An IoT abnormal traffic detection method based on communication pattern matching within a graph structure
The wide application of the Internet of Things has brought new security risks.In order to gain a real-time insight into the abnormal state of the network without interfering with the normal operation of the system,the anomaly detection scheme based on traffic came into being.However,the current detection scheme generally has problems such as lack of universality and strong dependence on attack samples.Based on this,according to the physical limitations and domain specifications of the operation of the Internet of Things system,this study innovatively proposed a method of abnormal traffic detection of the Internet of Things based on communication pattern matching under the graph structure.On the basis of the construction of the communication graph,subgraph mining,isomorphic subgraph discovery and other algorithms are used to analyze and characterize the communication mode of fixed,periodic and automatic operation in the Internet of Things system to build the detection benchmark.And the com-munity detection algorithm is used to find the abnormal data in real-time traffic efficiently and accurately.The scheme was evalua-ted on BoT-IoT data set and IoT-23 data set from three aspects:effect comparison on different data sets,effect comparison of dif-ferent detection schemes,and real-time detection efficiency under different time windows.The detection accuracy rate of 99%and real-time detection time of seconds fully proved the efficiency and availability of the scheme.
communication patternsInternet of Thingssubgraph miningcommunity detectionisomorphic subgraph
万方数据
维普
