Visible to the public Internet of Things Attack Group Identification Model Combined with Spectral Clustering

TitleInternet of Things Attack Group Identification Model Combined with Spectral Clustering
Publication TypeConference Paper
Year of Publication2021
AuthorsFu, Chen, Rui, Yu, Wen-mao, Liu
Conference Name2021 IEEE 21st International Conference on Communication Technology (ICCT)
Keywordsaggressive behavior, attack group, attacker portrait, Benchmark testing, Clustering algorithms, Conferences, Data models, Honey pot (computing), honey pots, human factors, Image analysis, Intrusion detection, IoT security, pubcrawl, resilience, Resiliency, Scalability, spectral clustering
AbstractIn order to solve the problem that the ordinary intrusion detection model cannot effectively identify the increasingly complex, continuous, multi-source and organized network attacks, this paper proposes an Internet of Things attack group identification model to identify the planned and organized attack groups. The model takes the common attack source IP, target IP, time stamp and target port as the characteristics of the attack log data to establish the identification benchmark of the attack gang behavior. The model also combines the spectral clustering algorithm to cluster different attackers with similar attack behaviors, and carries out the specific image analysis of the attack gang. In this paper, an experimental detection was carried out based on real IoT honey pot attack log data. The spectral clustering was compared with Kmeans, DBSCAN and other clustering algorithms. The experimental results shows that the contour coefficient of spectral clustering was significantly higher than that of other clustering algorithms. The recognition model based on spectral clustering proposed in this paper has a better effect, which can effectively identify the attack groups and mine the attack preferences of the groups.
DOI10.1109/ICCT52962.2021.9657991
Citation Keyfu_internet_2021