Multiclass Classification Procedure for Detecting Attacks on MQTT-IoT Protocol
This work addresses cybersecurity challenges for IoT systems, which are heterogeneous and continuously connected, by improving intrusion detection through machine learning, though it appears incremental in applying existing methods to a specific domain.
The paper tackled the problem of detecting attacks in IoT networks using the MQTT protocol by developing classification models for intrusion detection systems, achieving very satisfactory results with ensemble methods and deep learning models.
The large number of sensors and actuators that make up the Internet of Things obliges these systems to use diverse technologies and protocols. This means that IoT networks are more heterogeneous than traditional networks. This gives rise to new challenges in cybersecurity to protect these systems and devices which are characterized by being connected continuously to the Internet. Intrusion detection systems (IDS) are used to protect IoT systems from the various anomalies and attacks at the network level. Intrusion Detection Systems (IDS) can be improved through machine learning techniques. Our work focuses on creating classification models that can feed an IDS using a dataset containing frames under attacks of an IoT system that uses the MQTT protocol. We have addressed two types of method for classifying the attacks, ensemble methods and deep learning models, more specifically recurrent networks with very satisfactory results.