research-article

IoT Network Attack Detection: Leveraging Graph Learning for Enhanced Security

Authors:

Mohamed-Lamine Messai,

Hamida SebaAuthors Info & Claims

ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Article No.: 84, Pages 1 - 7

https://doi.org/10.1145/3600160.3605053

Published: 29 August 2023 Publication History

Abstract

IoT networks are the favorite target of cybercriminals. With more and more connected IoT devices, IoT networks offer large attack surface. There are many potential entry points for cybercriminals in these networks. Hence, attack detection is an essential part of securing IoT networks and protecting them against the potential harm or damage that can result from successful attacks. In this paper, we propose a graph-based framework for detecting attacks in IoT networks. Our approach involves constructing an activity graph to represent the networking events occurring during a monitoring window. This graph is a rich attributed graph capturing both structure and semantic features from the network traffic. Then, we train a neural network on this graph to distinguish between normal activities and attacks. Our preliminary experiments show that our approach is able to accurately detect a large range of attacks when the size of the monitoring window is correctly set.

References

[1]

Abdullah Alsaedi, Nour Moustafa, Zahir Tari, Abdun Mahmood, and Adnan Anwar. 2020. TON_IoT telemetry dataset: A new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8 (2020), 165130–165150.

[2]

Siddharth Bhatia, Rui Liu, Bryan Hooi, Minji Yoon, Kijung Shin, and Christos Faloutsos. 2022. Real-Time Anomaly Detection in Edge Streams. ACM Trans. Knowl. Discov. Data 16, 4, Article 75 (jan 2022), 22 pages. https://doi.org/10.1145/3494564

Digital Library

[3]

H. Cai, V. W. Zheng, and K. Chang. 2018. A Comprehensive Survey of Graph Embedding: Problems, Techniques, and Applications. IEEE Transactions on Knowledge & Data Engineering 30, 09 (sep 2018), 1616–1637. https://doi.org/10.1109/TKDE.2018.2807452

Digital Library

[4]

Milan Cermak and Denisa Sramkova. 2021. GRANEF: Utilization of a Graph Database for Network Forensics. In SECRYPT. 785–790.

[5]

Varun Chandola, Arindam Banerjee, and Vipin Kumar. 2009. Anomaly Detection: A Survey. ACM Comput. Surv. 41, 3, Article 15 (jul 2009), 58 pages. https://doi.org/10.1145/1541880.1541882

Digital Library

[6]

Yen-Yu Chang, Pan Li, Rok Sosic, M. H. Afifi, Marco Schweighauser, and Jure Leskovec. 2021. F-FADE: Frequency Factorization for Anomaly Detection in Edge Streams. In Proceedings of the 14th ACM International Conference on Web Search and Data Mining (Virtual Event, Israel) (WSDM ’21). Association for Computing Machinery, New York, NY, USA, 589–597. https://doi.org/10.1145/3437963.3441806

Digital Library

[7]

Nitesh V. Chawla, Kevin W. Bowyer, Lawrence O. Hall, and W. Philip Kegelmeyer. 2002. SMOTE: Synthetic Minority over-Sampling Technique. J. Artif. Int. Res. 16, 1 (jun 2002), 321–357.

Digital Library

[8]

Guanghan Duan, Hongwu Lv, Huiqiang Wang, and Guangsheng Feng. 2022. Application of a Dynamic Line Graph Neural Network for Intrusion Detection with Semisupervised Learning. IEEE Transactions on Information Forensics and Security (2022).

[9]

Alessandro D’Alconzo, Idilio Drago, Andrea Morichetta, Marco Mellia, and Pedro Casas. 2019. A survey on big data for network traffic monitoring and analysis. IEEE Transactions on Network and Service Management 16, 3 (2019), 800–813.

[10]

Dhivya Eswaran, Christos Faloutsos, Sudipto Guha, and Nina Mishra. 2018. Spotlight: Detecting anomalies in streaming graphs. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 1378–1386.

Digital Library

[11]

Dhivya Eswaran, Christos Faloutsos, Sudipto Guha, and Nina Mishra. 2018. SpotLight: Detecting Anomalies in Streaming Graphs. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (London, United Kingdom) (KDD ’18). Association for Computing Machinery, New York, NY, USA, 1378–1386. https://doi.org/10.1145/3219819.3220040

Digital Library

[12]

Alberto Fernández, Salvador García, Francisco Herrera, and Nitesh V. Chawla. 2018. SMOTE for Learning from Imbalanced Data: Progress and Challenges, Marking the 15-Year Anniversary. J. Artif. Int. Res. 61, 1 (jan 2018), 863–905.

[13]

Aditya Grover and Jure Leskovec. 2016. node2vec: Scalable feature learning for networks. In Proceedings of the 22nd ACM SIGKDD international conference on Knowledge discovery and data mining. 855–864.

Digital Library

[14]

Manish Gupta, Jing Gao, Yizhou Sun, and Jiawei Han. 2012. Integrating Community Matching and Outlier Detection for Mining Evolutionary Community Outliers. In Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (Beijing, China) (KDD ’12). Association for Computing Machinery, New York, NY, USA, 859–867. https://doi.org/10.1145/2339530.2339667

Digital Library

[15]

Will Hamilton, Zhitao Ying, and Jure Leskovec. 2017. Inductive representation learning on large graphs. Advances in neural information processing systems 30 (2017).

[16]

Yizhen Jia, Yinhao Xiao, Jiguo Yu, Xiuzhen Cheng, Zhenkai Liang, and Zhiguo Wan. 2018. A novel graph-based mechanism for identifying traffic vulnerabilities in smart home IoT. In IEEE INFOCOM 2018-IEEE Conference on Computer Communications. 1493–1501. https://doi.org/10.1109/INFOCOM.2018.8486369

Digital Library

[17]

Y. Liu, S. Pan, Y. Wang, F. Xiong, L. Wang, Q. Chen, and V. Lee. 2021. Anomaly Detection in Dynamic Graphs via Transformer. IEEE Transactions on Knowledge & Data Engineering01 (nov 2021), 1–1. https://doi.org/10.1109/TKDE.2021.3124061

Digital Library

[18]

Xiaoxiao Ma, Jia Wu, Shan Xue, Jian Yang, Chuan Zhou, Quan Z Sheng, Hui Xiong, and Leman Akoglu. 2021. A comprehensive survey on graph anomaly detection with deep learning. IEEE Transactions on Knowledge and Data Engineering (2021).

Digital Library

[19]

Emaad Manzoor, Sadegh M. Milajerdi, and Leman Akoglu. 2016. Fast Memory-Efficient Anomaly Detection in Streaming Heterogeneous Graphs. In Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (San Francisco, California, USA) (KDD ’16). Association for Computing Machinery, New York, NY, USA, 1035–1044. https://doi.org/10.1145/2939672.2939783

Digital Library

[20]

Jayashree Mohanty, Sushree Mishra, Sibani Patra, Bibudhendu Pati, and Chhabi Rani Panigrahi. 2021. IoT security, challenges, and solutions: a review. Progress in Advanced Computing and Intelligent Engineering (2021), 493–504.

[21]

Misael Mongiovì, Petko Bogdanov, Razvan Ranca, Evangelos E. Papalexakis, Christos Faloutsos, and Ambuj K. Singh. [n. d.]. NetSpot: Spotting Significant Anomalous Regions on Dynamic Networks. In Proceedings of the 2013 SIAM International Conference on Data Mining (SDM). 28–36. https://doi.org/10.1137/1.9781611972832.4 arXiv:https://epubs.siam.org/doi/pdf/10.1137/1.9781611972832.4

[22]

Ramesh Paudel and H. Howie Huang. 2022. Pikachu: Temporal Walk Based Dynamic Graph Embedding for Network Anomaly Detection. In NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium (Budapest, Hungary). IEEE Press, 1–7. https://doi.org/10.1109/NOMS54207.2022.9789921

Digital Library

[23]

Ramesh Paudel, Timothy Muncy, and William Eberle. 2019. Detecting DoS Attack in Smart Home IoT Devices Using a Graph-Based Approach. In 2019 IEEE International Conference on Big Data (Big Data). 5249–5258. https://doi.org/10.1109/BigData47090.2019.9006156

[24]

Stephen Ranshous, Shitian Shen, Danai Koutra, Steve Harenberg, Christos Faloutsos, and Nagiza F. Samatova. 2015. Anomaly Detection in Dynamic Networks: A Survey. WIREs Comput. Stat. 7, 3 (may 2015), 223–247. https://doi.org/10.1002/wics.1347

Digital Library

[25]

Imad Tareq, Bassant M Elbagoury, Salsabil El-Regaily, and El-Sayed M El-Horbaty. 2022. Analysis of ToN-IoT, UNW-NB15, and Edge-IIoT Datasets Using DL in Cybersecurity for IoT. Applied Sciences 12, 19 (2022), 9572.

[26]

Minji Yoon, Bryan Hooi, Kijung Shin, and Christos Faloutsos. 2019. Fast and Accurate Anomaly Detection in Dynamic Graphs with a Two-Pronged Approach. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (Anchorage, AK, USA) (KDD ’19). Association for Computing Machinery, New York, NY, USA, 647–657. https://doi.org/10.1145/3292500.3330946

Digital Library

[27]

Wenchao Yu, Wei Cheng, Charu C. Aggarwal, Kai Zhang, Haifeng Chen, and Wei Wang. 2018. NetWalk: A Flexible Deep Embedding Approach for Anomaly Detection in Dynamic Networks. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (London, United Kingdom) (KDD ’18). Association for Computing Machinery, New York, NY, USA, 2672–2681. https://doi.org/10.1145/3219819.3220024

Digital Library

[28]

Li Zheng, Zhenpeng Li, Jian Li, Zhao Li, and Jun Gao. 2019. AddGraph: Anomaly Detection in Dynamic Graph Using Attention-based Temporal GCN. In Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI-19. International Joint Conferences on Artificial Intelligence Organization, 4419–4425. https://doi.org/10.24963/ijcai.2019/614

Cited By

Singh BKaunert C(2024)Exploring Effective Strategies for Combatting Cybercrime and Intersection of IoT, Deep LearningHuman Impact on Security and Privacy10.4018/979-8-3693-9235-5.ch008(141-172)Online publication date: 27-Sep-2024
https://doi.org/10.4018/979-8-3693-9235-5.ch008
Singh BKaunert C(2024)Scouting the Juncture of Internet of Things (IoT), Deep Learning, and CybercrimeUtilizing Generative AI for Cyber Defense Strategies10.4018/979-8-3693-8944-7.ch012(363-398)Online publication date: 13-Sep-2024
https://doi.org/10.4018/979-8-3693-8944-7.ch012
Singh BKaunert CGautam R(2024)Harnessing Machine Learning Intelligence Against Cyber ThreatsEmpowering Entrepreneurial Mindsets With AI10.4018/979-8-3693-7658-4.ch016(319-352)Online publication date: 30-Aug-2024
https://doi.org/10.4018/979-8-3693-7658-4.ch016
Show More Cited By

Index Terms

IoT Network Attack Detection: Leveraging Graph Learning for Enhanced Security

Recommendations

An improved security approach for attack detection and mitigation over IoT networks using HACABO and Merkle signatures

IoT is an agglomeration of heterogeneous technologies and interconnected devices that are autonomous and self-configurable. Its constrained resources characteristic has made it more vulnerable to harmful attacks and tend to data loss and resource ...
IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN
Cyberspace Safety and Security
Abstract
Nowadays, the Internet of Things (IoT) has developed rapidly and changed people’s life into a more convenient style. However, a huge number of vulnerable IoT devices are exploited to constitute botnet by many attackers, which forms a serious ...
Machine learning based low-rate DDoS attack detection for SDN enabled IoT networks

The software-defined network (SDN) enabled internet of things (IoT) architecture is deployed in many industrial systems. The ability of SDN to intelligently route traffic and use underutilised network resources, enables IoT networks to cope with data ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

August 2023

1440 pages

ISBN:9798400707728

DOI:10.1145/3600160

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 August 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Agence française de financement de la recherche

Conference

ARES 2023

ARES 2023: The 18th International Conference on Availability, Reliability and Security

August 29 - September 1, 2023

Benevento, Italy

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
169
Total Downloads

Downloads (Last 12 months)113
Downloads (Last 6 weeks)10

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Singh BKaunert C(2024)Exploring Effective Strategies for Combatting Cybercrime and Intersection of IoT, Deep LearningHuman Impact on Security and Privacy10.4018/979-8-3693-9235-5.ch008(141-172)Online publication date: 27-Sep-2024
https://doi.org/10.4018/979-8-3693-9235-5.ch008
Singh BKaunert C(2024)Scouting the Juncture of Internet of Things (IoT), Deep Learning, and CybercrimeUtilizing Generative AI for Cyber Defense Strategies10.4018/979-8-3693-8944-7.ch012(363-398)Online publication date: 13-Sep-2024
https://doi.org/10.4018/979-8-3693-8944-7.ch012
Singh BKaunert CGautam R(2024)Harnessing Machine Learning Intelligence Against Cyber ThreatsEmpowering Entrepreneurial Mindsets With AI10.4018/979-8-3693-7658-4.ch016(319-352)Online publication date: 30-Aug-2024
https://doi.org/10.4018/979-8-3693-7658-4.ch016
Singh BKaunert C(2024)Navigating Cryptocurrency RegulationExploring the World With Blockchain Through Cryptotravel10.4018/979-8-3693-6562-5.ch009(133-160)Online publication date: 3-Dec-2024
https://doi.org/10.4018/979-8-3693-6562-5.ch009
Touahria Miliani MSadat SHaddad MSeba HAmrouche K(2024)Comparing Hyperbolic Graph Embedding models on Anomaly Detection for CybersecurityProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670445(1-11)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3670445
Kostage KWest DMeinert TQu CCalyam PMazzola L(2024)Enhancing Autonomous Intrusion Detection System with Generative Adversarial Networks2024 IEEE 20th International Conference on e-Science (e-Science)10.1109/e-Science62913.2024.10678662(1-10)Online publication date: 16-Sep-2024
https://doi.org/10.1109/e-Science62913.2024.10678662
Zhong MLin MZhang CXu Z(2024)A survey on graph neural networks for intrusion detection systemsComputers and Security10.1016/j.cose.2024.103821141:COnline publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1016/j.cose.2024.103821

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents