Internet of things--Security measures

The proliferation of Internet of Things (IoT) devices in various networks is being matched by an increase in related cybersecurity risks. To help counter these risks, big datasets such as Bot-IoT were designed to train machine learning algorithms on network-based intrusion detection for IoT devices. From a binary classification perspective, there is a high-class imbalance in Bot-IoT between each of the attack categories and the normal category, and also between the combined attack categories and the normal category. Within the scope of predicting botnet attacks in IoT networks, this dissertation demonstrates the usefulness and efficiency of novel machine learning methods, such as an easy-to-classify method and a unique set of ensemble feature selection techniques. The focus of this work is on the full Bot-IoT dataset, as well as each of the four attack categories of Bot-IoT, namely, Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Reconnaissance, and Information Theft. Since resources and services become inaccessible during DoS and DDoS attacks, this interruption is costly to an organization in terms of both time and money. Reconnaissance attacks often signify the first stage of a cyberattack and preventing them from occurring usually means the end of the intended cyberattack. Information Theft attacks not only erode consumer confidence but may also compromise intellectual property and national security. For the DoS experiment, the ensemble feature selection approach led to the best performance, while for the DDoS experiment, the full set of Bot-IoT features resulted in the best performance. Regarding the Reconnaissance experiment, the ensemble feature selection approach effected the best performance. In relation to the Information Theft experiment, the ensemble feature selection techniques did not affect performance, positively or negatively. However, the ensemble feature selection approach is recommended for this experiment because feature reduction eases computational burden and may provide clarity through improved data visualization. For the full Bot-IoT big dataset, an explainable machine learning approach was taken using the Decision Tree classifier. An easy-to-learn Decision Tree model for predicting attacks was obtained with only three features, which is a significant result for big data.

Healthcare organizations, realizing the potential of the Internet of Things (IoT)
technology, are rapidly adopting the technology to bring signi cant improvements in
the quality and e ectiveness of the service. However, these smart and interconnected
devices can act as a potential \back door" into a hospital's IT network, giving attack-
ers access to sensitive information. As a result, cyber-attacks on medical IoT devices
have been increasing since the last few years. It is a growing concern for all the
stakeholders involved, as the impact of such attacks is not just monetary or privacy
loss, but the lives of many patients are also at risk. Considering the various kinds of
IoT devices one may nd connected to a hospital's network, traditional host-centric
security solutions (e.g. antivirus, software patches) are at odds with realistic IoT
infrastructure (e.g. constrained hardware, lack of proper built-in security measures).
There is a need for security solutions which consider the challenges of IoT devices like
heterogeneity of technology and protocols used, limited resources in terms of battery
and computation power, etc. Accordingly, the goals of this thesis have been: (1) to
provide an in-depth understanding of vulnerabilities of medical IoT devices; (2) to in-
troduce a novel approach which uses a microservices-based framework as an adaptive and agile security solution to address the issue. The thesis focuses on OS Fingerprint-
ing attacks because of its signi cance for attackers to understand a target's network.
In this thesis, we developed three microservices, each one designed to serve a speci c
functionality. Each of these microservices has a small footprint with RAM usage of
approximately 50 MB. We also suggest how microservices can be used in a real-life
scenario as a software-based security solution to secure a hospital's network consisting
of di erent IoT devices.