Are Trees Really Green? A Detection Approach of IoT Malware Attacks

• URL: http://arxiv.org/abs/2506.07836v1
• Date: Mon, 09 Jun 2025 15:01:04 GMT
• Title: Are Trees Really Green? A Detection Approach of IoT Malware Attacks
• Authors: Silvia Lucia Sanna, Diego Soi, Davide Maiorca, Giorgio Giacinto,
• Abstract summary: Internet of Things (IoT) devices remain vulnerable due to their resource constraints and difficulty in applying security patches.<n>This paper proposes a green methodology to identify IoT malware networking attacks based on flow privacy-preserving statistical features.
• Score: 0.3749861135832073
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Nowadays, the Internet of Things (IoT) is widely employed, and its usage is growing exponentially because it facilitates remote monitoring, predictive maintenance, and data-driven decision making, especially in the healthcare and industrial sectors. However, IoT devices remain vulnerable due to their resource constraints and difficulty in applying security patches. Consequently, various cybersecurity attacks are reported daily, such as Denial of Service, particularly in IoT-driven solutions. Most attack detection methodologies are based on Machine Learning (ML) techniques, which can detect attack patterns. However, the focus is more on identification rather than considering the impact of ML algorithms on computational resources. This paper proposes a green methodology to identify IoT malware networking attacks based on flow privacy-preserving statistical features. In particular, the hyperparameters of three tree-based models -- Decision Trees, Random Forest and Extra-Trees -- are optimized based on energy consumption and test-time performance in terms of Matthew's Correlation Coefficient. Our results show that models maintain high performance and detection accuracy while consistently reducing power usage in terms of watt-hours (Wh). This suggests that on-premise ML-based Intrusion Detection Systems are suitable for IoT and other resource-constrained devices.

Related papers

• Intelligent IoT Attack Detection Design via ODLLM with Feature Ranking-based Knowledge Base [0.964942474860411]
  Internet of Things (IoT) devices have introduced significant cybersecurity challenges.<n>Traditional machine learning (ML) techniques often fall short in detecting such attacks due to the complexity of blended and evolving patterns.<n>We propose a novel framework leveraging On-Device Large Language Models (ODLLMs) augmented with fine-tuning and knowledge base (KB) integration for intelligent IoT network attack detection.
  arXiv  Detail & Related papers  (2025-03-27T16:41:57Z)
• Enhancing IoT Malware Detection through Adaptive Model Parallelism and Resource Optimization [0.6856683556201506]
  This study introduces a novel approach to malware detection tailored for IoT devices. Based on resource availability, ongoing workload, and communication costs, the malware detection task is dynamically allocated either on-device or offloaded to neighboring IoT nodes. Experimental results demonstrate that this proposed technique achieves a significant speedup of 9.8 x compared to on-device inference.
  arXiv  Detail & Related papers  (2024-04-12T20:51:25Z)
• Real-time Threat Detection Strategies for Resource-constrained Devices [1.4815508281465273]
  We present an end-to-end process designed to effectively address DNS-tunneling attacks in a router. We demonstrate that utilizing stateless features for training the ML model, along with features chosen to be independent of the network configuration, leads to highly accurate results. The deployment of this carefully crafted model, optimized for embedded devices across diverse environments, resulted in high DNS-tunneling attack detection with minimal latency.
  arXiv  Detail & Related papers  (2024-03-22T10:02:54Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Intrusion Detection in Internet of Things using Convolutional Neural Networks [4.718295605140562]
  We propose a novel solution to the intrusion attacks against IoT devices using CNNs. The data is encoded as the convolutional operations to capture the patterns from the sensors data along time. The experimental results show significant improvement in both true positive rate and false positive rate compared to the baseline using LSTM.
  arXiv  Detail & Related papers  (2022-11-18T07:27:07Z)
• Evaluating Short-Term Forecasting of Multiple Time Series in IoT Environments [67.24598072875744]
  Internet of Things (IoT) environments are monitored via a large number of IoT enabled sensing devices. To alleviate this issue, sensors are often configured to operate at relatively low sampling frequencies. This can hamper dramatically subsequent decision-making, such as forecasting.
  arXiv  Detail & Related papers  (2022-06-15T19:46:59Z)
• TELESTO: A Graph Neural Network Model for Anomaly Classification in Cloud Services [77.454688257702]
  Machine learning (ML) and artificial intelligence (AI) are applied on IT system operation and maintenance. One direction aims at the recognition of re-occurring anomaly types to enable remediation automation. We propose a method that is invariant to dimensionality changes of given data.
  arXiv  Detail & Related papers  (2021-02-25T14:24:49Z)
• Towards AIOps in Edge Computing Environments [60.27785717687999]
  This paper describes the system design of an AIOps platform which is applicable in heterogeneous, distributed environments. It is feasible to collect metrics with a high frequency and simultaneously run specific anomaly detection algorithms directly on edge devices.
  arXiv  Detail & Related papers  (2021-02-12T09:33:00Z)
• Detecting Botnet Attacks in IoT Environments: An Optimized Machine Learning Approach [8.641714871787595]
  Machine learning (ML) has emerged as one potential solution due to the abundance of data generated and available for IoT devices and networks. This paper proposes an optimized ML-based framework to detect attacks on IoT devices in an effective and efficient manner. Experimental results show that the proposed optimized framework has a high detection accuracy, precision, recall, and F-score.
  arXiv  Detail & Related papers  (2020-12-16T16:39:55Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
  We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem. We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection. We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
  arXiv  Detail & Related papers  (2020-01-10T05:29:17Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.