DeepAuditor: Distributed Online Intrusion Detection System for IoT   devices via Power Side-channel Auditing

Woosub Jung (1); Yizhou Feng (2); Sabbir Ahmed Khan (2); Chunsheng Xin; (2); Danella Zhao (2); and Gang Zhou (1) ((1) William & Mary; (2) Old; Dominion University)

arXiv:2106.12753·cs.CR·May 11, 2022

DeepAuditor: Distributed Online Intrusion Detection System for IoT devices via Power Side-channel Auditing

Woosub Jung (1), Yizhou Feng (2), Sabbir Ahmed Khan (2), Chunsheng Xin, (2), Danella Zhao (2), and Gang Zhou (1) ((1) William & Mary, (2) Old, Dominion University)

PDF

Open Access

TL;DR

DeepAuditor is a real-time, distributed intrusion detection system for IoT devices that uses power side-channel auditing, lightweight hardware, and privacy-preserving protocols to detect botnet intrusions effectively.

Contribution

It introduces the first online intrusion detection system for IoT devices utilizing power auditing, a lightweight power auditor, and a privacy-preserved distributed CNN classifier.

Findings

01

Classifier outperforms baseline, especially on unseen patterns.

02

System achieves real-time detection with acceptable accuracy and processing time.

03

Distributed CNN design is secure against component attacks.

Abstract

As the number of IoT devices has increased rapidly, IoT botnets have exploited the vulnerabilities of IoT devices. However, it is still challenging to detect the initial intrusion on IoT devices prior to massive attacks. Recent studies have utilized power side-channel information to identify this intrusion behavior on IoT devices but still lack accurate models in real-time for ubiquitous botnet detection. We proposed the first online intrusion detection system called DeepAuditor for IoT devices via power auditing. To develop the real-time system, we proposed a lightweight power auditing device called Power Auditor. We also designed a distributed CNN classifier for online inference in a laboratory setting. In order to protect data leakage and reduce networking redundancy, we then proposed a privacy-preserved inference protocol via Packed Homomorphic Encryption and a sliding window…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNetwork Security and Intrusion Detection · Internet Traffic Analysis and Secure E-voting · Advanced Malware Detection Techniques