B.3. Communication/Networking and Information Technology
S. Mojtaba Matinkhah; Roya Morshedi; Akbar Mostafavi
Abstract
The Internet of Things (IoT) has emerged as a rapidly growing technology that enables seamless connectivity between a wide variety of devices. However, with this increased connectivity comes an increased risk of cyber-attacks. In recent years, the development of intrusion detection systems (IDS) has ...
Read More
The Internet of Things (IoT) has emerged as a rapidly growing technology that enables seamless connectivity between a wide variety of devices. However, with this increased connectivity comes an increased risk of cyber-attacks. In recent years, the development of intrusion detection systems (IDS) has become critical for ensuring the security and privacy of IoT networks. This article presents a study that evaluates the accuracy of an intrusion detection system (IDS) for detecting network attacks in the Internet of Things (IoT) network. The proposed IDS uses the Decision Tree Classifier and is tested on four benchmark datasets: NSL-KDD, BOT-IoT, CICIDS2017, and MQTT-IoT. The impact of noise on the training and test datasets on classification accuracy is analyzed. The results indicate that clean data has the highest accuracy, while noisy datasets significantly reduce accuracy. Furthermore, the study finds that when both training and test datasets are noisy, the accuracy of classification decreases further. The findings of this study demonstrate the importance of using clean data for training and testing an IDS in IoT networks to achieve accurate classification. This research provides valuable insights for the development of a robust and accurate IDS for IoT networks.
M. Yadollahzadeh Tabari; Z. Mataji
Abstract
The Internet of Things (IoT) is a novel paradigm in computer networks which is capable to connect things to the internet via a wide range of technologies. Due to the features of the sensors used in IoT networks and the unsecured nature of the internet, IoT is vulnerable to many internal routing attacks. ...
Read More
The Internet of Things (IoT) is a novel paradigm in computer networks which is capable to connect things to the internet via a wide range of technologies. Due to the features of the sensors used in IoT networks and the unsecured nature of the internet, IoT is vulnerable to many internal routing attacks. Using traditional IDS in these networks has its own challenges due to the resource constraint of the nodes, and the characteristics of the IoT network. A sinkhole attacker node, in this network, attempts to attract traffic through incorrect information advertisement. In this research, a distributed IDS architecture is proposed to detect sinkhole routing attack in RPL-based IoT networks, which is aimed to improve true detection rate and reduce the false alarms. For the latter we used one type of post processing mechanism in which a threshold is defined for separating suspicious alarms for further verifications. Also, the implemented IDS modules distributed via client and router border nodes that makes it energy efficient. The required data for interpretation of network’s behavior gathered from scenarios implemented in Cooja environment with the aim of Rapidminer for mining the produces patterns. The produced dataset optimized using Genetic algorithm by selecting appropriate features. We investigate three different classification algorithms which in its best case Decision Tree could reaches to 99.35 rate of accuracy.
G.3.5. Systems
M. Rezvani
Abstract
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional ...
Read More
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud environments. This is because that such IDSs employ only the network information in their detection engine and this, therefore, makes them ineffective for the cloud-specific vulnerabilities. In this paper, we propose a novel assessment methodology for anomaly-based IDSs for cloud computing which takes into account both network and system-level information for generating the evaluation dataset. In addition, our approach deploys the IDS sensors in each virtual machine in order to develop a cooperative anomaly detection engine. The proposed assessment methodology is then deployed in a testbed cloud environment to generate an IDS dataset which includes both network and system-level features. Finally, we evaluate the performance of several machine learning algorithms over the generated dataset. Our experimental results demonstrate that the proposed IDS assessment approach is effective for attack detection in the cloud as most of the algorithms are able to identify the attacks with a high level of accuracy.