TY - JOUR
T1 - Detecting Anomalous IoT Traffic Flow with Locality Sensitive Hashes
AU - Charyyev, Batyr
AU - Gunes, Mehmet Hadi
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020
Y1 - 2020
N2 - Widespread adoption of Internet of Things (IoT) devices increased the variety of devices connected to a network. These devices have become a primary target of cyber-attacks as they introduce unmanaged vulnerabilities into the network. On the other hand, most of the IoT devices have a limited set of functionalities. Thus, it is possible to formulate the expected traffic pattern of the device and employ the network traffic to detect anomalous activities. Existing IoT traffic anomaly detection systems require tuning the parameters of machine learning algorithms used for the traffic classification. In this paper, we introduce a novel approach to detect the anomalous IoT network traffic based on the locality-sensitive hash of the traffic flow. The proposed Locality Sensitive Anomaly Detection (LSAD) approach does not require feature extraction from the data. Evaluation on a dataset with fifteen attacks shows that it can detect anomalous flows with an accuracy above 97% and achieve the same or better performance than machine learning approaches.
AB - Widespread adoption of Internet of Things (IoT) devices increased the variety of devices connected to a network. These devices have become a primary target of cyber-attacks as they introduce unmanaged vulnerabilities into the network. On the other hand, most of the IoT devices have a limited set of functionalities. Thus, it is possible to formulate the expected traffic pattern of the device and employ the network traffic to detect anomalous activities. Existing IoT traffic anomaly detection systems require tuning the parameters of machine learning algorithms used for the traffic classification. In this paper, we introduce a novel approach to detect the anomalous IoT network traffic based on the locality-sensitive hash of the traffic flow. The proposed Locality Sensitive Anomaly Detection (LSAD) approach does not require feature extraction from the data. Evaluation on a dataset with fifteen attacks shows that it can detect anomalous flows with an accuracy above 97% and achieve the same or better performance than machine learning approaches.
UR - http://www.scopus.com/inward/record.url?scp=85100422290&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85100422290&partnerID=8YFLogxK
U2 - 10.1109/GLOBECOM42002.2020.9322559
DO - 10.1109/GLOBECOM42002.2020.9322559
M3 - Conference article
AN - SCOPUS:85100422290
SN - 2334-0983
JO - Proceedings - IEEE Global Communications Conference, GLOBECOM
JF - Proceedings - IEEE Global Communications Conference, GLOBECOM
M1 - 9322559
T2 - 2020 IEEE Global Communications Conference, GLOBECOM 2020
Y2 - 7 December 2020 through 11 December 2020
ER -