Please use this identifier to cite or link to this item: https://doi.org/10.1109/JIOT.2021.3055937
DC FieldValue
dc.titleADEPT: Detection and Identification of Correlated Attack Stages in IoT Networks
dc.contributor.authorSudheera, KLK
dc.contributor.authorDivakaran, DM
dc.contributor.authorSingh, RP
dc.contributor.authorGurusamy, M
dc.date.accessioned2021-07-26T01:44:09Z
dc.date.available2021-07-26T01:44:09Z
dc.date.issued2021-04-15
dc.identifier.citationSudheera, KLK, Divakaran, DM, Singh, RP, Gurusamy, M (2021-04-15). ADEPT: Detection and Identification of Correlated Attack Stages in IoT Networks. IEEE Internet of Things Journal 8 (8) : 65916607. ScholarBank@NUS Repository. https://doi.org/10.1109/JIOT.2021.3055937
dc.identifier.issn2327-4662
dc.identifier.urihttps://scholarbank.nus.edu.sg/handle/10635/194969
dc.description.abstractThe fast-growing Internet-of-Things (IoT) market has opened up a large threat landscape, given the wide deployment of IoT devices in both consumer and commercial spaces. Attacks on IoT devices generally consist of multiple stages and are dispersed spatially and temporally. These characteristics make it challenging to detect and identify the attack stages using solutions that tend to be localized in space and time. In this work, we present Adept, a distributed framework to detect and identify the individual attack stages in a coordinated attack. Adept works in three phases. First, network traffic of IoT devices is processed locally for detecting anomalies with respect to their benign profiles. Any alert corresponding to a potential anomaly is sent to a security manager, where aggregated alerts are mined, using frequent itemset mining (FIM), for detecting patterns correlated across both time and space. Finally, using both alert-level and pattern-level information as features, we employ a machine learning approach to identify individual attack stages in the generated alerts. We carry out extensive experiments, with emulated and realistic network traffic; the results demonstrate the effectiveness of the proposed framework in terms of its ability in attack-stage detection and identification.
dc.publisherInstitute of Electrical and Electronics Engineers (IEEE)
dc.sourceElements
dc.typeArticle
dc.date.updated2021-07-25T03:18:28Z
dc.contributor.departmentDEPT OF COMPUTER SCIENCE
dc.contributor.departmentDEPT OF ELECTRICAL & COMPUTER ENGG
dc.description.doi10.1109/JIOT.2021.3055937
dc.description.sourcetitleIEEE Internet of Things Journal
dc.description.volume8
dc.description.issue8
dc.description.page65916607
dc.published.statePublished
Appears in Collections:Staff Publications
Elements

Show simple item record
Files in This Item:
File Description SizeFormatAccess SettingsVersion 
ADEPT-preprint-2020.pdf8.5 MBAdobe PDF

CLOSED

Post-print
IEEE_IoT_Journal_2020___Revision_1___No_Highlights (1).pdf8.5 MBAdobe PDF

OPEN

Post-printView/Download

SCOPUSTM   
Citations

3
checked on Aug 6, 2022

Page view(s)

127
checked on Aug 4, 2022

Download(s)

4
checked on Aug 4, 2022

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.