{"title":"评估物联网中的本地入侵检测","authors":"Christiana Ioannou, V. Vassiliou","doi":"10.1109/MedComNet52149.2021.9501269","DOIUrl":null,"url":null,"abstract":"Security in the Internet of Things (IoT) is designed to ensure timely, reliable and fully operational network. The presence of a malicious device within the network can decrease the IoT applications' effective functionality by failing to transmit the data to the intended user. Intrusion detection systems (IDS) with anomaly detection classify IoT network activity based on what is defined as normal. In this paper we present the evaluation of local Binary Logistic Regression (BLR) detection models, found in mIDS, which monitor local IoT node activity to detect routing layer attacks, such as Selective Forward and Blackhole. The BLR detection models were evaluated in both a simulator and an IoT testbed platform. Overall, our results, both in the simulator and at the testbed, have shown that for each environment to be deployed, a customised BLR model should be created and more than one performance measure should be used. In the paper we propose the use of four performance metrics to fully capture the efficacy of classification methods. Besides Precision, Recall, and Accuracy, we have chosen to include the Matthews Correlation Coefficient in our evaluation set, since it provides a more normalized view and the quality of the BLR detection models.","PeriodicalId":272937,"journal":{"name":"2021 19th Mediterranean Communication and Computer Networking Conference (MedComNet)","volume":"175 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Evaluating Local Intrusion Detection in the Internet of Things\",\"authors\":\"Christiana Ioannou, V. Vassiliou\",\"doi\":\"10.1109/MedComNet52149.2021.9501269\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security in the Internet of Things (IoT) is designed to ensure timely, reliable and fully operational network. The presence of a malicious device within the network can decrease the IoT applications' effective functionality by failing to transmit the data to the intended user. Intrusion detection systems (IDS) with anomaly detection classify IoT network activity based on what is defined as normal. In this paper we present the evaluation of local Binary Logistic Regression (BLR) detection models, found in mIDS, which monitor local IoT node activity to detect routing layer attacks, such as Selective Forward and Blackhole. The BLR detection models were evaluated in both a simulator and an IoT testbed platform. Overall, our results, both in the simulator and at the testbed, have shown that for each environment to be deployed, a customised BLR model should be created and more than one performance measure should be used. In the paper we propose the use of four performance metrics to fully capture the efficacy of classification methods. Besides Precision, Recall, and Accuracy, we have chosen to include the Matthews Correlation Coefficient in our evaluation set, since it provides a more normalized view and the quality of the BLR detection models.\",\"PeriodicalId\":272937,\"journal\":{\"name\":\"2021 19th Mediterranean Communication and Computer Networking Conference (MedComNet)\",\"volume\":\"175 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 19th Mediterranean Communication and Computer Networking Conference (MedComNet)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MedComNet52149.2021.9501269\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 19th Mediterranean Communication and Computer Networking Conference (MedComNet)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MedComNet52149.2021.9501269","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Evaluating Local Intrusion Detection in the Internet of Things
Security in the Internet of Things (IoT) is designed to ensure timely, reliable and fully operational network. The presence of a malicious device within the network can decrease the IoT applications' effective functionality by failing to transmit the data to the intended user. Intrusion detection systems (IDS) with anomaly detection classify IoT network activity based on what is defined as normal. In this paper we present the evaluation of local Binary Logistic Regression (BLR) detection models, found in mIDS, which monitor local IoT node activity to detect routing layer attacks, such as Selective Forward and Blackhole. The BLR detection models were evaluated in both a simulator and an IoT testbed platform. Overall, our results, both in the simulator and at the testbed, have shown that for each environment to be deployed, a customised BLR model should be created and more than one performance measure should be used. In the paper we propose the use of four performance metrics to fully capture the efficacy of classification methods. Besides Precision, Recall, and Accuracy, we have chosen to include the Matthews Correlation Coefficient in our evaluation set, since it provides a more normalized view and the quality of the BLR detection models.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
