Date Approved

6-13-2024

Embargo Period

6-13-2024

Document Type

Thesis

Degree Name

Master of Science (M.S.)

Department

Computer Science

College

College of Science & Mathematics

Advisor

Shen-Shyang Ho, Ph.D.

Committee Member 1

Anthony Breitzman, Ph.D.

Committee Member 2

Hieu Nguyen, Ph.D.

Keywords

Autoencoder; BotNets; Cyber Security; Ensemble Learning; Intrusion Detection; Machine Learning

Subject(s)

Internet of things; Malware (Computer software)

Disciplines

Computer Sciences | Electrical and Computer Engineering | Information Security

Abstract

New technologies are being introduced at a rate faster than ever before and smaller in size. Due to the size of these devices, security is often difficult to implement. The existing solution is a firewall-segmented “IoT Network” that only limits the effect of these infected devices on other parts of the network. We propose a lightweight unsupervised hybrid-cloud ensemble anomaly detection system for malware detection. We perform transfer learning using a generalized model trained on multiple IoT device sources to learn network traffic on new devices with minimal computational resources. We further extend our proposed system to utilize federated learning such that IoT devices feed their output to a cloud server enabling more detection capabilities while keeping the network traffic secure on the device itself maintaining data privacy. We validate this system by creating a simulation testbed to conduct attacks on the IoT devices to evaluate how well the detection system works. We also compare transfer learning using multiple sources to a single source to show how the detection model of a target device is impacted by transfer learning. Empirical results on two datasets, one from the 2016 Mirai botnet attacks on IoT devices and the other from Gafgyt malware attacks on various IoT devices, show the competitiveness and feasibility of our proposed solution.

Share

COinS