Securing the Internet of Things using machine learning

Abstract

The Internet of Things has shown its potential to empower various industry sectors. From smart homes to healthcare, IoT devices have become omnipresent. The network layer of the IoT system can be subjected to many types of attacks such as DoS, sybil attacks, replay attacks. These attacks on the network layer significantly degrade the network performance. Hence, it is of primary importance to secure the network layer from these attacks to protect the integrity of the data flowing through the network while ensuring timely delivery of key information. The first part of this work focused on protecting the IoT network from one specific variant of the above-specified attacks, the Low-Rate Denial of Service (LR DoS) attacks. LR DoS attacks are a more insidious type of DoS attack. They remain stealthy in the network, undetected by conventional DoS detection systems, while having the same effect as conventional DoS attacks. In this work, Software Defined Networking (SDN) is used in conjunction with an Artificial Intelligence (AI) based Intrusion Detection System (IDS) to protect the IoT network from LR DoS attacks. An AI-based anomaly detection scheme called FeedForward - Convolutional Neural Network (FFCNN) is proposed and discussed in the first part of the thesis. The Canadian Institute of Cybersecurity Denial of Service 2017 (CIC DoS 2017) dataset is used for the study. The performance of FFCNN is analyzed using the metrics accuracy, precision, recall, F1 score, detection time per flow, and ROC curves and is compared to the other machine learning algorithms - J48, Random Forest, Random Tree, REP Tree, SVM, and Multi-Layer Perceptron (MLP). The empirical analysis shows that FFCNN achieves higher detection accuracy in detecting LR DoS attacks than the other machine learning algorithms. The penetration of IoT into the transportation sector has given rise to a new networking paradigm called the Internet of Vehicles. In the Internet of Vehicles networks, vehicles periodically broadcast their current positions, speeds, and accelerations through Basic Safety Messages (BSMs) using the Dedicated Short Range Communications (DSRC) standard. Safety-critical applications like blind-spot warning and lane change warning systems use the BSMs to ensure the safety of road users. However, adversaries can modify the contents of the messages that affect the efficacy of the developed applications. One such attack is the position falsification attack, where the attacker inserts false position information into the BSMs. To address this issue, the second part of the thesis proposes and discusses an AI-based position falsification attack detection system, Novel Position Falsification Attack Detection System for the Internet of Vehicles (NPFADS for the IoV), that can detect novel position falsification attacks emerging in IoV networks. The performance NPFADS is quantitatively analyzed using the metrics accuracy, precision, recall and F1 score, ROC curves, and PR curves. The Vehicular Reference Misbehavior (VeReMi) dataset is used as the benchmark for the study. The system’s performance is also compared to the existing misbehavior detection systems in the literature. The analysis shows that our proposed system outperforms the existing supervised learning models even when initialized with zero knowledge about the novel position falsification attacks.