-
Graph-Based DDoS Attack Detection in IoT Systems with Lossy Network
Authors:
Arvin Hekmati,
Bhaskar Krishnamachari
Abstract:
This study introduces a robust solution for the detection of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) systems, leveraging the capabilities of Graph Convolutional Networks (GCN). By conceptualizing IoT devices as nodes within a graph structure, we present a detection mechanism capable of operating efficiently even in lossy network environments. We introduce various g…
▽ More
This study introduces a robust solution for the detection of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) systems, leveraging the capabilities of Graph Convolutional Networks (GCN). By conceptualizing IoT devices as nodes within a graph structure, we present a detection mechanism capable of operating efficiently even in lossy network environments. We introduce various graph topologies for modeling IoT networks and evaluate them for detecting tunable futuristic DDoS attacks. By studying different levels of network connection loss and various attack situations, we demonstrate that the correlation-based hybrid graph structure is effective in spotting DDoS attacks, substantiating its good performance even in lossy network scenarios. The results indicate a remarkable performance of the GCN-based DDoS detection model with an F1 score of up to 91%. Furthermore, we observe at most a 2% drop in F1-score in environments with up to 50% connection loss. The findings from this study highlight the advantages of utilizing GCN for the security of IoT systems which benefit from high detection accuracy while being resilient to connection disruption.
△ Less
Submitted 14 March, 2024;
originally announced March 2024.
-
IoT in the Era of Generative AI: Vision and Challenges
Authors:
Xin Wang,
Zhongwei Wan,
Arvin Hekmati,
Mingyu Zong,
Samiul Alam,
Mi Zhang,
Bhaskar Krishnamachari
Abstract:
Equipped with sensing, networking, and computing capabilities, Internet of Things (IoT) such as smartphones, wearables, smart speakers, and household robots have been seamlessly weaved into our daily lives. Recent advancements in Generative AI exemplified by GPT, LLaMA, DALL-E, and Stable Difussion hold immense promise to push IoT to the next level. In this article, we share our vision and views o…
▽ More
Equipped with sensing, networking, and computing capabilities, Internet of Things (IoT) such as smartphones, wearables, smart speakers, and household robots have been seamlessly weaved into our daily lives. Recent advancements in Generative AI exemplified by GPT, LLaMA, DALL-E, and Stable Difussion hold immense promise to push IoT to the next level. In this article, we share our vision and views on the benefits that Generative AI brings to IoT, and discuss some of the most important applications of Generative AI in IoT-related domains. Fully harnessing Generative AI in IoT is a complex challenge. We identify some of the most critical challenges including high resource demands of the Generative AI models, prompt engineering, on-device inference, offloading, on-device fine-tuning, federated learning, security, as well as development tools and benchmarks, and discuss current gaps as well as promising opportunities on enabling Generative AI for IoT. We hope this article can inspire new research on IoT in the era of Generative AI.
△ Less
Submitted 5 January, 2024; v1 submitted 3 January, 2024;
originally announced January 2024.
-
Correlation-Aware Neural Networks for DDoS Attack Detection In IoT Systems
Authors:
Arvin Hekmati,
Nishant Jethwa,
Eugenio Grippo,
Bhaskar Krishnamachari
Abstract:
We present a comprehensive study on applying machine learning to detect distributed Denial of service (DDoS) attacks using large-scale Internet of Things (IoT) systems. While prior works and existing DDoS attacks have largely focused on individual nodes transmitting packets at a high volume, we investigate more sophisticated futuristic attacks that use large numbers of IoT devices and camouflage t…
▽ More
We present a comprehensive study on applying machine learning to detect distributed Denial of service (DDoS) attacks using large-scale Internet of Things (IoT) systems. While prior works and existing DDoS attacks have largely focused on individual nodes transmitting packets at a high volume, we investigate more sophisticated futuristic attacks that use large numbers of IoT devices and camouflage their attack by having each node transmit at a volume typical of benign traffic. We introduce new correlation-aware architectures that take into account the correlation of traffic across IoT nodes, and we also compare the effectiveness of centralized and distributed detection models. We extensively analyze the proposed architectures by evaluating five different neural network models trained on a dataset derived from a 4060-node real-world IoT system. We observe that long short-term memory (LSTM) and a transformer-based model, in conjunction with the architectures that use correlation information of the IoT nodes, provide higher performance (in terms of F1 score and binary accuracy) than the other models and architectures, especially when the attacker camouflages itself by following benign traffic distribution on each transmitting node. For instance, by using the LSTM model, the distributed correlation-aware architecture gives 81% F1 score for the attacker that camouflages their attack with benign traffic as compared to 35% for the architecture that does not use correlation information. We also investigate the performance of heuristics for selecting a subset of nodes to share their data for correlation-aware architectures to meet resource constraints.
△ Less
Submitted 15 February, 2023;
originally announced February 2023.
-
Dataset: Large-scale Urban IoT Activity Data for DDoS Attack Emulation
Authors:
Arvin Hekmati,
Eugenio Grippo,
Bhaskar Krishnamachari
Abstract:
As IoT deployments grow in scale for applications such as smart cities, they face increasing cyber-security threats. In particular, as evidenced by the famous Mirai incident and other ongoing threats, large-scale IoT device networks are particularly susceptible to being hijacked and used as botnets to launch distributed denial of service (DDoS) attacks. Real large-scale datasets are needed to trai…
▽ More
As IoT deployments grow in scale for applications such as smart cities, they face increasing cyber-security threats. In particular, as evidenced by the famous Mirai incident and other ongoing threats, large-scale IoT device networks are particularly susceptible to being hijacked and used as botnets to launch distributed denial of service (DDoS) attacks. Real large-scale datasets are needed to train and evaluate the use of machine learning algorithms such as deep neural networks to detect and defend against such DDoS attacks. We present a dataset from an urban IoT deployment of 4060 nodes describing their spatio-temporal activity under benign conditions. We also provide a synthetic DDoS attack generator that injects attack activity into the dataset based on tunable parameters such as number of nodes attacked and duration of attack. We discuss some of the features of the dataset. We also demonstrate the utility of the dataset as well as our synthetic DDoS attack generator by using them for the training and evaluation of a simple multi-label feed-forward neural network that aims to identify which nodes are under attack and when.
△ Less
Submitted 5 October, 2021;
originally announced October 2021.
-
CONTAIN: Privacy-oriented Contact Tracing Protocols for Epidemics
Authors:
Arvin Hekmati,
Gowri Ramachandran,
Bhaskar Krishnamachari
Abstract:
Pandemic and epidemic diseases such as CoVID-19, SARS-CoV2, and Ebola have spread to multiple countries and infected thousands of people. Such diseases spread mainly through person-to-person contacts. Health care authorities recommend contact tracing procedures to prevent the spread to a vast population. Although several mobile applications have been developed to trace contacts, they typically req…
▽ More
Pandemic and epidemic diseases such as CoVID-19, SARS-CoV2, and Ebola have spread to multiple countries and infected thousands of people. Such diseases spread mainly through person-to-person contacts. Health care authorities recommend contact tracing procedures to prevent the spread to a vast population. Although several mobile applications have been developed to trace contacts, they typically require collection of privacy-intrusive information such as GPS locations, and the logging of privacy-sensitive data on a third party server, or require additional infrastructure such as WiFi APs with known locations. In this paper, we introduce CONTAIN, a privacy-oriented mobile contact tracing application that does not rely on GPS or any other form of infrastructure-based location sensing, nor the continuous logging of any other personally identifiable information on a server. The goal of CONTAIN is to allow users to determine with complete privacy if they have been within a short distance, specifically, Bluetooth wireless range, of someone that is infected, and potentially also when. We identify and prove the privacy guarantees provided by our approach. Our simulation study utilizing an empirical trace dataset (Asturies) involving 100 mobile devices and around 60000 records shows that users can maximize their possibility of identifying if they were near an infected user by turning on the app during active times.
△ Less
Submitted 10 April, 2020;
originally announced April 2020.