Date of Award

4-2024

Degree Name

Master of Science

Department

Computer Science

First Advisor

Shameek Bhattacharjee Ph.D.

Second Advisor

Li Yang Ph.D.

Third Advisor

Ajay Gupta Ph.D.

Keywords

Cybersecurity, dynamic time warping (DTW), internet of things, lehmer mean, machine learning, time series analysis

Access Setting

Masters Thesis-Open Access

Abstract

This research proposes a method, for detecting intrusions in the Internet of Things (IoT) realm. This approach was specifically tested using datasets containing both benign, and attacks on smart home devices like the Belkin Wemo Power Switch, Lifx Smart Bulb, Amazon Echo, and Netatmo Welcome Camera. These attacks consist of specification-compliant volumetric DDoS attacks, which can be both direct and reflective, with very low traffic volumes implemented in an ON-OFF pattern. Here, the ON-OFF pattern can be referred to as a pulse attack strategy.

We combined non-linear statistical moving averages, and Dynamic Time Warping into a single framework that can actively distinguish between normal operations and volumetric DDOS attacks. Initially, we used a non-linear moving average method that defines an overall low-dimensional representation of different flows communicating with any IoT devices. This method distinguishes between benign conditions and attack scenarios based on shape and value characteristics.

This framework enables us to utilize DTW to detect deviations in device behavior by comparing two sequences of network traffic volume. We demonstrate that during attacks our integrated model produces higher scores than benign instances. It also tends to establish unique clusters that facilitate accurate classification, between attack and benign behaviors. After getting the anticipated outcome through our model, we have used logistic regression to illustrate. Using logistic regression, we have validated our findings for benign and attack datasets from all four devices sourced from the UNSW smart home IoT dataset.

Download

Share

COinS