Loading…

Dimensionality reduction for detection of anomalies in the IoT traffic data

This paper concerns cybersecurity issues in one of the fastest growing fields of modern computer systems the Internet-of-Things (IoT). In this field, intrusion detection plays a significant role in allowing IoT systems’ safe functioning and continuous operation. Visualizing the IoT data using dimens...

Full description

Saved in:
Bibliographic Details
Published in:Future generation computer systems 2024-02, Vol.151, p.137-151
Main Authors: Olszewski, Dominik, Iwanowski, Marcin, Graniszewski, Waldemar
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper concerns cybersecurity issues in one of the fastest growing fields of modern computer systems the Internet-of-Things (IoT). In this field, intrusion detection plays a significant role in allowing IoT systems’ safe functioning and continuous operation. Visualizing the IoT data using dimensionality reduction allows for an easy and straightforward traffic analysis based on a graphical data representation, eligible for interpretation even by non-experts. We present a study on IoT network intrusion detection using three dimensionality reduction methods, namely, the Self-Organizing Map (SOM), the t-distributed Stochastic Neighbor Embedding (t-SNE), and the Neighborhood Retrieval Visualizer (NeRV). We show that applying them to the IoT traffic allows for reducing the original traffic feature space to a 2-D one, where anomalies may be noticed visually as outliers. The purpose of our study and its original contribution is conducting a comparative analysis of the t-SNE versus NeRV dimensionality reduction approaches in both: theoretical and empirical aspects. We notice and point out specific significant differences between these methods, which, as we claim, are responsible for their different performance in the IoT field, which is validated by our empirical study on real-world IoT traffic datasets. The results of our experimental research provide an interesting insight into the behavior of the investigated techniques and confirm their effectiveness and usability in IoT anomalies detection. •We present an IoT anomalies detection using dimensionality reduction and clustering.•We employ the PCA, SOM, t-SNE, and NeRV methods.•A theoretical and empirical comparative study of t-SNE against NeRV is conducted.•The results of our empirical analysis verify and confirm all the theoretical claims.
ISSN:0167-739X
1872-7115
DOI:10.1016/j.future.2023.09.033