An IoT abnormal traffic detection method based on communication pattern matching within a graph structure
Jin Wenjing1,Zhou Chengsheng1,Liu Meiling2
1. China Academy of Information and Communications Technology;2.Beijing Youkun Technology Co., Ltd.
Abstract: The wide application of the Internet of Things has brought new security risks. In order to gain a real-time insight into the abnormal state of the network without interfering with the normal operation of the system, the anomaly detection scheme based on traffic came into being. However, the current detection scheme generally has problems such as lack of universality and strong dependence on attack samples. Based on this, according to the physical limitations and domain specifications of the operation of the Internet of Things system, this study innovatively proposed a method of abnormal traffic detection of the Internet of Things based on communication pattern matching under the graph structure. On the basis of the construction of the communication graph, subgraph mining, isomorphic subgraph discovery and other algorithms are used to analyze and characterize the communication mode of fixed, periodic and automatic operation in the Internet of Things system to build the detection benchmark.
Key words : communication patterns; Internet of Things; subgraph mining; community detection; isomorphic subgraph
