Dataset Generation Framework for Evaluation of IoT Linux Host–Based Intrusion Detection Systems
- Resource Type
- Conference
- Authors
- Adamczyk, Blazej; Brzeczek, Maksym; Michalak, Marcin; Kostorz, Iwona; Wawrowski, Lukasz; Hermansa, Marek; Czerwinski, Michal; Jamiolkowski, Antoni
- Source
- 2022 IEEE International Conference on Big Data (Big Data) Big Data (Big Data), 2022 IEEE International Conference on. :6179-6187 Dec, 2022
- Subject
- Communication, Networking and Broadcast Technologies
Computing and Processing
Engineering Profession
Geoscience
Robotics and Control Systems
Signal Processing and Analysis
Industries
Operating systems
Linux
Emulation
Intrusion detection
Telecommunication traffic
Big Data
big data
data granulation and aggregation
anomaly detection
Internet of Things
behavioral analysis
- Language
As the IoT industry strongly extends there is a need for better security and threat detection tools. Many approaches are possible but the tendency is to detect attacks externally by using network traffic analysis. Network based intrusion detection could lead to satisfactory results however it is uncertain if host based methods would not give better results as IoT devices usually have repeatable and predictable behavior. Unfortunately host based detection methods can neither be directly compared against each other nor be compared to network based systems as there are no publicly available data sets with IoT device operating system traces. In this paper we propose and describe a framework which allows for emulation of IoT devices, simulation of random attacks and gathering of the operating system traces for Linux based IoT devices. We also publish the first gathered data set and we plan to release new extended data sets in near future.