Two-tier anomaly detection based on traffic profiling of the home automation system

Mariusz Gajewski , Jordi Mongay Batalla , Albert Levi , Cengiz Togay , Constandinos X. Mavromoustakis , George Mastorakis

Abstract

Smart building equipment and automation systems often become a target of attacks and are used for attacking other targets located out of the Home Area Network. Attacks are often related to changes in traffic volume, disturbed packet flow or excessive energy consumption. Their symptoms can be recognized and interpreted locally, using software agent at Home Gateway. Although anomalies are detected locally at the Home Gateway, they can be exploited globally. Thus, it is significantly important to detect global attack attempts through anomalies correlation. Our proposal in this paper is the involvement of the Network Operator in Home Area Network security. Our paper describes a novel strategy for anomaly detection that consists of shared responsibilities between user and network provider. The proposed two-tier Intrusion Detection System uses a machine learning method for classifying the monitoring records and searching suspicious anomalies across the network at the service provider's data center. Result show that local anomaly detection combined with anomaly correlation at the service providers level can provide reliable information on the most frequent IoT devices misbehavior which may be caused by infection.
Author Mariusz Gajewski - Instytut Łączności PIB (IŁ PIB) [Instytut Łacznosci, Poland]
Mariusz Gajewski,,
-
-
, Jordi Mongay Batalla (FEIT / IT)
Jordi Mongay Batalla,,
- The Institute of Telecommunications
, Albert Levi - Faculty of Engineering and Natural Sciences [Sabancı University (SU)] [Sabancı Üniversitesi]
Albert Levi,,
-
-
, Cengiz Togay - Bursa Uludağ University (Uludag) [Bursa Uludağ University (Uludag)]
Cengiz Togay,,
-
- Bursa Uludağ Üniversitesi
, Constandinos X. Mavromoustakis - University of Nicosia (UNIC) [University of Nicosia]
Constandinos X. Mavromoustakis,,
-
-
, George Mastorakis - Technological Educational Insitute of Crete (TEI) [Hellenic Mediterranean University]
George Mastorakis,,
-
-
Journal seriesComputer Networks, [Computer Networks and ISDN Systems], ISSN 1389-1286, (N/A 100 pkt)
Issue year2019
Vol158
Pages46-60
Publication size in sheets0.7
Keywords in EnglishHome gateway, Wireless sensor networks, Smart home, Anomaly detection, Internet of Things
ASJC Classification1705 Computer Networks and Communications
DOIDOI:10.1016/j.comnet.2019.04.013
URL https://www.sciencedirect.com/science/article/pii/S1389128618311587?via%3Dihub
Languageen angielski
File
2019 Mongay Two-tier anomaly detection based.pdf 3.14 MB
Score (nominal)100
Score sourcejournalList
ScoreMinisterial score = 100.0, 02-01-2020, ArticleFromJournal
Publication indicators WoS Citations = 0; Scopus Citations = 2; GS Citations = 3.0; Scopus SNIP (Source Normalised Impact per Paper): 2018 = 1.6; WoS Impact Factor: 2018 = 3.03 (2) - 2018=2.989 (5)
Citation count*3 (2020-01-27)
Cite
Share Share

Get link to the record


* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back
Confirmation
Are you sure?