본문 바로가기
  • Home

Machine Learning-based Detection of DoS and DRDoS Attacks in IoT Networks

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2022, 27(7), pp.101-108
  • DOI : 10.9708/jksci.2022.27.07.101
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science
  • Received : June 14, 2022
  • Accepted : July 21, 2022
  • Published : July 29, 2022

Seung-Yeon Yeo 1 So-Young Jo 1 Jiyeon Kim 2

1서울여자대학교
2대구대학교

Accredited

ABSTRACT

We propose an intrusion detection model that detects denial-of-service(DoS) and distributed reflection denial-of-service(DRDoS) attacks, based on the empirical data of each internet of things(IoT) device by training system and network metrics that can be commonly collected from various IoT devices. First, we collect 37 system and network metrics from each IoT device considering IoT attack scenarios; further, we train them using six types of machine learning models to identify the most effective machine learning models as well as important metrics in detecting and distinguishing IoT attacks. Our experimental results show that the Random Forest model has the best performance with accuracy of over 96%, followed by the K-Nearest Neighbor model and Decision Tree model. Of the 37 metrics, we identified five types of CPU, memory, and network metrics that best imply the characteristics of the attacks in all the experimental scenarios. Furthermore, we found out that packets with higher transmission speeds than larger size packets represent the characteristics of DoS and DRDoS attacks more clearly in IoT networks.

Citation status

* References for papers published after 2023 are currently being built.