Paper Info
Title
Autoencoder-based feature construction for IoT attacks clustering
Abstract
Variations in commands executed as part of the attack process can be used to determine the behavioural patterns of IoT attacks. Existing approaches rely on the domain knowledge of security experts to identify the behavioural patterns, categorise and classify cyber attacks. We proposed an Autoencoder (AE)-based feature construction approach to remove the dependency of manually correlating commands and generate an efficient representation by automatically learning the semantic similarity between input features extracted through commands data. We applied three clustering algorithms, i.e., K-means, Gaussian Mixture Models and Density-based spatial clustering of applications with noise, on our data set of AE features. We discussed the clustering arrangements for understanding the impact of changes in commands on behavioural patterns of attacks and how attacks are grouped in the same or different clusters. Evaluation of our feature construction approach shows that the clustering algorithm grouped attacks with more common features values compared to clustering with original features. Moreover, we performed a comparative analysis of two existing feature extraction approaches on our data set considering the type of analysis in the process, generalisability of applying features, coverage to the data set and clustering arrangements. We found that challenges identified in applying existing approaches can be addressed with our proposed approach and improving features with AE resulted in providing meaningful clustering interpretations.
Year
DOI
Venue
2022
10.1016/j.future.2021.09.025
Future Generation Computer Systems
Keywords
DocType
Volume
IoT attacks,Feature construction,Autoencoder,Clustering
Journal
127
ISSN
Citations 
PageRank 
0167-739X
1
0.36
References 
Authors
0
5
Name
Order
Citations
PageRank
Junaid Haseeb111.71
Masood Mansoori210.36
Yuichi Hirose310.36
Harith Al-Sahaf410.36
Ian S. Welch512018.53