Rule Generation for Signature Based Detection Systems of Cyber Attacks in IoT Environments

Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai


Many modern attacks are targeting the IoT devices in recent year. Most of IoT attacks are botnet attacks. Even though there are many detections and preventing systems for cyber attacks, the security mechanism for IoT environments is still needed because these devices have some constraint to implement the detection system effectively. These are limited processing storage and computing memory. Basically, Intrusion Detection System (IDS) is an effective mechanism to protect against the cyber attacks. However, most of the public IDSs are signature-based, and they are implemented for the traditional network. Although some researchers used these systems on IoT environment, these systems have no modern IoT attack signatures/rules. Therefore, we need to find out the rules for protecting against the modern botnet attacks. How to generate the rules for modern attacks is essential because we need to know the attack signatures for protecting from botnet attacks. We used the modern botnet attack dataset to generate the rules for IoT-IDS. The original signature dataset in the traditional signature-based IDSs has much amount of attacks patterns, and it is difficult to use all attack patterns for generating the rules because IoT devices have limited resource constraint problem. Therefore, in this study, we used J48, machine learning algorithms for generating effective rules to support lightweight IDS systems.


Rule Generation; IoT security; IDS

Full Text:



  • There are currently no refbacks.