@inproceedings{a646c1637520449da026617d8bf6bb25,
title = "Machine learning DDoS detection for consumer internet of things devices",
abstract = "An increasing number of Internet of Things (IoT) devices are connecting to the Internet, yet many of these devices are fundamentally insecure, exposing the Internet to a variety of attacks. Botnets such as Mirai have used insecure consumer IoT devices to conduct distributed denial of service (DDoS) attacks on critical Internet infrastructure. This motivates the development of new techniques to automatically detect consumer IoT attack traffic. In this paper, we demonstrate that using IoT-specific network behaviors (e.g., limited number of endpoints and regular time intervals between packets) to inform feature selection can result in high accuracy DDoS detection in IoT network traffic with a variety of machine learning algorithms, including neural networks. These results indicate that home gateway routers or other network middleboxes could automatically detect local IoT device sources of DDoS attacks using low-cost machine learning algorithms and traffic data that is flow-based and protocol-agnostic.",
keywords = "Anomaly detection, DDoS, Feature engineering, Internet of things, Machine learning",
author = "Rohan Doshi and Noah Apthorpe and Nick Feamster",
note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018 ; Conference date: 24-05-2018",
year = "2018",
month = aug,
day = "2",
doi = "10.1109/SPW.2018.00013",
language = "English (US)",
isbn = "9780769563497",
series = "Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "29--35",
booktitle = "Proceedings - 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018",
address = "United States",
}