TY - JOUR
T1 - Anomaly traffic detection and correlation in Smart Home automation IoT systems
AU - Gajewski, Mariusz
AU - Mongay Batalla, Jordi
AU - Mastorakis, George
AU - Mavromoustakis, Constandinos X.
PY - 2020
Y1 - 2020
N2 - Smart building automation systems are increasingly the target of hacking attacks. Moreover, they may be used as a tool for attacks against targets located out of the native Home Area Network (HAN). These attacks are often resulted in changes in traffic volume, damaged packets, increased message traffic, and so on. Symptoms of attacks can be detected as anomalies in traffic model and recognized by a software agent run on Home Gateway. Although these anomalies are detected locally, it may help network provider to protect his resources as well as other resources of his clients. For that purpose, network operator should be able to recognize anomalies and correlate them on the network level. In this way, the network operator has the ability to protect both its own network and HANs of its clients. This article shows that Smart Home security might be coupled with the providers' network security policy. For that reason, security tasks should be performed both in HAN and providers' data center. This article describes a novel strategy for anomaly detection that provides shared responsibility between a service client and the network provider. It uses a machine learning approach for classifying the monitoring data and correlation in searching suspicious behavior across the network resources at the service provider's data center.
AB - Smart building automation systems are increasingly the target of hacking attacks. Moreover, they may be used as a tool for attacks against targets located out of the native Home Area Network (HAN). These attacks are often resulted in changes in traffic volume, damaged packets, increased message traffic, and so on. Symptoms of attacks can be detected as anomalies in traffic model and recognized by a software agent run on Home Gateway. Although these anomalies are detected locally, it may help network provider to protect his resources as well as other resources of his clients. For that purpose, network operator should be able to recognize anomalies and correlate them on the network level. In this way, the network operator has the ability to protect both its own network and HANs of its clients. This article shows that Smart Home security might be coupled with the providers' network security policy. For that reason, security tasks should be performed both in HAN and providers' data center. This article describes a novel strategy for anomaly detection that provides shared responsibility between a service client and the network provider. It uses a machine learning approach for classifying the monitoring data and correlation in searching suspicious behavior across the network resources at the service provider's data center.
UR - http://www.scopus.com/inward/record.url?scp=85088781752&partnerID=8YFLogxK
U2 - 10.1002/ett.4053
DO - 10.1002/ett.4053
M3 - Article
AN - SCOPUS:85088781752
SN - 2161-5748
JO - Transactions on Emerging Telecommunications Technologies
JF - Transactions on Emerging Telecommunications Technologies
ER -