Research On Key Technologies Of Attack Detection Based On Machine Learning For Internet Of Things

The Internet of Things(Io T)is poised to impact several aspects of our lives with its fast proliferation in many areas such as wearable devices,smart sensors and home appliances.The number of Io T devices is increasing rapidly and it is expected that there will be 50 billion devices connected to the Internet by the end of the year 2020.The vulnerability of Internet of Things devices,especially the nodes in the sensing layer,is vulnerable to attacks by attackers.In addition,the code vulnerabilities attached to almost every new application are a security threat,and traditional anti-virus software is unlikely to prevent and stop this threat.Network attacks appear in various forms,aiming at various Internet of Things devices,which are becoming one of the most serious threats to the security of the Internet of Things.The research of Internet of Things attack detection technology is of great significance to improve the security of the Internet of things.Machine learning can teach the machine to learn like a human from the experience.Applying machine learning algorithm to Internet of Things attack detection brings new opportunities and challenges for the development of Internet of things attack detection technology.Machine learning plays an important role in attack detection and network defense of the Internet of Things,and its application in the security of the Internet of Things has not fully realized its potential.Combined with machine learning technology and Internet of Things attack detection technology,this paper studies the key technologies of attack detection for Internet of Things,in order to solve the security technology problems for Internet of Things in attack node classification,attack detection method and attack detection model.The research contents include Internet of Things security attack and Internet of Things security threat model,Internet of Things attack node classification method based on dark network trafficand SVM-RS-Adaboost algorithm,Zero Day Attack Detection Based on IGAN and PSO_Kmeans security threat detection method for Internet of Things.Finally,this paper proposes an attack detection model for Internet of Things based on DT-DNN and implements a lightweight attack detection system suitable for peer-to-peer communication.Specifically,the main research work and innovation of this paper include the following aspects:1.In view of the security attack threat faced by the Internet of Things,this paper establishes a multi-dimensional security threat model for the Internet of Things.The Internet of Things is facing a variety of threats.This paper analyzes the security requirements of the Internet of Things and the attack methods faced by the Internet of Things,and points out the direction for the security of the Internet of Things.There are many attack methods in the Internet of Things,and different classification results will be obtained according to different angles.This paper establishes a security threat model suitable for the Internet of Things from the perspective of multiple dimensions,which lays the foundation for further attack detection.2.Aiming at the important value of dark network traffic data in attack detection,this paper proposes a classification method for Internet of Things attack nodes based on dark network traffic and SVM-RS-Adaboost.In order to effectively detect the attack behavior contained in the traffic data of the Internet of Things,the probability model is used to determine the wrong traffic in the traffic data of the dark network,the improved Relieff-S algorithm is used to optimize the feature extraction.The SVM model is used as the weak classifier,and then it is combined with Ada Boost integrated learning model to realize a new attack nodes classification method for Internet of Things.Finally,the effectiveness of SVM-RS-Adaboost algorithm is verified by experiments,which provides a basis for identifying attack nodes and their classification in the Internet of Things.3.Aiming at the problem of attack detection in the Internet of Things,especially the zero day attack detection,this paper proposes a security threat detection method based on IGAN and PSO_Kmeans for Internet of Things.In this paper,by analyzing the characteristics of the local Internet of Things,aiming at the imbalance of attack types in the data set,the improved IGAN training expansion is used for a small number of attacktype data in the data set,and the unsupervised learning method K-Means is selected,and particle swarm optimization algorithm PSO is used to optimize it to achieve efficient detection.Based on IGAN and PSO_Kmeans attack detection method,through preprocessing and feature extraction of network traffic data,expands the data set with unbalanced attack types,optimizes the classifier parameters,and finally implements classification detection based on PSO_Kmeans.In this paper,the feasibility and effectiveness of this method are verified by experiments with different data sets.4.Aiming at the problem of using peer-to-peer communication to access the Internet of Things flexibly for attack detection,this paper proposes a attack detection model based on DT-DNN,and implements a lightweight attack detection system working at the transport layer.In this paper,combining decision tree and deep neural network,an anomaly attack detection model based on DT-DNN is proposed.Based on this model,a lightweight Internet of Things attack detection system is implemented.The system is arranged on an intelligent portable device,which can protect the security of the Internet of Things without affecting its connectivity.Wireless connection is helpful to mobile devices and improve the adaptability of the attack detection system.The anomaly detection method based on decision tree and deep learning is different from the traditional Internet of Things attack detection method.It overcomes the shortcomings of rule-based security detection method and makes it adapt to the established and unknown hostile environment.The experimental results show that the attack detection system based on DT-DNN model achieves good detection results in a variety of attacks detection.