ARTEMIS: An intrusion detection system for mqtt attacks in internet of things

Date

2019-10-01

Author

Ciklabakkal, Ege
Dönmez, Ataberk
Erdemir, Mert
Suren, Emre
YILMAZ, MUSTAFA TUĞRUL
Angın, Pelin

Metadata

Show full item record

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Item Usage Stats

21
views

0
downloads

Cite This

The Internet of Things (IoT) is now being used increasingly in transportation, healthcare, agriculture, smart home and city systems. IoT devices, the number of which is expected to reach 25 billion all over the world by 2021, are required to be deployed very fast, taking into account commercial pressures. This results in a very important layer, i.e. security, being either completely neglected or having significant shortcomings. Since IoT has a heterogeneous structure, there is a need for intrusion detection systems (IDSs) that take into account the specifics of an IoT system architecture, including the computing power limitations, variety of protocols and prevalence of zero-day attacks. In this paper, we describe ARTEMIS, an IDS for IoT, which processes data from IoT devices using machine learning to detect deviations from the normal behavior of the system and generates alerts in case of anomalies. We have implemented a prototype of the system using IoT devices subscribed to topics at an MQTT broker and provide experimental evaluation of the system under MQTT-related attacks.

Subject Keywords

IoT, Intrusion Detection, MQTT

URI

https://hdl.handle.net/11511/48428

Collections

Department of Computer Engineering, Conference / Seminar