IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things

IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things

Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. H...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Security and communication networks 2021-12, Vol.2021, p.1-13
Hauptverfasser: Sun, Yizhen, Yu, Jianjiang, Tian, Jianwei, Chen, Zhongwei, Wang, Weiping, Zhang, Shigeng
Format: Artikel
Sprache:eng
Schlagworte:
Accuracy
Anomalies
Entropy (Information theory)
Internet of Things
Machine learning
Malware
Neural networks
Security
Traffic information
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 13
container_issue
container_start_page 1
container_title Security and communication networks
container_volume 2021
creator Sun, Yizhen
Yu, Jianjiang
Tian, Jianwei
Chen, Zhongwei
Wang, Weiping
Zhang, Shigeng
description Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. However, existing IoT device recognition approaches rarely consider traffic attacks, which might change the pattern of traffic and consequently decrease the recognition accuracy of different IoT devices. In this work, we first validate by experiments that traffic attacks indeed decrease the recognition accuracy of existing IoT device recognition approaches; then, we propose an approach called IoT-IE that combines information entropy of different traffic features to detect traffic anomaly. We then enhance the robustness of IoT device recognition by detecting and ignoring the abnormal traffic detected by our approach. Experimental evaluations show that IoT-IE can effectively detect abnormal behaviors of IoT devices in the traffic under eight different types of attacks, achieving a high accuracy value of 0.977 and a low false positive rate of 0.011. It also achieves an accuracy of 0.969 in a multiclassification experiment with 7 different types of attacks.
doi_str_mv 10.1155/2021/1828182
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2618118224</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2618118224</sourcerecordid><originalsourceid>FETCH-LOGICAL-c337t-4ef20011da748b9b945103d49bcd14046438c703ed337e76594a0af6fd7eb8f43</originalsourceid><addsrcrecordid>eNp9kLtOAzEQRS0EEiHQ8QGWKMHEr33RhRBgpUg0S714_SAbJfZiO0L5e7wKoqQYzRTnzty5AFwTfE9Ils0opmRGSlqmOgETUrEKYULp6d9M-Dm4CGGDcU54wSfgo3YNqpcPcG5hbY3zOxF7Z9HSRu-GA3oUQSs4HwbvhFzD6GDjhTG9TAK3E9sDfNJRy1ED-3FF1N7qCJ2Bzbq3n-ESnBmxDfrqt0_B-_OyWbyi1dtLvZivkGSsiIhrQ3Hyp0TBy67qKp4RzBSvOqkIxzznrJQFZlolXBd5VnGBhcmNKnRXGs6m4Oa4Nzn92usQ243be5tOtjQnJUmR0JG6O1LSuxC8Nu3g-53wh5bgdsywHTNsfzNM-O0RT68o8d3_T_8A6Z9vAg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2618118224</pqid></control><display><type>article</type><title>IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things</title><source>Wiley-Blackwell Open Access Titles</source><source>EZB-FREE-00999 freely available EZB journals</source><source>Alma/SFX Local Collection</source><creator>Sun, Yizhen ; Yu, Jianjiang ; Tian, Jianwei ; Chen, Zhongwei ; Wang, Weiping ; Zhang, Shigeng</creator><contributor>Wang, Jinwei ; Jinwei Wang</contributor><creatorcontrib>Sun, Yizhen ; Yu, Jianjiang ; Tian, Jianwei ; Chen, Zhongwei ; Wang, Weiping ; Zhang, Shigeng ; Wang, Jinwei ; Jinwei Wang</creatorcontrib><description>Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. However, existing IoT device recognition approaches rarely consider traffic attacks, which might change the pattern of traffic and consequently decrease the recognition accuracy of different IoT devices. In this work, we first validate by experiments that traffic attacks indeed decrease the recognition accuracy of existing IoT device recognition approaches; then, we propose an approach called IoT-IE that combines information entropy of different traffic features to detect traffic anomaly. We then enhance the robustness of IoT device recognition by detecting and ignoring the abnormal traffic detected by our approach. Experimental evaluations show that IoT-IE can effectively detect abnormal behaviors of IoT devices in the traffic under eight different types of attacks, achieving a high accuracy value of 0.977 and a low false positive rate of 0.011. It also achieves an accuracy of 0.969 in a multiclassification experiment with 7 different types of attacks.</description><identifier>ISSN: 1939-0114</identifier><identifier>EISSN: 1939-0122</identifier><identifier>DOI: 10.1155/2021/1828182</identifier><language>eng</language><publisher>London: Hindawi</publisher><subject>Accuracy ; Anomalies ; Entropy (Information theory) ; Internet of Things ; Machine learning ; Malware ; Neural networks ; Security ; Traffic information</subject><ispartof>Security and communication networks, 2021-12, Vol.2021, p.1-13</ispartof><rights>Copyright © 2021 Yizhen Sun et al.</rights><rights>Copyright © 2021 Yizhen Sun et al. This is an open access article distributed under the Creative Commons Attribution License (the “License”), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. https://creativecommons.org/licenses/by/4.0</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c337t-4ef20011da748b9b945103d49bcd14046438c703ed337e76594a0af6fd7eb8f43</citedby><cites>FETCH-LOGICAL-c337t-4ef20011da748b9b945103d49bcd14046438c703ed337e76594a0af6fd7eb8f43</cites><orcidid>0000-0001-5351-7239</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27923,27924</link.rule.ids></links><search><contributor>Wang, Jinwei</contributor><contributor>Jinwei Wang</contributor><creatorcontrib>Sun, Yizhen</creatorcontrib><creatorcontrib>Yu, Jianjiang</creatorcontrib><creatorcontrib>Tian, Jianwei</creatorcontrib><creatorcontrib>Chen, Zhongwei</creatorcontrib><creatorcontrib>Wang, Weiping</creatorcontrib><creatorcontrib>Zhang, Shigeng</creatorcontrib><title>IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things</title><title>Security and communication networks</title><description>Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. However, existing IoT device recognition approaches rarely consider traffic attacks, which might change the pattern of traffic and consequently decrease the recognition accuracy of different IoT devices. In this work, we first validate by experiments that traffic attacks indeed decrease the recognition accuracy of existing IoT device recognition approaches; then, we propose an approach called IoT-IE that combines information entropy of different traffic features to detect traffic anomaly. We then enhance the robustness of IoT device recognition by detecting and ignoring the abnormal traffic detected by our approach. Experimental evaluations show that IoT-IE can effectively detect abnormal behaviors of IoT devices in the traffic under eight different types of attacks, achieving a high accuracy value of 0.977 and a low false positive rate of 0.011. It also achieves an accuracy of 0.969 in a multiclassification experiment with 7 different types of attacks.</description><subject>Accuracy</subject><subject>Anomalies</subject><subject>Entropy (Information theory)</subject><subject>Internet of Things</subject><subject>Machine learning</subject><subject>Malware</subject><subject>Neural networks</subject><subject>Security</subject><subject>Traffic information</subject><issn>1939-0114</issn><issn>1939-0122</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>RHX</sourceid><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNp9kLtOAzEQRS0EEiHQ8QGWKMHEr33RhRBgpUg0S714_SAbJfZiO0L5e7wKoqQYzRTnzty5AFwTfE9Ils0opmRGSlqmOgETUrEKYULp6d9M-Dm4CGGDcU54wSfgo3YNqpcPcG5hbY3zOxF7Z9HSRu-GA3oUQSs4HwbvhFzD6GDjhTG9TAK3E9sDfNJRy1ED-3FF1N7qCJ2Bzbq3n-ESnBmxDfrqt0_B-_OyWbyi1dtLvZivkGSsiIhrQ3Hyp0TBy67qKp4RzBSvOqkIxzznrJQFZlolXBd5VnGBhcmNKnRXGs6m4Oa4Nzn92usQ243be5tOtjQnJUmR0JG6O1LSuxC8Nu3g-53wh5bgdsywHTNsfzNM-O0RT68o8d3_T_8A6Z9vAg</recordid><startdate>20211230</startdate><enddate>20211230</enddate><creator>Sun, Yizhen</creator><creator>Yu, Jianjiang</creator><creator>Tian, Jianwei</creator><creator>Chen, Zhongwei</creator><creator>Wang, Weiping</creator><creator>Zhang, Shigeng</creator><general>Hindawi</general><general>Hindawi Limited</general><scope>RHU</scope><scope>RHW</scope><scope>RHX</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0001-5351-7239</orcidid></search><sort><creationdate>20211230</creationdate><title>IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things</title><author>Sun, Yizhen ; Yu, Jianjiang ; Tian, Jianwei ; Chen, Zhongwei ; Wang, Weiping ; Zhang, Shigeng</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c337t-4ef20011da748b9b945103d49bcd14046438c703ed337e76594a0af6fd7eb8f43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Accuracy</topic><topic>Anomalies</topic><topic>Entropy (Information theory)</topic><topic>Internet of Things</topic><topic>Machine learning</topic><topic>Malware</topic><topic>Neural networks</topic><topic>Security</topic><topic>Traffic information</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Sun, Yizhen</creatorcontrib><creatorcontrib>Yu, Jianjiang</creatorcontrib><creatorcontrib>Tian, Jianwei</creatorcontrib><creatorcontrib>Chen, Zhongwei</creatorcontrib><creatorcontrib>Wang, Weiping</creatorcontrib><creatorcontrib>Zhang, Shigeng</creatorcontrib><collection>Hindawi Publishing Complete</collection><collection>Hindawi Publishing Subscription Journals</collection><collection>Hindawi Publishing Open Access Journals</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection (ProQuest)</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Security and communication networks</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Sun, Yizhen</au><au>Yu, Jianjiang</au><au>Tian, Jianwei</au><au>Chen, Zhongwei</au><au>Wang, Weiping</au><au>Zhang, Shigeng</au><au>Wang, Jinwei</au><au>Jinwei Wang</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things</atitle><jtitle>Security and communication networks</jtitle><date>2021-12-30</date><risdate>2021</risdate><volume>2021</volume><spage>1</spage><epage>13</epage><pages>1-13</pages><issn>1939-0114</issn><eissn>1939-0122</eissn><abstract>Security issues related to the Internet of Things (IoTs) have attracted much attention in many fields in recent years. One important problem in IoT security is to recognize the type of IoT devices, according to which different strategies can be designed to enhance the security of IoT applications. However, existing IoT device recognition approaches rarely consider traffic attacks, which might change the pattern of traffic and consequently decrease the recognition accuracy of different IoT devices. In this work, we first validate by experiments that traffic attacks indeed decrease the recognition accuracy of existing IoT device recognition approaches; then, we propose an approach called IoT-IE that combines information entropy of different traffic features to detect traffic anomaly. We then enhance the robustness of IoT device recognition by detecting and ignoring the abnormal traffic detected by our approach. Experimental evaluations show that IoT-IE can effectively detect abnormal behaviors of IoT devices in the traffic under eight different types of attacks, achieving a high accuracy value of 0.977 and a low false positive rate of 0.011. It also achieves an accuracy of 0.969 in a multiclassification experiment with 7 different types of attacks.</abstract><cop>London</cop><pub>Hindawi</pub><doi>10.1155/2021/1828182</doi><tpages>13</tpages><orcidid>https://orcid.org/0000-0001-5351-7239</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1939-0114
ispartof Security and communication networks, 2021-12, Vol.2021, p.1-13
issn 1939-0114
1939-0122
language eng
recordid cdi_proquest_journals_2618118224
source Wiley-Blackwell Open Access Titles; EZB-FREE-00999 freely available EZB journals; Alma/SFX Local Collection
subjects Accuracy
Anomalies
Entropy (Information theory)
Internet of Things
Machine learning
Malware
Neural networks
Security
Traffic information
title IoT-IE: An Information-Entropy-Based Approach to Traffic Anomaly Detection in Internet of Things
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T07%3A16%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=IoT-IE:%20An%20Information-Entropy-Based%20Approach%20to%20Traffic%20Anomaly%20Detection%20in%20Internet%20of%20Things&rft.jtitle=Security%20and%20communication%20networks&rft.au=Sun,%20Yizhen&rft.date=2021-12-30&rft.volume=2021&rft.spage=1&rft.epage=13&rft.pages=1-13&rft.issn=1939-0114&rft.eissn=1939-0122&rft_id=info:doi/10.1155/2021/1828182&rft_dat=%3Cproquest_cross%3E2618118224%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2618118224&rft_id=info:pmid/&rfr_iscdi=true