polito.it
Politecnico di Torino (logo)

Anomaly Detection at the Edge implementing Machine Learning Techniques

Ghassan El Baltaji

Anomaly Detection at the Edge implementing Machine Learning Techniques.

Rel. Paolo Ernesto Prinetto, Nicolò Maunero, Vahid Eftekhari Moghadam. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Matematica, 2022

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (1MB) | Preview
Abstract:

The Internet of Things (IoT) refers to the process of connecting physical objects to the internet. This includes household appliances, healthcare assets like medical devices, smart industries and cities. Due to the drastic increase of data generated from the IoT devices, relying on a centralized cloud infrastructure has fundamental limitations. For example, high network latency and network bandwidth are two main constraints that should be addressed. Edge Computing (EC) has emerged as the new computing paradigm in the IoT. Edge Computing covers the demand of the real-time response, and it moves data processing from the cloud to the Edge Nodes (ENs), hence increasing the quality of service for the IoT applications. Yet, Edge Computing has its own challenges such as cyberattacks. IoT with edge devices is considered as an open system. Various types of cyberattacks threaten the entire system. At the terminal perceptron layer, such as the sensors which directly collects data from the environment, authentication attack could take place. While in the network transport layer, DoS and DDoS attacks could have severe consequences on the entire network. As for the application layer, brute force and man-in-the middle attacks are always suspected. Database attacks, malwares or false data injection attacks(FDIA) and many other types of cyberattacks could be a potential threat to a specific layer, thus it could penetrate the whole network. Artificial Intelligence (AI) advancements have opened up new possibilities for addressing security challenges. The learning capability of Machine Learning (ML) can be considered as a supportive system that identifies malicious behaviors more correctly and effectively. In this project, we apply ML techniques to create a security system for an edge device. We introduce the IoT system and its architecture with EC. Then, the convergence of Machine Learning, Cybersecurity and the IoT applications is discussed. Finally, we apply the machine learning classification model, and we embed the model in the device. Specifically, we have used the KDD Cup 1999 dataset which includes a wide variety of intrusions simulated in a military network environment. The main objective is to build an anomaly detection system. It is a predictive model that distinguishes between "good" normal connections and "bad" connections known as intrusions or attacks. Different supervised machine learning models are applied such as decision trees, K-nearest neighbors and support vector machines algorithms. The best performing classification model has been evaluated and embedded to the edge device.

Relators: Paolo Ernesto Prinetto, Nicolò Maunero, Vahid Eftekhari Moghadam
Academic year: 2021/22
Publication type: Electronic
Number of Pages: 40
Subjects:
Corso di laurea: Corso di laurea magistrale in Ingegneria Matematica
Classe di laurea: New organization > Master science > LM-44 - MATHEMATICAL MODELLING FOR ENGINEERING
Aziende collaboratrici: Politecnico di Torino
URI: http://webthesis.biblio.polito.it/id/eprint/21937
Modify record (reserved for operators) Modify record (reserved for operators)