Network Level Detection of IOT Attacks Via Time Series Shape Mining
Date of Award
4-2024
Degree Name
Master of Science
Department
Computer Science
First Advisor
Shameek Bhattacharjee Ph.D.
Second Advisor
Li Yang Ph.D.
Third Advisor
Ajay Gupta Ph.D.
Keywords
Cybersecurity, dynamic time warping (DTW), internet of things, lehmer mean, machine learning, time series analysis
Access Setting
Masters Thesis-Abstract Only
Restricted to Campus until
10-1-2025
Abstract
This research proposes a method, for detecting intrusions in the Internet of Things (IoT) realm. This approach was specifically tested using datasets containing both benign, and attacks on smart home devices like the Belkin Wemo Power Switch, Lifx Smart Bulb, Amazon Echo, and Netatmo Welcome Camera. These attacks consist of specification-compliant volumetric DDoS attacks, which can be both direct and reflective, with very low traffic volumes implemented in an ON-OFF pattern. Here, the ON-OFF pattern can be referred to as a pulse attack strategy.
We combined non-linear statistical moving averages, and Dynamic Time Warping into a single framework that can actively distinguish between normal operations and volumetric DDOS attacks. Initially, we used a non-linear moving average method that defines an overall low-dimensional representation of different flows communicating with any IoT devices. This method distinguishes between benign conditions and attack scenarios based on shape and value characteristics.
This framework enables us to utilize DTW to detect deviations in device behavior by comparing two sequences of network traffic volume. We demonstrate that during attacks our integrated model produces higher scores than benign instances. It also tends to establish unique clusters that facilitate accurate classification, between attack and benign behaviors. After getting the anticipated outcome through our model, we have used logistic regression to illustrate. Using logistic regression, we have validated our findings for benign and attack datasets from all four devices sourced from the UNSW smart home IoT dataset.
Recommended Citation
Basu, Srijani, "Network Level Detection of IOT Attacks Via Time Series Shape Mining" (2024). Masters Theses. 5396.
https://scholarworks.wmich.edu/masters_theses/5396