A graph neural network method for distributed anomaly detection in IoT

Recent IoT proliferation has undeniably affected the way organizational activities and business procedures take place within several IoT domains such as smart manufacturing, food supply chain, intelligent transportation systems, medical care infrastructures etc. The number of the interconnected edge...

Full description

Saved in:
Bibliographic Details
Published in:Evolving systems 2021-03, Vol.12 (1), p.19-36
Main Authors: Protogerou, Aikaterini, Papadopoulos, Stavros, Drosou, Anastasios, Tzovaras, Dimitrios, Refanidis, Ioannis
Format: Article
Language:English
Subjects:
Artificial Intelligence
Complex Systems
Complexity
Engineering
Original Paper
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023
cites cdi_FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023
container_end_page 36
container_issue 1
container_start_page 19
container_title Evolving systems
container_volume 12
creator Protogerou, Aikaterini
Papadopoulos, Stavros
Drosou, Anastasios
Tzovaras, Dimitrios
Refanidis, Ioannis
description Recent IoT proliferation has undeniably affected the way organizational activities and business procedures take place within several IoT domains such as smart manufacturing, food supply chain, intelligent transportation systems, medical care infrastructures etc. The number of the interconnected edge devices has dramatically increased, creating a huge volume of transferred data susceptible to leakage, modification or disruption, ultimately affecting the security level, robustness and QoS of the attacked IoT ecosystem. In an attempt to prevent or mitigate network abnormalities while accommodating the cohesiveness among the involved entities, modeling their interrelations and incorporating their structural, content and temporal attributes, graph-based anomaly detection solutions have been repeatedly adopted. In this article we propose, a multi-agent system, with each agent implementing a Graph Neural Network, in order to exploit the collaborative and cooperative nature of intelligent agents for anomaly detection. To this end, against the propagating nature of cyber-attacks such as the Distributed Denial-of-Service (DDoS), we propose a distributed detection scheme, which aims to monitor efficiently the entire network infrastructure. To fulfill this task, we consider employing monitors on active network nodes such as IoT devices, SDN forwarders, Fog Nodes, achieving localization of anomaly detection, distribution of allocated resources such as the bandwidth and power consumption and higher accuracy results. In order to facilitate the training, testing and evaluation activities of the Graph Neural Network algorithm, we create simulated datasets of network flows of various normal and abnormal distributions, out of which we extract essential structural and content features to be passed to neighbouring agents.
doi_str_mv 10.1007/s12530-020-09347-0
format article
fullrecord <record><control><sourceid>crossref_sprin</sourceid><recordid>TN_cdi_crossref_primary_10_1007_s12530_020_09347_0</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_1007_s12530_020_09347_0</sourcerecordid><originalsourceid>FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023</originalsourceid><addsrcrecordid>eNp9kMtKAzEUhoMoWGpfwFVeYPTkNpksS7FaKLip65DJpZ06nZQkRfr2jla6dHH4z-L_DocPoUcCTwRAPmdCBYMK6DiKcVnBDZqQpm6qmjf17XWXzT2a5bwHAEo4AJcTtJzjbTLHHR78KZl-jPIV0yc--LKLDoeYsOtySV17Kt5hM8SD6c_Y-eJt6eKAuwGv4uYB3QXTZz_7yyn6WL5sFm_V-v11tZivK8uYKFUwIJkAQ0hbW69k4ExRcEFJ2QqqqALLPAmWO-Ek9bymlDRtHZgS1gmgbIro5a5NMefkgz6m7mDSWRPQPzL0RYYeZehfGRpGiF2gPJaHrU96H09pGP_8j_oGqRdhXQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>A graph neural network method for distributed anomaly detection in IoT</title><source>Springer Link</source><creator>Protogerou, Aikaterini ; Papadopoulos, Stavros ; Drosou, Anastasios ; Tzovaras, Dimitrios ; Refanidis, Ioannis</creator><creatorcontrib>Protogerou, Aikaterini ; Papadopoulos, Stavros ; Drosou, Anastasios ; Tzovaras, Dimitrios ; Refanidis, Ioannis</creatorcontrib><description>Recent IoT proliferation has undeniably affected the way organizational activities and business procedures take place within several IoT domains such as smart manufacturing, food supply chain, intelligent transportation systems, medical care infrastructures etc. The number of the interconnected edge devices has dramatically increased, creating a huge volume of transferred data susceptible to leakage, modification or disruption, ultimately affecting the security level, robustness and QoS of the attacked IoT ecosystem. In an attempt to prevent or mitigate network abnormalities while accommodating the cohesiveness among the involved entities, modeling their interrelations and incorporating their structural, content and temporal attributes, graph-based anomaly detection solutions have been repeatedly adopted. In this article we propose, a multi-agent system, with each agent implementing a Graph Neural Network, in order to exploit the collaborative and cooperative nature of intelligent agents for anomaly detection. To this end, against the propagating nature of cyber-attacks such as the Distributed Denial-of-Service (DDoS), we propose a distributed detection scheme, which aims to monitor efficiently the entire network infrastructure. To fulfill this task, we consider employing monitors on active network nodes such as IoT devices, SDN forwarders, Fog Nodes, achieving localization of anomaly detection, distribution of allocated resources such as the bandwidth and power consumption and higher accuracy results. In order to facilitate the training, testing and evaluation activities of the Graph Neural Network algorithm, we create simulated datasets of network flows of various normal and abnormal distributions, out of which we extract essential structural and content features to be passed to neighbouring agents.</description><identifier>ISSN: 1868-6478</identifier><identifier>EISSN: 1868-6486</identifier><identifier>DOI: 10.1007/s12530-020-09347-0</identifier><language>eng</language><publisher>Berlin/Heidelberg: Springer Berlin Heidelberg</publisher><subject>Artificial Intelligence ; Complex Systems ; Complexity ; Engineering ; Original Paper</subject><ispartof>Evolving systems, 2021-03, Vol.12 (1), p.19-36</ispartof><rights>Springer-Verlag GmbH Germany, part of Springer Nature 2020</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023</citedby><cites>FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023</cites><orcidid>0000-0003-4544-2454</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Protogerou, Aikaterini</creatorcontrib><creatorcontrib>Papadopoulos, Stavros</creatorcontrib><creatorcontrib>Drosou, Anastasios</creatorcontrib><creatorcontrib>Tzovaras, Dimitrios</creatorcontrib><creatorcontrib>Refanidis, Ioannis</creatorcontrib><title>A graph neural network method for distributed anomaly detection in IoT</title><title>Evolving systems</title><addtitle>Evolving Systems</addtitle><description>Recent IoT proliferation has undeniably affected the way organizational activities and business procedures take place within several IoT domains such as smart manufacturing, food supply chain, intelligent transportation systems, medical care infrastructures etc. The number of the interconnected edge devices has dramatically increased, creating a huge volume of transferred data susceptible to leakage, modification or disruption, ultimately affecting the security level, robustness and QoS of the attacked IoT ecosystem. In an attempt to prevent or mitigate network abnormalities while accommodating the cohesiveness among the involved entities, modeling their interrelations and incorporating their structural, content and temporal attributes, graph-based anomaly detection solutions have been repeatedly adopted. In this article we propose, a multi-agent system, with each agent implementing a Graph Neural Network, in order to exploit the collaborative and cooperative nature of intelligent agents for anomaly detection. To this end, against the propagating nature of cyber-attacks such as the Distributed Denial-of-Service (DDoS), we propose a distributed detection scheme, which aims to monitor efficiently the entire network infrastructure. To fulfill this task, we consider employing monitors on active network nodes such as IoT devices, SDN forwarders, Fog Nodes, achieving localization of anomaly detection, distribution of allocated resources such as the bandwidth and power consumption and higher accuracy results. In order to facilitate the training, testing and evaluation activities of the Graph Neural Network algorithm, we create simulated datasets of network flows of various normal and abnormal distributions, out of which we extract essential structural and content features to be passed to neighbouring agents.</description><subject>Artificial Intelligence</subject><subject>Complex Systems</subject><subject>Complexity</subject><subject>Engineering</subject><subject>Original Paper</subject><issn>1868-6478</issn><issn>1868-6486</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNp9kMtKAzEUhoMoWGpfwFVeYPTkNpksS7FaKLip65DJpZ06nZQkRfr2jla6dHH4z-L_DocPoUcCTwRAPmdCBYMK6DiKcVnBDZqQpm6qmjf17XWXzT2a5bwHAEo4AJcTtJzjbTLHHR78KZl-jPIV0yc--LKLDoeYsOtySV17Kt5hM8SD6c_Y-eJt6eKAuwGv4uYB3QXTZz_7yyn6WL5sFm_V-v11tZivK8uYKFUwIJkAQ0hbW69k4ExRcEFJ2QqqqALLPAmWO-Ek9bymlDRtHZgS1gmgbIro5a5NMefkgz6m7mDSWRPQPzL0RYYeZehfGRpGiF2gPJaHrU96H09pGP_8j_oGqRdhXQ</recordid><startdate>20210301</startdate><enddate>20210301</enddate><creator>Protogerou, Aikaterini</creator><creator>Papadopoulos, Stavros</creator><creator>Drosou, Anastasios</creator><creator>Tzovaras, Dimitrios</creator><creator>Refanidis, Ioannis</creator><general>Springer Berlin Heidelberg</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0003-4544-2454</orcidid></search><sort><creationdate>20210301</creationdate><title>A graph neural network method for distributed anomaly detection in IoT</title><author>Protogerou, Aikaterini ; Papadopoulos, Stavros ; Drosou, Anastasios ; Tzovaras, Dimitrios ; Refanidis, Ioannis</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Artificial Intelligence</topic><topic>Complex Systems</topic><topic>Complexity</topic><topic>Engineering</topic><topic>Original Paper</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Protogerou, Aikaterini</creatorcontrib><creatorcontrib>Papadopoulos, Stavros</creatorcontrib><creatorcontrib>Drosou, Anastasios</creatorcontrib><creatorcontrib>Tzovaras, Dimitrios</creatorcontrib><creatorcontrib>Refanidis, Ioannis</creatorcontrib><collection>CrossRef</collection><jtitle>Evolving systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Protogerou, Aikaterini</au><au>Papadopoulos, Stavros</au><au>Drosou, Anastasios</au><au>Tzovaras, Dimitrios</au><au>Refanidis, Ioannis</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A graph neural network method for distributed anomaly detection in IoT</atitle><jtitle>Evolving systems</jtitle><stitle>Evolving Systems</stitle><date>2021-03-01</date><risdate>2021</risdate><volume>12</volume><issue>1</issue><spage>19</spage><epage>36</epage><pages>19-36</pages><issn>1868-6478</issn><eissn>1868-6486</eissn><abstract>Recent IoT proliferation has undeniably affected the way organizational activities and business procedures take place within several IoT domains such as smart manufacturing, food supply chain, intelligent transportation systems, medical care infrastructures etc. The number of the interconnected edge devices has dramatically increased, creating a huge volume of transferred data susceptible to leakage, modification or disruption, ultimately affecting the security level, robustness and QoS of the attacked IoT ecosystem. In an attempt to prevent or mitigate network abnormalities while accommodating the cohesiveness among the involved entities, modeling their interrelations and incorporating their structural, content and temporal attributes, graph-based anomaly detection solutions have been repeatedly adopted. In this article we propose, a multi-agent system, with each agent implementing a Graph Neural Network, in order to exploit the collaborative and cooperative nature of intelligent agents for anomaly detection. To this end, against the propagating nature of cyber-attacks such as the Distributed Denial-of-Service (DDoS), we propose a distributed detection scheme, which aims to monitor efficiently the entire network infrastructure. To fulfill this task, we consider employing monitors on active network nodes such as IoT devices, SDN forwarders, Fog Nodes, achieving localization of anomaly detection, distribution of allocated resources such as the bandwidth and power consumption and higher accuracy results. In order to facilitate the training, testing and evaluation activities of the Graph Neural Network algorithm, we create simulated datasets of network flows of various normal and abnormal distributions, out of which we extract essential structural and content features to be passed to neighbouring agents.</abstract><cop>Berlin/Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/s12530-020-09347-0</doi><tpages>18</tpages><orcidid>https://orcid.org/0000-0003-4544-2454</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1868-6478
ispartof Evolving systems, 2021-03, Vol.12 (1), p.19-36
issn 1868-6478
1868-6486
language eng
recordid cdi_crossref_primary_10_1007_s12530_020_09347_0
source Springer Link
subjects Artificial Intelligence
Complex Systems
Complexity
Engineering
Original Paper
title A graph neural network method for distributed anomaly detection in IoT
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-04T06%3A22%3A26IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20graph%20neural%20network%20method%20for%20distributed%20anomaly%20detection%20in%20IoT&rft.jtitle=Evolving%20systems&rft.au=Protogerou,%20Aikaterini&rft.date=2021-03-01&rft.volume=12&rft.issue=1&rft.spage=19&rft.epage=36&rft.pages=19-36&rft.issn=1868-6478&rft.eissn=1868-6486&rft_id=info:doi/10.1007/s12530-020-09347-0&rft_dat=%3Ccrossref_sprin%3E10_1007_s12530_020_09347_0%3C/crossref_sprin%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c335t-fa07350a11b6ce97f43920df977b529290c3e1fc4d5d72e462218b6f395cd5023%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true