Concept Drift Analysis by Dynamic Residual Projection for effectively Detecting Botnet Cyber-attacks in IoT scenarios

Hanli Qiao*, Boris Novikov, Jan Blech*

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: LehtiartikkeliArticleScientificvertaisarvioitu

22 Sitaatiot (Scopus)

Abstrakti

IoT devices typically stream data such as sensor values to other devices including cloud-based services. Analyzing these streams for Cyber-attacks is a challenging task. This is due to the infinite nature of stream-based datatypes. Analyzing streams can require additional real-time processing and computational performance capabilities. In this paper, we focus on how concept drifts affect Botnet cyber-attack detection in IoT scenarios. To reveal the result, we incorporate the concept drift analysis to detect cyber-attacks on the Bot-IoT dataset, which consists of legitimate and simulated IoT network traffics, together with various types of attacks. We designed sub-datasets of the Bot-IoT to ensure the concept drift occurs that eventually complete the experiments. The detection accuracies improved 15% to 26% compared with the classification models without concept drift analysis. We also gain superior performance results by comparing confusion matrices when concept drift analysis is ongoing. We propose a technique featuring a dynamic sliding window based on the residual projection to perform concept drift analysis. During the process of finding concepts in data streams, the sample number is updated dynamically by comparing the anomalous quantity obtained by the residual projection method in the current window to the previous one. In addition to the Bot-IoT dataset, our method is also applied to two popular synthetic datasets SEA Concept and UG-2C-5D. The results demonstrate the effectiveness of our method with respect to the false alarm rate, misses, and average delay.
AlkuperäiskieliEnglanti
Sivut3692-3701
Sivumäärä10
JulkaisuIEEE Transactions on Industrial Informatics
Vuosikerta18
Numero6
Varhainen verkossa julkaisun päivämäärä30 elok. 2021
DOI - pysyväislinkit
TilaJulkaistu - 1 kesäk. 2022
OKM-julkaisutyyppiA1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä

Sormenjälki

Sukella tutkimusaiheisiin 'Concept Drift Analysis by Dynamic Residual Projection for effectively Detecting Botnet Cyber-attacks in IoT scenarios'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä