Anthi, Eirini, Williams, Lowri, Malgorzata, Slowinska, Theodorakopoulos, Georgios  ORCID: https://orcid.org/0000-0003-2701-7809 and Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X
2019.
A supervised intrusion detection system for smart home IoT devices.
IEEE Internet of Things
6
(5)
, pp. 9042-9053.
10.1109/JIOT.2019.2926365
|
Preview |
PDF
- Accepted Post-Print Version
Download (592kB) | Preview |
Abstract
The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate every day tasks, they also introduce tremendous security flaws. Current insufficient security measures employed to defend smart devices make IoT the `weakest' link to breaking into a secure infrastructure, and therefore an attractive target to attackers. This paper proposes a three layer Intrusion Detection System (IDS) that uses a supervised approach to detect a range of popular network based cyber-attacks on IoT networks. The system consists of three main functions: 1) classify the type and profile the normal behaviour of each IoT device connected to the network, 2) identifies malicious packets on the network when an attack is occurring, and 3) classifies the type of the attack that has been deployed. The system is evaluated within a smart home testbed consisting of 8 popular commercially available devices. The effectiveness of the proposed IDS architecture is evaluated by deploying 12 attacks from 4 main network based attack categories such as: Denial of Service (DoS), Man-In-The-Middle (MITM)/Spoofing, Reconnaissance, and Replay. Additionally, the system is also evaluated against 4 scenarios of multi-stage attacks with complex chains of events. The performance of the system's three core functions result in an F-measure of: 1) 96.2%, 2) 90.0%, and 3) 98.0%. This demonstrates that the proposed architecture can automatically distinguish between IoT devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device connected to the network successfully.
| Item Type: | Article |
|---|---|
| Date Type: | Publication |
| Status: | Published |
| Schools: | Computer Science & Informatics |
| Publisher: | Institute of Electrical and Electronics Engineers (IEEE) |
| ISSN: | 2327-4662 |
| Date of First Compliant Deposit: | 8 July 2019 |
| Date of Acceptance: | 26 June 2019 |
| Last Modified: | 07 Nov 2023 03:39 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/123767 |
Citation Data
Cited 177 times in Scopus. View in Scopus. Powered By Scopus® Data
Actions (repository staff only)
 |
Edit Item |
Altmetric
Altmetric
Cardiff University Information Services