Analysis of Machine Learning Techniques for Anomaly Detection in the Internet of Things

Brady, Shane; Magoni, Damien; Murphy, John; Assem, Haytham; Portillo-Dominguez, A. Omar

doi:10.1109/la-cci.2018.8625228

Cited by 10 publications

(3 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the comparative study executed by Brady et al (2018), kNN, Logistic Regression (LR), Linear Discriminant Analysis (LDA), Decision Tree (CART), and Naïve Bayes (NB) were the machine feature reduction, the maximum accuracy achieved in real-time detection was 80 percent. This was impressive in its regard; however, recent research have surpassed this accuracy.…”

Section: Machine Learning Applications With Many Features Make Traini...mentioning

confidence: 99%

Botnet Detection in IoT Devices Using Random Forest Classifier with Independent Component Analysis

Akash

Rouf

Jahan

et al. 2022

Journal of Information and Communication Technology

View full text Add to dashboard Cite

With rapid technological progress in the Internet of Things (IoT), it has become imperative to concentrate on its security aspect. This paper represents a model that accounts for the detection of botnets through the use of machine learning algorithms. The model examined anomalies, commonly referred to as botnets, in a cluster of IoT devices attempting to connect to a network. Essentially, this paper exhibited the use of transport layer data (User Datagram Protocol- UDP) generated through IoT devices. An intelligent novel model comprising Random Forest Classifier with Independent Component Analysis (ICA) was proposed for botnet detection in IoT devices. Various machine learning algorithms were also implemented upon the processed data for comparative analysis. The experimental results of the proposed model generated state-of-the-art results for three different datasets, achieving up to 99.99% accuracy effectively with the lowest prediction time of 0.12 seconds without overfitting. The significance of this study lies in detecting botnets in IoT devices effectively and efficiently under all circumstances by utilizing ICA with Random Forest Classifier, which is a simple machine learning algorithm.

show abstract

Section: Machine Learning Applications With Many Features Make Traini...mentioning

confidence: 99%

Botnet Detection in IoT Devices Using Random Forest Classifier with Independent Component Analysis

Akash

Rouf

Jahan

et al. 2022

Journal of Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…Their results showed that a neighbor comparison and historical comparison are useful to predict anomalies within their proposed algorithm. Moreover, in [13] the authors evaluated some techniques suitable to identify realtime anomalies within an IoT network with the aim of offering practitioners a reference about when such techniques might be more appropriate.…”

Section: Related Workmentioning

confidence: 99%

Choosing Machine Learning Algorithms for Anomaly Detection in Smart Building IoT Scenarios

Almaguer-Angeles

Murphy

et al. 2019

2019 IEEE 5th World Forum on Internet of Things (WF-IoT)

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT) systems produce large amounts of raw data in the form of log files. This raw data must then be processed to extract useful information. Machine Learning (ML) has proved to be an efficient technique for such tasks, but there are many different ML algorithms available, each suited to different types of scenarios. In this work, we compare the performance of 22 state-of-the-art supervised ML classification algorithms on different IoT datasets, when applied to the problem of anomaly detection. Our results show that there is no dominant solution, and that for each scenario, several candidate techniques perform similarly. Based on our results and a characterization of our datasets, we propose a recommendation framework which guides practitioners towards the subset of the 22 ML algorithms which is likely to perform best on their data.

show abstract

“…In this context, an anomaly is defined as any event that does not conform to the pattern suggested by the model [21]. To this end, we ran two widely popular machine learning algorithms (i.e., Autoregressive Integrated Moving Average (ARIMA) modeland Long Short Term Memory (LSTM) networks [22]) against the original and the anonymized logs. Then, we compare the performance of the algorithms in terms of three well-known accuracy measures to measure the impact of our approach: Precision, recall, and F1-score [23].…”

Section: A Anomaly Detection Analysismentioning

confidence: 99%

Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

Portillo-Dominguez

Ayala-Rivera

2019

2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT)

Self Cite

View full text Add to dashboard Cite

IT infrastructures of companies generate large amounts of log data every day. These logs are typically analyzed by software engineers to gain insights about activities occurring within a company (e.g., to debug issues exhibited by the production systems). To facilitate this process, log data management is often outsourced to cloud providers. However, logs may contain information that is sensitive by nature and considered personal identifiable under most of the new privacy protection laws, such as the European General Data Protection Regulation (GDPR). To ensure that companies do not violate regulatory compliance, they must adopt, in their software systems, appropriate data protection measures. Such privacy protection laws also promote the use of anonymization techniques as possible mechanisms to operationalize data protection. However, companies struggle to put anonymization in practice due to the lack of integrated, intuitive, and easy-to-use tools that accommodate effectively with their log management systems. In this paper, we propose an automatic approach (SafeLog) to filter out information and anonymize log streams to safeguard the confidentiality of sensitive data and prevent its exposure and misuse from third parties. Our results show that atomic anonymization operations can be effectively applied to log streams to preserve the confidentiality of information, while still allowing to conduct different types of analysis tasks such as users behavior, and anomaly detection. Our approach also reduces the amount of data sent to cloud vendors, hence decreasing the financial costs and the risk of overexposing information.

show abstract

Analysis of Machine Learning Techniques for Anomaly Detection in the Internet of Things

Cited by 10 publications

References 11 publications

Botnet Detection in IoT Devices Using Random Forest Classifier with Independent Component Analysis

Botnet Detection in IoT Devices Using Random Forest Classifier with Independent Component Analysis

Choosing Machine Learning Algorithms for Anomaly Detection in Smart Building IoT Scenarios

Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

Contact Info

Product

Resources

About