A behavioural network traffic novelty detection for the internet of things infrastructures

Salma Abdalla Hamad*, Quan Z. Sheng, Dai Hoang Tran, Wei Emma Zhang, Surya Nepal

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

Abstract

The Internet of Things (IoT) applied solutions are changing the way the world perceives technology. IoT devices are now being used in a wide range of applications to transfer or share relevant information, hence reducing human interventions. With such widespread IoT solutions, security becomes a significant concern. Many of the IoT devices are vulnerable due to several reasons, including in-secure implementations, poor life cycle management, and inappropriate configurations, leading to an increase in the risk of these devices getting exposed and attacked. However, the current security approaches for detecting compromised IoT devices are inefficient, especially for zero-day attacks. Since no one knows how a new attack would look like, it will be useful to monitor and detect anomalies using accurate detection techniques. This work probes the possibility of detecting IoT network traffic anomalies using novelty detection techniques; thus, it can detect compromised IoT devices. One of this work’s main contributions is developing an IoT anomaly detection system named Behavioural Novelty Detection for IoT Infrastructure (BND-IoT). BND-IoT trains a neural network with novel selected behavioural features extracted from benign traffic only and then uses the novelty techniques to detect any unusual traffic patterns. We show that the presented approach effectively detects anomalies within IoT devices’ network traffic with a robust average F1-score of 96.7% and a low false rejection rate of 7%.

Original languageEnglish
Title of host publicationParallel Architectures, Algorithms and Programming
Subtitle of host publication11th International Symposium, PAAP 2020 Shenzhen, China, December 28–30, 2020 Proceedings
EditorsLi Ning, Vincent Chau, Francis Lau
Place of PublicationSingapore, Singapore
PublisherSpringer, Springer Nature
Pages174-186
Number of pages13
ISBN (Electronic)9789811600104
ISBN (Print)9789811600098
DOIs
Publication statusPublished - 2021
Event11th International Symposium on Parallel Architectures, Algorithms and Programming, PAAP 2020 - Shenzhen, China
Duration: 28 Dec 202030 Dec 2020

Publication series

NameCommunications in Computer and Information Science
Volume1362
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference11th International Symposium on Parallel Architectures, Algorithms and Programming, PAAP 2020
CountryChina
CityShenzhen
Period28/12/2030/12/20

Keywords

  • IoT security
  • Machine learning
  • IoT anomaly detection
  • Fingerprinting
  • Novelty detection
  • Outlier detection

Fingerprint Dive into the research topics of 'A behavioural network traffic novelty detection for the internet of things infrastructures'. Together they form a unique fingerprint.

Cite this