{"title":"IoTGUARD: A Graph Learning Based-Approach for Early IoT Attack Traffic Detection","authors":"Zinuo Yin, Wenbo Wang, Tao Hu, Hailong Ma","doi":"10.1002/itl2.70055","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Internet of things (IoT) attack traffic detection is essential in guarding IoT security. Mainstream methods, which rely on tabular feature extraction from completed network flows, often suffer from considerable latency, hindering real-time detection. Even those methods that focus on early threat detection are fraught with numerous shortcomings, insufficient accuracy, and difficulties in extracting temporal features from attack flows. Therefore, we propose IoTGUARD, a graph learning-based approach for early IoT attack traffic detection. It leverages only the initial packets of IoT flows for constructing IoT weighted flow graphs to enhance real-time performance. By design a node-edge alternating learning graph neural network, NEL-GNN, IoTGUARD enables comprehensive learning of IoT weighted flow graphs and effectively classify attack flows. Experiments conducted on ToN-IoT dataset demonstrate that IoTGUARD achieves accuracies of 97.30% for various attacks with limited data packets, outperforming other comparable methods.</p>\n </div>","PeriodicalId":100725,"journal":{"name":"Internet Technology Letters","volume":"8 4","pages":""},"PeriodicalIF":0.5000,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet Technology Letters","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/itl2.70055","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0
Abstract
Internet of things (IoT) attack traffic detection is essential in guarding IoT security. Mainstream methods, which rely on tabular feature extraction from completed network flows, often suffer from considerable latency, hindering real-time detection. Even those methods that focus on early threat detection are fraught with numerous shortcomings, insufficient accuracy, and difficulties in extracting temporal features from attack flows. Therefore, we propose IoTGUARD, a graph learning-based approach for early IoT attack traffic detection. It leverages only the initial packets of IoT flows for constructing IoT weighted flow graphs to enhance real-time performance. By design a node-edge alternating learning graph neural network, NEL-GNN, IoTGUARD enables comprehensive learning of IoT weighted flow graphs and effectively classify attack flows. Experiments conducted on ToN-IoT dataset demonstrate that IoTGUARD achieves accuracies of 97.30% for various attacks with limited data packets, outperforming other comparable methods.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
