IEEE TNSM 2020

IEEE Transactions on Network and Service Management (IEEE TNSM)
Volume 17, Issue 1, Pages 45-59, March 2020

Impact Factor: 5.333

IoT-KEEPER: Detecting Malicious IoT Network Activity using Online Traffic Analysis at the Edge

Abstract:

IoT devices are notoriously vulnerable even to trivial
attacks and can be easily compromised. In addition, resource
constraints and heterogeneity of IoT devices make it impractical
to secure IoT installations using traditional endpoint and network
security solutions. To address this problem, we present IoT-KEEPER,
a lightweight system which secures the communication of IoT.
IoT-KEEPER uses our proposed anomaly detection
technique to perform traffic analysis at edge gateways. It uses a
combination of fuzzy C-means clustering and fuzzy interpolation
scheme to analyze network traffic and detect malicious network
activity. Once malicious activity is detected, IoT-KEEPER
automatically enforces network access restrictions against IoT
device generating this activity, and prevents it from attacking
other devices or services. We have evaluated IoT-KEEPER using
a comprehensive dataset, collected from a real-world testbed,
containing popular IoT devices. Using this dataset, our proposed
technique achieved high accuracy 0.98 and low false positive
rate 0.02 for detecting malicious network activity. Our evaluation
also shows that IoT-KEEPER has low resource footprint,
and it can detect and mitigate various network attacks without
requiring explicit attack signatures or sophisticated hardware.

Pre-camera PDF

IEEE Library Access

BibTeX:

@article{Hafeez:TNSM2020,
author={I. {Hafeez} and M. {Antikainen} and A. Y. {Ding} and S. {Tarkoma}},
journal={IEEE Transactions on Network and Service Management},
title={IoT-KEEPER: Detecting Malicious IoT Network Activity Using Online Traffic Analysis at the Edge},
year={2020},
volume={17},
number={1},
pages={45-59},
keywords={IoT;network;security;privacy;activity detection;anomaly detection;traffic classification},
doi={10.1109/TNSM.2020.2966951},
ISSN={2373-7379},
month={March},
}

How to cite:

Ibbad Hafeez, Markku Antikainen, Aaron Yi Ding, Sasu Tarkoma, "IoT-KEEPER: Detecting Malicious IoT Network Activity using Online Traffic Analysis at the Edge", in IEEE Transactions on Network and Service Management, Vol. 17, No. 1, pp. 45-59, March 2020. doi: 10.1109/TNSM.2020.2966951