Authors: Naoto Watanabe, Taku Yamazaki, Takumi Miyoshi, Ryo Yamamoto, Masataka Nakahara, Norihiro Okui, Ayumu Kubota

Published on: March 05, 2024

Impact Score: 7.8

Arxiv code: Arxiv:2403.02744

Summary

• What is new: A novel approach for ensuring IoT device security, capable of adapting in real time to evolving cyberattacks, including unknown ones.
• Why this is important: Increasing cyberattacks on IoT devices due to vulnerabilities and the challenge of continuously updating and managing device security.
• What the research proposes: A self-adaptive anomaly detection system that uses a honeypot server to generate an anomaly detection model from real-time traffic, which a gateway then uses to filter anomalous traffic.
• Results: The system effectively adapts to unknown attacks, reflecting pattern changes in traffic, proven through three experiments with virtual and real-time traffic, including a public malware dataset.

Technical Details

Technological frameworks used: Self-adaptive anomaly detection system with a honeypot server and a gateway for filtering.

Models used: Anomaly detection model generated adaptively using real-time traffic.

Data used: Pre-captured traffic data from various regions and a public dataset containing traffic generated by malware.

Potential Impact

IoT device manufacturers and cybersecurity solutions providers could benefit from this approach, potentially impacting the home automation, industrial IoT, and smart city sectors.

Want to implement this idea in a business?

We have generated a startup concept here: SecureIoT.