Abstract
In order to solve the limitations of existing malicious traffic detection methods in the Internet of Things (IoT) environment, such as resources, heterogeneous devices, scarce traffic, and dynamic threats, this paper proposes the Feature Selection based on Kernel Density Estimation (FSKDE) and the federated learning method Detection Internet of Things based on Pysyft (DIOT-Pysyft). First, IoT devices perform data preprocessing operations on the collected network traffic data; Second, the FSKDE is used to calculate the probability density of each column of features and selects features according to a preset abnormal threshold; Third, the DIOT-Pysyft is build. It initializes the server that the federated convolutional neural network (CNN) is sent to the IoT devices. The IoT devices use the processed data to train the federated CNN and send them to server secretly. After that, the improved FedAvg algorithm is used to average the gradient of the federated CNN model, which for training and transmitting the encrypted and averaged gradient to the server to build a new global model to participate in the next round of training. Finally, this paper uses the UNSW-NB15 dataset to verify the proposed method for detecting malicious traffic in the IoT environment. The experimental results show that the identification accuracy of the IoT malicious traffic detection based on FSKDE and federated DIOT-Pysyft reaches 91.78%, which can detect potential malicious traffic in the IoT environment. The improved FedAvg method further protects the privacy and security of IoT data and ensures the accuracy while protecting the data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Andrea, I., Chrysostomou, C., Hadjichristofi, G.: Internet of things: security vulnerabilities and challenges. In: 2015 IEEE symposium on computers and communication (ISCC), pp. 180–187. IEEE, Cyprus (2015)
Kolias, C., Kambourakis, G., Stavrou, A., et al.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)
CALERO. 3 Ways the Internet of Things will Impact Enterprise Security. https://www.calero.com/mobility-service-support/3-ways-the-internet-of-things-will-impact-enterprise-security/. Accessed 17 June 2018/27 Feb 2022
Stankovic, J.A.: Research directions for the internet of things. IEEE Internet Things J. 1(1), 3–9 (2014)
Nguyen, T.D., Marchal, S., Miettinen, M., et al.: A. DÏoT: a crowdsourced self-learning approach for detecting compromised IoT devices. ArXiv, abs/1804.07474 (2018)
Yang, W.C., Guo, Y.B., Zhong, Y., et al.: Anomaly detection of internet of things traffic based on device model classification and BP neural network. Inf. Netw. Secur. 11(12) (2019)
Mendonça, G., Santos, G.H., e Silva, E.D.S., Leao, R.M., Menasché, D.S., Towsley, D.: An extremely lightweight approach for DDOS detection at home gateways. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 5012–5021. IEEE, USA (2019)
McDermott, C.D., Majdani, F., Petrovski, A.V.: Botnet detection in the internet of things using deep learning approaches. In: 2018 International Joint Conference on Neural Networks (IJCNN), pp. 1–8. IEEE, Brazil (2018)
Elkhadir, Z., Mohammed, B.: A cyber network attack detection based on GM Median Nearest Neighbors LDA. Comput. Secur. 86, 63–74 (2019)
Palmieri, F.: Network anomaly detection based on logistic regression of nonlinear chaotic invariants. J. Netw. Comput. Appl. 148, 102460 (2019)
Ding, W., Jing, X., Yan, Z., et al.: A survey on data fusion in internet of things: towards secure and privacy-preserving fusion. Inf. Fusion 51, 129–144 (2019)
McMahan, B., Moore, E., Ramage, D., Hampson, S., y Arcas, B. A.: Communication-efficient learning of deep networks from decentralized data. In: Artificial Intelligence and Statistics, pp. 1273–1282. PMLR (2017)
Konečný, J., McMahan, H.B., Yu, F.X., Richtárik, P., Suresh, A.T., Bacon, D.: Federated learning: strategies for improving communication efficiency. arXiv preprint arXiv:1610.05492 (2016)
Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.R.: DÏoT: a federated self-learning anomaly detection system for IoT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767. IEEE, Dallas (2019)
Al-Marri, N.A.A.A., Ciftler, B.S., Abdallah, M.M.: Federated mimic learning for privacy preserving intrusion detection. In: 2020 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), pp. 1–6. IEEE (2020)
Huong, T.T., et al.: Lockedge: Low-complexity cyberattack detection in IoT edge computing. IEEE Access 9, 29696–29710 (2021)
Rey, V., Sánchez, P.M.S., Celdrán, A.H., Bovet, G.: Federated learning for malware detection in IoT devices. Comput. Netw. 204, 108693 (2022)
Hei, X., Yin, X., Wang, Y., Ren, J., Zhu, L.: A trusted feature aggregator federated learning for distributed malicious attack detection. Comput. Secur. 99, 102033 (2020)
Agrawal, S., Sarkar S, Aouedi O, et al.: Federated learning for intrusion detection system: concepts, challenges and future directions. Comput. Commun. (2022). https://doi.org/10.48550/arXiv.2106.09527
Meidan, Y., Bohadana, M., Mathov, Y., et al.: N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)
Wang, S., Tuor, T., Salonidis, T., et al.: When edge meets learning: adaptive control for resource-constrained distributed machine learning. In: IEEE INFOCOM 2018-IEEE Conference on Computer Communications, pp. 63–71. IEEE, USA (2018)
Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE, Australia (2015)
Qin, Y., Masaaki, K.: Federated learning-based network intrusion detection with a feature selection approach. In: 2021 International Conference on Electrical, Communication, and Computer Engineering (ICECCE), pp.1–6. IEEE, Kuala Lumpur (2021). https://doi.org/10.1109/ICECCE52056.2021.9514222
Zhao, R., Mu, Y., Zou, L.: A hybrid intrusion detection system based on feature selection and weighted stacking classifier. IEEE Access 10, 71414–71426 (2022). https://doi.org/10.1109/ACCESS.2022.3186975
Ji, X., Zhang, H., Ma, X.: A novel method of intrusion detection based on federated transfer learning and convolutional neural network. In: 2022 IEEE 10th Joint International Information Technology and Artificial Intelligence Conference (ITAIC), vol. 10, pp. 338–343. IEEE, Chongqing (2022). https://doi.org/10.1109/ITAIC54216.2022.9836871
Mothukuri, V., Khare, P., Parizi, R.M., Pouriyeh, S., Dehghantanha, A., Srivastava, G.: Federated-learning-based anomaly detection for IoT security attacks. IEEE Internet Things J. 9(4), 2545–2554 (2021). https://doi.org/10.1109/JIOT.2021.3077803
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zhang, K., Zhang, G., Chen, Z., Zuo, X. (2023). IoT Malicious Traffic Detection Based on FSKDE and Federated DIOT-Pysyft. In: Goel, S., Gladyshev, P., Nikolay, A., Markowsky, G., Johnson, D. (eds) Digital Forensics and Cyber Crime. ICDF2C 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 508. Springer, Cham. https://doi.org/10.1007/978-3-031-36574-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-36574-4_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-36573-7
Online ISBN: 978-3-031-36574-4
eBook Packages: Computer ScienceComputer Science (R0)