An Adaptive Scalable Data Pipeline for Multiclass Attack Classification in Large-Scale IoT Networks  

在线阅读下载全文

作  者:Selvam Saravanan Uma Maheswari Balasubramanian 

机构地区:[1]Department of Computer Science and Engineering,Amrita School of Computing,Amrita Vishwa Vidyapeetham,Bengaluru 560035,India

出  处:《Big Data Mining and Analytics》2024年第2期500-511,共12页大数据挖掘与分析(英文)

摘  要:The current large-scale Internet of Things(IoT)networks typically generate high-velocity network traffic streams.Attackers use IoT devices to create botnets and launch attacks,such as DDoS,Spamming,Cryptocurrency mining,Phishing,etc.The service providers of large-scale IoT networks need to set up a data pipeline to collect the vast network traffic data from the IoT devices,store it,analyze it,and report the malicious IoT devices and types of attacks.Further,the attacks originating from IoT devices are dynamic,as attackers launch one kind of attack at one time and another kind of attack at another time.The number of attacks and benign instances also vary from time to time.This phenomenon of change in attack patterns is called concept drift.Hence,the attack detection system must learn continuously from the ever-changing real-time attack patterns in large-scale IoT network traffic.To meet this requirement,in this work,we propose a data pipeline with Apache Kafka,Apache Spark structured streaming,and MongoDB that can adapt to the ever-changing attack patterns in real time and classify attacks in large-scale IoT networks.When concept drift is detected,the proposed system retrains the classifier with the instances that cause the drift and a representative subsample instances from the previous training of the model.The proposed approach is evaluated with the latest dataset,IoT23,which consists of benign and several attack instances from various IoT devices.Attack classification accuracy is improved from 97.8%to 99.46%by the proposed system.The training time of distributed random forest algorithm is also studied by varying the number of cores in Apache Spark environment.

关 键 词:Internet of Things(IoT) concept drift Apache Spark MONGODB Apache Kafka STREAMING 

分 类 号:TP311.13[自动化与计算机技术—计算机软件与理论] TP309[自动化与计算机技术—计算机科学与技术] Q811.4[生物学—生物工程]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象