Machine learning for Internet of things anomaly detection under low-quality data

• Published in: International journal of distributed sensor networks Vol. 18; no. 10; p. 155013292211337
• Main Authors: Han, Shangbin, Wu, Qianhong, Yang, Yang
• Format: Journal Article
• Language: English
• Published: London, England SAGE Publications 01.10.2022; Wiley
• Subjects: anomaly detection; machine learning; Internet of things security; supervised learning; low-quality data
• ISSN: 1550-1329; 1550-1477
• DOI: 10.1177/15501329221133765

With the popularization of Internet of things, its network security has aroused widespread concern. Anomaly detection is one of the important technologies to protect network security. To meet the needs of automatic and intelligent detection, supervised machine learning is widely used in anomaly detection. However, the existing schemes ignore the problem of data quality, which leads to the unsatisfactory detection effect in practice. Therefore, practitioners may not know which algorithm to choose due to the lack of review and evaluation of anomaly detection methods under low-quality data. To address this problem, we give a detailed review and evaluation of six supervised anomaly detection methods, as well as release the core code of feature extractor for pcap format traffic traces and anomaly detection methods for reuse. We evaluate the methods on two public datasets (one is a simulated network dataset and the other is a real Internet of things dataset). We believe that our work and insights will help practitioners quickly understand and develop anomaly detection schemes for Internet of things and can provide reference for future research.