Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network

Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network

Security is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS)...

Full description

Bibliographic Details
Main Authors: Deris Stiawan, Meilinda Eka Suryani, Susanto, Mohd Yazid Idris, Muawya N. Aldalaien, Nizar Alsharif, Rahmat Budiarto
Format: Article
Language:English
Published: IEEE 2021-01-01
Series:IEEE Access
Subjects:
Internet of Things (IoT)
pattern recognition
ping flood
K-means
clustering
Online Access:https://ieeexplore.ieee.org/document/9514914/
id doaj-777026c6dae54eca8597a412881edd68
record_format Article
spelling doaj-777026c6dae54eca8597a412881edd682021-08-27T23:00:45ZengIEEEIEEE Access2169-35362021-01-01911647511648410.1109/ACCESS.2021.31055179514914Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) NetworkDeris Stiawan0https://orcid.org/0000-0002-9302-1868Meilinda Eka Suryani1 Susanto2https://orcid.org/0000-0002-7562-7946Mohd Yazid Idris3https://orcid.org/0000-0001-7702-6610Muawya N. Aldalaien4Nizar Alsharif5Rahmat Budiarto6https://orcid.org/0000-0002-6374-4731Department of Computer Engineering, Faculty of Computer Science, Universitas Sriwijaya, Palembang, IndonesiaDepartment of Computer Engineering, Faculty of Computer Science, Universitas Sriwijaya, Palembang, IndonesiaFaculty of Engineering, Universitas Sriwijaya, Palembang, IndonesiaSchool of Computing, Faculty of Engineering, Universiti Teknologi Malaysia, Johor, MalaysiaKing Hussein School of Computing Sciences, Princess Sumaya University for Technology, Amman, JordanCollege of Computer Science and Information Technology, Al-Baha University, Al Bahah, Saudi ArabiaCollege of Computer Science and Information Technology, Al-Baha University, Al Bahah, Saudi ArabiaSecurity is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS) is the most popular method used to attack IoT networks, either by flooding services or crashing services. Intrusion detection system (IDS) is one of countermeasures for DoS attack. Unfortunately, the existing IDSs are still suffering from detection accuracy problem due to difficulty of recognizing features of the DoS attacks. Thus, we need to determine specific features that representing well the traffic attacks, so the IDS will be able to distinguish normal traffic from the attacks. In this work, we investigate ping flood attack pattern recognition on IoT networks. Experiments were conducted using wireless communication with three different scenarios: normal traffic, attack traffic, and combined normal-attack traffic. Each scenario created an associated dataset. The datasets were then grouped into two clusters: normal and attack. The K-Means algorithm was used to produce the clustering results. The average number of packets in the attack cluster was 95 931 packets, and the average in the normal cluster was 4,068 packets. The accuracy level of the clustering results was calculated using a confusion matrix. The accuracy of the clustering using the implemented K-Means algorithm was 99.94%. The rates from the confusion matrix were true negative (98.62%), true positive (100.00%), false negative (0.00%), and false positive (1.38%).https://ieeexplore.ieee.org/document/9514914/Internet of Things (IoT)pattern recognitionping floodK-meansclustering
collection DOAJ
language English
format Article
sources DOAJ
author Deris Stiawan
Meilinda Eka Suryani
Susanto
Mohd Yazid Idris
Muawya N. Aldalaien
Nizar Alsharif
Rahmat Budiarto
spellingShingle Deris Stiawan
Meilinda Eka Suryani
Susanto
Mohd Yazid Idris
Muawya N. Aldalaien
Nizar Alsharif
Rahmat Budiarto
Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
IEEE Access
Internet of Things (IoT)
pattern recognition
ping flood
K-means
clustering
author_facet Deris Stiawan
Meilinda Eka Suryani
Susanto
Mohd Yazid Idris
Muawya N. Aldalaien
Nizar Alsharif
Rahmat Budiarto
author_sort Deris Stiawan
title Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
title_short Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
title_full Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
title_fullStr Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
title_full_unstemmed Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network
title_sort ping flood attack pattern recognition using a k-means algorithm in an internet of things (iot) network
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2021-01-01
description Security is the main challenge in Internet of Things (IoT) systems. The devices on the IoT networks are very heterogeneous, many of them have limited resources, and they are connected globally, which makes the IoT much more challenging to secure than other types of networks. Denial of service (DoS) is the most popular method used to attack IoT networks, either by flooding services or crashing services. Intrusion detection system (IDS) is one of countermeasures for DoS attack. Unfortunately, the existing IDSs are still suffering from detection accuracy problem due to difficulty of recognizing features of the DoS attacks. Thus, we need to determine specific features that representing well the traffic attacks, so the IDS will be able to distinguish normal traffic from the attacks. In this work, we investigate ping flood attack pattern recognition on IoT networks. Experiments were conducted using wireless communication with three different scenarios: normal traffic, attack traffic, and combined normal-attack traffic. Each scenario created an associated dataset. The datasets were then grouped into two clusters: normal and attack. The K-Means algorithm was used to produce the clustering results. The average number of packets in the attack cluster was 95 931 packets, and the average in the normal cluster was 4,068 packets. The accuracy level of the clustering results was calculated using a confusion matrix. The accuracy of the clustering using the implemented K-Means algorithm was 99.94%. The rates from the confusion matrix were true negative (98.62%), true positive (100.00%), false negative (0.00%), and false positive (1.38%).
topic Internet of Things (IoT)
pattern recognition
ping flood
K-means
clustering
url https://ieeexplore.ieee.org/document/9514914/
work_keys_str_mv AT derisstiawan pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT meilindaekasuryani pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT susanto pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT mohdyazididris pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT muawyanaldalaien pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT nizaralsharif pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
AT rahmatbudiarto pingfloodattackpatternrecognitionusingakmeansalgorithminaninternetofthingsiotnetwork
_version_ 1721187929472106496

Similar Items