Detecting Unknown Attacks in IoT Environments: An Open Set Classifier for Enhanced Network Intrusion Detection

The widespread integration of Internet of Things (IoT) devices across all facets of life has ushered in an era of interconnectedness, creating new avenues for cybersecurity challenges and underscoring the need for robust intrusion detection systems. However, traditional security systems are designed with a closed-world perspective and often face challenges in dealing with the ever-evolving threat landscape, where new and unfamiliar attacks are constantly emerging. In this paper, we introduce a framework aimed at mitigating the open set recognition (OSR) problem in the realm of Network Intrusion Detection Systems (NIDS) tailored for IoT environments. Our framework capitalizes on image-based representations of packet-level data, extracting spatial and temporal patterns from network traffic. Additionally, we integrate stacking and sub-clustering techniques, enabling the identification of unknown attacks by effectively modeling the complex and diverse nature of benign behavior. The empirical results prominently underscore the framework's efficacy, boasting an impressive 88\% detection rate for previously unseen attacks when compared against existing approaches and recent advancements. Future work will perform extensive experimentation across various openness levels and attack scenarios, further strengthening the adaptability and performance of our proposed solution in safeguarding IoT environments.Comment: 6 Pages, 5 figure

Network traffic analysis for threats detection in the Internet of Things

As the prevalence of the Internet of Things (IoT) continues to increase, cyber criminals are quick to exploit the security gaps that many devices are inherently designed with. Users cannot be expected to tackle this threat alone, and many current solutions available for network monitoring are simply not accessible or can be difficult to implement for the average user, which is a gap that needs to be addressed. This article presents an effective signature-based solution to monitor, analyze, and detect potentially malicious traffic for IoT ecosystems in the typical home network environment by utilizing passive network sniffing techniques and a cloud application to monitor anomalous activity. The proposed solution focuses on two attack and propagation vectors leveraged by the infamous Mirai botnet, namely DNS and Telnet. Experimental evaluation demonstrates the proposed solution can detect 98.35 percent of malicious DNS traffic and 99.33 percent of Telnet traffic for an overall detection accuracy of 98.84 percent

A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT

Internet of Things (IoT) forms the foundation of next generation infrastructures, enabling development of future cities that are inherently sustainable. Intrusion detection for such paradigms is a non-trivial challenge which has attracted further significance due to extraordinary growth in the volume and variety of security threats for such systems. However, due to unique characteristics of such systems i.e., battery power, bandwidth and processor overheads and network dynamics, intrusion detection for IoT is a challenge, which requires taking into account the trade-off between detection accuracy and performance overheads. In~this context, we are focused at highlighting this trade-off and its significance to achieve effective intrusion detection for IoT. Specifically, this paper presents a comprehensive study of existing intrusion detection systems for IoT systems in three aspects: computational overhead, energy consumption and privacy implications. Through extensive study of existing intrusion detection approaches, we have identified open challenges to achieve effective intrusion detection for IoT infrastructures. These include resource constraints, attack complexity, experimentation rigor and unavailability of relevant security data. Further, this paper is envisaged to highlight contributions and limitations of the state-of-the-art within intrusion detection for IoT, and~aid the research community to advance it by identifying significant research directions

Using Machine Learning for Security Issues in Cognitive IoT

Cognitive learning is progressively prospering in the field of Internet of Things (IoT). With the advancement in IoT, data generation rate has also increased, whereas issues like performance, attacks on the data, security of the data, and inadequate data resources are yet to be resolved. Recent studies are mostly focusing on the security of the data which can be handled by machine learning. Security and privacy of devices intrusion detection their success in achieving classification accuracy, machine deep learning with intrusion detection systems have greatly increased popularity. However, the need to store communication centralized server compromise privacy and security. Contrast, Federated Learning (FL) fits appropriately as a privacy-preserving decentralized learning technique that trains locally transfer the parameters the centralized instead of purpose current research provide thorough and application FL intrusion detection systems. Machine Learning (ML) and Deep Learning (DL) approaches, which may embed intelligence in IoT devices and networks, can help to overcome a variety of security challenges. The research includes a detailed overview of the application of FL in several anomaly detection domains. In addition, it increases understanding of ML and its application to the field of the Cognitive Internet of Things (CIoT). This endeavour also includes something crucial . The relevant FL implementation issues are also noted, revealing potential areas for further research. The researcher emphasised the flaws in current security remedies, which call for ML and DL methods. The report goes into great detail on how ML and DL are now being utilised to help handle various security issues that IoT networks are facing. Random Neural Networks that have been trained using data retrieved by Cognitive Packets make the routing decisions. A number of potential future directions for ML and DL-based IoT security research are also included in the study. The report concludes by outlining workable responses to the problem. The paper closes by offering a beginning point for future study, describing workable answers to the problem of FL-based intrusion detection system implementation

Security of Internet of Things (IoT) Using Federated Learning and Deep Learning — Recent Advancements, Issues and Prospects

There is a great demand for an efficient security framework which can secure IoT systems from potential adversarial attacks. However, it is challenging to design a suitable security model for IoT considering the dynamic and distributed nature of IoT. This motivates the researchers to focus more on investigating the role of machine learning (ML) in the designing of security models. A brief analysis of different ML algorithms for IoT security is discussed along with the advantages and limitations of ML algorithms. Existing studies state that ML algorithms suffer from the problem of high computational overhead and risk of privacy leakage. In this context, this review focuses on the implementation of federated learning (FL) and deep learning (DL) algorithms for IoT security. Unlike conventional ML techniques, FL models can maintain the privacy of data while sharing information with other systems. The study suggests that FL can overcome the drawbacks of conventional ML techniques in terms of maintaining the privacy of data while sharing information with other systems. The study discusses different models, overview, comparisons, and summarization of FL and DL-based techniques for IoT security