XRecon: An Explainbale IoT Reconnaissance Attack Detection System Based on Ensemble Learning

Mohammed M. Alani, Ernesto Damiani

    Research output: Contribution to journalArticlepeer-review

    9 Scopus citations

    Abstract

    IoT devices have grown in popularity in recent years. Statistics show that the number of online IoT devices exceeded 35 billion in 2022. This rapid growth in adoption made these devices an obvious target for malicious actors. Attacks such as botnets and malware injection usually start with a phase of reconnaissance to gather information about the target IoT device before exploitation. In this paper, we introduce a machine-learning-based detection system for reconnaissance attacks based on an explainable ensemble model. Our proposed system aims to detect scanning and reconnaissance activity of IoT devices and counter these attacks at an early stage of the attack campaign. The proposed system is designed to be efficient and lightweight to operate in severely resource-constrained environments. When tested, the implementation of the proposed system delivered an accuracy of 99%. Furthermore, the proposed system showed low false positive and false negative rates at 0.6% and 0.05%, respectively, while maintaining high efficiency and low resource consumption.

    Original languageBritish English
    Article number5298
    JournalSensors
    Volume23
    Issue number11
    DOIs
    StatePublished - Jun 2023

    Keywords

    • attack
    • detection
    • IoT
    • machine learning
    • reconnaissance
    • XAI

    Fingerprint

    Dive into the research topics of 'XRecon: An Explainbale IoT Reconnaissance Attack Detection System Based on Ensemble Learning'. Together they form a unique fingerprint.

    Cite this