [4.836070911511429]
This paper proposes a novel network intrusion prediction framework that combines Large Language Models (LLMs) with Long Short Term Memory (LSTM) networks.
Our framework, evaluated on the CICIoT2023 IoT attack dataset, demonstrates a significant improvement in predictive capabilities, achieving an overall accuracy of 98%.
arXiv Detail & Related papers (2024-08-26T06:57:22Z) - Redefining DDoS Attack Detection Using A Dual-Space Prototypical Network-Based Approach [38.38311259444761]
We introduce a new deep learning-based technique for detecting DDoS attacks.
We propose a new dual-space prototypical network that leverages a unique dual-space loss function.
This approach capitalizes on the strengths of representation learning within the latent space.
arXiv Detail & Related papers (2024-06-04T03:22:52Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Intrusion Detection in Internet of Things using Convolutional Neural
Networks [4.718295605140562]
We propose a novel solution to the intrusion attacks against IoT devices using CNNs.
The data is encoded as the convolutional operations to capture the patterns from the sensors data along time.
The experimental results show significant improvement in both true positive rate and false positive rate compared to the baseline using LSTM.
arXiv Detail & Related papers (2022-11-18T07:27:07Z) - Distributed Adversarial Training to Robustify Deep Neural Networks at
Scale [100.19539096465101]
Current deep neural networks (DNNs) are vulnerable to adversarial attacks, where adversarial perturbations to the inputs can change or manipulate classification.
To defend against such attacks, an effective approach, known as adversarial training (AT), has been shown to mitigate robust training.
We propose a large-batch adversarial training framework implemented over multiple machines.
arXiv Detail & Related papers (2022-06-13T15:39:43Z) - AdIoTack: Quantifying and Refining Resilience of Decision Tree Ensemble
Inference Models against Adversarial Volumetric Attacks on IoT Networks [1.1172382217477126]
We present AdIoTack, a system that highlights vulnerabilities of decision trees against adversarial attacks.
To assess the model for the worst-case scenario, AdIoTack performs white-box adversarial learning to launch successful volumetric attacks.
We demonstrate how the model detects all non-adversarial volumetric attacks on IoT devices while missing many adversarial ones.
arXiv Detail & Related papers (2022-03-18T08:18:03Z) - Collaborative adversary nodes learning on the logs of IoT devices in an
IoT network [0.0]
We propose an improved approach for IoT security from data perspective.
The Adversary Learning (AdLIoTLog) model is proposed using Recurrent Neural Network (RNN)
Our results show that the predicting performance of the AdLIoTLog model trained by our method degrades by 3-4% in the presence of attack.
arXiv Detail & Related papers (2021-12-22T02:56:22Z) - Deep Learning based Covert Attack Identification for Industrial Control
Systems [5.299113288020827]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids.
The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2020-09-25T17:48:43Z) - Bayesian Optimization with Machine Learning Algorithms Towards Anomaly
Detection [66.05992706105224]
In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique.
The performance of the considered algorithms is evaluated using the ISCX 2012 dataset.
Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
arXiv Detail & Related papers (2020-08-05T19:29:35Z) - Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker.
Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner.
We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.