شناسایی ترافیک بدخواه در زیرساخت اینترنت اشیاء با استفاده از شبکه عصبی و یادگیری عمیق

نوع مقاله : مقاله پژوهشی

نویسندگان

1 کارشناسی ارشد، دانشگاه جامع امام حسین (ع)، تهران، ایران

2 مربی، دانشگاه جامع امام حسین (ع)، تهران، ایران

چکیده

اینترنت اشیاء شبکه‌ای از دستگاه‌ها و تجهیزات فیزیکی دربردارنده حسگرها، نرم‌افزارها و سایر فناوری‌ها به‌منظور تبادل داده با سایر دستگاه‌ها و سامانه‌ها از طریق اینترنت است. گسترش اینترنت اشیاء در حوزه‌های بهداشت و درمان هوشمند، کشاورزی هوشمند، شهر هوشمند، خانه هوشمند و سایر حوزه‌ها انقلابی در زندگی بشر ایجاد کرده است. با توجه به اهمیت اینترنت اشیاء شناسایی ناهنجاری و ترافیک مخرب در آن برای حفظ حریم خصوصی، پایداری شبکه و مسدودسازی رفتارهای ناخواسته ضروری است. به دلیل خاصیت محدودیت منابع در دستگاه‌های اینترنت اشیاء، شیوه‌های سنتی نمی‌توانند مستقیماً برای ایمن‌سازی دستگاه‌ها و شبکه اینترنت اشیاء مورداستفاده قرار گیرند. برای رفع این مشکل یک روش شناسایی مبتنی بر شبکه‌های عصبی مصنوعی و یادگیری عمیق برای شناسایی ناهنجاری و ترافیک مخربی که هیچ‌گونه اطلاعات از پیش تعیین‌شده‌ای درباره آن‌ها وجود ندارد، توسعه داده‌شده است. مجموعه داده‌های مورداستفاده در این روش ترکیبی از ترافیک مخرب و سالم جمع‌آوری‌شده از منابع مرتبط و استخراج ویژگی به‌صورت دستی است. شبکه عصبی مصنوعی عمیق بر روی مجموعه داده و پیش‌پردازش شده اعمال گردید و نتایج حاصل با برخی از الگوریتم‌های یادگیری ماشین مرسوم مورد بررسی قرار گرفت. نتایج به دست آمده نشان می‌دهد که مدل طراحی‌شده با استفاده از شبکه عصبی و یادگیری عمیق قادر به شناسایی ناهنجاری و ترافیک بدخواه در شبکه اینترنت اشیاء با نرخ صحت بیش از 98.9% و نرخ دقت 99.3% است. علاوه بر این، سرعت شناسایی در مقایسه با الگوریتم‌های یادگیری ماشین 1.7 برابر سریع‌تر است.

کلیدواژه‌ها


عنوان مقاله [English]

Identify malicious traffic on IoT infrastructure using neural networks and deep learning

نویسندگان [English]

  • hamid tanha 1
  • mostafa abbasi 2
1 Master's degree, Imam Hossein University (AS), Tehran, Iran
2 Instructor, Imam Hossein (AS) University, Tehran, Iran
چکیده [English]

The Internet of Things is a network of physical devices and equipment that includes sensors, software, and other technologies for exchanging data with other devices and systems over the Internet. The spread of the Internet of Things in the fields of smart health, smart agriculture, smart city, smart home, has revolutionized human life. Given the importance of the Internet of Things, identifying anomalies and malicious traffic is essential to maintaining privacy, network stability, and blocking unwanted behaviors. Due to the limited resources on IoT devices, traditional methods cannot be used directly to secure IoT devices and networks. To solve this problem, an artificial neural network-based identification method and in-depth learning has been developed to identify malformations and malicious traffic about which there is no predefined information. The data set used in this method is a combination of malicious and healthy traffic collected from related sources and feature extraction manually. Deep artificial neural network was applied to the data set and preprocessed and the results were analyzed with some conventional machine learning algorithms. The results show that the model designed using neural network and deep learning is able to detect anomalies and malicious traffic in the Internet of Things with an accuracy rate of more than 98.9% and an accuracy rate of 99.3%. In addition, the detection speed is 1.7 times faster than machine learning algorithms.

کلیدواژه‌ها [English]

  • IoT
  • malware
  • network traffic
  • feature extraction
  • artificial neural network
  • deep learning

Smiley face

[1]    B. Kaur and V. Dhir, “Internet of things: Vision, challenges and future scope,” Int. J. Adv. Res. Comput. Sci., vol. 8, no. 4, pp. 40–43, 2017.
[2]    T. Fougeroux, A. Douyere, P. O. L. de Peslouan, N. Murad, S. Oree, and J.-L. Dubard, “Circuit Model of Rectennas Array for Estimating Microwave Energy Harvesting in Presence of Mutual Coupling Between Elements,” in 10ième Journées Nationales sur la Récupération et le Stockage de l’Energie (JNRSE 2021), 2021, p. 2.
[3]    “Internet of Things Report.” https://www.businessinsider.com/internet-of-things-report (accessed Nov. 13, 2021).
[4]    “Things just got real: 61% of businesses already use IoT platforms despite security risks | Kaspersky.” https://www.kaspersky.com/about/press-releases/2020_things-just-got-real-61-of-businesses-already-use-iot-platforms-despite-security-risks (accessed Nov. 13, 2021).
[5]    J. Deogirikar and A. Vidhate, “Security attacks in IoT: A survey,” in 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2017, pp. 32–37.
[6]    C. McCormack, “Five stages of a web malware attack.” Abingdon. Retrieved from https://www. sophos. com/en-us/medialibrary/Gated …, 2016.
[7]    A. Kumar and T. J. Lim, “EDIMA: early detection of IoT malware network activity using machine learning techniques,” in 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), 2019, pp. 289–294.
[8]    I. Hafeez, M. Antikainen, A. Y. Ding, and S. Tarkoma, “IoT-KEEPER: Detecting malicious IoT network activity using online traffic analysis at the edge,” IEEE Trans. Netw. Serv. Manag., vol. 17, no. 1, pp. 45–59, 2020.
[9]    A. Sivanathan, “Iot behavioral monitoring via network traffic analysis,” arXiv Prepr. arXiv2001.10632, 2020.
[10]  A. Kumar and T. J. Lim, “Early detection of Mirai-like IoT bots in large-scale networks through sub-sampled packet traffic analysis,” in Future of Information and Communication Conference, 2019, pp. 847–867.
[11]  B. Wang, Y. Dou, Y. Sang, Y. Zhang, and J. Huang, “IoTCMal: Towards a hybrid IoT honeypot for capturing and analyzing malware,” in ICC 2020-2020 IEEE International Conference on Communications (ICC), 2020, pp. 1–7.
[12]  O. I. Abiodun, A. Jantan, A. E. Omolara, K. V. Dada, N. A. Mohamed, and H. Arshad, “State-of-the-art in artificial neural network applications: A survey,” Heliyon, vol. 4, no. 11, p. e00938, 2018.
[13]  S. Chatterjee, S. Sarkar, S. Hore, N. Dey, A. S. Ashour, and V. E. Balas, “Particle swarm optimization trained neural network for structural failure prediction of multistoried RC buildings,” Neural Comput. Appl., vol. 28, no. 8, pp. 2005–2016, 2017.
[14]  M. Skowron, M. Wolkiewicz, T. Orlowska-Kowalska, and C. T. Kowalski, “Effectiveness of selected neural network structures based on axial flux analysis in stator and rotor winding incipient fault detection of inverter-fed induction motors,” Energies, vol. 12, no. 12, p. 2392, 2019.
[15]  Q. Li et al., “A Novel High-Speed and High-Accuracy Mathematical Modeling Method of Complex MEMS Resonator Structures Based on the Multilayer Perceptron Neural Network,” Micromachines, vol. 12, no. 11, p. 1313, 2021.
[16]  U. Orhan, M. Hekim, and M. Ozer, “EEG signals classification using the K-means clustering and a multilayer perceptron neural network model,” Expert Syst. Appl., vol. 38, no. 10, pp. 13475–13481, 2011.
[17]  W. Hardy, L. Chen, S. Hou, Y. Ye, and X. Li, “DL4MD: A deep learning framework for intelligent malware detection,” in Proceedings of the International Conference on Data Science (ICDATA), 2016, p. 61.
[18]  D. Utomo, “Stock price prediction using back propagation neural network based on gradient descent with momentum and adaptive learning rate,” J. Internet Bank. Commer., vol. 22, no. 3, pp. 1–16, 2017.
[19]  A. Qayyum, S. M. Anwar, M. Awais, and M. Majid, “Medical image retrieval using deep convolutional neural network,” Neurocomputing, vol. 266, pp. 8–20, 2017.
[20]   mohammadreza mohammadrezaei, “Detecting Fake Accounts on Social networks using Principal Components Analysis and Algorithm Kernel Density Estimation (A case study on the Twitter social network),” Electron. Cyber Def., 2021, [Online]. Available: https://ecdj.ihu.ac.ir/article_205996.html
[21]  M. Karami and M. Mosleh, “Providing a behavioral malware detection system based on the function of hardware counters using a neural network optimized with a dragonfly algorithm,” Electron. Cyber Def., vol. 9, no. 2, pp. 9–16, 2021, [Online]. Available: https://ecdj.ihu.ac.ir/article_205749.html
[22]  K. D. T. Nguyen, T. M. Tuan, S. H. Le, A. P. Viet, M. Ogawa, and N. Le Minh, “Comparison of three deep learning-based approaches for IoT malware detection,” in 2018 10th international conference on Knowledge and Systems Engineering (KSE), 2018, pp. 382–388.
[23]  S. Baek, J. Jeon, B. Jeong, and Y.-S. Jeong, “Two-stage hybrid malware detection using deep learning,” Human-centric Comput. Inf. Sci., vol. 11, no. 27, pp. 10–22967, 2021.
[24]  A. Azmoodeh, A. Dehghantanha, and K.-K. R. Choo, “Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning,” IEEE Trans. Sustain. Comput., vol. 4, no. 1, pp. 88–95, 2018.
[25]  H. Yu, D. C. Samuels, Y. Zhao, and Y. Guo, “Architectures and accuracy of artificial neural network for disease classification from omics data,” BMC Genomics, vol. 20, no. 1, pp. 1–12, 2019.
[26]  S. Ni, Q. Qian, and R. Zhang, “Malware identification using visualization images and deep learning,” Comput. Secur., vol. 77, pp. 871–885, 2018.
[27]  S. Arvinth, A. Balakrishnan, M. Harikrishnan, and J. Jeydheepan, “WEED DETECTION USING CONVOLUTION NEURAL NETWORK”, 2021.
[28]  V. Sze, Y.-H. Chen, T.-J. Yang, and J. S. Emer, “Efficient processing of deep neural networks: A tutorial and survey,” Proc. IEEE, vol. 105, no. 12, pp. 2295–2329, 2017.
[29]  D. Perna, “Convolutional neural networks learning from respiratory data,” in 2018 IEEE International Conference on Bioinformatics and Biomedicine (BIBM), 2018, pp. 2109–2113.
[30]  C. Modarres, N. Astorga, E. L. Droguett, and V. Meruane, “Convolutional neural networks for automated damage recognition and damage type identification,” Struct. Control Heal. Monit., vol. 25, no. 10, p. e2230, 2018.
[31]  A. Wani and S. Revathi, “Ransomware protection in loT using software defined networking,” Int. J. Electr. Comput. Eng., vol. 10, no. 3, pp. 3166–3175, 2020.
[32]  N. Guizani and A. Ghafoor, “A network function virtualization system for detecting malware in large IoT based networks,” IEEE J. Sel. Areas Commun., vol. 38, no. 6, pp. 1218–1228, 2020.
[33]  “The Bot-IoT Dataset | UNSW Research.” https://research.unsw.edu.au/projects/bot-iot-dataset (accessed Nov. 13, 2021).
[34]  T. N. Phu, K. H. Dang, D. N. Quoc, N. T. Dai, and N. N. Binh, “A novel framework to classify malware in mips architecture-based iot devices,” Secur. Commun. Networks, vol. 2019, 2019.
[35]  F. Ding et al., “DeepPower: Non-intrusive and deep learning-based detection of IoT malware using power side channels,” in Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, 2020, pp. 33–46.
[36]  S. Elhadi, A. Marzak, N. Sael, and S. Merzouk, “Comparative study of IoT protocols,” Smart Appl. Data Anal. Smart Cities, 2018.
[37]  S. Zamfir, T. Balan, I. Iliescu, and F. Sandu, “A security analysis on standard IoT protocols,” in 2016 international conference on applied and theoretical electricity (ICATE), 2016, pp. 1–6.
[38]  A. Parmisano, S. Garcia, and M. J. Erquiaga, “A labeled dataset with malicious and benign iot network traffic,” Stratos. Lab. Praha, Czech Repub., 2020.
[39]         M. Toğaçar, B. Ergen, and Z. Cömert, “Detection of lung cancer on chest CT images using minimum redundancy maximum relevance feature selection method with convolutional neural networks,” Biocybern. Biomed. Eng., vol. 40, no. 1, pp. 23–39, 2020.
دوره 11، شماره 2 - شماره پیاپی 42
شماره پیاپی 42، فصلنامه تابستان
تیر 1402
صفحه 1-13
  • تاریخ دریافت: 06 آذر 1400
  • تاریخ بازنگری: 27 دی 1401
  • تاریخ پذیرش: 27 اردیبهشت 1402
  • تاریخ انتشار: 01 تیر 1402