As IoT deployments grow in scale for applications such as smart cities, they face increasing cyber-security threats. In particular, as evidenced by the famous Mirai incident and other ongoing threats, large-scale IoT device networks are particularly susceptible to being hijacked and used as botnets to launch distributed denial of service (DDoS) attacks. Real large-scale datasets are needed to train and evaluate the use of machine learning algorithms such as deep neural networks to detect and defend against such DDoS attacks. We present a dataset from an urban IoT deployment of 4060 nodes describing their spatio-temporal activity under benign conditions. We also provide a synthetic DDoS attack generator that injects attack activity into the dataset based on tunable parameters such as number of nodes attacked and duration of attack. We discuss some of the features of the dataset. We also demonstrate the utility of the dataset as well as our synthetic DDoS attack generator by using them for the training and evaluation of a simple multi-label feed-forward neural network that aims to identify which nodes are under attack and when.
翻译:随着智能城市等应用软件的部署规模扩大,它们面临越来越多的网络安全威胁,特别是,如著名的米拉伊事件和其他持续威胁所证明的,大规模IOT装置网络特别容易被劫持并用作肉网,用于发射分布式拒绝服务(DDoS)攻击;需要真正的大规模数据集来训练和评价诸如深神经网络等机器学习算法的使用情况,以探测和防御DDoS攻击;我们提供了来自城市IOT4060节的数据集,描述其在良性条件下的神经时空活动;我们还提供合成DDoS攻击发电机,根据可捕量参数,例如被攻击的节点数目和攻击持续时间,将攻击活动注入数据集;我们讨论数据集的一些特征;我们还展示数据集的效用以及我们的合成DDoS攻击发电机,利用它们来训练和评价一个简单的多标签的向上神经网络,目的是查明哪些节点正在受到攻击和何时受到攻击。