The behavioral analysis of smart devices plays a key role in enforcing security for IoT environments. In particular, anomalous patterns can be targeted in the behavior of smart devices as potential IoT cybersecurity threats. In this article, an explainable machine-learning approach is proposed for dealing with behavioral anomalies. Essentially, a rule-based classifier is inferred from the observed behavior of smart devices, to detect and explain patterns of behavioral anomalies. Predictive association modeling is adopted in the formulation of the classifier, to achieve superior effectiveness in detecting behavioral patterns and ensuring clear explanations of both these latter and their classifications. Moreover, the specifically-conceived design of the classifier reduces the number of tunable parameters to one. An extensive empirical evaluation is comparatively carried out on real-world benchmark data. The experimental results reveal the effectiveness, robustness, and scalability of the proposed approach.
Rule-Based Detection of Anomalous Patterns in Device Behavior for Explainable IoT Security
Gianni Costa;Agostino Forestiero;Riccardo Ortale
2023
Abstract
The behavioral analysis of smart devices plays a key role in enforcing security for IoT environments. In particular, anomalous patterns can be targeted in the behavior of smart devices as potential IoT cybersecurity threats. In this article, an explainable machine-learning approach is proposed for dealing with behavioral anomalies. Essentially, a rule-based classifier is inferred from the observed behavior of smart devices, to detect and explain patterns of behavioral anomalies. Predictive association modeling is adopted in the formulation of the classifier, to achieve superior effectiveness in detecting behavioral patterns and ensuring clear explanations of both these latter and their classifications. Moreover, the specifically-conceived design of the classifier reduces the number of tunable parameters to one. An extensive empirical evaluation is comparatively carried out on real-world benchmark data. The experimental results reveal the effectiveness, robustness, and scalability of the proposed approach.File | Dimensione | Formato | |
---|---|---|---|
Rule-Based Detection of Anomalous Patterns in Device Behavior for Explainable IoT Security.pdf
solo utenti autorizzati
Tipologia:
Versione Editoriale (PDF)
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
826.41 kB
Formato
Adobe PDF
|
826.41 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.