Toward Secure Edge Networks Taming Device to Device (D2D) Communication in IoT
This work addresses security for IoT networks by improving anomaly detection, though it appears incremental as it builds on existing methods like fuzzy C-means clustering.
The authors tackled the problem of detecting malicious traffic in IoT networks by proposing IoT-guard, a lightweight technique using semi-supervised learning, which achieved 98% accuracy in distinguishing malicious from benign traffic in a real-world testbed with over 30 devices.
The growing popularity of Internet-of-Things (IoT) has created the need for network-based traffic anomaly detection systems that could identify misbehaving devices. In this work, we propose a lightweight technique, IoT-guard, for identifying malicious traffic flows. IoT-guard uses semi-supervised learning to distinguish between malicious and benign device behaviours using the network traffic generated by devices. In order to achieve this, we extracted 39 features from network logs and discard any features containing redundant information. After feature selection, fuzzy C-Mean (FCM) algorithm was trained to obtain clusters discriminating benign traffic from malicious traffic. We studied the feature scores in these clusters and use this information to predict the type of new traffic flows. IoT-guard was evaluated using a real-world testbed with more than 30 devices. The results show that IoTguard achieves high accuracy (98%), in differentiating various types of malicious and benign traffic, with low false positive rates. Furthermore, it has low resource footprint and can operate on OpenWRT enabled access points and COTS computing boards.