Behavior of the DenStream Clustering Algorithm for Attack Detection in the Internet of Things

Gabriel Keith Tazima; Bruno Bogaz Zarpelao (COMP/UEL)

doi:10.5433/1679-0375.2023.v44.48956

Semina: Ciências Exatas e Tecnológicas (Dec 2023)

Behavior of the DenStream Clustering Algorithm for Attack Detection in the Internet of Things

Gabriel Keith Tazima,
Bruno Bogaz Zarpelao (COMP/UEL)

Affiliations

Gabriel Keith Tazima: State University of Londrina - DC/UEL
Bruno Bogaz Zarpelao (COMP/UEL): State University of Londrina - DC\UEL

DOI: https://doi.org/10.5433/1679-0375.2023.v44.48956
Journal volume & issue: Vol. 44

Abstract

Read online

Multiple attack detection schemes based on supervised batch learning are presented in the literature as an alternative to improve Internet of Things (IoT) security. These schemes require benign and malicious traffic samples for training and are unable to easily adapt to changes in the analyzed data. In this work, we study how we can use DenStream, an unsupervised stream mining algorithm, to detect attacks in IoT networks. This type of algorithm does not require labeled examples and can learn incrementally, adapting to changes. We aim to investigate whether attacks can be detected by monitoring the behavior of DenStream's clusters. The results showed that DenStream could provide indicators of attack occurrence in TCP, UDP, and ICMP traffic.

Published in Semina: Ciências Exatas e Tecnológicas

ISSN: 1676-5451 (Print); 1679-0375 (Online)
Publisher: Universidade Estadual de Londrina
Country of publisher: Brazil
LCC subjects: Technology: Technology (General); Science: Science (General)
Website: http://www.uel.br/revistas/uel/index.php/semexatas/index

About the journal

Abstract

Keywords