{"title":"IoTPredictor: A security framework for predicting IoT device behaviours and detecting malicious devices against cyber attacks","authors":"","doi":"10.1016/j.cose.2024.104037","DOIUrl":null,"url":null,"abstract":"<div><p>Securing Internet of Things (IoT) devices is paramount to mitigate unauthorised access and potential cyber threats, safeguarding the integrity of transmitted and processed data within interconnected devices. Identifying malicious IoT devices necessitates vigilant monitoring of network traffic, behaviour analysis, and implementing security measures, including Anomaly Detection Systems (ADSs), Intrusion Detection Systems (IDSs), and regular firmware updates. Traditional security approaches need to be revised for safeguarding IoT systems due to their inherent limitations in accommodating the resource-constrained nature of these devices.</p><p>We introduce <em>IoTPredictor</em>, an advanced security approach designed to predict and detect malicious activities in IoT devices. Leveraging Hidden Markov Models (HMMs), <em>IoTPredictor</em> integrates an ADS to proactively detect and thwart attacks within the complex IoT-fog computing landscape. Our conceptual approach begins with categorising IoT devices into genuine, compromised, and counterfeit. We propose an HMM-based state transition model that captures potential transitions between states, such as normal, compromised, or counterfeit operations. We introduce an algorithm for estimating probabilities associated with next-state predictions to facilitate predictive analysis. Furthermore, we present a formal approach for analysing communications between different states, enhancing the precision of the security framework. To validate the effectiveness of <em>IoTPredictor</em>, we conduct a series of experiments and provide a comprehensive evaluation. The results demonstrate the robustness and efficiency of our proposed security framework in predicting and preventing malicious activities, thereby contributing to the overall security enhancement of IoT devices within the complex IoT-fog computing network.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167404824003420/pdfft?md5=157c55c24e672dac3c64152d41a0f049&pid=1-s2.0-S0167404824003420-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824003420","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Securing Internet of Things (IoT) devices is paramount to mitigate unauthorised access and potential cyber threats, safeguarding the integrity of transmitted and processed data within interconnected devices. Identifying malicious IoT devices necessitates vigilant monitoring of network traffic, behaviour analysis, and implementing security measures, including Anomaly Detection Systems (ADSs), Intrusion Detection Systems (IDSs), and regular firmware updates. Traditional security approaches need to be revised for safeguarding IoT systems due to their inherent limitations in accommodating the resource-constrained nature of these devices.
We introduce IoTPredictor, an advanced security approach designed to predict and detect malicious activities in IoT devices. Leveraging Hidden Markov Models (HMMs), IoTPredictor integrates an ADS to proactively detect and thwart attacks within the complex IoT-fog computing landscape. Our conceptual approach begins with categorising IoT devices into genuine, compromised, and counterfeit. We propose an HMM-based state transition model that captures potential transitions between states, such as normal, compromised, or counterfeit operations. We introduce an algorithm for estimating probabilities associated with next-state predictions to facilitate predictive analysis. Furthermore, we present a formal approach for analysing communications between different states, enhancing the precision of the security framework. To validate the effectiveness of IoTPredictor, we conduct a series of experiments and provide a comprehensive evaluation. The results demonstrate the robustness and efficiency of our proposed security framework in predicting and preventing malicious activities, thereby contributing to the overall security enhancement of IoT devices within the complex IoT-fog computing network.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.