Adaptive learning-based hybrid recommender system for deception in Internet of Thing

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2024-10-11 DOI:10.1016/j.comnet.2024.110853

Volviane Saphir Mfogo , Alain Zemkoho , Laurent Njilla , Marcellin Nkenlifack , Charles Kamhoua

{"title":"Adaptive learning-based hybrid recommender system for deception in Internet of Thing","authors":"Volviane Saphir Mfogo , Alain Zemkoho , Laurent Njilla , Marcellin Nkenlifack , Charles Kamhoua","doi":"10.1016/j.comnet.2024.110853","DOIUrl":null,"url":null,"abstract":"<div><div>In the rapidly evolving Internet of Things (IoT) security domain, device vulnerabilities pose significant risks, frequently exploited by cyberattackers. Traditional reactive security measures like patching often fall short against advanced threats. This paper introduces a proactive deception system enhanced by an innovative Adaptive Learning-based Hybrid Recommender System (AL-HRS), utilizing the vulnerability and attack repository for IoT (VARIoT) database. This advanced system identifies existing vulnerabilities and dynamically recommends additional deceptive vulnerabilities based on real-time analysis of attacker behavior and historical exploit data. These recommended vulnerabilities mislead attackers into engaging with controlled environments such as honeypots, effectively neutralizing potential threats. The AL-HRS combines the predictive strengths of content-based filtering (CBF) and collaborative filtering (CF) with an adaptive learning mechanism that adjusts recommendations based on ongoing attacker interactions, ensuring the system’s efficacy amidst changing attack patterns. Our approach innovatively combines these methodologies to provide a continuously evolving security strategy, significantly enhancing the deception capability of IoT systems. Initial evaluations demonstrate a potential reduction in device compromise, highlighting the effectiveness and strategic relevance of this adaptive deception framework in IoT cybersecurity.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"255 ","pages":"Article 110853"},"PeriodicalIF":4.4000,"publicationDate":"2024-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128624006856","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the rapidly evolving Internet of Things (IoT) security domain, device vulnerabilities pose significant risks, frequently exploited by cyberattackers. Traditional reactive security measures like patching often fall short against advanced threats. This paper introduces a proactive deception system enhanced by an innovative Adaptive Learning-based Hybrid Recommender System (AL-HRS), utilizing the vulnerability and attack repository for IoT (VARIoT) database. This advanced system identifies existing vulnerabilities and dynamically recommends additional deceptive vulnerabilities based on real-time analysis of attacker behavior and historical exploit data. These recommended vulnerabilities mislead attackers into engaging with controlled environments such as honeypots, effectively neutralizing potential threats. The AL-HRS combines the predictive strengths of content-based filtering (CBF) and collaborative filtering (CF) with an adaptive learning mechanism that adjusts recommendations based on ongoing attacker interactions, ensuring the system’s efficacy amidst changing attack patterns. Our approach innovatively combines these methodologies to provide a continuously evolving security strategy, significantly enhancing the deception capability of IoT systems. Initial evaluations demonstrate a potential reduction in device compromise, highlighting the effectiveness and strategic relevance of this adaptive deception framework in IoT cybersecurity.

查看原文本刊更多论文

基于自适应学习的混合推荐系统，用于物联网中的欺骗行为

在快速发展的物联网（IoT）安全领域，设备漏洞构成了重大风险，经常被网络攻击者利用。打补丁等传统的被动安全措施往往无法应对高级威胁。本文介绍了一种主动欺骗系统，该系统通过创新的基于自适应学习的混合推荐系统（AL-HRS），利用物联网漏洞和攻击存储库（VARIoT）数据库进行增强。这一先进系统可识别现有漏洞，并根据对攻击者行为和历史漏洞利用数据的实时分析，动态推荐额外的欺骗性漏洞。这些推荐的漏洞会误导攻击者进入受控环境（如 "蜜罐"），从而有效地消除潜在威胁。AL-HRS 将基于内容的过滤（CBF）和协同过滤（CF）的预测优势与自适应学习机制相结合，该机制可根据攻击者的持续互动调整建议，确保系统在不断变化的攻击模式中发挥功效。我们的方法创新性地将这些方法结合在一起，提供了一种不断发展的安全策略，大大增强了物联网系统的欺骗能力。初步评估表明，设备受到攻击的可能性有所降低，突出了这种自适应欺骗框架在物联网网络安全方面的有效性和战略意义。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.