Paper in a peer-reviewed national conference
IoT Neighborhood Watch: device monitoring for anomaly detection
Wireless Security, Internet-of-things, Network Monitoring, Anomaly Detection
Pedro E. Carmo, Miguel L. Pardal
INForum. Guimarães, Portugal. 2019
Recent developments in wireless device technology allow simple everyday objects, like plugs and locks, to become sensors/actuators connected to the Internet. These smart things can make environments aware of user needs and be used to improve accessibility and efficiency. However, these devices can also fall prey to cyber-attacks and compromise privacy in personal environments such as our home.
We propose IoT Neighborhood Watch, an attack detection system, hosted on devices that are part of the environment which are able to keep watch over their neighbor devices. Each device can sniff packets in the network and perform feature extraction, from data gathered both at packet and flow levels, along with device states and user presence detection. All these value can be used to build behavior patterns, which are then used to detect any deviations that may be cause for alarm. The proposed system is currently under development in a test-bed containing a diverse set of devices, with Wi-Fi and Zigbee connectivity.