Next Article in Journal
Distributed Interoperable Records: The Key to Better Supply Chain Management
Previous Article in Journal
A Low Distortion Audio Self-Recovery Algorithm Robust to Discordant Size Content Replacement Attack
Previous Article in Special Issue
CBAM: A Contextual Model for Network Anomaly Detection
Article

Using Autoencoders for Anomaly Detection and Transfer Learning in IoT

1
Cybersecurity Technology Institute, Institute for Information Industry, Taipei 105, Taiwan
2
Department of Computer Science and Information Engineering, National Taipei University of Technology, Taipei 106, Taiwan
*
Author to whom correspondence should be addressed.
Academic Editor: Paolo Bellavista
Received: 16 June 2021 / Revised: 11 July 2021 / Accepted: 14 July 2021 / Published: 15 July 2021
With the development of Internet of Things (IoT) technologies, more and more smart devices are connected to the Internet. Since these devices were designed for better connections with each other, very limited security mechanisms have been considered. It would be costly to develop separate security mechanisms for the diverse behaviors in different devices. Given new and changing devices and attacks, it would be helpful if the characteristics of diverse device types could be dynamically learned for better protection. In this paper, we propose a machine learning approach to device type identification through network traffic analysis for anomaly detection in IoT. Firstly, the characteristics of different device types are learned from their generated network packets using supervised learning methods. Secondly, by learning important features from selected device types, we further compare the effects of unsupervised learning methods including One-class SVM, Isolation forest, and autoencoders for dimensionality reduction. Finally, we evaluate the performance of anomaly detection by transfer learning with autoencoders. In our experiments on real data in the target factory, the best performance of device type identification can be achieved by XGBoost with an accuracy of 97.6%. When adopting autoencoders for learning features from the network packets in Modbus TCP protocol, the best F1 score of 98.36% can be achieved. Comparable performance of anomaly detection can be achieved when using autoencoders for transfer learning from the reference dataset in the literature to our target site. This shows the potential of the proposed approach for automatic anomaly detection in smart factories. Further investigation is needed to verify the proposed approach using different types of devices in different IoT environments. View Full-Text
Keywords: autoencoders; transfer learning; anomaly detection; IoT security autoencoders; transfer learning; anomaly detection; IoT security
Show Figures

Figure 1

MDPI and ACS Style

Tien, C.-W.; Huang, T.-Y.; Chen, P.-C.; Wang, J.-H. Using Autoencoders for Anomaly Detection and Transfer Learning in IoT. Computers 2021, 10, 88. https://0-doi-org.brum.beds.ac.uk/10.3390/computers10070088

AMA Style

Tien C-W, Huang T-Y, Chen P-C, Wang J-H. Using Autoencoders for Anomaly Detection and Transfer Learning in IoT. Computers. 2021; 10(7):88. https://0-doi-org.brum.beds.ac.uk/10.3390/computers10070088

Chicago/Turabian Style

Tien, Chin-Wei, Tse-Yung Huang, Ping-Chun Chen, and Jenq-Haur Wang. 2021. "Using Autoencoders for Anomaly Detection and Transfer Learning in IoT" Computers 10, no. 7: 88. https://0-doi-org.brum.beds.ac.uk/10.3390/computers10070088

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop