Intruders' Behavior Unveiled: A Dual-Tier Behavior-driven Model for Malicious Activity Detection in IoT Network Using Graph Learning
| dc.contributor.advisor | Habibi Lashkari, Arash | |
| dc.contributor.author | Shafi, MohammadMoein | |
| dc.date.accessioned | 2025-04-10T10:50:26Z | |
| dc.date.available | 2025-04-10T10:50:26Z | |
| dc.date.copyright | 2024-12-02 | |
| dc.date.issued | 2025-04-10 | |
| dc.date.updated | 2025-04-10T10:50:26Z | |
| dc.degree.discipline | Computer Science | |
| dc.degree.level | Master's | |
| dc.degree.name | MSc - Master of Science | |
| dc.description.abstract | In recent years, IoT technology has transformed smart homes, with most households now including several IoT devices that provide convenience and automation. However, the security of these smart homes is paramount, as vulnerabilities can expose residents to risks like unauthorized access, data breaches, and operational disruption. Network-based threats pose a particularly critical risk due to the numerous vulnerabilities in wireless communication between devices, making it possible for attackers to intercept data or do malicious activities. While traditional intrusion detection systems exist, they are often ineffective in detecting zero-day attacks and lack the ability to identify malicious patterns across diverse threat scenarios due to limited diversity in their detection models. Moreover, these systems are not designed to fully detect all types of intrusions, especially those involving both external network activities and internal IoT communications among smart home devices. This gap is made worse by the challenges in creating specialized IoT datasets that cover a diverse set of malicious activities and data types, which require extensive technical knowledge, a diverse range of devices, and expertise in capturing, executing, and labeling attack scenarios. Such datasets are crucial for data-driven intrusion detection systems. Addressing these challenges, this thesis introduces a dual-tier detection system that effectively can zero-day attacks, and is designed in a way to be scalable for learning the behavior of diverse malicious activities. the proposed solution leverages data from both the smart home hub’s internet connection and the internal network communication of IoT devices to detect and profile malicious activities using a novel graph learning approach. Furthermore, to support this research, we have created the largest IoT smart home dataset, incorporating real-world data from over 50 devices and more than 100 carefully designed attack scenarios, captured over a five-month period. The analysis of this dataset and the performance of our detection model demonstrate promising results, providing a valuable resource and foundation for advancing smart home IoT security. | |
| dc.identifier.uri | https://hdl.handle.net/10315/42816 | |
| dc.language | en | |
| dc.rights | Author owns copyright, except where explicitly noted. Please contact the author directly with licensing requests. | |
| dc.subject.keywords | Internet of Things (IoT) | |
| dc.subject.keywords | Smart home security | |
| dc.subject.keywords | IoT vulnerabilities | |
| dc.subject.keywords | Network-based threats | |
| dc.subject.keywords | Wireless communication security | |
| dc.subject.keywords | IoT device-to-device communication | |
| dc.subject.keywords | Intrusion detection systems (IDS) | |
| dc.subject.keywords | Zero-day attack detection | |
| dc.subject.keywords | Multi-tier detection model | |
| dc.subject.keywords | IoT threat profiling | |
| dc.subject.keywords | Graph-based learning | |
| dc.subject.keywords | IoT network traffic analysis | |
| dc.subject.keywords | Z-wave protocol security | |
| dc.subject.keywords | IoT wireless protocols | |
| dc.subject.keywords | Wi-Fi | |
| dc.subject.keywords | Zigbee | |
| dc.subject.keywords | Bluetooth | |
| dc.subject.keywords | Z-Wave | |
| dc.subject.keywords | Dataset for IoT security | |
| dc.subject.keywords | Smart home testbed development | |
| dc.subject.keywords | IoT attack scenario design | |
| dc.subject.keywords | Real-world IoT dataset | |
| dc.subject.keywords | Malicious activity detection | |
| dc.subject.keywords | IoT traffic monitoring | |
| dc.subject.keywords | IoT data labeling and analysis | |
| dc.subject.keywords | IoT dataset benchmarking | |
| dc.subject.keywords | IoT device behavior analysis | |
| dc.subject.keywords | Smart home automation risks | |
| dc.subject.keywords | IoT privacy concerns | |
| dc.subject.keywords | IoT device taxonomy | |
| dc.subject.keywords | IoT communication patterns | |
| dc.subject.keywords | IoT security challenges | |
| dc.subject.keywords | IoT research frameworks | |
| dc.subject.keywords | IoT threat landscape | |
| dc.subject.keywords | IoT network anomalies | |
| dc.subject.keywords | IoT ecosystem security | |
| dc.subject.keywords | Smart home threat detection | |
| dc.subject.keywords | IoT attack simulation | |
| dc.subject.keywords | Advanced IoT security solutions | |
| dc.subject.keywords | IoT traffic analysis | |
| dc.subject.keywords | IoT data capture techniques | |
| dc.subject.keywords | IoT security evaluation | |
| dc.subject.keywords | IoT cybersecurity | |
| dc.subject.keywords | IoT attack detection | |
| dc.subject.keywords | IoT defense mechanisms | |
| dc.subject.keywords | IoT behavioral analytics | |
| dc.subject.keywords | Scalable IoT security model | |
| dc.subject.keywords | IoT dataset creation challenges | |
| dc.subject.keywords | IoT intrusion detection | |
| dc.subject.keywords | IoT network forensics | |
| dc.subject.keywords | IoT device interoperability security | |
| dc.subject.keywords | Emerging IoT threats | |
| dc.subject.keywords | IoT threat intelligence | |
| dc.subject.keywords | IoT security best practices | |
| dc.subject.keywords | IoT Detection algorithm design | |
| dc.subject.keywords | IoT ecosystem resilience | |
| dc.subject.keywords | IoT data-driven security model | |
| dc.subject.keywords | Smart office security | |
| dc.subject.keywords | Smart office networks | |
| dc.subject.keywords | Smart home automation security | |
| dc.subject.keywords | Smart office automation | |
| dc.subject.keywords | IoT-enabled smart offices | |
| dc.subject.keywords | Smart office vulnerabilities | |
| dc.subject.keywords | Smart home device security | |
| dc.subject.keywords | Smart office device management | |
| dc.subject.keywords | IoT in smart workspaces | |
| dc.subject.keywords | Smart building cybersecurity | |
| dc.subject.keywords | IoT-driven smart environments | |
| dc.subject.keywords | Smart office data privacy | |
| dc.subject.keywords | IoT-based smart infrastructure | |
| dc.subject.keywords | Smart home energy efficiency risks | |
| dc.subject.keywords | IoT in smart office design | |
| dc.subject.keywords | IoT threats in smart workplaces | |
| dc.subject.keywords | Collaborative IoT workspaces | |
| dc.subject.keywords | Cybersecurity for smart offices | |
| dc.subject.keywords | Smart home network architecture | |
| dc.subject.keywords | Secure smart office solutions | |
| dc.subject.keywords | Automation risks in smart environments | |
| dc.subject.keywords | IoT connectivity in smart homes and offices | |
| dc.subject.keywords | Smart environment intrusion detection | |
| dc.subject.keywords | IoT in smart home monitoring systems | |
| dc.title | Intruders' Behavior Unveiled: A Dual-Tier Behavior-driven Model for Malicious Activity Detection in IoT Network Using Graph Learning | |
| dc.type | Electronic Thesis or Dissertation |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Shafi_MohammadMoein_2024_MSc.pdf
- Size:
- 12.4 MB
- Format:
- Adobe Portable Document Format