IoT Equipment Monitoring System Based on C5.0 Decision Tree and Time-Series Analysis

Abnormal traffic and vulnerability attack monitoring play an important role in today's Internet of Things (IoT) applications. The existing solutions are usually based on machine learning for traffic, and its disadvantage is that a large number of manual operations are needed in the classificati...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 10; pp. 36637 - 36648
Main Authors Zhu, Biaokai, Hou, Xinyi, Liu, Sanman, Ma, Wanli, Dong, Meiya, Wen, Haibin, Wei, Qing, Du, Sixuan, Zhang, Yufeng
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Abnormal traffic and vulnerability attack monitoring play an important role in today's Internet of Things (IoT) applications. The existing solutions are usually based on machine learning for traffic, and its disadvantage is that a large number of manual operations are needed in the classification process, and the adaptability is poor. Moreover, for unknown attacks, the system cannot make a relative response in time. In this work, we design a monitoring system of IoT based on C5.0 decision tree and time-series analysis. The system transforms time-series into GAF graph, and uses CNN-LSTM combination model to monitor the traffic. The time-series model based on deep learning can also improve the inefficiency and manual intervention caused by data analysis. At the same time, the system introduces LSTM technology, which can solve a series of problems that may be caused during long sequence training. We select KDD Cup 99 data set for simulation experiments and comparison with traditional traffic monitoring methods. The results show that the average error rate of abnormal traffic attack types is 3.22%. The evaluations show that the system can effectively monitor unknown attacks with 96% accuracy. We further use whitelist matching technology to identify IoT device models. After comparison of experiments, it is proved that this method has its superiority in the monitoring of IoT devices.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2021.3054044