Integrating Complex Event Processing and Machine Learningan Intelligent Architecture for Detecting IoT Security Attacks
- José Roldán-Gómez
- Juan Boubeta-Puig
- José Luis Martínez
- Guadalupe Ortiz
- Rafael Capilla (coord.)
- Maider Azanza (coord.)
- Miguel Rodríguez Luaces (coord.)
- María del Mar Roldán García (coord.)
- Loli Burgueño (coord.)
- José Raúl Romero (coord.)
- José Antonio Parejo Maestre (coord.)
- José Francisco Chicano García (coord.)
- Marcela Genero (coord.)
- Oscar Díaz (coord.)
- José González Enríquez (coord.)
- Mª Carmen Penadés Gramaje (coord.)
- Silvia Abrahão (col.)
Éditorial: Sociedad de Ingeniería de Software y Tecnologías de Desarrollo de Software (SISTEDES)
Année de publication: 2021
Congreso: Jornadas de Ingeniería del Software y Bases de Datos (JISBD) (25. 2021. Malaga)
Type: Communication dans un congrès
Résumé
The Internet of Things (IoT) is growing globally at a fast pace. However, the increase in IoT devices has brought with it the challenge of promptly detecting and combating the cybersecurity threats that target them. To deal with this problem, we propose an intelligent architecture that integrates Complex Event Processing (CEP) technology and the Machine Learning (ML) paradigm in order to detect different types of IoT security attacks in real time. In particular, such an architecture is capable of easily managing event patterns whose conditions depend on values obtained by ML algorithms. Additionally, a model-driven graphical tool for security attack pattern definition and automatic code generation is provided, hiding all the complexity derived from implementation details from domain experts. The proposed architecture has been applied in the case of a healthcare IoT network to validate its ability to detect attacks made by malicious devices. The results obtained demonstrate that this architecture satisfactorily fulfils its objectives.