IoT-KEEPER: Detecting Malicious IoT Network Activity Using Online Traffic Analysis at the Edge
Top Cited Papers
- 15 January 2020
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Network and Service Management
- Vol. 17 (1), 45-59
- https://doi.org/10.1109/tnsm.2020.2966951
Abstract
IoT devices are notoriously vulnerable even to trivial attacks and can be easily compromised. In addition, resource constraints and heterogeneity of IoT devices make it impractical to secure IoT installations using traditional endpoint and network security solutions. To address this problem, we present IOTKEEPER, a lightweight system which secures the communication of IoT. IOT-KEEPER uses our proposed anomaly detection technique to perform traffic analysis at edge gateways. It uses a combination of fuzzy C-means clustering and fuzzy interpolation scheme to analyze network traffic and detect malicious network activity. Once malicious activity is detected, IOT-KEEPER automatically enforces network access restrictions against IoT device generating this activity, and prevents it from attacking other devices or services. We have evaluated IOT-KEEPER using a comprehensive dataset, collected from a real-world testbed, containing popular IoT devices. Using this dataset, our proposed technique achieved high accuracy (≈ 0:98) and low false positive rate (≈ 0:02) for detecting malicious network activity. Our evaluation also shows that IOT-KEEPER has low resource footprint, and it can detect and mitigate various network attacks–without requiring explicit attack signatures or sophisticated hardware.Keywords
Funding Information
- Academy of Finland (314008)
- Business Finland 5G-FORCE research project, and Doctoral Programme in Computer Sciences (DoCS) at University of Helsinki
This publication has 30 references indexed in Scilit:
- Challenges in Data CrowdsourcingIEEE Transactions on Knowledge and Data Engineering, 2016
- OpenSec: Policy-Based Security Using Software-Defined NetworkingIEEE Transactions on Network and Service Management, 2016
- Security, privacy and trust in Internet of Things: The road aheadComputer Networks, 2015
- Fuzziness parameter selection in fuzzy c-means: The perspective of cluster validationScience China Information Sciences, 2014
- Uninvited Connections: A Study of Vulnerable Devices on the Internet of Things (IoT)Published by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Making middleboxes someone else's problemACM SIGCOMM Computer Communication Review, 2012
- Estimating the Number of Clusters in a Data Set Via the Gap StatisticJournal of the Royal Statistical Society Series B: Statistical Methodology, 2001
- Convergence properties of the generalized fuzzy c-means clustering algorithmsComputers & Mathematics with Applications, 1993
- Silhouettes: A graphical aid to the interpretation and validation of cluster analysisJournal of Computational and Applied Mathematics, 1987
- Local convergence of the fuzzy c-Means algorithmsPattern Recognition, 1986