Deteksi Serangan Denial of Service pada Internet of Things Menggunakan Finite-State Automata

Internet of things memiliki kemampuan untuk menghubungkan obyek pintar dan memungkinkan mereka untuk berinteraksi dengan lingkungan dan peralatan komputasi cerdas lainnya melalui jaringan internet. Namun belakangan ini, keamanan jaringan internet of things mendapat ancaman akibat serangan cyber yang dapat menembus perangkat internet of things target dengan menggunakan berbagai serangan denial of service. Penelitian ini bertujuan untuk mendeteksi dan mencegah serangan denial of service berupa synchronize flooding dan ping flooding pada jaringan internet of things dengan pendekatan finite-state automata. Hasil pengujian menunjukkan bahwa pendekatan finite-state automata berhasil mendeteksi serangan synchronize flooding dan ping flooding pada jaringan internet of things, tetapi pencegahan serangan tidak secara signifikan mengurangi penggunaan prosesor dan memori. Serangan synchronize flooding menyebabkan delay saat mengaktifkan/menonaktifkan peralatan internet of things sedangkan serangan ping flooding menyebabkan error. Implementasi bash-iptables berhasil mengurangi serangan synchronize flooding dengan efisiensi waktu pencegahan sebesar 55,37% dan mengurangi serangan ping flooding sebesar 60% tetapi dengan waktu yang tidak signifikan

A Novel Feature-Selection Algorithm in IoT Networks for Intrusion Detection

The Internet of Things (IoT) and network-enabled smart devices are crucial to the digitally interconnected society of the present day. However, the increased reliance on IoT devices increases their susceptibility to malicious activities within network traffic, posing significant challenges to cybersecurity. As a result, both system administrators and end users are negatively affected by these malevolent behaviours. Intrusion-detection systems (IDSs) are commonly deployed as a cyber attack defence mechanism to mitigate such risks. IDS plays a crucial role in identifying and preventing cyber hazards within IoT networks. However, the development of an efficient and rapid IDS system for the detection of cyber attacks remains a challenging area of research. Moreover, IDS datasets contain multiple features, so the implementation of feature selection (FS) is required to design an effective and timely IDS. The FS procedure seeks to eliminate irrelevant and redundant features from large IDS datasets, thereby improving the intrusion-detection system’s overall performance. In this paper, we propose a hybrid wrapper-based feature-selection algorithm that is based on the concepts of the Cellular Automata (CA) engine and Tabu Search (TS)-based aspiration criteria. We used a Random Forest (RF) ensemble learning classifier to evaluate the fitness of the selected features. The proposed algorithm, CAT-S, was tested on the TON_IoT dataset. The simulation results demonstrate that the proposed algorithm, CAT-S, enhances classification accuracy while simultaneously reducing the number of features and the false positive rate.publishedVersio

An Automata Based Text Analysis System

This report describes and implements an automata based text analysis system. We have collected some of the writing samples. Each sample establishes a tree, and uses the ALERGIA algorithm to merge all compatible nodes in order to get a merged stochastic finite automaton. We store these automatons which demonstrate writing style of the sample texts in the hard drive. For a new testing piece, we can test if it has similar writing style compared to those sample texts

Advancing IoT Security with Tsetlin Machines: A Resource-Efficient Anomaly Detection Approach

The number of IoT devices are rapidly increasing, and the nature of the devices leave them vulnerable to attacks. As of today there are no general security solutions that meet the requirements of running with limited resources on devices with a large variety of use cases. Traditional AI models are able to classify and distinguish between benign and malignant network traffic. However, they require more resources than IoT devices can provide, and cannot train on-chip once deployed. This thesis introduces the Tsetlin Machine as a potential solution to this problem. As a binary, propositional logic model, the Tsetlin Machine is compatible with hardware and can perform predictions in near real-time on limited resources, making it a suitable candidate for intrusion detection in IoT devices. To assess the viability of the Tsetlin Machine as an IDS, we developed custom data loaders for the benchmark datasets: CIC-IDS2017, KDD99, NSL-KDD, UNSW-NB15, and UNSW-Bot-IoT. We ran hyperparameter searches and numerous experiments to determine the performance of the Tsetlin machine on each dataset. We discovered that preprocessing data by converting each data value to a 32-bit binary number and imposing an upper bound on class sizes proved to be an effective strategy. Furthermore, we compared the performance of the Tsetlin Machine against various classifiers from the scikit-learn library and lazy predict. The results show that the Tsetlin Machine's performance was on par with, if not superior to, other machine learning models, indicating its potential as a reliable method for anomaly detection in IoT devices. However, future work is required to determine its viability in a real-life setting, running on limited resources and classifying real-time data

Deep learning algorithms for intrusion detection systems in internet of things using CIC-IDS 2017 dataset

Due to technological advancements in recent years, the availability and usage of smart electronic gadgets have drastically increased. Adoption of these smart devices for a variety of applications in our day-to-day life has become a new normal. As these devices collect and store data, which is of prime importance, securing is a mandatory requirement by being vigilant against intruders. Many traditional techniques are prevailing for the same, but they may not be a good solution for the devices with resource constraints. The impact of artificial intelligence is not negligible in this concern. This study is an attempt to understand and analyze the performance of deep learning algorithms in intrusion detection. A comparative analysis of the performance of deep neural network, convolutional neural network, and long short-term memory using the CIC-IDS 2017 dataset

Advancing IoT Security with Tsetlin Machines: A Resource-Efficient Anomaly Detection Approach

The number of IoT devices are rapidly increasing, and the nature of the devices leave them vulnerable to attacks. As of today there are no general security solutions that meet the requirements of running with limited resources on devices with a large variety of use cases. Traditional AI models are able to classify and distinguish between benign and malignant network traffic. However, they require more resources than IoT devices can provide, and cannot train on-chip once deployed. This thesis introduces the Tsetlin Machine as a potential solution to this problem. As a binary, propositional logic model, the Tsetlin Machine is compatible with hardware and can perform predictions in near real-time on limited resources, making it a suitable candidate for intrusion detection in IoT devices. To assess the viability of the Tsetlin Machine as an IDS, we developed custom data loaders for the benchmark datasets: CIC-IDS2017, KDD99, NSL-KDD, UNSW-NB15, and UNSW-Bot-IoT. We ran hyperparameter searches and numerous experiments to determine the performance of the Tsetlin machine on each dataset. We discovered that preprocessing data by converting each data value to a 32-bit binary number and imposing an upper bound on class sizes proved to be an effective strategy. Furthermore, we compared the performance of the Tsetlin Machine against various classifiers from the scikit-learn library and lazy predict. The results show that the Tsetlin Machine's performance was on par with, if not superior to, other machine learning models, indicating its potential as a reliable method for anomaly detection in IoT devices. However, future work is required to determine its viability in a real-life setting, running on limited resources and classifying real-time data

A Critical Review of Practices and Challenges in Intrusion Detection Systems for IoT: Towards Universal and Resilient Systems

The Internet-of-Things (IoT) is rapidly becoming ubiquitous. However the heterogeneous nature of devices and protocols in use, the sensitivity of the data contained within, as well as the legal and privacy issues, make security for the IoT a growing research priority and industry concern. With many security practices being unsuitable due to their resource intensive nature, it is deemed important to include second line defences into IoT networks. These systems will also need to be assessed for their efficacy in a variety of different network types and protocols. To shed light on these issues, this paper is concerned with advancements in intrusion detection practices in IoT. It provides a comprehensive review of current Intrusion Detection Systems (IDS) for IoT technologies, focusing on architecture types. A proposal for future directions in IoT based IDS are then presented and evaluated. We show how traditional practices are unsuitable due to their inherent features providing poor coverage of the IoT domain. In order to develop a secure, robust and optimised solution for these networks, the current research for intrusion detection in IoT will need to move in a different direction. An example of which is proposed in order to illustrate how malicious nodes might be passively detected