利用机器学习的物联网（IoT）恶意软件网络威胁情报系统

Q3 Computer Science

Journal of Cyber Security and Mobility Pub Date : 2023-12-11 DOI:10.13052/jcsm2245-1439.1313

Peng Xiao

{"title":"利用机器学习的物联网（IoT）恶意软件网络威胁情报系统","authors":"Peng Xiao","doi":"10.13052/jcsm2245-1439.1313","DOIUrl":null,"url":null,"abstract":"Cyber Intelligence (CI) is a sophisticated security solution that uses machine learning models to protect networks against cyber-attack. Security concerns to IoT devices are exacerbated because of their inherent weaknesses in memory systems, physical and online interfaces, and network services. IoT devices are vulnerable to attacks because of the communication channels. That raises the risk of spoofing and Denial-of-Service (DoS) attacks on the entire system, which is a severe problem. Since the IoT ecosystem does not have encryption and access restrictions, cloud-based communications and data storage have become increasingly popular. An IoT-based Cyber Threat Intelligence System (IoT-CTIS) is designed in this article to detect malware and security threads using a machine learning algorithm. Because hackers are continuously attempting to get their hands on sensitive information, it is important that IoT devices have strong authentication measures in place. Multifactor authentication, digital certificates, and biometrics are just some of the methods that may be used to verify the identity of an Internet of Things device. All devices use Machine Learning (ML) assisted Logistic Regression (LR) techniques to address memory and Internet interface vulnerabilities. System integrity concerns, such as spoofing and Denial of Service (DoS) attacks, must be minimized using the Random Forest (RF) Algorithm. Default passwords are often provided with IoT devices, and many users don’t bother to change them, making it simple for cybercriminals to get access. In other instances, people design insecure passwords that are easy to crack. The results of the experiments show that the method outperforms other similar strategies in terms of identification and wrong alarms. Checking your alarm system’s functionality both locally and in terms of its connection to the monitoring centre is why you do it. Make sure your alarm system is working properly by checking it on a regular basis. It is recommended that you do system tests at least once every three months. The experimental analysis of IoT-CTIS outperforms the method in terms of accuracy (90%), precision (90%), F-measure (88%), Re-call (90%), RMSE (15%), MSE (5%), TPR (89%), TNR (8%), FRP (89%), FNR (8%), Security (93%), MCC (92%).","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"27 8","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Malware Cyber Threat Intelligence System for Internet of Things (IoT) Using Machine Learning\",\"authors\":\"Peng Xiao\",\"doi\":\"10.13052/jcsm2245-1439.1313\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber Intelligence (CI) is a sophisticated security solution that uses machine learning models to protect networks against cyber-attack. Security concerns to IoT devices are exacerbated because of their inherent weaknesses in memory systems, physical and online interfaces, and network services. IoT devices are vulnerable to attacks because of the communication channels. That raises the risk of spoofing and Denial-of-Service (DoS) attacks on the entire system, which is a severe problem. Since the IoT ecosystem does not have encryption and access restrictions, cloud-based communications and data storage have become increasingly popular. An IoT-based Cyber Threat Intelligence System (IoT-CTIS) is designed in this article to detect malware and security threads using a machine learning algorithm. Because hackers are continuously attempting to get their hands on sensitive information, it is important that IoT devices have strong authentication measures in place. Multifactor authentication, digital certificates, and biometrics are just some of the methods that may be used to verify the identity of an Internet of Things device. All devices use Machine Learning (ML) assisted Logistic Regression (LR) techniques to address memory and Internet interface vulnerabilities. System integrity concerns, such as spoofing and Denial of Service (DoS) attacks, must be minimized using the Random Forest (RF) Algorithm. Default passwords are often provided with IoT devices, and many users don’t bother to change them, making it simple for cybercriminals to get access. In other instances, people design insecure passwords that are easy to crack. The results of the experiments show that the method outperforms other similar strategies in terms of identification and wrong alarms. Checking your alarm system’s functionality both locally and in terms of its connection to the monitoring centre is why you do it. Make sure your alarm system is working properly by checking it on a regular basis. It is recommended that you do system tests at least once every three months. The experimental analysis of IoT-CTIS outperforms the method in terms of accuracy (90%), precision (90%), F-measure (88%), Re-call (90%), RMSE (15%), MSE (5%), TPR (89%), TNR (8%), FRP (89%), FNR (8%), Security (93%), MCC (92%).\",\"PeriodicalId\":37820,\"journal\":{\"name\":\"Journal of Cyber Security and Mobility\",\"volume\":\"27 8\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-12-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cyber Security and Mobility\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.13052/jcsm2245-1439.1313\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cyber Security and Mobility","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.13052/jcsm2245-1439.1313","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

摘要

网络智能（CI）是一种先进的安全解决方案，它使用机器学习模型来保护网络免受网络攻击。由于物联网设备在内存系统、物理和在线接口以及网络服务方面存在固有的弱点，因此物联网设备的安全问题更加严重。由于通信渠道的原因，物联网设备很容易受到攻击。这就提高了对整个系统进行欺骗和拒绝服务（DoS）攻击的风险，这是一个严重的问题。由于物联网生态系统没有加密和访问限制，基于云的通信和数据存储变得越来越流行。本文设计了一种基于物联网的网络威胁情报系统（IoT-CTIS），利用机器学习算法检测恶意软件和安全线程。由于黑客不断试图获取敏感信息，因此物联网设备必须具备强大的身份验证措施。多因素身份验证、数字证书和生物识别技术只是用于验证物联网设备身份的部分方法。所有设备都使用机器学习 (ML) 辅助逻辑回归 (LR) 技术来解决内存和互联网接口漏洞问题。必须使用随机森林 (RF) 算法最大限度地减少系统完整性问题，如欺骗和拒绝服务 (DoS) 攻击。物联网设备通常提供默认密码，许多用户懒得更改密码，网络犯罪分子因此很容易获得访问权限。在其他情况下，人们设计的密码不安全，很容易被破解。实验结果表明，该方法在识别和错误报警方面优于其他类似策略。检查报警系统在本地和与监控中心连接方面的功能，这是您这样做的原因。通过定期检查确保报警系统正常工作。建议至少每三个月进行一次系统测试。通过实验分析，IoT-CTIS 在准确度（90%）、精确度（90%）、F-measure（88%）、Re-call（90%）、RMSE（15%）、MSE（5%）、TPR（89%）、TNR（8%）、FRP（89%）、FNR（8%）、安全性（93%）、MCC（92%）等方面均优于上述方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malware Cyber Threat Intelligence System for Internet of Things (IoT) Using Machine Learning

Cyber Intelligence (CI) is a sophisticated security solution that uses machine learning models to protect networks against cyber-attack. Security concerns to IoT devices are exacerbated because of their inherent weaknesses in memory systems, physical and online interfaces, and network services. IoT devices are vulnerable to attacks because of the communication channels. That raises the risk of spoofing and Denial-of-Service (DoS) attacks on the entire system, which is a severe problem. Since the IoT ecosystem does not have encryption and access restrictions, cloud-based communications and data storage have become increasingly popular. An IoT-based Cyber Threat Intelligence System (IoT-CTIS) is designed in this article to detect malware and security threads using a machine learning algorithm. Because hackers are continuously attempting to get their hands on sensitive information, it is important that IoT devices have strong authentication measures in place. Multifactor authentication, digital certificates, and biometrics are just some of the methods that may be used to verify the identity of an Internet of Things device. All devices use Machine Learning (ML) assisted Logistic Regression (LR) techniques to address memory and Internet interface vulnerabilities. System integrity concerns, such as spoofing and Denial of Service (DoS) attacks, must be minimized using the Random Forest (RF) Algorithm. Default passwords are often provided with IoT devices, and many users don’t bother to change them, making it simple for cybercriminals to get access. In other instances, people design insecure passwords that are easy to crack. The results of the experiments show that the method outperforms other similar strategies in terms of identification and wrong alarms. Checking your alarm system’s functionality both locally and in terms of its connection to the monitoring centre is why you do it. Make sure your alarm system is working properly by checking it on a regular basis. It is recommended that you do system tests at least once every three months. The experimental analysis of IoT-CTIS outperforms the method in terms of accuracy (90%), precision (90%), F-measure (88%), Re-call (90%), RMSE (15%), MSE (5%), TPR (89%), TNR (8%), FRP (89%), FNR (8%), Security (93%), MCC (92%).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Cyber Security and Mobility Computer Science-Computer Networks and Communications

CiteScore

2.30

自引率

0.00%

发文量

期刊介绍： Journal of Cyber Security and Mobility is an international, open-access, peer reviewed journal publishing original research, review/survey, and tutorial papers on all cyber security fields including information, computer & network security, cryptography, digital forensics etc. but also interdisciplinary articles that cover privacy, ethical, legal, economical aspects of cyber security or emerging solutions drawn from other branches of science, for example, nature-inspired. The journal aims at becoming an international source of innovation and an essential reading for IT security professionals around the world by providing an in-depth and holistic view on all security spectrum and solutions ranging from practical to theoretical. Its goal is to bring together researchers and practitioners dealing with the diverse fields of cybersecurity and to cover topics that are equally valuable for professionals as well as for those new in the field from all sectors industry, commerce and academia. This journal covers diverse security issues in cyber space and solutions thereof. As cyber space has moved towards the wireless/mobile world, issues in wireless/mobile communications and those involving mobility aspects will also be published.