A Classification-Based Algorithm to Detect Forged Embedded Machines in IoT Environments



Selis, Valerio ORCID: 0000-0002-1856-4707 and Marshall, Alan ORCID: 0000-0002-8058-5242
(2019) A Classification-Based Algorithm to Detect Forged Embedded Machines in IoT Environments. IEEE Systems Journal, 13 (1). 389 - 399.

[img] Text
08355909.pdf - Accepted Version

Download (1MB)

Abstract

In the Internet of Things (IoT), interconnected devices manage essential information related to people's lives; hence, securing this information is essential. The number of these machines is rapidly growing; these are mostly embedded, and therefore more susceptible to attacks. Recently, thousands of subverted IoT embedded machines, such as surveillance cameras, were used for launching distributed denial of service (DDoS) attacks. In this scenario, attackers, who are not embedded machines, can emulate their behaviors to subvert the machine-to-machine network. In this paper, we present a novel algorithm to detect such forged machines. This allows detection of virtualized and emulated systems by observing their behaviors and can be used by IoT trust agents in embedded machines. With the aim of creating a machine-agnostic system, portable and applicable to future IoT machines, we propose a classification-based algorithm as the detection mechanism. Extensive experiments with different system architectures and operating systems were performed, along with a comparison of several feature selection and classification methods. The results show that our method can quickly reveal illegitimate machines with a high probability of detection, giving the opportunity for its use in power-constrained machines. Our approach is also able to detect unknown embedded systems and can be used to detect fake timing attacks.

Item Type: Article
Depositing User: Symplectic Admin
Date Deposited: 10 May 2018 09:27
Last Modified: 23 Aug 2021 23:12
DOI: 10.1109/JSYST.2018.2827700
Related URLs:
URI: https://livrepository.liverpool.ac.uk/id/eprint/3021141