Dimensionality reduction for detection of anomalies in the IoT traffic data

被引:10
作者
Olszewski, Dominik [1 ]
Iwanowski, Marcin [1 ]
Graniszewski, Waldemar [1 ]
机构
[1] Warsaw Univ Technol, Fac Elect Engn, Warsaw, Poland
来源
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE | 2024年 / 151卷
关键词
IoT network anomalies detection; IoT network intrusion attacks detection; Dimensionality reduction; IoT network traffic visualization; t-distributed stochastic neighbor embedding; Neighborhood retrieval visualizer; INTRUSION DETECTION; SELF-ORGANIZATION; SECURITY; INFORMATION; ATTACKS;
D O I
10.1016/j.future.2023.09.033
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper concerns cybersecurity issues in one of the fastest growing fields of modern computer systems the Internet-of-Things (IoT). In this field, intrusion detection plays a significant role in allowing IoT systems' safe functioning and continuous operation. Visualizing the IoT data using dimensionality reduction allows for an easy and straightforward traffic analysis based on a graphical data representation, eligible for interpretation even by non-experts. We present a study on IoT network intrusion detection using three dimensionality reduction methods, namely, the Self-Organizing Map (SOM), the t-distributed Stochastic Neighbor Embedding (t-SNE), and the Neighborhood Retrieval Visualizer (NeRV). We show that applying them to the IoT traffic allows for reducing the original traffic feature space to a 2-D one, where anomalies may be noticed visually as outliers. The purpose of our study and its original contribution is conducting a comparative analysis of the t-SNE versus NeRV dimensionality reduction approaches in both: theoretical and empirical aspects. We notice and point out specific significant differences between these methods, which, as we claim, are responsible for their different performance in the IoT field, which is validated by our empirical study on real-world IoT traffic datasets. The results of our experimental research provide an interesting insight into the behavior of the investigated techniques and confirm their effectiveness and usability in IoT anomalies detection.
引用
收藏
页码:137 / 151
页数:15
相关论文
共 51 条
[1]  
Ankerst M., 1999, SIGMOD Record, V28, P49, DOI 10.1145/304181.304187
[2]   Dimensionality-Reduction Methods for the Analysis of Web Traffic [J].
Basurto, Nuno ;
Michelena, Alvaro ;
Urda, Daniel ;
Quintian, Hector ;
Luis Calvo-Rolle, Jose ;
Herrero, Alvaro .
INTERNATIONAL JOINT CONFERENCE 15TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS (CISIS 2022) 13TH INTERNATIONAL CONFERENCE ON EUROPEAN TRANSNATIONAL EDUCATION (ICEUTE 2022), 2023, 532 :62-72
[3]  
Belkin M, 2002, ADV NEUR IN, V14, P585
[4]   Network Intrusion Detection for IoT Security Based on Learning Techniques [J].
Chaabouni, Nadia ;
Mosbah, Mohamed ;
Zemmari, Akka ;
Sauvignac, Cyrille ;
Faruki, Parvez .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2019, 21 (03) :2671-2701
[5]   A Cluster-Based Multidimensional Approach for Detecting Attacks on Connected Vehicles [J].
D'Angelo, Gianni ;
Castiglione, Arcangelo ;
Palmieri, Francesco .
IEEE INTERNET OF THINGS JOURNAL, 2021, 8 (16) :12518-12527
[6]   Network traffic classification using deep convolutional recurrent autoencoder neural networks for spatial-temporal features extraction [J].
D'Angelo, Gianni ;
Palmieri, Francesco .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2021, 173
[7]   A Comprehensive Study of Anomaly Detection Schemes in IoT Networks Using Machine Learning Algorithms [J].
Diro, Abebe ;
Chilamkurti, Naveen ;
Nguyen, Van-Doan ;
Heyne, Will .
SENSORS, 2021, 21 (24)
[8]   Dimensionality Reduction and Anomaly Detection for CPPS Data using Autoencoder [J].
Eiteneuer, Benedikt ;
Hranisavljevic, Nemanja ;
Niggemann, Oliver .
2019 IEEE INTERNATIONAL CONFERENCE ON INDUSTRIAL TECHNOLOGY (ICIT), 2019, :1286-1292
[9]  
Ester Martin, 1996, P 2 INT C KNOWLEDGE, V96, P226, DOI DOI 10.5555/3001460.3001507
[10]  
Ferreira D.C., 2019, IEEE IJCNN, P1