ABSTRACT
IoT gateways are vital to the scalability and security of IoT networks. As more devices connect to the network, traditional hard-coded gateways fail to flexibly process diverse IoT traffic from highly dynamic devices. This calls for a more advanced analysis solution. In this work, we present P4Pir, an in-network traffic analysis solution for IoT gateways. It utilizes programmable data planes for in-band traffic learning with self-driven machine learning model updates. Preliminary results show that P4Pir can accurately detect emerging attacks based on retraining and updating the machine learning model.
- Martín Abadi, Paul Barham, Jianmin Chen, Zhifeng Chen, Andy Davis, Jeffrey Dean, Matthieu Devin, Sanjay Ghemawat, Geoffrey Irving, Michael Isard, et al. 2016. Tensorflow: A system for large-scale machine learning. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). 265--283.Google ScholarDigital Library
- Pat Bosshart, Dan Daly, Glen Gibb, Martin Izzard, Nick McKeown, Jennifer Rexford, Cole Schlesinger, Dan Talayco, Amin Vahdat, George Varghese, and David Walker. 2014. P4: Programming Protocol-Independent Packet Processors. SIGCOMM Comput. Commun. Rev. 44, 3 (jul 2014), 87--95. Google ScholarDigital Library
- Coralie Busse-Grawitz, Roland Meier, Alexander Dietmüller, Tobias Bühler, and Laurent Vanbever. 2019. pForest: In-network inference with random forests. arXiv (2019). arXiv:1909.05680Google Scholar
- Mojtaba Eskandari, Zaffar Haider Janjua, Massimo Vecchio, and Fabio Antonelli. 2020. Passban IDS: An Intelligent Anomaly-Based Intrusion Detection System for IoT Edge Devices. IEEE Internet of Things Journal 7, 8 (2020), 6882--6897. Google ScholarCross Ref
- Yong Feng, Zhikang Chen, Haoyu Song, Wenquan Xu, Jiahao Li, Zijian Zhang, Tong Yun, Ying Wan, and Bin Liu. 2022. Enabling In-situ Programmability in Network Data Plane: From Architecture to Language. In 19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22). 635--649.Google Scholar
- Mohamed Amine Ferrag, Othmane Friha, Djallel Hamouda, Leandros Maglaras, and Helge Janicke. 2022. Edge-IIoTset: A New Comprehensive Realistic Cyber Security Dataset of IoT and IIoT Applications: Centralized and Federated Learning. Google ScholarCross Ref
- Ibbad Hafeez, Markku Antikainen, Aaron Yi Ding, and Sasu Tarkoma. 2020. IoT-KEEPER: Detecting malicious IoT network activity using online traffic analysis at the edge. IEEE Transactions on Network and Service Management 17, 1 (2020).Google ScholarDigital Library
- Roberto Jordaney, Kumar Sharad, Santanu K. Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting Concept Drift in Malware Classification Models. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, 625--642.Google Scholar
- Tran Viet Khoa, Yuris Mulya Saputra, Dinh Thai Hoang, Nguyen Linh Trung, Diep Nguyen, Nguyen Viet Ha, and Eryk Dutkiewicz. 2020. Collaborative learning model for cyberattack detection systems in iot industry 4.0. In 2020 IEEE Wireless Communications and Networking Conference (WCNC). IEEE, 1--6.Google ScholarDigital Library
- Roman Kolcun, Diana Andreea Popescu, Vadim Safronov, Poonam Yadav, Anna Maria Mandalari, Yiming Xie, Richard Mortier, and Hamed Haddadi. 2020. The Case for Retraining of ML Models for IoT Device Identification at the Edge. CoRR abs/2011.08605 (2020). arXiv:2011.08605 https://arxiv.org/abs/2011.08605Google Scholar
- Sándor Laki, Radostin Stoyanov, Dávid Kis, Robert Soulé, Péter Vörös, and Noa Zilberman. 2021. P4Pi: P4 on Raspberry Pi for Networking Education. SIGCOMM Comput. Commun. Rev. 51, 3 (2021). Google ScholarDigital Library
- Yisroel Mirsky, Tomer Doitshman, Yuval Elovici, and Asaf Shabtai. 2018. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. February (2018), 18--21. arXiv:1802.09089 Google ScholarCross Ref
- Arman Pashamokhtari, Norihiro Okui, Yutaka Miyake, Masataka Nakahara, and Hassan Habibi Gharakheili. 2021. Inferring Connected IoT Devices from IPFIX Records in Residential ISP Networks. In 2021 IEEE 46th Conference on Local Computer Networks (LCN). 57--64. Google ScholarCross Ref
- Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, et al. 2019. Pytorch: An imperative style, high-performance deep learning library. Advances in neural information processing systems 32 (2019).Google Scholar
- Arunan Sivanathan, Hassan Habibi Gharakheili, and Vijay Sivaraman. 2020. Managing IoT Cyber-Security Using Programmable Telemetry and Machine Learning. IEEE Transactions on Network and Service Management 17, 1 (2020), 60--74. Google ScholarDigital Library
- Radostin Stoyanov, Adam Wolnikowski, Robert Soulé, Sándor Laki, and Noa Zilberman. 2021. Building an Internet Router with P4Pi (EuroP4 '21). ACM, New York, NY, USA, 151--156. Google ScholarDigital Library
- Qinying Wang, Shouling Ji, Yuan Tian, Xuhong Zhang, Binbin Zhao, Yuhong Kan, Zhaowei Lin, Changting Lin, Shuiguang Deng, Alex X. Liu, and Raheem Beyah. 2021. MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 4205--4222.Google Scholar
- Qiao Yan, Wenyao Huang, Xupeng Luo, Qingxiang Gong, and F. Richard Yu. 2018. A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things. IEEE Communications Magazine 56, 2 (2018), 30--36. Google ScholarDigital Library
- Changgang Zheng, Zhaoqi Xiong, Thanh T Bui, Siim Kaupmees, Riyad Bensoussane, Antoine Bernabeu, Shay Vargaftik, Yaniv Ben-Itzhak, and Noa Zilberman. 2022. IIsy: Practical In-Network Classification. Google ScholarCross Ref
- Changgang Zheng, Mingyuan Zang, Xinpeng Hong, Riyad Bensoussane, Shay Vargaftik, Yaniv Ben-Itzhak, and Noa Zilberman. 2022. Automating In-Network Machine Learning. Google ScholarCross Ref
Index Terms
- P4Pir: in-network analysis for smart IoT gateways
Recommendations
Machine learning and the Internet of Things security: Solutions and open challenges
Highlights- Emphasizing security challenges and requirements of IoT-based systems.
- ...
AbstractInternet of Things (IoT) is a pervasively-used technology for the last few years. IoT technologies are also responsible for intensifying various everyday smart applications improving the standard of living. However, the inter-crossing ...
Recent Reinforcement Learning and Blockchain Based Security Solutions for Internet of Things: Survey
AbstractUsers’ security is one of the most important issues in Internet of Things (IoT) due to the high number of IoT devices involved in different applications. Security threats are evolving at a rapid pace that make the current security and privacy ...
SecureSense
Constrained Application Protocol (CoAP) has become the de-facto web standard for the IoT. Unlike traditional wireless sensor networks, Internet-connected smart thing deployments require security. CoAP mandates the use of the Datagram TLS (DTLS) protocol ...
Comments