Hitting Moving Targets: Intelligent Prevention of IoT Intrusions on the Fly

被引：0

作者：

Tan, Shuaishuai ^{[1
,2
]}

Liu, Wenyin ^{[3
]}

Dong, Qingkuan ^{[4
]}

Chan, Sammy ^{[5
]}

Yu, Shui ^{[6
]}

Zhong, Xiaoxiong ^{[7
]}

He, Daojing ^{[8
]}

机构：

[1] Guangdong Univ Technol, Sch Comp Sci & Technol, Guangzhou 510006, Peoples R China

[2] Guangdong Prov Key Lab Novel Secur Intelligence Te, Shenzhen 518055, Peoples R China

[3] Zhongguancun Lab, Beijing 100094, Peoples R China

[4] Xidian Univ, State Key Lab Integrated Serv Networks, Xian 710071, Peoples R China

[5] City Univ Hong Kong, Dept Elect Engn, Hong Kong, Peoples R China

[6] Univ Technol Sydney, Sch Software, Sydney, NSW 2007, Australia

[7] Peng Cheng Lab, Dept New Networks, Shenzhen 518066, Peoples R China

[8] Harbin Inst Technol, Sch Comp Sci & Technol, Shenzhen, Peoples R China

来源：

IEEE INTERNET OF THINGS JOURNAL | 2023年 / 10卷 / 23期

关键词：

Internet of Things; Feature extraction; Markov processes; IP networks; Prediction algorithms; Machine learning; Protocols; Internet of Things (IoT); machine learning (ML); network-level security and protection; traffic analysis; TRAFFIC CLASSIFICATION; NETWORK;

D O I：

10.1109/JIOT.2023.3284155

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Massive Internet of Things (IoT) devices have been playing a critical role in both the cyber and physical worlds. Various cyber attacks pose significant risks to IoT. Machine learning-based intrusion detection system (IDS) has earned much research attention. However, the intrusion prevention system (IPS) is rarely explored. Realtime intrusion prevention is quite challenging because the decision has to be made during a flow rather than after it finishes. Restricted by aligning with the shortest flows, existing IPSs generally inspect only the very first packets, leading to information loss for accurate detection. In this article, we first measure the information loss quantitatively. Then we devise Sniper, an IoT IPS scheme consisting of a flow length predictor, a novel feature space, and an enhanced ensemble learning algorithm. The flow length predictor guides a proper prevention time point to preserve as much information as possible. The proposed Markov matrix-based feature encoding method further saves more information than existing ones. The enhanced learning algorithm ensures a low-false positive rate (FPR), which is critical for IPSs. We benchmark Sniper with one closed-world and three open-world data sets. The results show that Sniper achieves a 99.89% prevention rate and 0.03% FPR, which is superior to the five state-of-the-art baseline models.

引用

页码：21000 / 21012

页数：13

共 44 条

[41] Rehabilitation Training and Prevention of Athlete's Hind Thigh Muscle Injury Based on IoT Intelligent Data
Sun, Peng
JOURNAL OF NANOMATERIALS, 2022, 2022
[42] Denial of Service Attack Prevention and Mitigation for Secure Access in IoT GPS-based Intelligent Transportation Systems
Andreica, Gheorghe Romeo
Tabacar, George Lucian
Zinca, Daniel
Ivanciu, Iustin Alexandru
Dobrota, Virgil
ELECTRONICS, 2024, 13 (14)
[43] Study on Integrated Systems for Enhanced Forest Fire Prevention: An Embedded Intelligent Video Analysis and Collaborative IoT–Fog–Cloud Framework Approach
Mehta, Kaushal
Sharma, Sachin
Recent Patents on Engineering, 2025, 19 (05)
[44] Cloud-Enabled IoT-based embedded system and software for intelligent indoor lighting, ventilation, early stage fire detection and prevention
Mahbub, Mobasshir
Hossain, M. Mofazzal
Gazi, Md. Shamrat Apu
COMPUTER NETWORKS, 2021, 184

← 1 2 3 4 5 →