Quality, Reliability, Security and Robustness in Heterogeneous Systems. 19th EAI International Conference, QShine 2023, Shenzhen, China, October 8 – 9, 2023, Proceedings, Part I

Research Article

An Abnormal Detection Method Based on the Device Interaction Behavior in the Internet of Things

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-031-65126-7_27,
    author={Wenjing Jin and Xiaofei Cui and Chengsheng Zhou and Hanxue Li and Jianbo Zheng},
    title={An Abnormal Detection Method Based on the Device Interaction Behavior in the Internet of Things},
    proceedings={Quality, Reliability, Security and Robustness in Heterogeneous Systems. 19th EAI International Conference, QShine 2023, Shenzhen, China, October 8 -- 9, 2023, Proceedings, Part I},
    proceedings_a={QSHINE},
    year={2024},
    month={8},
    keywords={Internet of Things Anomaly Detection Device Interaction Behaviors Machine Learning},
    doi={10.1007/978-3-031-65126-7_27}
}
  • Wenjing Jin
    Xiaofei Cui
    Chengsheng Zhou
    Hanxue Li
    Jianbo Zheng
    Year: 2024
    An Abnormal Detection Method Based on the Device Interaction Behavior in the Internet of Things
    QSHINE
    Springer
    DOI: 10.1007/978-3-031-65126-7_27
Wenjing Jin1, Xiaofei Cui1, Chengsheng Zhou1,*, Hanxue Li2, Jianbo Zheng3
  • 1: China Academy of Information and Communications Technology (CAICT)
  • 2: School of Communications and Information Engineering, Chongqing University of Posts and Telecommunications
  • 3: Guangdong-Hong Kong-Macao Joint Laboratory for Emotional Intelligence and Pervasive Computing, Shenzhen MSU-BIT University, Shenzhen
*Contact email: zhouchengsheng@caict.ac.cn

Abstract

With the development of smart homes, digital medicine, the Internet of vehicles, and other technologies, the application of the Internet of Things (IoT) is becoming more and more popular, and its security issues have attracted more and more attention from researchers. Anomaly detection schemes based on traffic can find anomalies at different levels by external means, which is a key part of the security protection of the IoT. However, existing researchers are faced with the problems of insufficient generality and strong method limitations. In view of this, based on the stability and constraint reflected by the physical constraints followed by the operation of the IoT system and the domain specification on the device interaction behavior, this study proposes a hierarchical traffic characteristic based on the integration of spatiotemporal characteristics of different levels such as packet, stream, session, host, etc. Secondly, based on the complete interaction behavior feature space, an integrated anomaly detection model is established by learning the interaction behaviors of different device pairs to realize accurate and efficient security event discovery. Finally, the propose method is evaluated on a BoT-IoT dataset. Ten-fold cross-check and the detection accuracy under different attack traffic and normal traffic ratio show the feasibility and superiority of the propose method.

Keywords
Internet of Things Anomaly Detection Device Interaction Behaviors Machine Learning
Published
2024-08-20
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-031-65126-7_27
Copyright © 2023–2025 ICST
EAI Logo

About EAI

Community

Publish with EAI