Research On Malicious Traffic Detection In Internet Of Things Environment

With the wide application and increasing development of network communication technology,application systems based on the Internet of Things continue to emerge.The Internet of Things equipment and technology facilitate the life and production of users,but also bring about network security issues such as DDo S,XSS,and SQL injection.Therefore,this thesis conducts research on malicious traffic detection in the Internet of Things environment.The existing Internet of Things malicious traffic detection methods ignore the characteristics of the Internet of Things such as limited resources,heterogeneous devices,scarce traffic,and lack of security measures,which lead to many problems such as difficulties in calculating high-dimensional features,unbalanced network traffic data,and easy privacy leaks,which affects detection accuracy and user information security.In order to solve the above problems,this thesis conducts research on malicious traffic detection in the Internet of Things environment based on related research at home and abroad,mainly including the following contents.(1)Aiming at the difficulty of calculating high-dimensional features,two feature selection methods are proposed,namely,the serial feature selection method based on variance analysis and correlation analysis,and the feature selection method based on FSKDE.First,data preprocessing is performed on the traffic dataset;second,two feature selection methods are used in the two malicious traffic detection schemes;finally,the features that contribute more to malicious traffic detection are selected through the set threshold.In this way,the dimensionality reduction of features can be achieved,the calculation amount of Io T devices can be reduced,and the efficiency of malicious traffic detection methods in the Io T environment can be further improved.(2)Aiming at the imbalance of existing network traffic data,a method for detecting malicious traffic in the Internet of Things based on GAN sample enhancement is proposed.Firstly,the data is preprocessed;secondly,in view of the imbalance of the public dataset,a malicious traffic generation method based on GAN is proposed,and the input noise distribution and optimization method of the traditional GAN model are changed to improve the training process of the model to achieve the purpose of balancing the dataset;then,the serial feature selection method based on variance analysis and correlation analysis is used to screen out 33 important features to construct a malicious traffic feature set;finally,the Internet of Things malicious traffic detection algorithm is implemented based on Cat Boost and grid search,And the effectiveness of the proposed method is verified on the public dataset CICIDS2017.(3)Aiming at the problems of easy leakage of privacy,a malicious traffic detection method for the Internet of Things based on FSKDE and federal DIo T-Pysyft is proposed.Firstly,Io T devices perform data preprocessing on local Io T traffic;secondly,use FSKDE to calculate the probability density of each column feature,and perform feature selection according to the preset abnormal threshold;then,build a model based on federated DIo TPysyft training framework,initialize the FED＿CNN model on the server side and send it to the Io T device side,the Io T device side uses local data to train the model,and uses the Fed Avg gradient encryption transmission algorithm integrated with SMPC to transfer the model parameters to the server to build a new global model;finally,The effectiveness of the proposed method is verified using the UNSW-NB15 dataset.