Comparison of IoT Communication Protocols Using Anomaly Detection with Security Assessments of Smart Devices

Abstract

The authors implemented an attack scenario that involved simulating attacks to compromise node and sensor data. This research proposes a framework with algorithms that generates automated malicious commands which conform to device protocol standards and bypass compromise detection. The authors performed attack-detection testing with three different home setup simulations and referred to Accuracy of Detection, Ease of Precision, and Attack Recall, with the F1-Score as the parameter. The results obtained for anomaly detection of IoT logs and messages used K-Nearest Neighbor, Multilayer Perceptron, Logistic Regression, Random Forest, and linear Support Vector Classifier models. The attack results presented false-positive responses with and without the proposed framework and false-negative responses for different models. This research calculated Precision, Accuracy, F1-Score, and Recall as attack-detection performance models. Finally, the authors evaluated the performance of the proposed IoT communication protocol attack framework by evaluating a range of anomalies and compared them with the maliciously generated log messages. IoT Home #1 results in which the model involving an IP Camera and NAS device traffic displayed 97.7% Accuracy, 96.54% Precision, 97.29% Recall, and 96.88% F1-Score. This demonstrated that the model classified the Home #1 dataset consistently.