MediHunt: A Network Forensics Framework for Medical IoT Devices
- URL: http://arxiv.org/abs/2312.04096v1
- Date: Thu, 7 Dec 2023 07:19:56 GMT
- Title: MediHunt: A Network Forensics Framework for Medical IoT Devices
- Authors: Ayushi Mishra, Tej Kiran Boppana, Priyanka Bagade,
- Abstract summary: This paper focuses on the vulnerabilities present in the Message Queuing Telemetry and Transport (MQTT) protocol.
The memory-constrained MIoT devices enforce a limitation on storing all data logs that are required for comprehensive network.
This paper solves the data log availability challenge by detecting the attack in realtime and storing the corresponding logs for further analysis with the proposed network framework: MediHunt.
- Score: 5.120567378386615
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The Medical Internet of Things (MIoT) has enabled small, ubiquitous medical devices to communicate with each other to facilitate interconnected healthcare delivery. These devices interact using communication protocols like MQTT, Bluetooth, and Wi-Fi. However, as MIoT devices proliferate, these networked devices are vulnerable to cyber-attacks. This paper focuses on the vulnerabilities present in the Message Queuing Telemetry and Transport (MQTT) protocol. The MQTT protocol is prone to cyber-attacks that can harm the system's functionality. The memory-constrained MIoT devices enforce a limitation on storing all data logs that are required for comprehensive network forensics. This paper solves the data log availability challenge by detecting the attack in real-time and storing the corresponding logs for further analysis with the proposed network forensics framework: MediHunt. Machine learning (ML) techniques are the most real safeguard against cyber-attacks. However, these models require a specific dataset that covers diverse attacks on the MQTT-based IoT system for training. The currently available datasets do not encompass a variety of applications and TCP layer attacks. To address this issue, we leveraged the usage of a flow-based dataset containing flow data for TCP/IP layer and application layer attacks. Six different ML models are trained with the generated dataset to evaluate the effectiveness of the MediHunt framework in detecting real-time attacks. F1 scores and detection accuracy exceeded 0.99 for the proposed MediHunt framework with our custom dataset.
Related papers
- Semantic Meta-Split Learning: A TinyML Scheme for Few-Shot Wireless Image Classification [50.28867343337997]
This work presents a TinyML-based semantic communication framework for few-shot wireless image classification.
We exploit split-learning to limit the computations performed by the end-users while ensuring privacy-preserving.
meta-learning overcomes data availability concerns and speeds up training by utilizing similarly trained tasks.
arXiv Detail & Related papers (2024-09-03T05:56:55Z) - FedMADE: Robust Federated Learning for Intrusion Detection in IoT Networks Using a Dynamic Aggregation Method [7.842334649864372]
Internet of Things (IoT) devices across multiple sectors has escalated serious network security concerns.
Traditional Machine Learning (ML)-based Intrusion Detection Systems (IDSs) for cyber-attack classification require data transmission from IoT devices to a centralized server for traffic analysis, raising severe privacy concerns.
We introduce FedMADE, a novel dynamic aggregation method, which clusters devices by their traffic patterns and aggregates local models based on their contributions towards overall performance.
arXiv Detail & Related papers (2024-08-13T18:42:34Z) - Data and Model Poisoning Backdoor Attacks on Wireless Federated
Learning, and the Defense Mechanisms: A Comprehensive Survey [28.88186038735176]
Federated Learning (FL) has been increasingly considered for applications to wireless communication networks (WCNs)
In general, non-independent and identically distributed (non-IID) data of WCNs raises concerns about robustness.
This survey provides a comprehensive review of the latest backdoor attacks and defense mechanisms.
arXiv Detail & Related papers (2023-12-14T05:52:29Z) - A high throughput Intrusion Detection System (IDS) to enhance the security of data transmission among research centers [39.65647745132031]
This paper presents a packet sniffer that was designed using a commercial FPGA development board.
The system can support a data throughput of 10 Gbit/s with preliminary results showing that the speed of data transmission can be reliably extended to 100 Gbit/s.
It is particularly suited for the security of universities and research centers, where point-to-point network connections are dominant.
arXiv Detail & Related papers (2023-11-10T14:30:00Z) - Anomaly Detection Dataset for Industrial Control Systems [1.2234742322758418]
Industrial Control Systems (ICSs) have been targeted by cyberattacks and are becoming increasingly vulnerable.
The lack of suitable datasets for evaluating Machine Learning algorithms is a challenge.
This paper presents the 'ICS-Flow' dataset, which offers network data and process state variables logs for supervised and unsupervised ML-based IDS assessment.
arXiv Detail & Related papers (2023-05-11T14:52:19Z) - Detecting Anomalous Microflows in IoT Volumetric Attacks via Dynamic
Monitoring of MUD Activity [1.294952045574009]
Anomaly-based detection methods are promising in finding new attacks.
There are certain practical challenges like false-positive alarms, hard to explain, and difficult to scale cost-effectively.
In this paper, we use SDN to enforce and monitor the expected behaviors of each IoT device.
arXiv Detail & Related papers (2023-04-11T05:17:51Z) - Survey of Machine Learning Based Intrusion Detection Methods for
Internet of Medical Things [2.223733768286313]
Internet of Medical Things (IoMT) represents an application of the Internet of Things.
The sensitive and private nature of this data may represent a prime interest for attackers.
The use of traditional security methods on equipment that is limited in terms of storage and computing capacity is ineffective.
arXiv Detail & Related papers (2022-02-19T18:40:55Z) - Federated Learning for Physical Layer Design [38.46522285374866]
Federated learning (FL) has been proposed recently as a distributed learning scheme.
FL is more communication-efficient and privacy-preserving than centralized learning (CL)
This article discusses the recent advances in FL-based training for physical layer design problems.
arXiv Detail & Related papers (2021-02-23T16:22:53Z) - Deep Learning based Covert Attack Identification for Industrial Control
Systems [5.299113288020827]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids.
The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2020-09-25T17:48:43Z) - Data Poisoning Attacks on Federated Machine Learning [34.48190607495785]
Federated machine learning enables resource constrained node devices to learn a shared model while keeping the training data local.
The communication protocol amongst different nodes could be exploited by attackers to launch data poisoning attacks.
We propose a novel systems-aware optimization method, ATTack on Federated Learning (AT2FL)
arXiv Detail & Related papers (2020-04-19T03:45:05Z) - IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers.
The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks.
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.