Detecting Anomalous IoT Traffic Flow with Locality Sensitive Hashes

Batyr Charyyev, Mehmet Hadi Gunes

    Research output: Contribution to journalConference articlepeer-review

    16 Scopus citations

    Abstract

    Widespread adoption of Internet of Things (IoT) devices increased the variety of devices connected to a network. These devices have become a primary target of cyber-attacks as they introduce unmanaged vulnerabilities into the network. On the other hand, most of the IoT devices have a limited set of functionalities. Thus, it is possible to formulate the expected traffic pattern of the device and employ the network traffic to detect anomalous activities. Existing IoT traffic anomaly detection systems require tuning the parameters of machine learning algorithms used for the traffic classification. In this paper, we introduce a novel approach to detect the anomalous IoT network traffic based on the locality-sensitive hash of the traffic flow. The proposed Locality Sensitive Anomaly Detection (LSAD) approach does not require feature extraction from the data. Evaluation on a dataset with fifteen attacks shows that it can detect anomalous flows with an accuracy above 97% and achieve the same or better performance than machine learning approaches.

    Original languageEnglish
    Article number9322559
    JournalProceedings - IEEE Global Communications Conference, GLOBECOM
    DOIs
    StatePublished - 2020
    Event2020 IEEE Global Communications Conference, GLOBECOM 2020 - Virtual, Taipei, Taiwan, Province of China
    Duration: 7 Dec 202011 Dec 2020

    Fingerprint

    Dive into the research topics of 'Detecting Anomalous IoT Traffic Flow with Locality Sensitive Hashes'. Together they form a unique fingerprint.

    Cite this