Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network

Security is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS)...

Full description

Saved in:
Bibliographic Details
Main Authors: Stiawan, Deris, Meilinda Eka Suryani, Meilinda Eka Suryani, Susanto, Susanto, Idris, Mohd. Yazid, Aldalaien, Muawya N., Alsharif, Nizar, Budiarto, Rahmat
Format: Article
Language:English
Published: Institute of Electrical and Electronics Engineers Inc. 2021
Subjects:
Online Access:http://eprints.utm.my/id/eprint/97382/1/MohdYazidIdris2021_PingFloodAttackPatternRecognition.pdf
http://eprints.utm.my/id/eprint/97382/
http://dx.doi.org/10.1109/ACCESS.2021.3105517
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknologi Malaysia
Language: English
id my.utm.97382
record_format eprints
spelling my.utm.973822022-10-10T04:22:53Z http://eprints.utm.my/id/eprint/97382/ Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network Stiawan, Deris Meilinda Eka Suryani, Meilinda Eka Suryani Susanto, Susanto Idris, Mohd. Yazid Aldalaien, Muawya N. Alsharif, Nizar Budiarto, Rahmat QA75 Electronic computers. Computer science Security is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS) is the most popular method used to attack IoT networks, either by flooding services or crashing services. Intrusion detection system (IDS) is one of countermeasures for DoS attack. Unfortunately, the existing IDSs are still suffering from detection accuracy problem due to difficulty of recognizing features of the DoS attacks. Thus, we need to determine specific features that representing well the traffic attacks, so the IDS will be able to distinguish normal traffic from the attacks. In this work, we investigate ping flood attack pattern recognition on IoT networks. Experiments were conducted using wireless communication with three different scenarios: normal traffic, attack traffic, and combined normal-attack traffic. Each scenario created an associated dataset. The datasets were then grouped into two clusters: normal and attack. The K-Means algorithm was used to produce the clustering results. The average number of packets in the attack cluster was 95 931 packets, and the average in the normal cluster was 4,068 packets. The accuracy level of the clustering results was calculated using a confusion matrix. The accuracy of the clustering using the implemented K-Means algorithm was 99.94%. The rates from the confusion matrix were true negative (98.62%), true positive (100.00%), false negative (0.00%), and false positive (1.38%). Institute of Electrical and Electronics Engineers Inc. 2021 Article PeerReviewed application/pdf en http://eprints.utm.my/id/eprint/97382/1/MohdYazidIdris2021_PingFloodAttackPatternRecognition.pdf Stiawan, Deris and Meilinda Eka Suryani, Meilinda Eka Suryani and Susanto, Susanto and Idris, Mohd. Yazid and Aldalaien, Muawya N. and Alsharif, Nizar and Budiarto, Rahmat (2021) Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network. IEEE Access, 9 (NA). pp. 116475-116484. ISSN 2169-3536 http://dx.doi.org/10.1109/ACCESS.2021.3105517 DOI : 10.1109/ACCESS.2021.3105517
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
language English
topic QA75 Electronic computers. Computer science
spellingShingle QA75 Electronic computers. Computer science
Stiawan, Deris
Meilinda Eka Suryani, Meilinda Eka Suryani
Susanto, Susanto
Idris, Mohd. Yazid
Aldalaien, Muawya N.
Alsharif, Nizar
Budiarto, Rahmat
Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
description Security is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS) is the most popular method used to attack IoT networks, either by flooding services or crashing services. Intrusion detection system (IDS) is one of countermeasures for DoS attack. Unfortunately, the existing IDSs are still suffering from detection accuracy problem due to difficulty of recognizing features of the DoS attacks. Thus, we need to determine specific features that representing well the traffic attacks, so the IDS will be able to distinguish normal traffic from the attacks. In this work, we investigate ping flood attack pattern recognition on IoT networks. Experiments were conducted using wireless communication with three different scenarios: normal traffic, attack traffic, and combined normal-attack traffic. Each scenario created an associated dataset. The datasets were then grouped into two clusters: normal and attack. The K-Means algorithm was used to produce the clustering results. The average number of packets in the attack cluster was 95 931 packets, and the average in the normal cluster was 4,068 packets. The accuracy level of the clustering results was calculated using a confusion matrix. The accuracy of the clustering using the implemented K-Means algorithm was 99.94%. The rates from the confusion matrix were true negative (98.62%), true positive (100.00%), false negative (0.00%), and false positive (1.38%).
format Article
author Stiawan, Deris
Meilinda Eka Suryani, Meilinda Eka Suryani
Susanto, Susanto
Idris, Mohd. Yazid
Aldalaien, Muawya N.
Alsharif, Nizar
Budiarto, Rahmat
author_facet Stiawan, Deris
Meilinda Eka Suryani, Meilinda Eka Suryani
Susanto, Susanto
Idris, Mohd. Yazid
Aldalaien, Muawya N.
Alsharif, Nizar
Budiarto, Rahmat
author_sort Stiawan, Deris
title Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
title_short Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
title_full Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
title_fullStr Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
title_full_unstemmed Ping flood attack pattern recognition using a K-Means algorithm in an Internet of Things (IoT) network
title_sort ping flood attack pattern recognition using a k-means algorithm in an internet of things (iot) network
publisher Institute of Electrical and Electronics Engineers Inc.
publishDate 2021
url http://eprints.utm.my/id/eprint/97382/1/MohdYazidIdris2021_PingFloodAttackPatternRecognition.pdf
http://eprints.utm.my/id/eprint/97382/
http://dx.doi.org/10.1109/ACCESS.2021.3105517
_version_ 1748180451666690048