Integrating complex event processing and machine learning: An intelligent architecture for detecting IoT security attacks

Roldán, José Mena; Boubeta-Puig, Juan; Martínez, José Luis; Ortiz, Guadalupe

doi:10.1016/j.eswa.2020.113251

Cited by 89 publications

(48 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…When a network attack occurs in an SDN, ML can be introduced as a detection technology to dynamically control and route the communication flow. Recently, studies using ML to detect and automatically respond to DDoS attacks, abnormal patterns, and data leaks against IoT networks and devices have increased [60,[189][190][191][192][193][194][195][196][197][198][199].…”

Section: Identification Of Topics In Iot Securitymentioning

confidence: 99%

Current Research Trends in IoT Security: A Systematic Mapping Study

Lee

2021

Mobile Information Systems

View full text Add to dashboard Cite

The smart mobile Internet-of-things (IoT) network lays the foundation of the fourth industrial revolution, the era of hyperconnectivity, hyperintelligence, and hyperconvergence. As this revolution gains momentum, the security of smart mobile IoT networks becomes an essential research topic. This study aimed to provide comprehensive insights on IoT security. To this end, we conducted a systematic mapping study of the literature to identify evolving trends in IoT security and determine research subjects. We reviewed the literature from January 2009 to August 2020 to identify influential researchers and trends of keywords. We additionally performed structural topic modeling to identify current research topics and the most promising ones via topic trend estimation. We synthesized and interpreted the results of the systematic mapping study to devise future research directions. The results obtained from this study are useful to understand current trends in IoT security and provide insights into research and development of IoT security.

show abstract

Section: Identification Of Topics In Iot Securitymentioning

confidence: 99%

Current Research Trends in IoT Security: A Systematic Mapping Study

Lee

2021

Mobile Information Systems

View full text Add to dashboard Cite

show abstract

“…Roldán [11] developed an intelligent architecture in the IoT environment for detecting security attacks using Integrated complex event processing and machine learning algorithms. The existing models faced the challenge during detection of attacks such as malware, privacy breaches and denial of service attacks.…”

Section: Literature Reviewmentioning

confidence: 99%

Detecting Internet of Things Attacks Using Post Pruning Decision Tree-Synthetic Minority Over Sampling Technique

Karthik¹,

Murugesan²

2021

IJIES

View full text Add to dashboard Cite

In recent decades, the Internet of Things (IoT) is a growing technology in smart applications, where it is highly susceptible to security breaches and the resources are constrained in nature. Hence, the growth of IoT devices allows the hackers to take benefit of the communication capabilities to detect different types of attacks such from NSL-KDD such as Denial of Service (DoS), Probe, Remote to Local (R2L) and User to Root (U2R) attacks. The existing deep networks used larger data in training because the size of non-predictive parameters for learning required huge potential to attack detection. In order to overcome the problem occurred in the existing models, an efficient Post Pruning Decision Tree-Synthetic Minority Over-Sampling Technique (PPDT-SMOTE) is proposed in the research work. The proposed PPDT-SMOTE eliminates or pruned the non-predictive parameters from the huge data samples and SMOTE solves the data imbalance problems as they use the prominent samples from the non-pruned regions. Thus the PPDT models improves the learning rate of the system for huge data and SMOTE will overcome the problem of class imbalance problem as the learning rate is improved. The results obtained from the proposed PPDT-SMOTE approach effectively detects the DoS, Probe, U2R, and R2L attacks in terms of accuracy as 98.04% better when compared to the existing shallow models of 95.22%, Routing Protocol for Low Power and Lossy Networks (RPL) of 91.5 % and Multi-Convolution Neural Network (CNN) fusion model of 64.81% in the IoT environment.

show abstract

“…FNR: The rate of the malevolent node to total normal nodes incorrectly signed as a normal node. [21][22][23][24][25] The calculation is proved by Equation 12. PDR: This criterion represents the rate of packets that were successfully delivered to the destination.…”

Section: Dr = Tpr Tpr + Fnrmentioning

confidence: 99%

“…

italicDR = ((), \frac{italicTPR}{TPR + FNR}) * 100 where All = italicTPR + italicTNR + italicFPR + italicFNR

FPR: The FPR is determined by the total number of nodes mistakenly found as the malevolent nodes divided by the total number of usual nodes 18–20 . Hence, Equation illustrates the

italicFPR = ((), \frac{italicFPR}{FPR + TNR}) * 100, where italicTNR = ((), \frac{italicTNR}{TNR + FPR}) * 100

FNR: The rate of the malevolent node to total normal nodes incorrectly signed as a normal node 21–25 . The calculation is proved by Equation .…”

Section: Performance Evaluationmentioning

confidence: 99%

A method based on encryption and node rating for securing the RPL protocol communications in the IoT ecosystem

Zaminkar¹,

Sarkohaki

Fotohi

2020

Int J Communication

View full text Add to dashboard Cite

Summary Internet of Things (IoT) provides the possibility for milliards of devices throughout the world to communicate with each other, and data are collected autonomously. The big data generated by the devices should be managed securely. Due to security challenges, like malicious nodes, many approaches cannot respond to these concerns. In this paper, a robust hybrid method, including encryption, is used as an efficient approach for resolving the Low‐Power and Lossy Networks (RPL) protocol concerns so that the devices are connected securely. Therefore, the proposed Detection of sinkholes in RPL (DSH‐RPL) method for securing the RPL protocol comprises the four following phases: the first phase creates a reliable RPL. The second phase detects the sinkhole attack. The third phase quarantines the detected malicious node, and the fourth phase transmits data through encryption. The simulation results show that the DSH‐RPL reduces the false‐positive rate more than 18.2% and 23.1% and reduces the false‐negative rate more than 16.1% and 22.78% and it also increases the packet delivery rate more than 19.68% and 25.32% and increases the detection rate more than 26% and 31% compared to SecTrust‐RPL and IBOOS‐RPL.

show abstract

Integrating complex event processing and machine learning: An intelligent architecture for detecting IoT security attacks

Cited by 89 publications

References 15 publications

Current Research Trends in IoT Security: A Systematic Mapping Study

Current Research Trends in IoT Security: A Systematic Mapping Study

Detecting Internet of Things Attacks Using Post Pruning Decision Tree-Synthetic Minority Over Sampling Technique

A method based on encryption and node rating for securing the RPL protocol communications in the IoT ecosystem

Contact Info

Product

Resources

About