• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

XRecon:一种基于集成学习的可解释物联网侦察攻击检测系统。

XRecon: An Explainbale IoT Reconnaissance Attack Detection System Based on Ensemble Learning.

机构信息

Cybersecurity Research Lab, Toronto Metropolitan University, Toronto, ON M5B 2K3, Canada.

School of IT Administration and Security, Seneca College, Toronto, ON M2J 2X5, Canada.

出版信息

Sensors (Basel). 2023 Jun 2;23(11):5298. doi: 10.3390/s23115298.

DOI:10.3390/s23115298
PMID:37300025
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10256059/
Abstract

IoT devices have grown in popularity in recent years. Statistics show that the number of online IoT devices exceeded 35 billion in 2022. This rapid growth in adoption made these devices an obvious target for malicious actors. Attacks such as botnets and malware injection usually start with a phase of reconnaissance to gather information about the target IoT device before exploitation. In this paper, we introduce a machine-learning-based detection system for reconnaissance attacks based on an explainable ensemble model. Our proposed system aims to detect scanning and reconnaissance activity of IoT devices and counter these attacks at an early stage of the attack campaign. The proposed system is designed to be efficient and lightweight to operate in severely resource-constrained environments. When tested, the implementation of the proposed system delivered an accuracy of 99%. Furthermore, the proposed system showed low false positive and false negative rates at 0.6% and 0.05%, respectively, while maintaining high efficiency and low resource consumption.

摘要

近年来,物联网设备越来越受欢迎。统计数据显示,2022 年在线物联网设备的数量超过 350 亿。这种快速普及的采用使得这些设备成为恶意行为者的明显目标。僵尸网络和恶意软件注入等攻击通常始于侦察阶段,在利用之前收集有关目标物联网设备的信息。在本文中,我们引入了一种基于可解释集成模型的基于机器学习的侦察攻击检测系统。我们提出的系统旨在检测物联网设备的扫描和侦察活动,并在攻击活动的早期阶段对这些攻击进行反击。所提出的系统旨在在资源严重受限的环境中高效且轻量级地运行。在测试时,所提出系统的实现准确率达到 99%。此外,所提出的系统的假阳性和假阴性率分别为 0.6%和 0.05%,同时保持高效率和低资源消耗。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/3c8c1148ff2f/sensors-23-05298-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/f6217fe7d695/sensors-23-05298-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/b6ef129ce6ae/sensors-23-05298-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/c4406163da6b/sensors-23-05298-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/9e2d0a49973c/sensors-23-05298-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/e5452e75599a/sensors-23-05298-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/ffe125658609/sensors-23-05298-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/73e8b8f146ec/sensors-23-05298-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/3c8c1148ff2f/sensors-23-05298-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/f6217fe7d695/sensors-23-05298-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/b6ef129ce6ae/sensors-23-05298-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/c4406163da6b/sensors-23-05298-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/9e2d0a49973c/sensors-23-05298-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/e5452e75599a/sensors-23-05298-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/ffe125658609/sensors-23-05298-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/73e8b8f146ec/sensors-23-05298-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/280f/10256059/3c8c1148ff2f/sensors-23-05298-g008.jpg

相似文献

1
XRecon: An Explainbale IoT Reconnaissance Attack Detection System Based on Ensemble Learning.XRecon:一种基于集成学习的可解释物联网侦察攻击检测系统。
Sensors (Basel). 2023 Jun 2;23(11):5298. doi: 10.3390/s23115298.
2
BoostedEnML: Efficient Technique for Detecting Cyberattacks in IoT Systems Using Boosted Ensemble Machine Learning.增强集成机器学习的物联网系统网络攻击检测高效技术:BoostedEnML
Sensors (Basel). 2022 Sep 29;22(19):7409. doi: 10.3390/s22197409.
3
An Aggregated Mutual Information Based Feature Selection with Machine Learning Methods for Enhancing IoT Botnet Attack Detection.基于聚合互信息的特征选择与机器学习方法在增强物联网僵尸网络攻击检测中的应用。
Sensors (Basel). 2021 Dec 28;22(1):185. doi: 10.3390/s22010185.
4
Machine Learning-Based IoT-Botnet Attack Detection with Sequential Architecture.基于机器学习的物联网僵尸网络攻击检测的序列架构。
Sensors (Basel). 2020 Aug 5;20(16):4372. doi: 10.3390/s20164372.
5
Lightweight Internet of Things Botnet Detection Using One-Class Classification.基于单类分类的轻量级物联网僵尸网络检测。
Sensors (Basel). 2022 May 10;22(10):3646. doi: 10.3390/s22103646.
6
Detection of Malicious Cloud Bandwidth Consumption in Cloud Computing Using Machine Learning Techniques.利用机器学习技术检测云计算中的恶意带宽消耗。
Comput Intell Neurosci. 2022 Sep 5;2022:4003403. doi: 10.1155/2022/4003403. eCollection 2022.
7
Review of Botnet Attack Detection in SDN-Enabled IoT Using Machine Learning.基于机器学习的 SDN 赋能物联网中的僵尸网络攻击检测综述。
Sensors (Basel). 2022 Dec 14;22(24):9837. doi: 10.3390/s22249837.
8
Cross Deep Learning Method for Effectively Detecting the Propagation of IoT Botnet.基于交叉深度学习的物联网僵尸网络传播检测方法
Sensors (Basel). 2022 May 20;22(10):3895. doi: 10.3390/s22103895.
9
Ensemble averaging deep neural network for botnet detection in heterogeneous Internet of Things devices.用于异构物联网设备中僵尸网络检测的集成平均深度神经网络。
Sci Rep. 2024 Feb 16;14(1):3878. doi: 10.1038/s41598-024-54438-6.
10
Towards an Explainable Universal Feature Set for IoT Intrusion Detection.面向物联网入侵检测的可解释通用特征集。
Sensors (Basel). 2022 Jul 29;22(15):5690. doi: 10.3390/s22155690.

本文引用的文献

1
Towards an Explainable Universal Feature Set for IoT Intrusion Detection.面向物联网入侵检测的可解释通用特征集。
Sensors (Basel). 2022 Jul 29;22(15):5690. doi: 10.3390/s22155690.