6. Utilising Honeypots and Machine Learning to Mitigate Unknown Threats in IoT

By G. Bendiab, University of Portsmouth | J. Rose, University of Portsmouth | M. Swann, University of Portsmouth | S. Shiaeles, University of Portsmouth

Downloaded: 2856 times

Published: 15 Mar 2022

© 2022 G. Bendiab | J. Rose | M. Swann | S. Shiaeles

Abstract

IoT security has now emerged as one of the most important issue in network security. Conventional security techniques, such as firewalls and signature-based intrusion detection systems, have proven ineffective in protecting IoT networks from increasingly sophisticated attack and malware. Due to these constraints, researchers have been compelled to build novel intrusion detection solutions utilising various technologies such as IoT Honeypots and Machine Learning (ML). This chapter describes a novel approach to detect malicious network traffic that employs a honeypot and machine learning. The IoT honeypot system is used to gather intelligence about attacks that target IoT devices. The data gathered are used to understand the attackers’ weapons, strategies and new techniques utilised. It is also used to train the machine learning model used on IDS on a continuous basis to improve its detection accuracy. This method is most successful against unknown and zero-day attacks on IoT computers.