Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Industry 4.0 focuses on continuous interconnection services, allowing for the continuous and uninterrupted exchange of signals or information between related parties. The application of messaging protocols for transferring data to remote locations must meet specific specifications such as asynchrono...

Full description

Bibliographic Details
Main Authors: Zhenyu Gao, Jian Cao, Wei Wang, Huayun Zhang, Zengrong Xu
Format: Article
Language:English
Published: Hindawi-Wiley 2021-01-01
Series:Security and Communication Networks
Online Access:http://dx.doi.org/10.1155/2021/4587862
id doaj-23a95123747c478ab5df2e4299b285aa
record_format Article
spelling doaj-23a95123747c478ab5df2e4299b285aa2021-09-27T00:52:04ZengHindawi-WileySecurity and Communication Networks1939-01222021-01-01202110.1155/2021/4587862Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real TimeZhenyu Gao0Jian Cao1Wei Wang2Huayun Zhang3Zengrong Xu4Nari Group CorporationNari Group CorporationNari Group CorporationNari Group CorporationNari Group CorporationIndustry 4.0 focuses on continuous interconnection services, allowing for the continuous and uninterrupted exchange of signals or information between related parties. The application of messaging protocols for transferring data to remote locations must meet specific specifications such as asynchronous communication, compact messaging, operating in conditions of unstable connection of the transmission line of data, limited network bandwidth operation, support multilevel Quality of Service (QoS), and easy integration of new devices. The Message Queue Telemetry Transport (MQTT) protocol is used in software applications that require asynchronous communication. It is a light and simplified protocol based on publish-subscribe messaging and is placed functionally over the TCP/IP protocol. It is designed to minimize the required communication bandwidth and system requirements increasing reliability and probability of successful message transmission, making it ideal for use in Machine-to-Machine (M2M) communication or networks where bandwidth is limited, delays are long, coverage is not reliable, and energy consumption should be as low as possible. Despite the fact that the advantage that MQTT offers its way of operating does not provide a serious level of security in how to achieve its interconnection, as it does not require protocol dependence on one intermediate third entity, the interface is dependent on each application. This paper presents an innovative real-time anomaly detection system to detect MQTT-based attacks in cyber-physical systems. This is an online-semisupervised learning neural system based on a small number of sampled patterns that identify crowd anomalies in the MQTT protocol related to specialized attacks to undermine cyber-physical systems.http://dx.doi.org/10.1155/2021/4587862
collection DOAJ
language English
format Article
sources DOAJ
author Zhenyu Gao
Jian Cao
Wei Wang
Huayun Zhang
Zengrong Xu
spellingShingle Zhenyu Gao
Jian Cao
Wei Wang
Huayun Zhang
Zengrong Xu
Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
Security and Communication Networks
author_facet Zhenyu Gao
Jian Cao
Wei Wang
Huayun Zhang
Zengrong Xu
author_sort Zhenyu Gao
title Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
title_short Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
title_full Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
title_fullStr Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
title_full_unstemmed Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
title_sort online-semisupervised neural anomaly detector to identify mqtt-based attacks in real time
publisher Hindawi-Wiley
series Security and Communication Networks
issn 1939-0122
publishDate 2021-01-01
description Industry 4.0 focuses on continuous interconnection services, allowing for the continuous and uninterrupted exchange of signals or information between related parties. The application of messaging protocols for transferring data to remote locations must meet specific specifications such as asynchronous communication, compact messaging, operating in conditions of unstable connection of the transmission line of data, limited network bandwidth operation, support multilevel Quality of Service (QoS), and easy integration of new devices. The Message Queue Telemetry Transport (MQTT) protocol is used in software applications that require asynchronous communication. It is a light and simplified protocol based on publish-subscribe messaging and is placed functionally over the TCP/IP protocol. It is designed to minimize the required communication bandwidth and system requirements increasing reliability and probability of successful message transmission, making it ideal for use in Machine-to-Machine (M2M) communication or networks where bandwidth is limited, delays are long, coverage is not reliable, and energy consumption should be as low as possible. Despite the fact that the advantage that MQTT offers its way of operating does not provide a serious level of security in how to achieve its interconnection, as it does not require protocol dependence on one intermediate third entity, the interface is dependent on each application. This paper presents an innovative real-time anomaly detection system to detect MQTT-based attacks in cyber-physical systems. This is an online-semisupervised learning neural system based on a small number of sampled patterns that identify crowd anomalies in the MQTT protocol related to specialized attacks to undermine cyber-physical systems.
url http://dx.doi.org/10.1155/2021/4587862
work_keys_str_mv AT zhenyugao onlinesemisupervisedneuralanomalydetectortoidentifymqttbasedattacksinrealtime
AT jiancao onlinesemisupervisedneuralanomalydetectortoidentifymqttbasedattacksinrealtime
AT weiwang onlinesemisupervisedneuralanomalydetectortoidentifymqttbasedattacksinrealtime
AT huayunzhang onlinesemisupervisedneuralanomalydetectortoidentifymqttbasedattacksinrealtime
AT zengrongxu onlinesemisupervisedneuralanomalydetectortoidentifymqttbasedattacksinrealtime
_version_ 1716867453471948800

Similar Items