Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지
DOI QR코드

DOI QR Code

Attack Detection and Classification Method Using PCA and LightGBM in MQTT-based IoT Environment

MQTT 기반 IoT 환경에서의 PCA와 LightGBM을 이용한 공격 탐지 및 분류 방안

  • 이지구 (국방대학교 국방과학학과) ;
  • 이수진 (국방대학교 국방과학학과) ;
  • 김영원 (국방대학교 국방과학학과)
  • Received : 2022.09.21
  • Accepted : 2022.10.25
  • Published : 2022.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, machine learning-based cyber attack detection and classification research has been actively conducted, achieving a high level of detection accuracy. However, low-spec IoT devices and large-scale network traffic make it difficult to apply machine learning-based detection models in IoT environment. Therefore, In this paper, we propose an efficient IoT attack detection and classification method through PCA(Principal Component Analysis) and LightGBM(Light Gradient Boosting Model) using datasets collected in a MQTT(Message Queuing Telementry Transport) IoT protocol environment that is also used in the defense field. As a result of the experiment, even though the original dataset was reduced to about 15%, the performance was almost similar to that of the original. It also showed the best performance in comparative evaluation with the four dimensional reduction techniques selected in this paper.

최근 머신러닝 기반의 사이버 공격 탐지 및 분류 연구가 활발히 이루어지고 있으며, 높은 수준의 탐지 정확도를 달성하고 있다. 그러나 저 사양 IoT 기기, 대규모의 네트워크 트래픽 등은 IoT 환경에서 머신러닝 기반의 탐지모델 적용을 어렵게 하고 있다. 따라서 본 논문에서는 국방분야에서도 활용되고 있는 MQTT(Message Queuing Telementry Transport) IoT 프로토콜 환경에서 수집된 데이터세트를 대상으로, 차원축소 기법인 PCA(Principal Component Analysis)와 LightGBM(Light Gradient Boosting Model)을 이용하여 IoT 공격을 효울적으로 탐지 및 분류하는 방안을 제안하였다. 실험을 통해 제안하는 분류모델의 성능을 확인한 결과 원본 데이터세트를 약 15%로 축소하였음에도 원본 전체를 모두 사용한 모델과 거의 유사한 성능을 나타냈으며, 본 논문에서 선정한 4가지 차원축소기법과의 비교 평가에서도 가장 우수한 성능을 나타냈다.

Keywords

References

  1. Young-Teak Oh, In-June Jo, "Data Modeling for Cyber Security of IoT in Artificial Intelligence Technology", International JOURNAL OF CONTENTS, Vol. 21, No. 12, pp 58-65, 2021.
  2. Markts and Markets, "IoT Solutions and Service Market", https://www.marketsandmarkets.com/Market-Reports, TC7719, 2022.
  3. IEEE Computer Society, "Internet of Things Meets the Military and Battlefield", https://www.computer.org/publications/tech-news/research/internet-of-military-battlefield-things-iomt-iobt, 2022.
  4. Korea Defense Industry Accociation, "Development of defense IoT platform and solution for future intelligent resource management and battlefield management system", Defense & Technology, Vol 470, No. 28, pp 28-29, 2018.
  5. Ahmad, Rasheed, and Izzat Alsmadi. "Machine learning approaches to IoT security: A systematic literature review." Internet of Things Vol. 14, 2021.
  6. Y. Jang, J. Shim, and S. Park, "Analysis Standardized of IoT-based Low-power.Light -weight Protocol," Journal of the Korea Institute of Information and Communication Engineering, vol. 20, no. 10, pp. 1895-1902, Oct. 2016. https://doi.org/10.6109/jkiice.2016.20.10.1895
  7. I. Skerritt, "IoT Developer Survey 2016," Eclipse IoT Work. Gruop, IEEE IoT Agil. IoT, 2016.
  8. Ivan Vaccari, Giovanni Chiola, Maurizio Aiello, Maurizio Monelli, Enrico Cambiaso, "MQTTset, a New Dataset for Machine Learning Techniques on MQTT", Sensors, Vol. 20, 2020.
  9. Kuriakose, Neenu, and Uma Devi. "MQTT Attack Detection Using AI and ML Algorithm." Pervasive Computing and Social Networking. Springer, Singapore, Vol. 317, 2022. 13-22.
  10. Dissanayake, Maheshi B. "Feature Engineering for Cyber-attack detection in Internet of Things.", I.J Wireless and Microwave Technologies, Vol. 6, pp 46-54, 2021.
  11. Rachmadi, Salman, Satria Mandala, and Dita Oktaria. "Detection of DoS Attack using AdaBoost Algorithm on IoT System", 2021 International Conference on Data Science and Its Applications (ICoDSA). IEEE, 2021.
  12. Lee, Joohwa, and Keehyun Park. "Network Intrusion Detection System Using Feature Extraction Based on AutoEncoder in IOT environment." KTSDE, Vol. 8, No. 12, pp 483-490, 2019.
  13. Hyoseon Kyew, Minhae Kwon, "PCA-Based Low-Complexity Anomaly", KCIS, Vol. 46, No. 6, pp 941-955, 2021.
  14. Waskle, Subhash, Lokesh Parashar, and Upendra Singh. "Intrusion detection system using PCA with random forest approach." 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). IEEE, pp. 803-808, 2020.
  15. Martinez, Aleix M., and Avinash C. Kak. "Pcaversus lda." IEEE transactions on pattern analysis and machine intelligence Vol. 23, No. 2, pp 228-233, 2001. https://doi.org/10.1109/34.908974
  16. Zebari, R., Abdulazeez, A., Zeebaree, D., Zebari, D. and Saeed, J. "A comprehensive review of dimensionality reduction techniques for feature selection and feature extraction.", Journal of Applied Science and Technology Trends Vol. 1, No. 2, pp. 56-70, 2020. https://doi.org/10.38094/jastt1224
  17. Ke, Guolin, et al. "Lightgbm: A highly efficient gradient boosting decision tree." Advances in neural information processing systems 30, 2017.