ARTEMIS: An intrusion detection system for mqtt attacks in internet of things

Ciklabakkal, Ege
Dönmez, Ataberk
Erdemir, Mert
Suren, Emre
Angın, Pelin
The Internet of Things (IoT) is now being used increasingly in transportation, healthcare, agriculture, smart home and city systems. IoT devices, the number of which is expected to reach 25 billion all over the world by 2021, are required to be deployed very fast, taking into account commercial pressures. This results in a very important layer, i.e. security, being either completely neglected or having significant shortcomings. Since IoT has a heterogeneous structure, there is a need for intrusion detection systems (IDSs) that take into account the specifics of an IoT system architecture, including the computing power limitations, variety of protocols and prevalence of zero-day attacks. In this paper, we describe ARTEMIS, an IDS for IoT, which processes data from IoT devices using machine learning to detect deviations from the normal behavior of the system and generates alerts in case of anomalies. We have implemented a prototype of the system using IoT devices subscribed to topics at an MQTT broker and provide experimental evaluation of the system under MQTT-related attacks.


Explainable Security in SDN-Based IoT Networks
Sarica, Alper Kaan; Angın, Pelin (2020-12-01)
The significant advances in wireless networks in the past decade have made a variety of Internet of Things (IoT) use cases possible, greatly facilitating many operations in our daily lives. IoT is only expected to grow with 5G and beyond networks, which will primarily rely on software-defined networking (SDN) and network functions virtualization for achieving the promised quality of service. The prevalence of IoT and the large attack surface that it has created calls for SDN-based intelligent security solut...
Protedge: A few-shot ensemble learning approach to software-defined networking-assisted edge security
Demirpolat, Ahmed; Sarica, Alper Kaan; Angın, Pelin (2020-10-01)
The rise of the Internet of Things (IoT) paradigm has had a significant impact on our lives through many use cases including smart farming, smart homes, and smart healthcare among others. Due to the capacity-constrained nature of many IoT devices, edge computing has become a significant aid for IoT, replacing cloud computing to support the extremely low latency requirements. With the number of smart devices growing exponentially, the large attack surface created by these devices is concerning. Software-defi...
Real-time intrusion detection and prevention system for SDN-based IoT networks
Sarıça, Alper Kaan; Angın, Pelin; Department of Computer Engineering (2021-9)
The significant advances in wireless networks with the 5G networks have made possible a variety of new IoT use cases. 5G and beyond networks will significantly rely on network virtualization technologies such as SDN and NFV. The prevalence of IoT and the large attack surface it has created calls for SDN-based intelligent security solutions that achieve real-time, automated intrusion detection and mitigation. In this thesis, we propose a real-time intrusion detection and mitigation system for SDN, which aims...
Smart Residence Management System RMS with Personalized Comfort
Ay, Meral Başak; Gökalp, Ebru; Eren, Pekin Erhan; Tanyer, Ali Murat (2016-10-31)
The built environment is undergoing a significant evolution, enabled by the Internet of Things (IoT) concept. IoT offers some far-reaching opportunities with the help of cloud computing to exploit technological advances for the benefit of the users, society, and the environment. Technological advances in IoT makes it easier to monitor and manage environments around us. Also, increasing control over lighting/daylighting amount, fresh air ventilation rate, temperature, noise level and humidity level increase ...
Secure multiparty computation via oblivious polynomial evaluation
Özarar, Mert; Genç, Fethi Payidar; Özgit, Attila; Department of Computer Engineering (2012)
The number of opportunities for cooperative computation has exponentially been increasing with growing interaction via Internet technologies. These computations could occur between trusted partners, between partially trusted partners, or even between competitors. Most of the time, the communicating parties may not want to disclose their private data to the other principal while taking the advantage of collaboration, hence concentrating on the results rather than private and perhaps useless data values. For ...
Citation Formats
E. Ciklabakkal, A. Dönmez, M. Erdemir, E. Suren, M. T. YILMAZ, and P. Angın, “ARTEMIS: An intrusion detection system for mqtt attacks in internet of things,” 2019, Accessed: 00, 2020. [Online]. Available: