Abstract
We propose an attack detection framework for Internet of Things (IoT) networks, which leverages Graph Neural Networks (GNN) to capture the inherent structure of IoT network data. Specifically, we utilize GraphSAGE and propose a framework to detect network intrusions by capturing the graph’s edge features and data flow information for IoT networks. To evaluate the effectiveness of our approach, we use the Kitsune and BoT-IoT datasets that include botnet, Man-in-the-Middle (MiTM), Reconnaissance, Denial of Service (DoS), Distributed Denial of Service (DDoS), and information theft attacks. To reduce time complexity and analyze the significance of removing extraneous features, we conduct feature selection experiments also. Our study highlights the effectiveness of GNN-based attack detection for IoT security with 89.3% accuracy for kitsune and 88.6% accuracy for BoT-IoT and underscores the importance of unbiased cross-validation to ensure model performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al-Garadi, M.A., Mohamed, A., Al-Ali, A., Du, X., Ali, I., Guizani, M.: A survey of machine and deep learning methods for Internet of Things (IoT) security. IEEE Commun. Surv. Tutorials 22(3), 1646–1685 (2020)
Alelyani, S., Tang, J., Liu, H.: Feature selection for clustering: a review. In: Data Clustering, pp. 29–60 (2018)
Alsaedi, A., Moustafa, N., Tari, Z., Mahmood, A., Anwar, A.: TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8, 165130–165150 (2020)
Arp, D., et al: DREBIN: effective and explainable detection of android malware in your pocket. In: NDSS, vol. 14 (2014)
Chandrashekar, G., Sahin, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16–28 (2014)
Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100–123 (2014)
Gelenbe, E., et al.: IoT network attack detection and mitigation. In: 2020 9th Mediterranean Conference on Embedded Computing (MECO), pp. 1–6. IEEE (2020)
Hajibabaee, P., et al.: An empirical study of the GraphSAGE and Word2vec algorithms for graph multiclass classification. In: 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON) (2021)
Hayashi, M., Vázquez-Castro, Á.: Physical layer security protocol for Poisson channels for passive Man-in-the-Middle Attack. IEEE Trans. Inf. Forensics Secur. 15, 2295–2305 (2020)
Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 1–22 (2019)
Koroniotis, N., Moustafa, N., Sitnikova, E.: A new network forensic framework based on deep learning for Internet of Things networks: a particle deep framework. Future Gener. Comput. Syst. 110, 91–106 (2020)
Lansky, J., et al.: Deep learning-based intrusion detection systems: a systematic review. IEEE Access 9, 101574–101599 (2021)
Li, J., et al.: Feature selection: a data perspective. ACM Comput. Surv. (CSUR) 50(6), 1–45 (2017)
Lo, W.W., Layeghy, S., Sarhan, M., Gallagher, M., Portmann, M.: E-GraphSAGE: a graph neural network based intrusion detection system for IoT. In: IEEE/IFIP Network Operations and Management Symposium, pp. 1–9. IEEE (2022)
Mahdavifar, S., Kadir, A., Fatemi, R., Alhadidi, D., Ghorbani, A.A.: Dynamic android malware category classification using deep learning. In: International Conference on Dependable, Autonomic and Secure Computing, pp. 515–522. IEEE (2020)
Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. arXiv:1802.09089 (2018)
Narayanadoss, A.R., Truong-Huu, T., Mohan, P.M., Gurusamy, M.: Crossfire attack detection using deep learning in software defined its networks. In: 2019 IEEE 89th Vehicular Technology Conference (VTC2019-Spring), pp. 1–6. IEEE (2019)
Protogerou, A., et al.: A graph neural network method for distributed anomaly detection in IoT. Evol. Syst. 12, 19–36 (2021)
Sivanathan, A., Gharakheili, H.H., Sivaraman, V.: Managing IoT cyber-security using programmable telemetry and machine learning. IEEE Trans. Netw. Serv. Manage. 17(1), 60–74 (2020)
Wu, Z., et al.: A comprehensive survey on graph neural networks. IEEE Trans. Neural Netw. Learn. Syst. 32(1), 4–24 (2020)
Yumlembam, R., et al.: IoT-based android malware detection using graph neural network with adversarial defense. IEEE IoT J. 10(10), 8432–8444 (2022)
Zhang, Q., Zhong, H., Shi, W., Liu, L.: A trusted and collaborative framework for deep learning in IoT. Comput. Netw. 193, 108055 (2021)
Zhou, J., Xu, Z., Rush, A.M., Yu, M.: Automating botnet detection with graph neural networks. arXiv preprint arXiv:2003.06344 (2020)
Zhou, J., et al.: Graph neural networks: a review of methods and applications. AI Open 1, 57–81 (2020)
Acknowledgement
Part of this work was funded by the Dutch Research Council (NWO) in the context of its commitment to the Dutch Research Agenda (NWA) as part of the INTERSCT research program funded under grant NWA.1160.18.301.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bibi, I., Ozcelebi, T., Meratnia, N. (2023). An IoT Attack Detection Framework Leveraging Graph Neural Networks. In: Dao, NN., Thinh, T.N., Nguyen, N.T. (eds) Intelligence of Things: Technologies and Applications. ICIT 2023. Lecture Notes on Data Engineering and Communications Technologies, vol 188. Springer, Cham. https://doi.org/10.1007/978-3-031-46749-3_22
Download citation
DOI: https://doi.org/10.1007/978-3-031-46749-3_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-46748-6
Online ISBN: 978-3-031-46749-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)