Detect-IoT: A Comparative Analysis of Machine Learning Algorithms for Detecting Compromised IoT Devices
Pages 370 - 375
Abstract
The rapid expansion of IoT brings unmatched convenience and connectivity, but it also raises significant security concerns. The prioritization of functionality over security in IoT devices exposes vulnerabilities like default credentials, outdated components, and insecure interfaces. To mitigate risks and combat cyberattacks effectively, it is crucial to identify and isolate compromised IoT infrastructures. In this paper, we present a curated dataset for IoT security research, which combines 40 recent IoT behavior datasets using class balancing and feature reduction techniques. This curated dataset serves as a valuable resource for future research in the field. Additionally, we compare machine learning techniques to detect compromised IoT devices, leveraging preprocessed and SMOTE-balanced network data. Our ensemble model surpasses other methods, achieving an impressive up to 98 percent F1-score, thus highlighting its efficacy in predicting compromised IoT devices and emphasizing the significance of our dataset and methodology contributions.
References
[1]
2020. Amnesia:33 Identify and Mitigate the Risk From Vulnerabilities Lurking in Millions of IoT, OT and IT Device. https://www.forescout.com/research-labs/amnesia33/
[2]
2021. Data extraction laboratory - VARIoT. Retrieved May 10, 2023 from https://www.variot.eu/2021/10/07/data-extraction-laboratory/
[3]
Abdullah Al-Boghdady, Mohammad El-Ramly, and Khaled Wassif. 2022. iDetect for vulnerability detection in internet of things operating systems using machine learning. Scientific Reports 12, 1 (2022), 17086.
[4]
Manish Bhurtel, Yuba R Siwakoti, and Danda B Rawat. 2022. Phishing Attack Detection with ML-Based Siamese Empowered ORB Logo Recognition and IP Mapper. In IEEE INFOCOM 2022-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 1--6.
[5]
Nitesh V Chawla, Kevin W Bowyer, Lawrence O Hall, and W Philip Kegelmeyer. 2002. SMOTE: synthetic minority over-sampling technique. Journal of artificial intelligence research 16 (2002), 321--357.
[6]
Mauro AA da Cruz, Lucas R Abbade, Pascal Lorenz, Samuel B Mafra, and Joel JPC Rodrigues. 2022. Detecting Compromised IoT Devices Through XGBoost. IEEE Transactions on Intelligent Transportation Systems (2022).
[7]
Universidad de Mondragón. 2021. IoT security - network traffic under normal and compromised conditions, Dataset. Retrieved May 10, 2023 from https://data.europa.eu/data/datasets?keywords=variot&locale=en
[8]
Xuanyu Duan, Mengmeng Ge, Triet Huynh Minh Le, Faheem Ullah, Shang Gao, Xuequan Lu, and M Ali Babar. 2021. Automated security assessment for the internet of things. In 2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE, 47--56.
[9]
Yong Fang, Yongcheng Liu, Cheng Huang, and Liang Liu. 2020. FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm. Plos one 15, 2 (2020), e0228439.
[10]
Marek Janiszewski, Marcin Rytel, Piotr Lewandowski, and Hubert Romanowski. 2022. VARIoT - Vulnerability and Attack Repository for the Internet of Things. In 2022 22nd IEEE International Symposium on Cluster, Cloud and Internet Computing (CCGrid). 752--755.
[11]
Deepak Kumar, Kelly Shen, Benton Case, Deepali Garg, Galina Alperovich, Dmitry Kuznetsov, Rajarshi Gupta, and Zakir Durumeric. 2019. All things considered: an analysis of IoT devices on home networks. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1169--1185.
[12]
Nour Moustafa, Benjamin Turnbull, and Kim-Kwang Raymond Choo. 2018. Towards automation of vulnerability and exploitation identification in IIoT networks. In 2018 IEEE International Conference on Industrial Internet (ICII). IEEE, 139--145.
[13]
Anton O Prokofiev, Yulia S Smirnova, and Vasiliy A Surov. 2018. A method to detect Internet of Things botnets. In 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). IEEE, 105--108.
[14]
Gartner Research. 2020. IoT Security Primer: Challenges and Emerging Practicess. Technical Report.
[15]
Yuba Raj Siwakoti, Manish Bhurtel, Danda B. Rawat, Adam Oest, and R. C. Johnson. 2023. Advances in IoT Security: Vulnerabilities, Enabled Criminal Services, Attacks, and Countermeasures. IEEE Internet of Things Journal 10, 13 (2023), 11224--11239.
[16]
Nazgol Tavabi, Palash Goyal, Mohammed Almukaynizi, Paulo Shakarian, and Kristina Lerman. 2018. Darkembed: Exploit prediction with neural language models. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 32.
[17]
Imtiaz Ullah and Qusay H Mahmoud. 2021. Network traffic flow based machine learning technique for IoT device identification. In 2021 IEEE International Systems Conference (SysCon). IEEE, 1--8.
Index Terms
- Detect-IoT: A Comparative Analysis of Machine Learning Algorithms for Detecting Compromised IoT Devices
Recommendations
Detecting compromised IoT devices: Existing techniques, challenges, and a way forward
AbstractIoT devices, whether connected to the Internet or operating in a private network, are vulnerable to cyber attacks from external or internal attackers or insiders who may succeed in physically compromising an IoT device. Once compromised, the IoT ...
Protecting IoT devices from security attacks using effective decision-making strategy of appropriate features
AbstractThe term "Internet of things (IoT)” refers to a network in which data from all connected devices may be gathered, analyzed, and modified as per requirements to offer new services. IoT devices require a constant Internet connection to exchange ...
A top-down survey on securing IoT with machine learning: goals, recent advances and challenges
The Internet of Things (IoT) has seen it all from being just another innovation to a leading technology; it is now a binding force that interconnects various aspects of our lives. The IoT's tremendous growth is driven by emerging applications and evolving ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2023
621 pages
ISBN:9781450399265
DOI:10.1145/3565287
- General Chairs:
- Jie Wu,
- Suresh Subramaniam,
- Program Chairs:
- Bo Ji,
- Carla Fabiana Chiasserini
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 October 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- U.S. National Science Foundation
- DoD Center of Excellence in AI and Machine Learning (CoE-AIML) at Howard University with the U.S. Army Research Laboratory
Conference
MobiHoc '23
Sponsor:
MobiHoc '23: Twenty-fourth International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing
October 23 - 26, 2023
DC, Washington, USA
Acceptance Rates
Overall Acceptance Rate 296 of 1,843 submissions, 16%
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 86Total Downloads
- Downloads (Last 12 months)86
- Downloads (Last 6 weeks)3
Reflects downloads up to 26 Sep 2024
Other Metrics
Citations
Cited By
View allView Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in