Detecção de anomalias em internet das coisas: uma abordagem utilizando análise de quantificação de recorrência
| Ano de defesa: | 2020 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal de Santa Maria
Brasil Ciência da Computação UFSM Programa de Pós-Graduação em Ciência da Computação Centro de Tecnologia |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | http://repositorio.ufsm.br/handle/1/22286 |
Resumo: | Internet of Things environments are the target of a large number of cyber attacks, mainly due to the simplicity of design of the equipment involved and the vulnerabilities resulting from this. According to the literature, traditional security solutions are not effective for IoT networks and it is necessary to develop new techniques and models for security. The security solutions that have been proposed in the literature mostly use Machine Learning techniques, deal with the traffic of the IoT environment in an aggregated way and are linked to specific applications and technologies. Solutions capable of dealing with the heterogeneous characteristics and behaviors of IoT environments are still a challenge. This work proposes a method for the detection and identification of anomalous devices, through the segmentation of the IoT environment in device classes and the use, on these classes, of the technique of quantitative analysis of recurrence in conjunction with an adaptive classifier. For the validation process, the method was used in two scenarios of IoT networks, one scenario analyzing traffic in an aggregate manner and the other scenario with traffic treated in a continued manner according to the behavioral classes (both scenarios with malware and DDoS attacks). For the purpose of comparing the classification capacity, two other methods were implemented and executed (in segmented and aggregated scenarios). The series of experiments carried out demonstrates the benefits of treating traffic in a segmented manner, as well as the high rate of accuracy and precision achieved by the proposed method, where a rate of 91.66% accuracy was achieved for the AIDA method in an environment segmented and 68% accuracy when used in an aggregate environment, in relation to the other tested methods, AIDA is superior and the difference in accuracy varies from 0.55% to 37.24% (aggregate) and 19 , 26% to 37.82% (segmented). |