Novel Feature Extraction Method for Detecting Malicious MQTT Traffic Using Seq2Seq

Sunoh Choi; Jaehyuk Cho

doi:10.3390/app122312306

Applied Sciences (Dec 2022)

Novel Feature Extraction Method for Detecting Malicious MQTT Traffic Using Seq2Seq

Sunoh Choi,
Jaehyuk Cho

Affiliations

Sunoh Choi: Department of Software Engineering, Jeonbuk National University, Jeonju 54896, Republic of Korea
Jaehyuk Cho: Department of Software Engineering, Jeonbuk National University, Jeonju 54896, Republic of Korea

DOI: https://doi.org/10.3390/app122312306
Journal volume & issue: Vol. 12, no. 23
p. 12306

Abstract

Read online

Owing to their wide application, Internet of Things systems have been the target of malicious attacks. These attacks included DoS, flood, SlowITe, malformed, and brute-force attacks. A dataset that includes these attacks was recently released. However, the attack detection accuracy reported in previous studies has not been satisfactory because the studies used too many features that are not important in detecting malicious message queue telemetry transport (MQTT) traffic. Therefore, this study aims to analyze these attacks. Herein, a novel feature extraction method is proposed that includes the source port index, TCP length, MQTT message type, keep alive, and connection acknowledgment. The attacks were classified using the Seq2Seq model. During the experiment, the accuracy of the proposed method was 99.97%, which is 7.33% higher than that of previously reported methods.

Published in Applied Sciences

ISSN: 2076-3417 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Engineering (General). Civil engineering (General); Science: Biology (General); Science: Physics; Science: Chemistry
Website: http://www.mdpi.com/journal/applsci

About the journal

Abstract

Keywords