Anomaly detection in IoT device traffic data using transformers

The proliferation of Internet of Things (IoT) devices has significantly increased data traffic, necessitating robust security measures to protect against latent threats. Traditional anomaly detection methods often struggle to keep pace with the dynamic and diverse nature of IoT environments, particu...

Descripción completa

Detalles Bibliográficos
Autor: Sánchez Patiño, Natalia De Los Ángeles
Tipo de recurso: tesis de maestría
Fecha de publicación:2024
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/415442
Acceso en línea:https://hdl.handle.net/2117/415442
Access Level:acceso abierto
Palabra clave:Internet of things
Artificial intelligence
Detecció d'anomalias
Internet de les Coses
Transformadors
Transfer learning
Ciberseguretat
Anomaly detection
Internet of Things
Transformers
Cybersecurity
Internet de les coses
Intel·ligència artificial
Àrees temàtiques de la UPC::Informàtica::Intel·ligència artificial
Descripción
Sumario:The proliferation of Internet of Things (IoT) devices has significantly increased data traffic, necessitating robust security measures to protect against latent threats. Traditional anomaly detection methods often struggle to keep pace with the dynamic and diverse nature of IoT environments, particularly in use cases with limited accessible training data. This necessitates adaptive and efficient solutions. In this work, we propose the use of fine-tuned Transformer models for anomaly detection in an IoT traffic use-case. These techniques allow adjusting a pre-trained model to a new domain where scarce training data is accessible. Specifically, we propose a framework in which we explore the usage of fine-tuning Transformer architectures using the CIC IoMT 2024 dataset and evaluate it with the Aposemat IoT-23 dataset. The significance of the results lies in demonstrating that training on one dataset and applying the knowledge to another is feasible, though it involves aligning certain specifications between datasets and employing techniques to adapt to new knowledge. This research bridges the gap in developing new Transformer-based architectures capable of providing supervised fraud detection capabilities, even with highly limited datasets for training. This process, including both successful and unsuccessful methods, is described in this thesis.