A method for vulnerability detection by IoT network traffic analytics

被引：2

作者：

Brezolin, Uelinton ^{[1
]}

Vergutz, Andressa ^{[1
]}

Nogueira, Michele ^{[2
]}

机构：

[1] Univ Fed Parana, Dept Informat, Curitiba, PR, Brazil

[2] Univ Fed Minas Gerais, Dept Comp Sci, Belo Horizonte, MG, Brazil

来源：

AD HOC NETWORKS | 2023年 / 149卷

基金：

巴西圣保罗研究基金会;

关键词：

Internet of Things; Vulnerability detection; Entropy; Traffic analysis; CLASSIFICATION;

D O I：

10.1016/j.adhoc.2023.103247

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The Internet of Things comprises wireless devices with limited computing resources. It targets attacks that exploit vulnerabilities such as unencrypted data transfer. Conventional vulnerability detection occurs from databases that list the most common vulnerabilities and exploits (CVEs). However, these bases are limited to known vulnerabilities, which is not the case for the IoT context most of the time. This work proposes MANDRAKE: a Method for vulnerAbilities detectioN baseD on the IoT netwoRk pAcKEt traffic using machine learning techniques. A performance evaluation has been conducted in a smart home scenario taking as basis two datasets, one generated experimentally for this work and the other from the literature. The results have achieved 99% precision in detecting vulnerabilities in network traffic.

引用

页数：10

共 35 条

[1] Harer JA, 2018, Arxiv, DOI arXiv:1803.04497
[2] [Anonymous], 2021, Forbes
[3] Unsupervised machine learning for network-centric anomaly detection in IoT
Bhatia, Randeep
Benno, Steven
Esteban, Jairo
Lakshman, T., V
Grogan, John
[J]. BIG-DAMA'19: PROCEEDINGS OF THE 3RD ACM CONEXT WORKSHOP ON BIG DATA, MACHINE LEARNING AND ARTIFICIAL INTELLIGENCE FOR DATA COMMUNICATION NETWORKS, 2019, : 42 - 48
[4] Bing Zhang, 2020, 2020 International Conference on Urban Engineering and Management Science (ICUEMS). Proceedings, P568, DOI 10.1109/ICUEMS50872.2020.00125
[5] Machine Learning Methods for Software Vulnerability Detection
Chernis, Boris
Verma, Rakesh
[J]. IWSPA '18: PROCEEDINGS OF THE FOURTH ACM INTERNATIONAL WORKSHOP ON SECURITY AND PRIVACY ANALYTICS, 2018, : 31 - 39
[6] Dorfinger P, 2011, LECT NOTES COMPUT SC, V6613, P164, DOI 10.1007/978-3-642-20305-3_14
[7] FORESEE: A Cross-Layer Vulnerability Detection Framework for the Internet of Things
Fang, Zheng
Fu, Hao
Gu, Tianbo
Qian, Zhiyun
Jaeger, Trent
Mohapatra, Prasant
[J]. 2019 IEEE 16TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SMART SYSTEMS (MASS 2019), 2019, : 236 - 244
[8] SecGrid: a Visual System for the Analysis and ML-based Classification of Cyberattack Traffic
Franco, Muriel
Von der Assen, Jan
Boillat, Luc
Killer, Christian
Rodrigues, Bruno
Scheid, Eder J.
Granville, Lisandro
Stiller, Burkhard
[J]. PROCEEDINGS OF THE IEEE 46TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2021), 2021, : 140 - 147
[9] Toward Smarter Vulnerability Discovery Using Machine Learning
Grieco, Gustavo
Dinaburg, Artem
[J]. AISEC'18: PROCEEDINGS OF THE 11TH ACM WORKSHOP ON ARTIFICIAL INTELLIGENCE AND SECURITY, 2018, : 48 - 56
[10] Transfer Learning for User Action Identification in Mobile Apps via Encrypted Traffic Analysis
Grolman, Edita
Finkelshtein, Andrey
Puzis, Rami
Shabtai, Asaf
Celniker, Gershon
Katzir, Ziv
Rosenfeld, Liron
[J]. IEEE INTELLIGENT SYSTEMS, 2018, 33 (02) : 40 - 53

← 1 2 3 4 →