A Study on the Deep Learning-based Intrusion Detection Modle for the IoT Network

Authors

  • Sungtaek OH KISA(Korea Internet & Security Agency)
  • Woong GO KISA(Korea Internet & Security Agency)

Keywords:

Internet of Things; Anomaly Detection; Autoencoder

Abstract

The escalated growth of the Internet of Things(IoT) has raised the need to detect traffic data in real-time
coming from IoT devices and develop autonomous threat analysis technologies. To cope with constantly changing and
evolving new security threat, we need to develop advanced detection techniques that provide both real-time cycleanalysis and high-level detection performance. Signature-based detection, a commonly used technique to detect
threats, is typically good at detecting known threats, but can’t do much to spot the latest changing and evolving
security threats. As a way to overcome this limitation, some have suggested semi-supervised learning solutions that
use machine learning algorithms to learn traffic from IoT devices only with normal data and then determine whether
there are anomaly compared to normal traffic. But the methods are not optimized for detecting IoT traffic anomaly,
and are not very useful. Due to different traffic patterns from each household, the traffic anomaly detection system for
the IoT devices needs to have a household-specific and, furthermore, a device-specific detection model. Conventional
methods require detection systems that minimize the potential challenges because users have to checks anomaly
scores from each household and device and set up the threshold setting that determines outliers. Furthermore,
existing methods fail to take into account the performance of the routers that will execute the detection model.
Generally, the size and complexity of the model correlate positively with detection performance, but the larger and
more complex the becomes, the more load on the performance-constrained router device can occur. Accordingly, we
need to come up with a methodology that can minimize the load on the router devices while maintaining great
detection performance and efficiently handle fast traffic. In this paper, we extract network traffic information
communicated by IoT devices from the router to which the devices are connected, and then create vectors based on
statistics that can represent unique patterns of network traffic of each device. Subsequently, we propose a method to
detect traffic anomaly of each device and identify abnormal network traffic without user intervention.

Downloads

Published

2021-11-25

How to Cite

Sungtaek OH, & Woong GO. (2021). A Study on the Deep Learning-based Intrusion Detection Modle for the IoT Network. International Journal of Advance Engineering and Research Development (IJAERD), 8(11), 31–38. Retrieved from https://ijaerd.org/index.php/IJAERD/article/view/4717

Issue

Vol. 8 No. 11 (2021): Volume: 08, Issue: 11 - November, 2021

Section

Articles