Learning autoencoder ensembles for detecting malware hidden communications in IoT ecosystems-Reference-Cited by-同舟云学术

Learning autoencoder ensembles for detecting malware hidden communications in IoT ecosystems

Published:2023-11-03 Issue: Volume: Page:
ISSN:0925-9902
Container-title:Journal of Intelligent Information Systems
language:en
Short-container-title:J Intell Inf Syst

Author:

Cassavia Nunziato,Caviglione Luca,Guarascio Massimo,Liguori Angelica,Zuppelli Marco

Abstract

AbstractModern IoT ecosystems are the preferred target of threat actors wanting to incorporate resource-constrained devices within a botnet or leak sensitive information. A major research effort is then devoted to create countermeasures for mitigating attacks, for instance, hardware-level verification mechanisms or effective network intrusion detection frameworks. Unfortunately, advanced malware is often endowed with the ability of cloaking communications within network traffic, e.g., to orchestrate compromised IoT nodes or exfiltrate data without being noticed. Therefore, this paper showcases how different autoencoder-based architectures can spot the presence of malicious communications hidden in conversations, especially in the TTL of IPv4 traffic. To conduct tests, this work considers IoT traffic traces gathered in a real setting and the presence of an attacker deploying two hiding schemes (i.e., naive and “elusive” approaches). Collected results showcase the effectiveness of our method as well as the feasibility of deploying autoencoders in production-quality IoT settings.

Funder

Università della Calabria

Publisher

Springer Science and Business Media LLC

Subject

Artificial Intelligence,Computer Networks and Communications,Hardware and Architecture,Information Systems,Software

Link

https://link.springer.com/content/pdf/10.1007/s10844-023-00819-8.pdf

Reference53 articles.

1. Abderrahim, N.Y.Q., Abderrahim, S., Rida, A. (2020). Road segmentation using u-net architecture. In 2020 IEEE international conference of moroccan geomatics (Morgeo) (pp. 1–4). https://doi.org/10.1109/Morgeo49228.2020.9121887

2. Ahmad, Z., Shahid Khan, A., Wai Shiang, C., et al. (2021). Network intrusion detection system: a systematic study of machine learning and deep learning approaches. Trans on Emerging Telecommunications Technologies 32(1):e4150:1–e4150:29. https://doi.org/10.1002/ett.4150

3. Alcaraz C, Bernieri G, Pascucci F, et al. (2019). Covert channels-based stealth attacks in industry 4.0. IEEE Systems Journal 13(4):3980–3988. https://doi.org/10.1109/JSYST.2019.2912308

4. Angiulli, F., Fassetti, F., Manco, G., et al. (2017). Outlying property detection with numerical attributes. Data Mining and Knowledge Discovery, 31(1), 134–163. https://doi.org/10.1007/s10618-016-0458-x

5. Antonakakis, M., April, T., Bailey, M., et al. (2017). Understanding the Mirai Botnet. In 26th USENIX security symposium (pp. 1093–1110)

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Special issue on intelligent systems;Journal of Intelligent Information Systems;2024-07-30

2. A Few to Unveil Them All: Leveraging Mixture of Experts on Minimal Data for Detecting Covert Channels in Containerized Cloud Infrastructures;2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW);2024-07-08