Influence of experimental illumination and seasonal variation on crossbreending mating in the snail Biomphalaria Glabrata

Internet of Things (IoT) devices have become increasingly widespread. Despite their potential of improving multiple application domains, these devices have poor security, which can be explored by attackers to build large-scale botnets. In this work, we propose a host-based approach to detect botnets in IoT devices, named IoTDS (Internet of Things Detection System). It relies on one-class classifiers, which model only the legitimate device behaviour for further detection of deviations, avoiding the manual labelling process. The proposed solution is underpinned by a novel agent-manager architecture based on HTTPS, which prevents the IoT device from being overloaded by the training activities. To analyse the device’s behaviour, the approach extracts features from the device’s CPU utilisation and temperature, memory consumption, and number of running tasks, meaning that it does not make use of network traffic data. To test our approach, we used an experimental IoT setup containing a device compromised by bot malware. Multiple scenarios were made, including three different IoT device profiles and seven botnets. Four one-class algorithms (Elliptic Envelope, Isolation Forest, Local Outlier Factor, and One-class Support Vector Machine) were evaluated. The results show the proposed system has a good predictive performance for different botnets, achieving a mean F1-score of 94% for the best performing algorithm, the Local Outlier Factor. The system also presented a low impact on the device’s energy consumption, and CPU and memory utilisation.

show abstract

Process mining and hierarchical clustering to help intrusion alert visualization

Alvarenga

Barbon

Miani

et al. 2018

Computers & Security

View full text Add to dashboard Cite

The Impact of DoS Attacks on the AR.Drone 2.0

Vasconcelos

Carrijo

Miani

et al. 2016

View full text Add to dashboard Cite

A Proposal of an Animal Detection System Using Machine Learning

Silva

Miani

et al. 2019

Applied Artificial Intelligence

View full text Add to dashboard Cite

Intrusion Alert Correlation to Support Security Management

Kawakani¹,

Barbon²,

Miani³

et al. 2016

View full text Add to dashboard Cite

To support information security, organizations deploy Intrusion Detection Systems (IDS) that monitor information systems and networks, generating alerts for every suspicious behavior. However, the huge amount of alerts that an IDS triggers and their low-level representation make the alerts analysis a challenging task. In this paper, we propose a new approach based on hierarchical clustering that supports intrusion alert analysis in two main steps. First, it correlates historical alerts to identify the most typical strategies attackers have used. Then, it associates upcoming alerts in real time according to the strategies discovered in the first step. The experiments were performed using a real data set from the University of Maryland. The results show that the proposed approach can provide useful information for security administrators and may reduce the time between a security event and the response.

show abstract

Detecting mobile botnets through machine learning and system calls analysis

Costa

Barbon

Miani

et al. 2017

View full text Add to dashboard Cite

Detection of Bitcoin-Based Botnets Using a One-Class Classifier

Zarpelão

Miani

Rajarajan

2019

View full text Add to dashboard Cite

Botnets have been part of some of the most aggressive cyberattacks reported in recent years. To make them even harder to be detected and mitigated, attackers have built C&C (Command and Control) infrastructures on top of popular Internet services such as Skype and Bitcoin. In this work, we propose an approach to detect botnets with C&C infrastructures based on the Bitcoin network. First, transactions are grouped according to the users that issued them. Next, features are extracted for each group of transactions, aiming to identify whether they behave systematically, which is a typical bot characteristic. To analyse this data, we employ the OSVM (One-class Support Vector Machine) algorithm, which requires only samples from legitimate behaviour to build a classification model. Tests were performed in a controlled environment using the ZombieCoin botnet and real data from the Bitcoin blockchain. Results showed that the proposed approach can detect most of the bots with a low false positive rate in multiple scenarios.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rodrigo Sanches Miani

A survey of intrusion detection in Internet of Things

IoTDS: A One-Class Classification Approach to Detect Botnets in Internet of Things Devices

Process mining and hierarchical clustering to help intrusion alert visualization

The Impact of DoS Attacks on the AR.Drone 2.0

A Proposal of an Animal Detection System Using Machine Learning

Intrusion Alert Correlation to Support Security Management

Detecting mobile botnets through machine learning and system calls analysis

Detection of Bitcoin-Based Botnets Using a One-Class Classifier

Contact Info

Product

Resources

About