Abstract
The significant advance in smart devices connected to Internet has promoted the “Internet of Things” technology. However, the success of this term comes with the need of implementing Intrusion Detection Systems to face possible attacks. The present research deals with the intrusion detection in a network with Message Queuing Telemetry Transport protocol. To achieve this goal, different one-class classifiers have been implemented from a real dataset, achieving good performance in the detection of intrusion attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Change history
31 July 2021
In the original version of the book, the following belated correction has been incorporated: The misspelled author name “Francico Zayas-Gato” has been corrected to “Francisco Zayas-Gato” in the Frontmatter, the Backmatter, and Chapter 22.
References
Light, R.A.: Mosquitto: server and client implementation of the MQTT protocol. J. Open Source Softw. 2(13), 265 (2017). https://doi.org/10.21105/joss.00265
aedes: GitHub - moscajs/aedes: Barebone MQTT broker that can run on any stream server, the node way. https://github.com/moscajs/aedes
Al-sarawi, S., Anbar, M., Alieyan, K., Alzubaidi, M.: Internet of Things (IoT) communication protocols: Review. In: 2017 8th International Conference on Information Technology (ICIT), pp. 685–690 (2017)
Alaiz-Moreton, H., Aveleira-Mata, J., Ondicol-Garcia, J., Muñoz-Castañeda, A.L., García, I., Benavides, C.: Multiclass classification procedure for detecting attacks on MQTT-IoT protocol. Complexity 2019, 1–11 (2019). https://doi.org/10.1155/2019/6516253
Alobaidy, H.A.H., Mandeep, J.S., Nordin, R., Abdullah, N.F.: A review on ZigBee based WSNs: concepts, infrastructure, applications, and challenges. Int. J. Electr. Electron. Eng. Telecommun. 9(3), 189–198 (2020). https://doi.org/10.18178/ijeetc.9.3.189-198
Andy, S., Rahardjo, B., Hanindhito, B.: Attack scenarios and security analysis of MQTT communication protocol in IoT system. In: 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), pp. 1–6 (2017). https://doi.org/10.1109/EECSI.2017.8239179
Ben-Asher, N., Gonzalez, C.: Effects of cyber security knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015). https://doi.org/10.1016/j.chb.2015.01.039
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Towards generating real-life datasets for network intrusion detection. Int. J. Netw. Secur. 17(6), 683–701 (2015)
Bradley, A.P.: The use of the area under the ROC curve in the evaluation of machine learning algorithms. Pattern Recogn. 30(7), 1145–1159 (1997). https://doi.org/10.1016/S0031-3203(96)00142-2
Casale, P., Pujol, O., Radeva, P.: Approximate convex hulls family for one-class classification. In: Sansone, C., Kittler, J., Roli, F. (eds.) MCS 2011. LNCS, vol. 6713, pp. 106–115. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21557-5_13
Chakrabarty, B., Chanda, O., Saiful, M.: Anomaly based intrusion detection system using genetic algorithm and K-centroid clustering. Int. J. Comput. Appl. 163(11), 13–17 (2017). https://doi.org/10.5120/ijca2017913762
Dinculeană, D., Cheng, X.: Vulnerabilities and limitations of MQTT protocol used between IoT devices. Appl. Sci. 9(5), 848 (2019). https://doi.org/10.3390/app9050848, http://www.mdpi.com/2076-3417/9/5/848
Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27(8), 861–874 (2006)
Ordóñez Galán, C., Sánchez Lasheras, F., de Cos Juez, F.J., Bernardo Sánchez, A.: Missing data imputation of questionnaires by means of genetic algorithms with different fitness functions. J. Comput. Appl. Math. 311(C), 704–717 (2017). https://doi.org/10.1016/j.cam.2016.08.012
Green, J.: The internet of things reference model. In: Internet of Things World Forum, pp. 1–12 (2014)
Gupta, A.B., R.: MQTT version 3.1.1. OASIS Standard (2014). http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html
Hamed, T., Ernst, J.B., Kremer, S.C.: A survey and taxonomy of classifiers of intrusion detection systems. In: Daimi, K. (ed.) Computer and Network Security Essentials, pp. 21–39. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-58424-9_2
Hasan, M., Nasser, M., Pal, B., Ahmad, S.: Support vector machine and random forest modeling for intrusion detection system (IDS). J. Intell. Learn. Syst. Appl. 2014(February), 45–52 (2014). https://doi.org/10.4236/jilsa.2014.61005
Jove, E., Aláiz-Moretón, H., Casteleiro-Roca, J.L., Corchado, E., Calvo-Rolle, J.L.: Modeling of bicomponent mixing system used in the manufacture of wind generator blades. In: Corchado, E., Lozano, J.A., Quintián, H., Yin, H. (eds.) IDEAL 2014. LNCS, vol. 8669, pp. 275–285. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10840-7_34
Jove, E., et al.: Attempts prediction by missing data imputation in engineering degree. In: Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E. (eds.) SOCO/CISIS/ICEUTE -2017. AISC, vol. 649, pp. 167–176. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-67180-2_16
Jove, E., et al.: Missing data imputation over academic records of electrical engineering students. Logic J. IGPL 28(4), 487–501 (2020)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: Anomaly detection based on intelligent techniques over a bicomponent production plant used on wind generator blades manufacturing. Revista Iberoamericana de Automática e Informática industrial (2019)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: A fault detection system based on unsupervised techniques for industrial control loops. Expert Syst. 36(4), e12395 (2019)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: Virtual sensor for fault detection, isolation and data recovery for bicomponent mixing machine monitoring. Informatica 30(4), 671–687 (2019)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: A new method for anomaly detection based on non-convex boundaries with random two-dimensional projections. Inf. Fusion 65, 50–57 (2021)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Simić, D., Méndez-Pérez, J.A., Luis Calvo-Rolle, J.: Anomaly detection based on one-class intelligent techniques over a control level plant. Logic J. IGPL 28(4), 502–518 (2020)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Zayas-Gato, F., Vercelli, G., Calvo-Rolle, J.L.: A one-class classifier based on a hybrid topology to detect faults in power cells. Logic J. IGPL (2021, online)
Jove, E., López, J.A.V., Fernández-Ibáñez, I., Casteleiro-Roca, J.L., Calvo-Rolle, J.L.: Hybrid intelligent system to predict the individual academic performance of engineering students. Int. J. Eng. Educ. 34(3), 895–904 (2018)
Kim, J., Kim, J., Thu, H.L.T., Kim, H.: Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1–5 (2016). https://doi.org/10.1109/PlatCon.2016.7456805, http://ieeexplore.ieee.org/document/7456805/
Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutorials 18(1), 184–208 (2016). https://doi.org/10.1109/COMST.2015.2402161
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017). https://doi.org/10.1109/MC.2017.201
Li, K.L., Huang, H.K., Tian, S.F., Xu, W.: Improving one-class SVM for anomaly detection. In: 2003 International Conference on Machine Learning and Cybernetics, vol. 5, pp. 3077–3081. IEEE (2003)
Li, Y., Ma, R., Jiao, R.: A hybrid malicious code detection method based on deep learning. Int. J. Secur. Appl. 9(5), 205–216 (2015). https://doi.org/10.14257/ijsia.2015.9.5.21
Wollschlaeger, M., Sauter, T., Jasperneite, J.: The future of industrial communication. IEEE Ind. Electron. Mag. 11(4), 17–27 (2017). https://doi.org/10.1109/MIE.2017.2649104
Nieto, P.G., Fernández, J.A., Lasheras, F.S., de Cos Juez, F., Muñiz, C.D.: A new improved study of cyanotoxins presence from experimental cyanobacteria concentrations in the Trasona reservoir (Northern Spain) using the MARS technique. Sci. Total Environ. 430, 88–92 (2012)
Nieto, P.G., Torres, J.M., de Cos Juez, F.J., Lasheras, F.S.: Using multivariate adaptive regression splines and multilayer perceptron networks to evaluate paper manufactured using eucalyptus globulus. Appl. Math. Comput. 219(2), 755–763 (2012)
NodeMCU: NodeMCU - an open-source firmware based on ESP8266 WIFI-SOC (2014). http://www.nodemcu.com/index_en.html
openwrt: openwrt.org, https://openwrt.org/
Perdisci, R., Ariu, D., Fogla, P., Giacinto, G., Lee, W.: McPAD: a multiple classifier system for accurate payload-based anomaly detection. Comput. Netw. 53(6), 864–881 (2009). https://doi.org/10.1016/j.comnet.2008.11.011
Prabha, K., Sudha, S.: A survey on IPS methods and techniques. Int. J. Comput. Sci. Issues 13(2), 38–43 (2016). https://doi.org/10.20943/01201602.3843
Quintián, H., Corchado, E.: Beta scale invariant map. Eng. Appl. Artif. Intell. 59, 218–235 (2017)
Ramamoorthy, K., Karthikeyan, S., Chelladurai, T.: An investigation on industrial internet of things for mission critical things in industry 4. 0 2. literature review. Seybold Rep. 15(9), 3294–3300 (2020)
Razzaq, M.A., Gill, S.H., Qureshi, M.A., Ullah, S.: Security issues in the internet of things (IoT): a comprehensive study. Int. J. Adv. Comput. Sci. Appl. 8(6), 383 (2017). https://doi.org/10.14569/IJACSA.2017.080650
Rebentrost, P., Mohseni, M., Lloyd, S.: Quantum support vector machine for big data classification. Phys. Rev. Lett. 113, 130503 (2014). https://doi.org/10.1103/PhysRevLett.113.130503
Samrin, R., Vasumathi, D.: Review on anomaly based network intrusion detection system. In: International Conference on Electrical, Electronics, Communication Computer Technologies and Optimization Techniques, ICEECCOT 2017, pp. 141–147 (2018). https://doi.org/10.1109/ICEECCOT.2017.8284655
Sethi, P., Sarangi, S.R.: Internet of things: architectures, protocols, and applications. J. Electr. Comput. Eng. 2017 (2017)
Shalabi, L.A., Shaaban, Z.: Normalization as a preprocessing engine for data mining and the approach of preference matrix. In: 2006 International Conference on Dependability of Computer Systems, pp. 207–214, May 2006. https://doi.org/10.1109/DEPCOS-RELCOMEX.2006.38
Stolfo, S.J.: KDD cup 1999 dataset (1999). http://kdd.ics.uci.edu/
Tao, X., Kong, D., Wei, Y., Wang, Y.: A big network traffic data fusion approach based on fisher and deep auto-encoder. Information 7(2), 20 (2016). https://doi.org/10.3390/info7020020
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6 (2009). https://doi.org/10.1109/CISDA.2009.5356528
Wu, J., Zhang, X.: A PCA classifier and its application in vehicle detection. In: International Joint Conference on Neural Networks Proceedings, IJCNN 2001, (Cat. No. 01CH37222), vol. 1, pp. 600–604. IEEE (2001)
Zhou, Q., Pezaros, D.: Evaluation of machine learning classifiers for Zero-Day intrusion detection - an analysis on CIC-AWS-2018 dataset, May 2019. http://arxiv.org/abs/1905.03685
Zorbas, D., Abdelfadeel, K., Kotzanikolaou, P., Pesch, D.: TS-LoRa: time-slotted LoRaWAN for the industrial internet of things. Comput. Commun. 153, 1–10 (2020). https://doi.org/10.1016/j.comcom.2020.01.056
Acknowledgements
Spanish National Cybersecurity Institute (INCIBE) and developed Research Institute of Applied Sciences in Cybersecurity (RIASC).
CITIC, as a Research Center of the University System of Galicia, is funded by Consellería de Educación, Universidade e Formación Profesional of the Xunta de Galicia through the European Regional Development Fund (ERDF) and the Secretaría Xeral de Universidades (Ref. ED431G 2019/01).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Jove, E. et al. (2022). Intrusion Detection System for MQTT Protocol Based on Intelligent One-Class Classifiers. In: Corchado, J.M., Trabelsi, S. (eds) Sustainable Smart Cities and Territories. SSCTIC 2021. Lecture Notes in Networks and Systems, vol 253. Springer, Cham. https://doi.org/10.1007/978-3-030-78901-5_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-78901-5_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78900-8
Online ISBN: 978-3-030-78901-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)