Heartfield, Ryan, Loukas, George ORCID: 0000-0003-3559-5182, Bezemskij, Anatolij ORCID: 0000-0002-6211-1609 and Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 (2020) Self-configurable cyber-physical intrusion detection for smart homes using reinforcement learning. IEEE Transactions on Information Forensics & Security. ISSN 1556-6013 (Print), 1556-6021 (Online)

Preview

PDF (Author's Accepted Manuscript) 30246 LOUKAS_Self-configurable_Cyber-physical_Intrusion_Detection_For_Smart_Homes_(AAM)_2020.pdf - Accepted Version Download (2MB) | Preview

Abstract

The modern Internet of Things (IoT)-based smart home is a challenging environment to secure: devices change, new vulnerabilities are discovered and often remain unpatched, and different users interact with their devices differently and have different cyber risk attitudes. A security breach’s impact is not limited to cyberspace, as it can also affect or be facilitated in physical space, for example, via voice. In this environment, intrusion detection cannot rely solely on static models that remain the same over time and are the same for all users. We present MAGPIE, the first smart home intrusion detection system that is able to autonomously adjust the decision function of its underlying anomaly classification models to a smart home’s changing conditions (e.g., new devices, new automation rules and user interaction with them). The method achieves this goal by applying a novel probabilistic cluster-based reward mechanism to non-stationary multi-armed bandit reinforcement learning. MAGPIE rewards the sets of hyperparameters of its underlying isolation forest unsupervised anomaly classifiers based on the cluster silhouette scores of their output. Experimental evaluation in a real household shows that MAGPIE exhibits high accuracy because of two further innovations: it takes into account both cyber and physical sources of data; and it detects human presence to utilise models that exhibit the highest accuracy in each case. MAGPIE is available in open source format, together with its evaluation datasets, so it can benefit from future advances in unsupervised and reinforcement learning and be able to be enriched with further sources of data as smart home environments and attacks evolve.

Item Type:	Article
Uncontrolled Keywords:	cyber security, Internet of Things, smart homes, reinforcement learning
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC) Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Related URLs:	Publisher
Last Modified:	15 Aug 2022 14:57
URI:	http://gala.gre.ac.uk/id/eprint/30246

Actions (login required)

View Item

Downloads