Detecting Malicious Anomalies in IoT: Ensemble Learners and Incomplete Datasets

Franc, Igor and Maček, Nemanja and Bogdanoski, Mitko and Đokić, Dragan (2016) Detecting Malicious Anomalies in IoT: Ensemble Learners and Incomplete Datasets. In: 8th International Conference on Business Information Security (BISEC’2016), 15 Oct 2016, Belgrade, Serbia.

[img]
Preview
Text
2.pdf

Download (3541Kb) | Preview
Official URL: http://bisec.metropolitan.ac.rs/agenda

Abstract

Anomalies in IoT typically occur as a result of malicious activity. As an example, a point anomaly may occur once network intrusion is attempted, while collective anomaly may result from device being hacked. Due to the nature of the attacks, some anomalies are represented by incomplete captured instances or imbalanced captured datasets. For example, features may have some values missing from the row or may contain both categorical and numerical values. Once pre-processed, these datasets become suitable training sets for any machine learning classifier that detects anomalies. However, there are situations where pre-processing takes large amount of time in the operating phase or simply is not executable due to the nature of the data. For example, a feature that contains unknown number of categorical values, such as strings, cannot be converted into finite number of binary features before the training. In this scenarios, basic machine learning methods, such as Support Vector Machines or Decision Trees either fail to operate or provide poor classification performance. Unlike basic, ensemble learners manage these data instances efficiently and provide good anomaly detection rates. This paper analyses the performance of ensemble learners on incomplete IoT intrusion datasets, represented by point anomalies.

Item Type: Conference or Workshop Item (Paper)
Subjects: Natural sciences > Computer and information sciences
Engineering and Technology > Electrical engineering, electronic engineering, information engineering
Engineering and Technology > Other engineering and technologies
Divisions: Military Academy
Depositing User: Mitko Bogdanoski
Date Deposited: 27 Oct 2016 10:07
Last Modified: 27 Oct 2016 10:07
URI: http://eprints.ugd.edu.mk/id/eprint/16527

Actions (login required)

View Item View Item