Deep learning and machine learning based anomaly detection in internet of things environments

Abstract

In parallel with the development of Internet and wireless communication technologies, studies in the field of IoT are also progressing. With the IoT sensors used in the healthcare field, it becomes easier to follow the patients closely. In addition, it is possible to create statistics that will support the treatment process with the data collected from the patients. However, besides the provided facilities, IoT devices that communicate wirelessly and are connected to the internet also have some problems such as security. Serious problems can occur as a result of attacks on different layers of IoT, which is used in healthcare environments. Exposure of sensitive data in the field of Health to any of these attacks can have negative consequences, such as changing the data out of reach of authorized users or capturing it by an attacker. This article attempts to predict duplication, interception, and modification attacks in Message Queuing Telemetry Transport (MQTT) message using artificial intelligence techniques using a complete and labeled IoT dataset containing real world behaviors in IoT networks. On the dataset used, SVM algorithm has Accuracy 85%, f1 98%, Recall 100% values; Naive Bayes (NB) algorithm has Accuracy 89%, f1 86%, Recall 100% values; LSTM has Loss 6.7%, Accuracy 98%, f1 98%, Recall 98%. The LSTM algorithm, which is a deep learning algorithm in detecting abnormal behaviors, has performed better than existing machine learning approaches with low loss and high accuracy data.