Panop: Mimicry-resistant ANN-Based distributed NIDS for IoT networks

Hyunjun Kim, Sunwoo Ahn, Whoi Ree Ha, Hyunjae Kang, Dong Seong Kim, Huy Kang Kim, Yunheung Paek

Research output: Contribution to journalArticlepeer-review

Abstract

Recently, using artificial neural networks (ANNs) for network intrusion detection systems (NIDSs) has drawn much attention from security researchers. The capability of ANNs to learn patterns from numerous data helps detect attacks on networked systems. Moreover, to effectively monitor a newly emerging networked system consisting of distributed subsystems, such as edge, Internet of Things (IoT), and fog, recent studies have proposed an ANN-based distributed NIDS, where multiple ANNs are deployed to local gateways. To meet the incessant demand for high accuracy, ANN-based NIDSs have become complicated and heavy. With local gateways being small and low-end, such ANNs cannot be executed. Some researchers have proposed optimized algorithms to balance detection accuracy and runtime performance to solve this problem. For example, Kitsune empirically proved its efficiency, but a recent study reveals that Kitsune has limitations. In particular, Kitsune fails at identifying host-oriented attacks, which pretend to be benign during packet delivery but incur malicious behavior on destination devices. Panop is a novel ANN-based NIDS for a distributed network system that aims to detect malicious packets, including host-oriented attacks, while remaining sufficiently lightweight to be executed by low-end devices. Thus, the Panop ANN is designed to comprehensively learn network and device behaviors related to packet transactions in an IoT network. According to the experiments, Panop can detect host-oriented and other attacks with reasonably high accuracy with little degradation in runtime performance compared to the state-of-the-art NIDS for distributed network environments.

Original languageEnglish
Article number9508433
Pages (from-to)111853-111864
Number of pages12
JournalIEEE Access
Volume9
DOIs
Publication statusPublished - 2021

Keywords

  • Anomaly detection
  • artificial neural networks
  • deep learning
  • Internet of Things
  • intrusion detection
  • machine learning

ASJC Scopus subject areas

  • Computer Science(all)
  • Materials Science(all)
  • Engineering(all)

Fingerprint

Dive into the research topics of 'Panop: Mimicry-resistant ANN-Based distributed NIDS for IoT networks'. Together they form a unique fingerprint.

Cite this