Accuracy vs Efficiency: Machine Learning Enabled Anomaly Detection on the Internet of Things

Anomaly detection is an important security mechanism for the Internet of Things (IoT). Existing works have been focused on developing accurate anomaly detection models. However, due to the resource-constrained nature of IoT networks and the requirement of real-time security operation, cost efficient (regarding computational efficiency and memory-consumption efficiency) approaches for anomaly detection are highly desirable in IoT applications. In this paper, we investigated machine learning (ML) enabled anomaly detection models for the IoT with regard to multi-objective optimization (Pareto optimization) that minimizes the detection error, execution time, and memory consumption simultaneously. Making use of well-known datasets consisting of network traffic traces captured in an IoT environment, we studied a variety of machine learning algorithms through the world-class H2O AI platform. Our experimental results show that the Gradient Boosting Machine, Random Forest, and Deep Learning models are the most accurate and fastest anomaly detection models; the Gradient Boosting Machine and Random Forest are the most accurate and memory-efficient models. These ML models form the Pareto-optimal set of anomaly detection models. Our results can be used by the industry to facilitate their selection of ML models for anomaly detection on various IoT networks based on their security requirements and system constraints.