IoTWarden: A Deep Reinforcement Learning Based Real-time Defense System to Mitigate Trigger-action IoT Attacks

• URL: http://arxiv.org/abs/2401.08141v1
• Date: Tue, 16 Jan 2024 06:25:56 GMT
• Title: IoTWarden: A Deep Reinforcement Learning Based Real-time Defense System to Mitigate Trigger-action IoT Attacks
• Authors: Md Morshed Alam, Israt Jahan, Weichao Wang,
• Abstract summary: We build a reinforcement learning based real-time defense system for injection attacks. Our experiments show that the proposed mechanism can effectively and accurately identify and defend against injection attacks with reasonable overhead.
• Score: 3.1449061818799615
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In trigger-action IoT platforms, IoT devices report event conditions to IoT hubs notifying their cyber states and let the hubs invoke actions in other IoT devices based on functional dependencies defined as rules in a rule engine. These functional dependencies create a chain of interactions that help automate network tasks. Adversaries exploit this chain to report fake event conditions to IoT hubs and perform remote injection attacks upon a smart environment to indirectly control targeted IoT devices. Existing defense efforts usually depend on static analysis over IoT apps to develop rule-based anomaly detection mechanisms. We also see ML-based defense mechanisms in the literature that harness physical event fingerprints to determine anomalies in an IoT network. However, these methods often demonstrate long response time and lack of adaptability when facing complicated attacks. In this paper, we propose to build a deep reinforcement learning based real-time defense system for injection attacks. We define the reward functions for defenders and implement a deep Q-network based approach to identify the optimal defense policy. Our experiments show that the proposed mechanism can effectively and accurately identify and defend against injection attacks with reasonable computation overhead.

Related papers

• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
  This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
  arXiv  Detail & Related papers  (2023-12-01T16:10:43Z)
• HoneyIoT: Adaptive High-Interaction Honeypot for IoT Devices Through Reinforcement Learning [10.186372780116631]
  We develop an adaptive high-interaction honeypot for IoT devices, called HoneyIoT. We first build a real device based attack trace collection system to learn how attackers interact with IoT devices. We then model the attack behavior through markov decision process and leverage reinforcement learning techniques to learn the best responses to engage attackers.
  arXiv  Detail & Related papers  (2023-05-10T19:43:20Z)
• ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks [18.819756176569033]
  IoT devices control functions in smart homes and buildings, smart cities, and smart factories. Existing approaches for detecting attacks are mostly limited to attacks directly compromising individual IoT devices. We propose ARGUS, the first self-learning intrusion detection system for detecting contextual attacks on IoT environments.
  arXiv  Detail & Related papers  (2023-02-15T11:05:45Z)
• The Internet of Senses: Building on Semantic Communications and Edge Intelligence [67.75406096878321]
  The Internet of Senses (IoS) holds the promise of flawless telepresence-style communication for all human receptors' We elaborate on how the emerging semantic communications and Artificial Intelligence (AI)/Machine Learning (ML) paradigms may satisfy the requirements of IoS use cases.
  arXiv  Detail & Related papers  (2022-12-21T03:37:38Z)
• Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
  In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents. We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation. Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
  arXiv  Detail & Related papers  (2021-10-04T12:20:46Z)
• The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
  We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems. In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
  arXiv  Detail & Related papers  (2021-06-26T10:50:07Z)
• Zero-Bias Deep Learning for Accurate Identification of Internet of Things (IoT) Devices [20.449229983283736]
  We propose an enhanced deep learning framework for IoT device identification using physical layer signals. We have evaluated the effectiveness of the proposed framework using real data from ADS-B (Automatic Dependent Surveillance-Broadcast), an application of IoT in aviation.
  arXiv  Detail & Related papers  (2020-08-27T20:50:48Z)
• Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
  We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
  arXiv  Detail & Related papers  (2020-08-26T19:27:27Z)
• Towards Learning-automation IoT Attack Detection through Reinforcement Learning [14.363292907140364]
  Internet of Things (IoT) networks have unique characteristics, which make the attack detection more challenging. In addition to the traditional high-rate attacks, the low-rate attacks are also extensively used by IoT attackers to obfuscate the legitimate traffic. We propose a reinforcement learning-based attack detection model that can automatically learn and recognize the transformation of the attack pattern.
  arXiv  Detail & Related papers  (2020-06-29T06:12:45Z)
• IoT Behavioral Monitoring via Network Traffic Analysis [0.45687771576879593]
  This thesis is the culmination of our efforts to develop techniques to profile the network behavioral pattern of IoTs. We develop a robust machine learning-based inference engine trained with attributes from traffic patterns. We demonstrate real-time classification of 28 IoT devices with over 99% accuracy.
  arXiv  Detail & Related papers  (2020-01-28T23:13:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.