Ensemble Learning based Anomaly Detection for IoT Cybersecurity via Bayesian Hyperparameters Sensitivity Analysis

The Internet of Things (IoT) integrates more than billions of intelligent devices over the globe with the capability of communicating with other connected devices with little to no human intervention. IoT enables data aggregation and analysis on a large scale to improve life quality in many domains. In particular, data collected by IoT contain a tremendous amount of information for anomaly detection. The heterogeneous nature of IoT is both a challenge and an opportunity for cybersecurity. Traditional approaches in cybersecurity monitoring often require different kinds of data pre-processing and handling for various data types, which might be problematic for datasets that contain heterogeneous features. However, heterogeneous types of network devices can often capture a more diverse set of signals than a single type of device readings, which is particularly useful for anomaly detection. In this paper, we present a comprehensive study on using ensemble machine learning methods for enhancing IoT cybersecurity via anomaly detection. Rather than using one single machine learning model, ensemble learning combines the predictive power from multiple models, enhancing their predictive accuracy in heterogeneous datasets rather than using one single machine learning model. We propose a unified framework with ensemble learning that utilises Bayesian hyperparameter optimisation to adapt to a network environment that contains multiple IoT sensor readings. Experimentally, we illustrate their high predictive power when compared to traditional methods

Mass Removal of Botnet Attacks Using Heterogeneous Ensemble Stacking PROSIMA classifier in IoT

In an Internet of Things (IoT) environment, any object, which is equipped with sensor node and other electronic devices can involve in the communication over wireless network. Hence, this environment is highly vulnerable to Botnet attack. Botnet attack degrades the system performance in a manner difficult to get identified by the IoT network users. The Botnet attack is incredibly difficult to observe and take away in restricted time. there are challenges prevailed in the detection of Botnet attack due to number of reasons such as its unique structurally repetitive nature, performing non uniform and dissimilar activities and  invisible nature followed by deleting the record of history. Even though existing mechanisms have taken action against the Botnet attack proactively, it has been observed failing to capture the frequent abnormal activities of Botnet attackers .When number of devices in the IoT environment increases, the existing mechanisms have missed more number of Botnet due to its functional complexity. So this type of attack is very complex in nature and difficult to identify. In order to detect Botnet attack, Heterogeneous Ensemble Stacking PROSIMA classifier is proposed. This takes advantage of cluster sampling in place of conventional random sampling for higher accuracy of prediction. The proposed classifier is tested on an experimental test setup with 20 nodes. The proposed approach enables mass removal of Botnet attack detection with higher accuracy that helps in the IoT environment to maintain the reliability of the entire network

A FEDERATED DEEP AUTOENCODER FOR DETECTING IOT CYBER ATTACKS

Internet of Things (IoT) devices are mass-produced and rapidly released to the public in a rough state. IoT devices are produced by various companies satisfying various goals, such as monitoring the environment, senor trigger cameras, on-demand electrical switches. These IoT devices are produced by companies to meet a market demand quickly, producing a rough software solution that customers or other enterprises willingly buy with the expectation they will have software updates after production. These IoT devices are often heterogeneous in nature, only to receive updates at infrequently intervals, and can remain out of sight on a home or office network for extended periods. Security and privacy are two of the many ongoing research and operational challenges in IoT systems. Potential threats to IoT devices, such as botnets and malware-based attacks, have always been difficult for traditional detection systems. However, deep learning-based solutions have been utilized in recent years, and many challenges have yet to be addressed. In this thesis, we propose a federated-based approach, this will employ a deep autoencoder to detect botnet attacks using on-device decentralized traffic data. This suggested federated learning solution will be able to address the privacy and security of data by ensuring that the device’s data is not transferred or moved off the network edge. Instead, the machine learning computation will be brought to where living data is born (e.g. the edge layer); thus, providing the sought-after results of a traditionally centralized machine learning technique, with the added benefit of data security. We demonstrate that our proposed model has achieved up to 98% accuracy rate in anomaly detection while using features such as source IP, MAC IP, and destination IP and socket channel for training. The comparative performance analysis between our proposed approach and a traditionally centralized format demonstrates that our approach achieves a significant improvement in the accuracy rate of attack detection

Computational intelligence-enabled cybersecurity for the Internet of Things

The computational intelligence (CI) based technologies play key roles in campaigning cybersecurity challenges in complex systems such as the Internet of Things (IoT), cyber-physical-systems (CPS), etc. The current IoT is facing increasingly security issues, such as vulnerabilities of IoT systems, malware detection, data security concerns, personal and public physical safety risk, privacy issues, data storage management following the exponential growth of IoT devices. This work aims at investigating the applicability of computational intelligence techniques in cybersecurity for IoT, including CI-enabled cybersecurity and privacy solutions, cyber defense technologies, intrusion detection techniques, and data security in IoT. This paper also attempts to provide new research directions and trends for the increasingly IoT security issues using computational intelligence technologies

IoT Anomaly Detection Methods and Applications: A Survey

Ongoing research on anomaly detection for the Internet of Things (IoT) is a rapidly expanding field. This growth necessitates an examination of application trends and current gaps. The vast majority of those publications are in areas such as network and infrastructure security, sensor monitoring, smart home, and smart city applications and are extending into even more sectors. Recent advancements in the field have increased the necessity to study the many IoT anomaly detection applications. This paper begins with a summary of the detection methods and applications, accompanied by a discussion of the categorization of IoT anomaly detection algorithms. We then discuss the current publications to identify distinct application domains, examining papers chosen based on our search criteria. The survey considers 64 papers among recent publications published between January 2019 and July 2021. In recent publications, we observed a shortage of IoT anomaly detection methodologies, for example, when dealing with the integration of systems with various sensors, data and concept drifts, and data augmentation where there is a shortage of Ground Truth data. Finally, we discuss the present such challenges and offer new perspectives where further research is required.Comment: 22 page

Non-Invasive Ambient Intelligence in Real Life: Dealing with Noisy Patterns to Help Older People

This paper aims to contribute to the field of ambient intelligence from the perspective of real environments, where noise levels in datasets are significant, by showing how machine learning techniques can contribute to the knowledge creation, by promoting software sensors. The created knowledge can be actionable to develop features helping to deal with problems related to minimally labelled datasets. A case study is presented and analysed, looking to infer high-level rules, which can help to anticipate abnormal activities, and potential benefits of the integration of these technologies are discussed in this context. The contribution also aims to analyse the usage of the models for the transfer of knowledge when different sensors with different settings contribute to the noise levels. Finally, based on the authors’ experience, a framework proposal for creating valuable and aggregated knowledge is depicted.This research was partially funded by Fundación Tecnalia Research & Innovation, and J.O.-M. also wants to recognise the support obtained from the EU RFCS program through project number 793505 ‘4.0 Lean system integrating workers and processes (WISEST)’ and from the grant PRX18/00036 given by the Spanish Secretaría de Estado de Universidades, Investigación, Desarrollo e Innovación del Ministerio de Ciencia, Innovación y Universidades