Endre søk
Link to record
Permanent link

Direct link
Publikasjoner (6 av 6) Visa alla publikasjoner
Wang, H., Eklund, D., Oprea, A. & Raza, S. (2023). FL4IoT: IoT Device Fingerprinting and Identification Using Federated Learning. ACM Trans. Internet Things, 4(3)
Åpne denne publikasjonen i ny fane eller vindu >>FL4IoT: IoT Device Fingerprinting and Identification Using Federated Learning
2023 (engelsk)Inngår i: ACM Trans. Internet Things, ISSN 2691-1914, Vol. 4, nr 3Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Unidentified devices in a network can result in devastating consequences. It is, therefore, necessary to fingerprint and identify IoT devices connected to private or critical networks. With the proliferation of massive but heterogeneous IoT devices, it is getting challenging to detect vulnerable devices connected to networks. Current machine learning-based techniques for fingerprinting and identifying devices necessitate a significant amount of data gathered from IoT networks that must be transmitted to a central cloud. Nevertheless, private IoT data cannot be shared with the central cloud in numerous sensitive scenarios. Federated learning (FL) has been regarded as a promising paradigm for decentralized learning and has been applied in many different use cases. It enables machine learning models to be trained in a privacy-preserving way. In this article, we propose a privacy-preserved IoT device fingerprinting and identification mechanisms using FL; we call it FL4IoT. FL4IoT is a two-phased system combining unsupervised-learning-based device fingerprinting and supervised-learning-based device identification. FL4IoT shows its practicality in different performance metrics in a federated and centralized setup. For instance, in the best cases, empirical results show that FL4IoT achieves ∌99% accuracy and F1-Score in identifying IoT devices using a federated setup without exposing any private data to a centralized cloud entity. In addition, FL4IoT can detect spoofed devices with over 99% accuracy.

sted, utgiver, år, opplag, sider
Association for Computing Machinery, 2023
Emneord
identification, Internet of things, fingerprinting, machine learning, federated learning
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-65760 (URN)10.1145/3603257 (DOI)
Tilgjengelig fra: 2023-08-14 Laget: 2023-08-14 Sist oppdatert: 2023-11-06bibliografisk kontrollert
Zenden, I., Wang, H., Iacovazzi, A., Vahidi, A., Blom, R. & Raza, S. (2023). On the Resilience of Machine Learning-Based IDS for Automotive Networks. In: proc of IEEE Vehicular Networking Conference, VNC: . Paper presented at 14th IEEE Vehicular Networking Conference, VNC 2023.Instanbul. 26 April 2023 through 28 April 2023. (pp. 239-246). IEEE Computer Society
Åpne denne publikasjonen i ny fane eller vindu >>On the Resilience of Machine Learning-Based IDS for Automotive Networks
Vise andre…
2023 (engelsk)Inngår i: proc of IEEE Vehicular Networking Conference, VNC, IEEE Computer Society , 2023, s. 239-246Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Modern automotive functions are controlled by a large number of small computers called electronic control units (ECUs). These functions span from safety-critical autonomous driving to comfort and infotainment. ECUs communicate with one another over multiple internal networks using different technologies. Some, such as Controller Area Network (CAN), are very simple and provide minimal or no security services. Machine learning techniques can be used to detect anomalous activities in such networks. However, it is necessary that these machine learning techniques are not prone to adversarial attacks. In this paper, we investigate adversarial sample vulnerabilities in four different machine learning-based intrusion detection systems for automotive networks. We show that adversarial samples negatively impact three of the four studied solutions. Furthermore, we analyze transferability of adversarial samples between different systems. We also investigate detection performance and the attack success rate after using adversarial samples in the training. After analyzing these results, we discuss whether current solutions are mature enough for a use in modern vehicles.

sted, utgiver, år, opplag, sider
IEEE Computer Society, 2023
Emneord
Adversarial AI/ML, Controller Area Network, Intrusion Detection System, Machine Learning, Vehicle Security, Computer crime, Control system synthesis, Controllers, Intrusion detection, Learning algorithms, Network security, Process control, Safety engineering, Automotive networks, Automotives, Autonomous driving, Controller-area network, Electronics control unit, Intrusion Detection Systems, Machine learning techniques, Machine-learning
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-65727 (URN)10.1109/VNC57357.2023.10136285 (DOI)2-s2.0-85163164299 (Scopus ID)9798350335491 (ISBN)
Konferanse
14th IEEE Vehicular Networking Conference, VNC 2023.Instanbul. 26 April 2023 through 28 April 2023.
Merknad

This research is partially funded by the CyReV project(Sweden’s Innovation Agency, D-nr 2019-03071), partiallyby the H2020 ARCADIAN-IoT (Grant ID. 101020259), andH2020 VEDLIoT (Grant ID. 957197).

Tilgjengelig fra: 2023-08-11 Laget: 2023-08-11 Sist oppdatert: 2024-03-03bibliografisk kontrollert
Wang, H., Muñoz-González, L., Hameed, M. Z., Eklund, D. & Raza, S. (2023). SparSFA: Towards robust and communication-efficient peer-to-peer federated learning. Computers & security (Print), 129, Article ID 103182.
Åpne denne publikasjonen i ny fane eller vindu >>SparSFA: Towards robust and communication-efficient peer-to-peer federated learning
Vise andre…
2023 (engelsk)Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 129, artikkel-id 103182Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Federated Learning (FL) has emerged as a powerful paradigm to train collaborative machine learning (ML) models, preserving the privacy of the participants’ datasets. However, standard FL approaches present some limitations that can hinder their applicability in some applications. Thus, the need of a server or aggregator to orchestrate the learning process may not be possible in scenarios with limited connectivity, as in some IoT applications, and offer less flexibility to personalize the ML models for the different participants. To sidestep these limitations, peer-to-peer FL (P2PFL) provides more flexibility, allowing participants to train their own models in collaboration with their neighbors. However, given the huge number of parameters of typical Deep Neural Network architectures, the communication burden can also be very high. On the other side, it has been shown that standard aggregation schemes for FL are very brittle against data and model poisoning attacks. In this paper, we propose SparSFA, an algorithm for P2PFL capable of reducing the communication costs. We show that our method outperforms competing sparsification methods in P2P scenarios, speeding the convergence and enhancing the stability during training. SparSFA also includes a mechanism to mitigate poisoning attacks for each participant in any random network topology. Our empirical evaluation on real datasets for intrusion detection in IoT, considering both balanced and imbalanced-dataset scenarios, shows that SparSFA is robust to different indiscriminate poisoning attacks launched by one or multiple adversaries, outperforming other robust aggregation methods whilst reducing the communication costs through sparsification. 

sted, utgiver, år, opplag, sider
Elsevier Ltd, 2023
Emneord
Adversarial machine learning, Communication efficiency, IDS, IoT, Peer-to-peer federated learning, Poisoning attack, Cost reduction, Deep neural networks, Internet of things, Learning systems, Network architecture, Network security, Network topology, Communication cost, Machine learning models, Machine-learning, Peer to peer, Poisoning attacks, Intrusion detection
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-64312 (URN)10.1016/j.cose.2023.103182 (DOI)2-s2.0-85151480655 (Scopus ID)
Merknad

Correspondence Address: Wang, H.; RISE Research Institutes of SwedenSweden; email: han.wang@ri.se; Funding details: 830927; Funding details: 101020259; Funding text 1: This research is funded by the EU H2020 projects ARCADIAN-IoT (Grant ID. 101020259) and CONCORDIA (Grant ID: 830927).; Funding text 2: This research is funded by the EU H2020 projects ARCADIAN-IoT (Grant ID. 101020259) and CONCORDIA (Grant ID: 830927).

Tilgjengelig fra: 2023-04-25 Laget: 2023-04-25 Sist oppdatert: 2023-11-06bibliografisk kontrollert
Iacovazzi, A., Wang, H., Butun, I. & Raza, S. (2023). Towards Cyber Threat Intelligence for the IoT. In: Proceedings - 19th International Conference on Distributed Computing in Smart Systems and the Internet of Things, DCOSS-IoT 2023: . Paper presented at 19th Annual International Conference on Distributed Computing in Smart Systems and the Internet of Things, DCOSS-IoT 2023. Pafos. 19 June 2023 through 21 June 2023 (pp. 483-490). Institute of Electrical and Electronics Engineers Inc.
Åpne denne publikasjonen i ny fane eller vindu >>Towards Cyber Threat Intelligence for the IoT
2023 (engelsk)Inngår i: Proceedings - 19th International Conference on Distributed Computing in Smart Systems and the Internet of Things, DCOSS-IoT 2023, Institute of Electrical and Electronics Engineers Inc. , 2023, s. 483-490Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

With the proliferation of digitization and its usage in critical sectors, it is necessary to include information about the occurrence and assessment of cyber threats in an organization’s threat mitigation strategy. This Cyber Threat Intelligence (CTI) is becoming increasingly important, or rather necessary, for critical national and industrial infrastructures. Current CTI solutions are rather federated and unsuitable for sharing threat information from low-power IoT devices. This paper presents a taxonomy and analysis of the CTI frameworks and CTI exchange platforms available today. It proposes a new CTI architecture relying on the MISP Threat Intelligence Sharing Platform customized and focusing on IoT environment. The paper also introduces a tailored version of STIX (which we call tinySTIX), one of the most prominent standards adopted for CTI data modeling, optimized for low-power IoT devices using the new lightweight encoding and cryptography solutions. The proposed CTI architecture will be very beneficial for securing IoT networks, especially the ones working in harsh and adversarial environments. 

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers Inc., 2023
Emneord
Internet of things; Cybe threat intelligence; Cyber threats; Digitisation; Indicator of compromize; Low Power; MISP; Mitigation strategy; National infrastructure; STIX; Threats mitigations; Network architecture
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-67676 (URN)10.1109/DCOSS-IoT58021.2023.00081 (DOI)2-s2.0-85174417452 (Scopus ID)
Konferanse
19th Annual International Conference on Distributed Computing in Smart Systems and the Internet of Things, DCOSS-IoT 2023. Pafos. 19 June 2023 through 21 June 2023
Merknad

This work has been supported by the H2020 projectARCADIAN-IoT (https://www.arcadian-iot.eu/) [G.A. No.101020259] 

Tilgjengelig fra: 2023-11-14 Laget: 2023-11-14 Sist oppdatert: 2023-11-14bibliografisk kontrollert
Wang, H., Muñoz-González, L., Eklund, D. & Raza, S. (2021). Non-IID Data Re-Balancing at IoT Edge with Peer-to-Peer Federated Learning for Anomaly Detection. In: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks: . Paper presented at WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks.28 June 2021- 2 July 2021 (pp. 153-163). Association for Computing Machinery
Åpne denne publikasjonen i ny fane eller vindu >>Non-IID Data Re-Balancing at IoT Edge with Peer-to-Peer Federated Learning for Anomaly Detection
2021 (engelsk)Inngår i: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery , 2021, s. 153-163Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

The increase of the computational power in edge devices has enabled the penetration of distributed machine learning technologies such as federated learning, which allows to build collaborative models performing the training locally in the edge devices, improving the efficiency and the privacy for training of machine learning models, as the data remains in the edge devices. However, in some IoT networks the connectivity between devices and system components can be limited, which prevents the use of federated learning, as it requires a central node to orchestrate the training of the model. To sidestep this, peer-to-peer learning appears as a promising solution, as it does not require such an orchestrator. On the other side, the security challenges in IoT deployments have fostered the use of machine learning for attack and anomaly detection. In these problems, under supervised learning approaches, the training datasets are typically imbalanced, i.e. the number of anomalies is very small compared to the number of benign data points, which requires the use of re-balancing techniques to improve the algorithms’ performance. In this paper, we propose a novel peer-to-peer algorithm,P2PK-SMOTE, to train supervised anomaly detection machine learning models in non-IID scenarios, including mechanisms to locally re-balance the training datasets via synthetic generation of data points from the minority class. To improve the performance in non-IID scenarios, we also include a mechanism for sharing a small fraction of synthetic data from the minority class across devices, aiming to reduce the risk of data de-identification. Our experimental evaluation in real datasets for IoT anomaly detection across a different set of scenarios validates the benefits of our proposed approach.

sted, utgiver, år, opplag, sider
Association for Computing Machinery, 2021
Emneord
federated learning, anomaly detection, non-IID data, imbalanced data
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-55437 (URN)10.1145/3448300.3467827 (DOI)978-1-4503-8349-3 (ISBN)
Konferanse
WiSec '21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks.28 June 2021- 2 July 2021
Tilgjengelig fra: 2021-07-08 Laget: 2021-07-08 Sist oppdatert: 2023-11-06bibliografisk kontrollert
Wang, H., Barriga, L. E., Vahidi, A. & Raza, S. (2019). Machine Learning for Security at the IoT Edge-A Feasibility Study. In: Proceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems Workshops, MASSW 2019: . Paper presented at 16th IEEE International Conference on Mobile Ad Hoc and Smart Systems Workshops, MASSW 2019, 4 November 2019 through 7 November 2019 (pp. 7-12). Institute of Electrical and Electronics Engineers Inc.
Åpne denne publikasjonen i ny fane eller vindu >>Machine Learning for Security at the IoT Edge-A Feasibility Study
2019 (engelsk)Inngår i: Proceedings - 2019 IEEE 16th International Conference on Mobile Ad Hoc and Smart Systems Workshops, MASSW 2019, Institute of Electrical and Electronics Engineers Inc. , 2019, s. 7-12Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Benefits of edge computing include reduced latency and bandwidth savings, privacy-by-default and by-design in compliance with new privacy regulations that encourage sharing only the minimal amount of data. This creates a need for processing data locally rather than sending everything to a cloud environment and performing machine learning there. However, most IoT edge devices are resource-constrained in comparison and it is not evident whether current machine learning methods are directly employable on IoT edge devices. In this paper, we analyze the state-of-the-art machine learning (ML) algorithms for solving security problems (e.g. intrusion detection) at the edge. Starting from the characteristics and limitations of edge devices in IoT networks, we assess a selected set of commonly used ML algorithms based on four metrics: computation complexity, memory footprint, storage requirement and accuracy. We also compare the suitability of ML algorithms to different cybersecurity problems and discuss the possibility of utilizing these methods for use cases.

sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers Inc., 2019
Emneord
Artificial Intelligence, Edge, IoT, Machine Learning, Security, Data Sharing, Digital storage, Internet of things, Intrusion detection, Privacy by design, Cloud environments, Computation complexity, Feasibility studies, Machine learning methods, Privacy regulation, Reduced latencies, Security problems, Storage requirements
HSV kategori
Identifikatorer
urn:nbn:se:ri:diva-45017 (URN)10.1109/MASSW.2019.00009 (DOI)2-s2.0-85084111495 (Scopus ID)9781728141213 (ISBN)
Konferanse
16th IEEE International Conference on Mobile Ad Hoc and Smart Systems Workshops, MASSW 2019, 4 November 2019 through 7 November 2019
Merknad

Conference code: 159126; Export Date: 25 May 2020; Conference Paper; Funding details: VINNOVA; Funding details: 830927; Funding text 1: This work has received partial funding from VINNOVA Sweden for the H2020 CONCORDIA (grant agreement No 830927), and partial from RISE Cybersecurity KP.

Tilgjengelig fra: 2020-05-25 Laget: 2020-05-25 Sist oppdatert: 2023-11-06bibliografisk kontrollert
Organisasjoner
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0002-2772-4661
v. 2.43.0