Publication: Two-tier anomaly detection based on traffic profiling of the home automation system
| dc.contributor.author | Gajewski, Mariusz | |
| dc.contributor.author | Batalla, Jordi Mongay | |
| dc.contributor.author | Levi, Albert | |
| dc.contributor.author | Mavromoustakis, Constandinos X. | |
| dc.contributor.author | Mastorakis, George | |
| dc.contributor.buuauthor | Togay, Cengiz | |
| dc.contributor.department | Mühendislik Fakültesi | |
| dc.contributor.department | Bilgisayar Mühendisliği | |
| dc.contributor.department | Siber Güvenlik Bölümü | |
| dc.contributor.orcid | 0000-0001-5739-1784 | |
| dc.contributor.researcherid | AAG-9038-2020 | |
| dc.contributor.scopusid | 15065979500 | |
| dc.date.accessioned | 2023-06-15T10:30:32Z | |
| dc.date.available | 2023-06-15T10:30:32Z | |
| dc.date.issued | 2019-07-20 | |
| dc.description.abstract | Smart building equipment and automation systems often become a target of attacks and are used for attacking other targets located out of the Home Area Network. Attacks are often related to changes in traffic volume, disturbed packet flow or excessive energy consumption. Their symptoms can be recognized and interpreted locally, using software agent at Home Gateway. Although anomalies are detected locally at the Home Gateway, they can be exploited globally. Thus, it is significantly important to detect global attack attempts through anomalies correlation. Our proposal in this paper is the involvement of the Network Operator in Home Area Network security. Our paper describes a novel strategy for anomaly detection that consists of shared responsibilities between user and network provider. The proposed two-tier Intrusion Detection System uses a machine learning method for classifying the monitoring records and searching suspicious anomalies across the network at the service provider's data center. Result show that local anomaly detection combined with anomaly correlation at the service providers level can provide reliable information on the most frequent IoT devices misbehavior which may be caused by infection. | |
| dc.description.sponsorship | National Centre for Research and Development (NCBiR) in Poland | |
| dc.identifier.citation | Gajewski, M. vd. (2019). ''Two-tier anomaly detection based on traffic profiling of the home automation system''. Computer Networks, 158, 46-60. | |
| dc.identifier.endpage | 60 | |
| dc.identifier.issn | 1389-1286 | |
| dc.identifier.issn | 1872-7069 | |
| dc.identifier.scopus | 2-s2.0-85065068872 | |
| dc.identifier.startpage | 46 | |
| dc.identifier.uri | https://doi.org/10.1016/j.comnet.2019.04.013 | |
| dc.identifier.uri | https://www.sciencedirect.com/science/article/pii/S1389128618311587 | |
| dc.identifier.uri | http://hdl.handle.net/11452/33045 | |
| dc.identifier.volume | 158 | |
| dc.identifier.wos | 000472243200004 | |
| dc.indexed.wos | SCIE | |
| dc.language.iso | en | |
| dc.publisher | Elsevier | |
| dc.relation.collaboration | Yurt dışı | |
| dc.relation.collaboration | Sanayi | |
| dc.relation.journal | Computer Networks | |
| dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi | |
| dc.relation.tubitak | 117E017 | |
| dc.rights | info:eu-repo/semantics/closedAccess | |
| dc.subject | Computer science | |
| dc.subject | Engineering | |
| dc.subject | Telecommunications | |
| dc.subject | Home gateway | |
| dc.subject | Wireless sensor networks | |
| dc.subject | Smart home | |
| dc.subject | Anomaly detection | |
| dc.subject | Internet of things | |
| dc.subject | Intrusion-detection | |
| dc.subject | Internet | |
| dc.subject | Automation | |
| dc.subject | Computer crime | |
| dc.subject | Energy utilization | |
| dc.subject | Enterprise resource planning | |
| dc.subject | Gateways (computer networks) | |
| dc.subject | Home networks | |
| dc.subject | Internet of things | |
| dc.subject | Internet service providers | |
| dc.subject | Intrusion detection | |
| dc.subject | Learning systems | |
| dc.subject | Network security | |
| dc.subject | Search engines | |
| dc.subject | Software agents | |
| dc.subject | Wireless sensor networks | |
| dc.subject | Anomaly correlations | |
| dc.subject | Building equipments | |
| dc.subject | Home automation systems | |
| dc.subject | Home gateway | |
| dc.subject | Intrusion detection systems | |
| dc.subject | Machine learning methods | |
| dc.subject | Shared responsibility | |
| dc.subject | Smart homes | |
| dc.subject | Anomaly detection | |
| dc.subject.scopus | Denial-Of-Service Attack; DDoS; Attack | |
| dc.subject.wos | Computer science, hardware & architecture | |
| dc.subject.wos | Computer science, information systems | |
| dc.subject.wos | Engineering, electrical & electronic | |
| dc.subject.wos | Telecommunications | |
| dc.title | Two-tier anomaly detection based on traffic profiling of the home automation system | |
| dc.type | Article | |
| dc.wos.quartile | Q4 | |
| dspace.entity.type | Publication | |
| local.contributor.department | Mühendislik Fakültesi/Bilgisayar Mühendisliği/Siber Güvenlik Bölümü | |
| local.indexed.at | Scopus | |
| local.indexed.at | WOS |
Files
License bundle
1 - 1 of 1
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: