Behavior of the DenStream Clustering Algorithm for Attack Detection in the Internet of Things

Behavior of the DenStream Clustering Algorithm for Attack Detection in the Internet of Things

Multiple attack detection schemes based on supervised batch learning are presented in the literature as an alternative to improve Internet of Things (IoT) security. These schemes require benign and malicious traffic samples for training and are unable to easily adapt to changes in the analyzed data...

Full description

Bibliographic Details
Main Authors: Gabriel Keith Tazima, Bruno Bogaz Zarpelao (COMP/UEL)
Format: Article
Language:English
Published: Universidade Estadual de Londrina 2023-12-01
Series:Semina: Ciências Exatas e Tecnológicas
Subjects:
stream mining
cyberattack detection
internet of things
cybersecurity
Online Access:https://ojs.uel.br/revistas/uel/index.php/semexatas/article/view/48956
Description
Summary:Multiple attack detection schemes based on supervised batch learning are presented in the literature as an alternative to improve Internet of Things (IoT) security. These schemes require benign and malicious traffic samples for training and are unable to easily adapt to changes in the analyzed data. In this work, we study how we can use DenStream, an unsupervised stream mining algorithm, to detect attacks in IoT networks. This type of algorithm does not require labeled examples and can learn incrementally, adapting to changes. We aim to investigate whether attacks can be detected by monitoring the behavior of DenStream's clusters. The results showed that DenStream could provide indicators of attack occurrence in TCP, UDP, and ICMP traffic.
ISSN:1676-5451
1679-0375

Similar Items