More Web Proxy on the site http://driver.im/

short-paper

Open access

IoT dataset generation framework for evaluating anomaly detection mechanisms

Authors:

Andreas Meyer-Berg,

Max MühlhäuserAuthors Info & Claims

ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

Article No.: 30, Pages 1 - 6

https://doi.org/10.1145/3407023.3407036

Published: 25 August 2020 Publication History

Abstract

Machine learning based anomaly detection mechanisms are a promising tool to detect and protect networks from previously unknown attacks. The quality of those mechanisms strongly depends on the availability of large amounts of data for their training and evaluation. However, suitable datasets are scarce, as they are rarely shared by those who possess them. This impedes progress in the development and deployment of sophisticated machine learning mechanisms. This paper aims to accelerate this thwarted development process by introducing a network simulation framework for training-data generation and evaluation of data-driven mechanisms, like anomaly detection approaches. The framework enables training, testing, and evaluating data-driven approaches in a safe and extensible environment prior to their deployment in real-world systems. We showcase the capabilities of the framework in a case study. For this, a smart home network is modeled and simulated within the framework. The generated data is used to train an anomaly detection approach, which is then used to detect various anomalies introduced by attacks on the network. This ability to train and evaluate data-driven algorithms within the framework allows users to accelerate the otherwise time-consuming cycle of deploying, modifying, and re-training in live environments, which ultimately advances the development of novel anomaly detection approaches.

References

[1]

Cisco Networking Academy. 2019. Cisco Packet Tracer. Retrieved 14th April 2020 from https://www.netacad.com/courses/packet-tracer

[2]

Nasser Alshammari, Talal Alshammari, Mohamed Sedky, Justin Champion, and Carolin Bauer. 2017. OpenSHS: Open Smart Home Simulator. Sensors 17, 5 (2017).

[3]

Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J Alex Halderman, Luca Invernizzi, Michalis Kallitsis, et al. 2017. Understanding the mirai botnet. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1093--1110.

[4]

Pat Bosshart, Dan Daly, Glen Gibb, Martin Izzard, Nick McKeown, Jennifer Rexford, Cole Schlesinger, Dan Talayco, Amin Vahdat, George Varghese, and David Walker. 2014. P4: Programming Protocol-independent Packet Processors. SIGCOMM Comput. Commun. Rev. 44, 3 (July 2014), 87--95.

Digital Library

[5]

Kevin Bouchard, Amir Ajroud, Bruno Bouchard, and Abdenour Bouzouane. 2010. SIMACT: A 3D Open Source Smart Home Simulator for Activity Recognition. In Advances in Computer Science and Information Technology, Tai-hoon Kim and Hojjat Adeli (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 524--533.

[6]

Julien Bruneau, Wilfried Jouve, and Charles Consel. 2009. DiaSim: A Parameterized Simulator for Pervasive Computing Applications. In 6th International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (Mobiquitous'09). IEEE, Toronto, Canada. https://hal.inria.fr/inria-00403421

[7]

Varun Chandola, Arindam Banerjee, and Vipin Kumar. 2009. Anomaly detection: A survey. ACM computing surveys (CSUR) 41, 3 (2009), 15.

Digital Library

[8]

Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Nikolay Milanov, Christian Koch, David Hausheer, and Max Mühlhäuser. 2015. ID2T: a DIY dataset creation toolkit for Intrusion Detection Systems. In 2015 IEEE Conference on Communications and Network Security (CNS). IEEE, 739--740.

[9]

Chengze Fan, Jun Bi, Yu Zhou, Cheng Zhang, and Haisu Yu. 2017. NS4: A P4-driven Network Simulator. 105--107.

Digital Library

[10]

Ostinato Packet Generator. 2019. Ostinato Packet Generator. Retrieved 14th April 2020 from https://ostinato.org

[11]

Abdelsalam Helal, Jaewoong Lee, Shantonu Hossain, Eunju Kim, Hani Hagras, and Diane J. Cook. 2011. Persim - Simulator for Human Activities in Pervasive Spaces. 2011 Seventh International Conference on Intelligent Environments (2011), 192--199.

[12]

S Mehta, KS Kwak, and Najnin Sulatan. 2010. Network and system simulation tools for next generation networks: a case study. INTECH Open Access Publisher.

[13]

Gerhard Münz, Sa Li, and Georg Carle. 2007. Traffic Anomaly Detection Using KMeans Clustering. In In GI/ITG Workshop MMBnet.

[14]

Nam: Network Animator 2002. Nam: Network Animator. Retrieved 14th April 2020 from https://www.isi.edu/nsnam/nam/

[15]

Network Simulator 2 2011. The Network Simulator - ns-2. Retrieved 14th April 2020 from http://nsnam.sourceforge.net/wiki/index.php/User_Information

[16]

Hiroshi Nishikawa, Shinya Yamamoto, Morihiko Tamai, Kouji Nishigaki, Tomoya Kitani, Naoki Shibata, Keiichi Yasumoto, and Minoru Ito. 2006. UbiREAL: Realistic Smartspace Simulator for Systematic Testing. In UbiComp 2006: Ubiquitous Computing, Paul Dourish and Adrian Friday (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 459--476.

[17]

Sutharshan Rajasegarar, Christopher Leckie, and Marimuthu Palaniswami. 2008. Anomaly detection in wireless sensor networks. IEEE Wireless Communications 15, 4 (2008), 34--40.

Digital Library

[18]

George F. Riley and Thomas R. Henderson. 2010. The ns-3 Network Simulator. Springer Berlin Heidelberg, Berlin, Heidelberg, 15--34.

[19]

Avneet Kaur Saluja, Sweta A Dargad, and Krupali Mistry. 2017. A Detailed Analogy of Network Simulators - NS1, NS2, NS3 and NS4. http://www.ijfrcsce.org. International Journal on Future Revolution in Computer Science & Communication Engineering 3 (2017), 291--295.

[20]

SimpleSoft. 2019. Simple IoT Simulator by SimpleSoft. Retrieved 14th April 2020 from http://www.smplsft.com/SimpleIoTSimulator.html

[21]

Smart Home Network Simulator [n. d.]. Smart Home Network Simulator. https://anonymous.4open.science/r/360add55-49f8-40ba-b6c6-91a2dfebcfe5/. Online; accessed 14th April 2020.

[22]

Jonathan Synnott, Chris Nugent, and Paul Jeffers. 2015. Simulation of Smart Home Activity Datasets. Sensors 15, 6 (2015), 14162--14179.

[23]

Tetcos. 2019. NetSim. Retrieved 14th April 2020 from https://tetcos.com/

[24]

Chih-Fong Tsai, Yu-Feng Hsu, Chia-Ying Lin, and Wei-Yang Lin. 2009. Intrusion detection by machine learning: A review. expert systems with applications 36, 10 (2009), 11994--12000.

[25]

András Varga and Rudolf Hornig. 2008. An overview of the OMNeT++ simulation environment. In Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops. ICST (Institute for Computer Sciences, Social-Informatics and ..., 60.

[26]

C. Welsh. 2013. GNS3 Network Simulation Guide. Packt Publishing. https://books.google.de/books?id=RcgUngEACAAJ

[27]

Ian H. Witten, Eibe Frank, Mark A. Hall, and Christopher J. Pal. 2016. Data Mining, Fourth Edition: Practical Machine Learning Tools and Techniques (4th ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.

Digital Library

Cited By

DeMedeiros KHendawi AAlvarez M(2023)A Survey of AI-Based Anomaly Detection in IoT and Sensor NetworksSensors10.3390/s2303135223:3(1352)Online publication date: 25-Jan-2023
https://doi.org/10.3390/s23031352
Darra YGupta HDeogirikar ADeshpande S(2023)Sensor Profiling and Automated Quality Checks on Sensor Data2023 IEEE Technology & Engineering Management Conference - Asia Pacific (TEMSCON-ASPAC)10.1109/TEMSCON-ASPAC59527.2023.10531627(1-6)Online publication date: 14-Dec-2023
https://doi.org/10.1109/TEMSCON-ASPAC59527.2023.10531627
Qaddoori SAli Q(2022)An embedded intrusion detection and prevention system for home area networks in advanced metering infrastructureIET Information Security10.1049/ise2.12097Online publication date: 7-Nov-2022
https://doi.org/10.1049/ise2.12097

Index Terms

IoT dataset generation framework for evaluating anomaly detection mechanisms
1. Computing methodologies
  1. Modeling and simulation
    1. Simulation types and techniques
      1. Discrete-event simulation
2. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems
  2. Network security

Recommendations

Optimizing network anomaly detection scheme using instance selection mechanism
GLOBECOM'09: Proceedings of the 28th IEEE conference on Global telecommunications

Network anomaly detection is a classically difficult research topic in intrusion detection. However, existing research has been solely focused on the detection algorithm. An important issue that has not been well studied so far is the selection of ...
Network anomaly detection based on TCM-KNN algorithm
ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security

Intrusion detection is a critical component of secure information systems. Network anomaly detection has been an active and difficult research topic in the field of Intrusion Detection for many years. However, it still has some problems unresolved. They ...
A Formal Framework for Program Anomaly Detection
RAID 2015: Proceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses - Volume 9404

Program anomaly detection analyzes normal program behaviors and discovers aberrant executions caused by attacks, misconfigurations, program bugs, and unusual usage patterns. The merit of program anomaly detection is its independence from attack ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

August 2020

1073 pages

ISBN:9781450388337

DOI:10.1145/3407023

Program Chairs:
Melanie Volkamer
Karlsruhe Institute of Technologie (KIT), Competence Center for Applied Security Technology (KASTEL)
,
Christian Wressnegger
Karlsruhe Institute of Technologie (KIT), Competence Center for Applied Security Technology (KASTEL)

Copyright © 2020 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 August 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

Bundesministerium für Bildung und Forschung
Hessisches Ministerium für Wissenschaft und Kunst

Conference

ARES 2020

ARES 2020: The 15th International Conference on Availability, Reliability and Security

August 25 - 28, 2020

Virtual Event, Ireland

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
901
Total Downloads

Downloads (Last 12 months)259
Downloads (Last 6 weeks)8

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

DeMedeiros KHendawi AAlvarez M(2023)A Survey of AI-Based Anomaly Detection in IoT and Sensor NetworksSensors10.3390/s2303135223:3(1352)Online publication date: 25-Jan-2023
https://doi.org/10.3390/s23031352
Darra YGupta HDeogirikar ADeshpande S(2023)Sensor Profiling and Automated Quality Checks on Sensor Data2023 IEEE Technology & Engineering Management Conference - Asia Pacific (TEMSCON-ASPAC)10.1109/TEMSCON-ASPAC59527.2023.10531627(1-6)Online publication date: 14-Dec-2023
https://doi.org/10.1109/TEMSCON-ASPAC59527.2023.10531627
Qaddoori SAli Q(2022)An embedded intrusion detection and prevention system for home area networks in advanced metering infrastructureIET Information Security10.1049/ise2.12097Online publication date: 7-Nov-2022
https://doi.org/10.1049/ise2.12097

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents