TY - GEN
T1 - Detecting IoT malicious traffic based on autoencoder and convolutional neural network
AU - Hwang, Ren Hung
AU - Peng, Min Chun
AU - Huang, Chien Wei
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/12
Y1 - 2019/12
N2 - Due to the rise of the Internet of Things, a variety of devices have been made intelligent and connected to the Internet. However, the huge number of constantly connected but usually unattended IoT devices have made them one of the major sources of Interent attacks, e.g., a large-scale DDoS attack launching by millions of Mirai-injected compromised IoT devices in 2016. In order to mitigate DDoS attacks against IoT botnets, in this work, we proposed an effective malicious IoT traffic detection mechanism based on deep learning techniques. Specifically, we adopt convolutional neural network (CNN) to extract features of flows, then apply autoencoder to perform unsupervised malicious IoT traffic classification. Our goal is to be able to detect a malicious flow by examining as few of its packets as possible. To validate our proposed mechanism, we evaluate our model using both open data set from previous literature as well as the data set collected from a Mirai botnet we have built. Our experimental results show that the proposed mechanism is effective to detect malicious flows with near 100% accuracy, while only examining the first 2 packets of a flow.
AB - Due to the rise of the Internet of Things, a variety of devices have been made intelligent and connected to the Internet. However, the huge number of constantly connected but usually unattended IoT devices have made them one of the major sources of Interent attacks, e.g., a large-scale DDoS attack launching by millions of Mirai-injected compromised IoT devices in 2016. In order to mitigate DDoS attacks against IoT botnets, in this work, we proposed an effective malicious IoT traffic detection mechanism based on deep learning techniques. Specifically, we adopt convolutional neural network (CNN) to extract features of flows, then apply autoencoder to perform unsupervised malicious IoT traffic classification. Our goal is to be able to detect a malicious flow by examining as few of its packets as possible. To validate our proposed mechanism, we evaluate our model using both open data set from previous literature as well as the data set collected from a Mirai botnet we have built. Our experimental results show that the proposed mechanism is effective to detect malicious flows with near 100% accuracy, while only examining the first 2 packets of a flow.
KW - Autoendcoder
KW - Convolutional Neural Network
KW - Deep learning
KW - IoT security
KW - Malicious traffic detection
UR - http://www.scopus.com/inward/record.url?scp=85071030650&partnerID=8YFLogxK
U2 - 10.1109/GCWkshps45667.2019.9024425
DO - 10.1109/GCWkshps45667.2019.9024425
M3 - Conference contribution
AN - SCOPUS:85071030650
T3 - 2019 IEEE Globecom Workshops, GC Wkshps 2019 - Proceedings
BT - 2019 IEEE Globecom Workshops, GC Wkshps 2019 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 IEEE Globecom Workshops, GC Wkshps 2019
Y2 - 9 December 2019 through 13 December 2019
ER -