Извините, этот техт доступен только в “Американский Английский”. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.
METRIC CHARACTERISTICS OF ANOMALOUS TRAFFIC DETECTION IN INTERNET OF THINGS
Tatyana M. Tatarnikova, St. Petersburg State University of Aerospace Instrumentation, St. Petersburg, Russia, tm-tatarn@yandex.ru
Pavel Yu. Bogdanov, St. Petersburg State University of Aerospace Instrumentation, St. Petersburg, Russia, 45bogdanov@gmail.com
Abstract
The urgent problem of timely detection of abnormal traffic in the Internet of Things networks, which wastes the energy of sensor devices, is discussed. Anomalous traffic means traffic that contains malicious software that implements an attacking effect on the nodes of the Internet of Things. Timely detection of abnormal traffic contributes to the preservation of the service life and, accordingly, the performance of the services provided by the Internet of Things. The subject of this research is the application of metric characteristics to detect abnormal traffic in the Internet of Things networks. The aim of the work is to propose a system of metrics that allow registering signatures of individual sensor devices or patterns of their behavior and assessing the mode of operation of individual network segments. Since the Internet of Things is built on a hierarchical basis — from a wireless sensor network to a global network, the attack detection system covers all levels — from a sensor device to a global cloud. Detection of abnormal traffic both in the wireless sensor network and at the level of wired networks — local and global — is implemented using metrics. A metric is a qualitative or quantitative indicator that reflects one or another characteristic of the functioning of an infocommunication network. Analysis of the sources showed the lack of systematization of metric characteristics for the Internet of Things networks. Research findings include: a description of the elements that make up the IoT ecosystem; layered model of the architecture of the Internet of things; an abnormal traffic detection metrics system containing a wide range of predictive, diagnostic and retrospective metrics. The proposed system of metrics can be used to build intrusion detection systems in IoT networks.
Keywords: internet of things, wireless sensor network, energy, abnormal traffic, network attack, attack detection system, metric, signature, regular behavior.
References
1. R.V. Kirichek, A.I. Paramonov, A.V. Prokop’yev, A.Ye. Kucheryavyy (2014). Evolution of research in the field of wireless sensor networks. Information technologies and telecommunications, no. 4 (8), pp. 29-41. (In Russian)
2. V.Yu. Kneller (2010). «Instrument cloud» – the concept of functioning of sensor systems based on Internet technology. Sensors and systems, no. 8, pp. 66-69. (In Russian)
3. Internet of things and machine-to-machine communications. Overview of the situation in Russia and the world. Mobile telecommunications, no. 7, 2013, pp. 26-28. (In Russian)
4. L.S. Voskov, N.A. Pilipenko (2013). Web of things – a new stage in the development of the Internet of things. Quality. Innovation. Education, no. 2, pp. 44-49. (In Russian)
5. T.M. Tatarnikova, P.Yu. Bogdanov, E.V. Kraeva (2020). Smart home security proposals based on assessment of consumption resources. Problems of information security. Computer systems, no 4, pp. 88-94. (In Russian)
6. P. Lee (2018). Internet of Things for Architects. Packt Publ., Birmingham – Mumbai, 524 p.
7. T.M. Tatarnikova (2017). Analytical-Statistical Model of Mesh Network Survivability Evaluation. Information and control systems, vol. 1(86), pp. 17-22, DOI: 10.15217/issnl684-8853.2017.1.17
8. T. Tatarnikova, P. Bogdanov, E. Kraeva, S. Stepanov, A. Sidorenko (2021). Detection of network attacks by deep learning method. Journal of Physics: Conference Series, 1901(1), pp. 012051, DOI 10.1088/1742-6596/1901/1/01205
9. T.M.Tatarnikova, F. Bimbetov, P.Yu. Bogdanov (2021). Detection of network traffic anomalies by deep learning. Izvestia SPbGETU LETI, no. 4, pp. 36-41 (In Russian)
10. V. Jyоthsnа, V.V.R. Рrаsаd (2011). А Rеviеw оf Аnоmаlу Ваsеd Intrusiоn Dеtеctiоn Sуstеms. Intеrnаtiоnаl Jоurnаl оf Cоmputеr Аррlicаtiоns, vоl. 28, nо. 7, pp. 26-35.
11. М. Gуanchаndаni, J.L. Rаnа, R.N. Yаdаv (2012). Tаxоnоmу оf Anоmаl Bаsеd Intrusiоn Dеtесtiоn Sуstеm: А Rеviеw. Intеrnаtiоnаl Jоurnаl оf Sciеntifiс аnd Rеsеаrch Publicсtiоns, vоl., 2., issuе 12, pp. 1-13.
12. W. Lее, D. Хiang (2001). Infоrmаtiоn-thеorеtiс mеasurеs fоr аnоmаlу dеtесtiоn. Sесuritу аnd Privаcу, pp. 130-143.
13. Т.М. Tatarnikova, А.М. Zhuravlev (2018). A neural network method for detecting malicious programs on the Android platform. Software & Systems, no. 3, pp. 543-547, DOI: 10.15827/0236-235X.031.3.543-547. (In Russian)
14. E.V. Palchevsky, O.I. Christodulo (2019). Development of a self-learning method for a pulsed neural network to protect against DDoS attacks. Software & Systems, vol. 32, no. 3, pp. 419-432. DOI: 10.15827 / 0236-235X.127.419-432 (In Russian)
15. E.O. Safronova, G.A. Zhuk (2019). Application of artificial neural networks for predicting DoS attacks. Young Scientist, no. 23, pp. 27-30. (In Russian)
Information about authors:
Tatyana M. Tatarnikova, St. Petersburg State University of Aerospace Instrumentation, Department of Information and Communication Systems,
Doctor of Technical Sciences, Professor, St. Petersburg, Russia
Pavel Yu. Bogdanov, St. Petersburg State University of Aerospace Instrumentation, Department of Information and Communication Systems, senior lecturer,
St. Petersburg, Russia