Abstract— Present six billions estimateddevices are connected to internet, by 2020 it will be 25 billion. During thisgrowth security has been identified as one of the weakest areas in Internet ofThings (IOT). So to meet different challenges in securing IOT, we propose usingmachine learning within an IOT Gateway to help secure the system.
By usingRegression in a gateway to detect anomalies in the data sent from edge devices.Keywords—Internetof Things, machine Learning, Regresson, security I. Introduction Internet ofThings (IoT) is presently a hot technology worldwide. Government, academia, andindustry are involved in different aspects of research, implementation, andbusiness with IoT. IoT cuts across different application domain verticalsranging from civilian to defense sectors.
These domains include agriculture,space, healthcare, manufacturing, construction, water, and mining, which arepresently transitioning their legacy infrastructure to support IoT. Today it ispossible to envision pervasive connectivity, storage, and computation, which,in turn, gives rise to building different IoT solutions. IoT-based applicationssuch as innovative shopping system, infrastructure management in both urban andrural areas, remote health monitoring and emergency notification systems, andtransportation systems, are gradually relying on IoT based systems.Over the past decade, the popularity of Python as amainstream programming language has exploded. Notable advantages of Python overother languages include, but are not limited to; It is a very simple languageto learn and easy to implement and deploy, so you don’t need to spend a lot oftime learning lots of formatting standards and compiling options.It is portable, expandable and embeddable, so, it isnot system dependent, and hence supports a lot of single board computers on themarket these days, irrespective of architecture and operating system. Mostimportantly, it has a huge community which provides a lot of support andlibraries for the language.We are living in a worldsurrounded by billions of computing systems, identifying, tracking, and analyzingsome of our intimate personal information, including health, sleep, location,and network of friends.
The trend is toward even higher proliferation of suchdevices, with an estimated 50 billion smart, connected devices by 2020,according to a recent report by Cisco. These devices generate, process, andexchange a large amount of sensitive information and data (often collectivelyreferred to as “security assets” or simply “assets”). In addition to privateend-user information, assets include security-critical parameters introducedduring the system architecture definition, e.
g., fuses, cryptographic, anddigital rights management (DRM) keys, firmware execution flows, and on-chipdebug modes. Malicious access to these assets can result in leakage of companytrade secrets for device manufacturers or content providers, identity theft orprivacy breach for end users, and even destruction of human life. Securityassurance of a modern computing device involves a number of challenges. One keychallenge is the sheer complexity of the design. Most modern computing systemsare architected via a system-on-chip (SoC) paradigm, viz.
, through acomposition of predesigned hardware or software blocks referred to asintellectual properties (IPs) that interact through a network of on-chipcommunication fabrics. The IPs themselves are highly complex artifactsoptimized for performance, power, and silicon overhead. Adding to thecomplexity are the communication protocols used in implementing complexsystem-level use cases. Finally, security assets are sprinkled at different IPsacross the design, and access to the assets is governed by complex securitypolicies. The policies are defined by system architects as well as different IPand SoC integration teams, and undergo refinement and modification throughoutthe system development. This makes it challenging to validate a system, developarchitectures to provide built-in resilience against unauthorized access, orupdate security requirements, e.
g., in response to changing customer needs.Another source of challenge is the supply chain involved in the development ofa modern computing device. There is a large number of players involved,including IP providers, SoC design house, and foundry. With the increasingglobalization of the semiconductor design and fabrication process, each ofthese players often involves large number of organizations—often acrossgeography—coordinating to create a complex supply-chain pipeline. Everycomponent of the pipeline is vulnerable to malicious design alterations,subversions, piracy, and other security threats. Even in cases where acomponent is designed without intended malice, aggressivetime-to-market requirements and high optimization needs often result in errorsand vulnerabilities inadvertently left in the design, which can be exploited bya malicious adversary in the field.
Given the broad spectrum of vulnerabilities andcorresponding mitigation strategies, the subject of SoC security today ishighly fragmented II. Related WorkGaps withinsecurity techniques to protect sensor nodes, to maintain trust between devices,and to defend against Man in the Middle attacks, Denial of Service (DoS)attacks, etc. They concluded that there is currently extensive work occurringwithin IoT authentication and access control protocols butother work needs to be done as well. Maintaining the Integrity of theSpecificationsIoT requiresintelligent processing and reliable transmission within the network. To providethis, the network architecture contains three layers: the application layer,the transport layer, and the sensing layer. The application layer contains thelogical link between the user and the Internet through intelligentapplications. Intelligent applications include smart home furnishings andintelligent architectures. The application layer uses machine learning, datamining, data processing, and other analytics to process information from thesystem and provide an output.
The transport layer consists of networkcommunications including Wi-Fi, Bluetooth, ZigBee, and 802.15.4. The transportlayer contains the gateway or gateways that process the information and relaythe information across the network. The sensing layer contains edge devicesthat are composed of a variety of sensors and actuators that collect data andsend it through the transportation layer to the application layer for analysis.There are many security threats present in the transportlayer.
Ourapproachistoaddmachinelearningwithin the transportlayer to help determine if there are interruptions in the data transfer and tomonitor the edge devices from the sensing layer. This approach will alsoaddress by addressing the entire system security, not simply the authenticationand access control protocols. III. APPROACHIn examining theapproach, we will begin with an overview of our test bed creation and thendiscuss our machine learning methodology. A. Testbed creation First Iinstalled spyder 3.6 and imported libraries in spyder 3.6 after that importeddataset by using Dataset =pd.
read_csv (“Data.csv”) After that Ideclared 2 variables X & Y: X selects all columns except last one column indataset and Y selects the only last column in dataset by using iloc. If anymissed values are in dataset by using Fromsk.learn.
preprocessing import imputer Library itcalculate all the values by using mean such that it replaces the missed data indataset. In the given dataset we arehaving France, Germany, Spain, 3 variables which are present in X variable. Sothe machine learning will get confused regarding that 3 variables becausemachine learning can understand only mathematical equations and numbers, so tosolve this problem I have use dummy variables which is known as One Hot Encoderin the programming. After that I had split the data set in to raining test andtest set with ratio of 0.2i.
e.., 80% trained data and 20% test data by usinglibrary Fromsk.learn.cross_validation import train_test_split. In the givendataset if the values are in different ranges I have used feature scaling tosolve the problem in the machine learning.
Finally by using simple linearregression technique I have predicted the test values by comparing trainedvalues B. Machine Learning Methodology Machine learning is the use of algorithmswithin a program to learn from collected data. Within machine learning thereare various algorithms that exist to learn from data. We chose to implement aSimple Linear Regression technique to monitor the system.
A Simple LinearRegression (SLR) is a type of machine learning that is modeled to predictoutcome. To create an SLR, we chose to use Python. Spyder 3.
6 is a statisticalprogramming tool that allows for computations. Packages are readily availablein Python for machine learning, statistics, graphing, probability, etc. Wechose to use Pandas package. The Pandas package allows us to analyze data touse for predictions. IV.
Experiments & resultsIn my data set it contains 50 columnsabout an organization like salaries, experience, etc.out of these I have taken20% of data to test set and remaining 80% as trained set. Finally I predictedthe data as shown as followsFig. 1. Splitingdata set in to trained set and test set Predicted test set with trained set Fig.2Predicted test set with trained set References 1 JaniceCa˜nedo, Anthony Skjellum, “Using Machine Learning to Secure IoT Systems,”Auburn Cyber Research Center.
Samuel Ginn College of Engineering. Auckland, New Zealand, pp. 219-221, 2016. 2 Quamar Niyaz, Weiqing Sun, Ahmad YJavaid, and Mansoor Alam on A Deep Learning Approach for Network IntrusionDetection System, 3rd ed., vol.
2. Oxford: USA, 1892, pp.456-462, 2017.3 Ren Junn Hwang and Yan Zhi Huang, “SecureData Collection Scheme for Wireless Sensor Networks,” 31st InternationalConference on Advanced Information Networking and Applications Workshops. NewTaipei City, Taiwan New York: Academic,2017, pp.
553-558.4 Bhavin Patel, Neha Pandya, on “DataTransfer Security solution for Wireless Sensor Network,” International Journalof Computer Applications Technology and Research Volume 2– Issue 1, 63-66,2013, ISSN: 2319–8656.5 Ionut Indre, Camelia Lemnaru, “Detectionand Prevention System against Cyber Attacks and Botnet Malware for InformationSystems and Internet of Things,” 978-1-5090-3899-2/16/$31.00 ©2016 6 A.
Rodr´?guez-Mota?, P.J. Escamilla-Ambrosio†, J. Happa‡, J.R.
C. Nurse, “Towards IoTCybersecurity Modeling: From Malware Analysis Data to IoT System Representation,”978-1-5090-5137-3/16/$31.00 2016 IEEE.
7 Alessandro Sforzin† and Mauro Conti,”RPiDS: Raspberry Pi IDS A Fruitful Intrusion Detection System for IoT,”2016 Intl IEEE Conferences onUbiquitous Intelligence & Computing, Advanced and Trusted Computing,Scalable Computing and Communications, Cloud and Big Data Computing, Internetof People, and Smart World Congress 978-1-5090-2771-2/16 $31.00 © 2016 IEEE DOI10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.114 8 S. Sridhar, Dr.S.Smys, “IntelligentSecurity Framework for IoT Devices,” 978-1-5090-4715-4/17/$31.00 ©2017 IEEE