Computer Science

Permanent URI for this collection

https://hdl.handle.net/10315/38508

Browse

Browsing Computer Science by Subject "Anomaly detection"

Now showing 1 - 1 of 1
  • Thumbnail Image
    ItemOpen Access
    Machine Learning-based Intrusion Detection Under Adversarial Influence: Application to MAC Spoofing Detection in IoT Networks
    (2022-08-08) Madani Kochak, Seyed Pooria; Vlajic, Natalija
    Internet of things (IoT) has brought a greater prevalence of smart objects with higher connectivity between them. Today, there are millions of such smart devices controlling critical infrastructures, such as nuclear power plants, and have brought a new form of comfort to our home through smart appliances. As such, IoT devices have become valuable targets for (potentially state-sponsored) adversaries that are most often after cyberattacks with physical ramifications. Taking over a trusted nodes identity (also known as identity spoofing) in an IoT network can enable more sophisticated multi-tier attacks against other nodes/resources in the same network. Thus, detecting identity spoofing attacks must be part of any sound defensive measure when protecting IoT networks. Several learning-based detection schemes have been proposed in the literature that attempt to detect identity attacks (i.e., MAC Spoofing) in wireless networks. However, the proposed learning-based methods are highly susceptible to adversarial evasion attacks - one of the main theme studied in this manuscript - and a sophisticated adversary could circumvent detection by identifying "blind spots" in the learning algorithms of proposed approaches. In this dissertation, we have extensively studied the use of randomization (another major theme) both from defensive and offensive perspectives to add robustness to existing learning-based MAC spoofing detection methods. Specifically, we have proposed a randomization scheme that can be added to the existing learning-based detection approaches to increase the uncertainty of the adversary in the search of finding an optimal evasion strategy. Moreover, we have also proposed an adversarial search approach based on active learning that an adversary could use to mount an optimal evasion attack against detection classifiers that utilize randomization. Finally, we have proposed a novel multi-model MAC spoofing detection system based on deep autoencoders, which have been specifically designed and tested for IoT networks deployed in adversarial settings by taking into account environmental variabilities induced by moving objects.

All items in the YorkSpace institutional repository are protected by copyright, with all rights reserved except where explicitly noted.