Skip navigation

Enabling the Human-as-a-security-sensor paradigm in the Internet of Things

Enabling the Human-as-a-security-sensor paradigm in the Internet of Things

Ivory, Dennis, Loukas, George ORCID logoORCID: https://orcid.org/0000-0003-3559-5182 and Gan, Diane ORCID logoORCID: https://orcid.org/0000-0002-0920-7572 (2024) Enabling the Human-as-a-security-sensor paradigm in the Internet of Things. In: Pitropakis, Nikolaos and Katsikas, Sokratis, (eds.) Security and Privacy in Smart Environments. Lecture Notes in Computer Science (LNCS), 14800 . Springer, Cham. ISBN 978-3031667077; 978-3031667084 (In Press)

[thumbnail of Accepted book chapter] PDF (Accepted book chapter)
48231_IVORY_Enabling_the_Human-as-a-security-sensor_paradigm_in_the_Internet_of_Things_2024_(AAM)_2024.pdf - Accepted Version
Restricted to Repository staff only until 25 November 2026.

Download (666kB) | Request a copy

Abstract

Over the last two decades, there has been growing realisation that the user is not the weakest link in cybersecurity. Involving the user in a human-in-the-loop fashion in the process of security can have benefits in several aspects, including in cyber intrusion detection. The human as-a-security-sensor paradigm has shown that it is possible to involve the user as a valuable source of data for detection, and in fact with a predictable level of accuracy. However, this paradigm has currently only been applied in conventional computer systems, such as desktop computers. Our aim here is to extend it for Internet of Things (IoT) environments too, specifically in detecting command injection attacks against IoT devices, whereby a user can be informed automatically about a new IoT device activity that has been detected on the network and can reason as to whether this is legitimate or not. The activity detection is based on a time series forecasting approach, where the assumption is that an abrupt change in the trend of network traffic rate, is an indication of a new activity having been triggered. Our evaluation of two time series forecasting approaches for different training window sizes, as well as of activity detection based on the best-performing of the two approaches, has shown that this is a realistic method for notifying the user.

Item Type: Book Section
Uncontrolled Keywords: Internet of Things, IoT Security, HaaSS, intrusion detection
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Related URLs:
Last Modified: 03 Oct 2024 09:26
URI: http://gala.gre.ac.uk/id/eprint/48231

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics