Scientific Article developed by Ikerlan!
It has been a few years since several distributed denial-of-service attacks by the Mirai botnet, largely comprised of IoT devices, rendered various Internet platforms inaccessible for a period of time. Since then, a growing trend of cyberattacks against IoT devices has been observed, and the complexity of these threats is also increasing.
Machine learning methods are showing promising results in detecting these threats; however, cloud or perimeter computing based architectures for training these models present multiple drawbacks in IoT environments, such as network overload or data isolation. In this paper we present a Federated Learning (FL) architecture for training unsupervised anomaly detection models in IoT networks. The architecture includes a device clustering algorithm integrated into the FL process to address the problems caused by high heterogeneity in these environments. We evaluated the proposal on a testbed with 360 simulated IoT devices, showing the detection of various denial-of-service and command-and-control communication attacks.
Author: Sáez de Cámara, Xabier; Flores, Jose Luis; Arellano, Cristóbal; Urbieta, Aitor; Zurutuza, Urko
Link to the article (in spanish): https://zenodo.org/record/7806478#.ZEuBo3ZByUl
Full text can be found here
Entity: Ikerlan and Mondragon Unibertsitatea
DOI: 10.5281/zenodo.7806478