TY - GEN
T1 - Machine Learning for Intrusion Detection
T2 - 33rd Great Lakes Symposium on VLSI, GLSVLSI 2023
AU - Lopez, Martin Manuel
AU - Shao, Sicong
AU - Hariri, Salim
AU - Salehi, Soheil
N1 - Funding Information: This work is partly supported by National Science Foundation (NSF) projects 1624668 and 1921485, as well as Department of Energy/-National Nuclear Security Administration under Award Number DE-NA0003946 and AGILITY project 4263090 sponsored by Korea Institute for Advancement of Technology (KIAT South Korea). Publisher Copyright: © 2023 Owner/Author.
PY - 2023/6/5
Y1 - 2023/6/5
N2 - The Internet of Things (IoT) has brought about unprecedented connectivity and convenience in our daily lives, but with this newfound interconnectedness comes the threat of cyber-attacks. With ever-increasing IoT devices being connected to the internet, securing IoT devices is becoming increasingly urgent. Machine learning (ML) is among the most popular techniques used by intrusion detection systems (IDS) to enhance their detection performance when securing IoT. However, a key obstacle of ML-based IDS for IoT is learning from nonstationary streaming data, also known as concept drift. One of the most challenging learning scenarios under concept drift is extreme verification latency (EVL), which occurs when only unlabeled nonstationary streaming data is available after a small set of initial labeled data. Stream Classification Algorithm Guided by Clustering (SCARGC) is an algorithm that can effectively deal with the nonstationary data streams in EVL scenarios. Applying an EVL implementation provides the capability of adapting to nonstationary environments within the IoT domain. The SCARGC model, as an integrated IoT intrusion detection system, allows for sustainable security as new threats are identified in this non-stationary environment. Hence, in this project, we develop an innovative IoT intrusion detection approach by natively integrating SCARGC and intrusion detection to address the EVL challenges to provide sustainable security as the model adapts to nonstationary environments. We evaluated the proposed approach on real-world IoT cybersecurity datasets. The results demonstrate the feasibility of the proposed approach, which can lead to the development of sophisticated intrusion detection systems for IoT.
AB - The Internet of Things (IoT) has brought about unprecedented connectivity and convenience in our daily lives, but with this newfound interconnectedness comes the threat of cyber-attacks. With ever-increasing IoT devices being connected to the internet, securing IoT devices is becoming increasingly urgent. Machine learning (ML) is among the most popular techniques used by intrusion detection systems (IDS) to enhance their detection performance when securing IoT. However, a key obstacle of ML-based IDS for IoT is learning from nonstationary streaming data, also known as concept drift. One of the most challenging learning scenarios under concept drift is extreme verification latency (EVL), which occurs when only unlabeled nonstationary streaming data is available after a small set of initial labeled data. Stream Classification Algorithm Guided by Clustering (SCARGC) is an algorithm that can effectively deal with the nonstationary data streams in EVL scenarios. Applying an EVL implementation provides the capability of adapting to nonstationary environments within the IoT domain. The SCARGC model, as an integrated IoT intrusion detection system, allows for sustainable security as new threats are identified in this non-stationary environment. Hence, in this project, we develop an innovative IoT intrusion detection approach by natively integrating SCARGC and intrusion detection to address the EVL challenges to provide sustainable security as the model adapts to nonstationary environments. We evaluated the proposed approach on real-world IoT cybersecurity datasets. The results demonstrate the feasibility of the proposed approach, which can lead to the development of sophisticated intrusion detection systems for IoT.
KW - datastream
KW - extreme verification latency
KW - intrusion detection systems
KW - iot security
KW - machine learning for security
KW - nonstationary environments
UR - http://www.scopus.com/inward/record.url?scp=85163184995&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85163184995&partnerID=8YFLogxK
U2 - 10.1145/3583781.3590271
DO - 10.1145/3583781.3590271
M3 - Conference contribution
T3 - Proceedings of the ACM Great Lakes Symposium on VLSI, GLSVLSI
SP - 691
EP - 696
BT - GLSVLSI 2023 - Proceedings of the Great Lakes Symposium on VLSI 2023
PB - Association for Computing Machinery
Y2 - 5 June 2023 through 7 June 2023
ER -