Go to DBLP homepageHEDVA: Harnessing HTTP Traffic for Enhanced Detection of Vulnerability Attacks in IoT Networks
Abstract: The widespread adoption of Internet of Things (IoT) devices has led to increasingly complex and varied cyber-threats. Traditional defense mechanisms are often inadequate in countering these evolving threats, as attackers continuously develop new strategies. In response, this paper introduces a rapid threat detection method designed to automatically pinpoint vulnerability attacks on IoT devices amidst vast internet traffic. Our approach incorporates a multilevel clustering method, significantly accelerating the identification of malicious behaviors. Additionally, we develop a reliable assessment criterion for recognizing when a detection model becomes outdated due to the dynamic nature of network environments. This criterion is underpinned by a sophisticated combination of concept drift detection and an incremental model updating mechanism, thereby substantially enhancing the durability and effectiveness of our botnet detection models in adapting to new threats. The practicality and efficiency of our proposed solution are thoroughly validated through extensive experimental analysis, which confirms our method’s superior performance in identifying malicious behavior and ensuring the timely retraining of models to address emerging cyber-threats effectively.
Loading