Herramienta de disección de tramas para protocolos IoT

Diego Narciandi-Rodríguez; Jose Aveleira-Mata; Alicia Merayo Corcoba; Manuel Rubiños; Paula Arcano-Bea; Héctor Alaiz-Moretón

doi:10.17979/ja-cea.2024.45.10804

PDF

Publicado: jul. 15, 2024

Diego Narciandi-Rodríguez⁺⁻
Jose Aveleira-Mata⁺⁻
Alicia Merayo Corcoba⁺⁻
Manuel Rubiños⁺⁻
Paula Arcano-Bea⁺⁻
Héctor Alaiz-Moretón⁺⁻

Diego Narciandi-Rodríguez

Universidad de León

España

https://orcid.org/0009-0006-3241-2546

Jose Aveleira-Mata

Universidad de León

España

https://orcid.org/0000-0001-5439-0997

Alicia Merayo Corcoba

Universidad de León

España

https://orcid.org/0000-0001-6219-1808

Manuel Rubiños

Universidade da Coruña

España

https://orcid.org/0009-0001-4085-0451

Paula Arcano-Bea

Universidade da Coruña

España

https://orcid.org/0009-0004-6706-5519

Héctor Alaiz-Moretón

Universidad de León

España

https://orcid.org/0000-0001-6572-1261

Núm. 45 (2024), Computadores y Control

DOI: https://doi.org/10.17979/ja-cea.2024.45.10804

Recibido: may. 29, 2024 Aceptado: jul. 8, 2024 Publicado: jul. 15, 2024

Derechos de autor

Resumen

Desde hace unos años la aparición y uso de dispositivos IoT (Internet de las Cosas), los cuales destacan por el uso de protocolos ligeros debido a su baja carga computacional, hace que surgan nuevos vectores de ataque en en los sistemas con dispositivos IoT. Es por ello que es necesario entrenar y desarrollar modelos de aprendizaje automático a partir de datos reales, que se implementen en sistemas de deteccion de intrusiones (IDS). Aquí es donde intervienen los datasets los cuales posibilitan esta actividad gracias al desarrollo efectivo de estos modelos. En este trabajo se presenta el desarrollo de un disector de tramas que facilita la generación datasets específicos para los diferentes protocolos IoT existentes que sean útiles para crear modelos de aprendizaje automático a partir de los mismos.

Palabras clave:

Control de las redes, Sistemas de control de tráfico, Sistemas en red, Internet de las cosas, Codiseño de software

Citas

Alaiz-Moreton, H., Aveleira-Mata, J., Ondicol-Garcia, J., Mu ̃noz-Casta ̃neda, A. L., Garc ́ıa, I., Benavides, C., 2019. Multiclass classification procedure for detecting attacks on mqtt-iot protocol. Complexity 2019. DOI: 10.1155/2019/6516253 DOI: https://doi.org/10.1155/2019/6516253

Chatzoglou, E., Kambourakis, G., Kolias, C., 2021. Empirical evaluation of attacks against ieee 802.11 enterprise networks: The awid3 dataset. IEEE Access 9, 34188–34205. DOI: 10.1109/ACCESS.2021.3061609 DOI: https://doi.org/10.1109/ACCESS.2021.3061609

Hanan, H., Ethan, B., Miroslav, B., Robert, A., Christos, T., Xavier, B., 2020. Mqtt-iot-ids2020 dataset — papers with code. URL: https://paperswithcode.com/dataset/mqtt-iot-ids2020

Ibrahim, Z. A., Razali, R. A., Ismail, S. A., Azhar, I. H. K., Rahim, F. A., Azilan, A. M. A., 2022. A review of machine learning botnet detection techniques based on network traffic log. 2022 IEEE International Conference on Computing, ICOCO 2022, 204–209. DOI: 10.1109/ICOCO56118.2022.10031803 DOI: https://doi.org/10.1109/ICOCO56118.2022.10031803

Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J., 2019. Survey of intrusion detection systems: techniques, datasets and challenges. The 14th International Conference on Ambient Systems, Networks and Technologies (ANT), March 15-17, 2023, Leuven, Belgium. DOI: 10.1186/s42400-019-0038- DOI: https://doi.org/10.1186/s42400-019-0038-7

Liao, H. J., Lin, C. H. R., Lin, Y. C., Tung, K. Y., 1 2013. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications 36, 16–24. DOI: 10.1016/J.JNCA.2012.09.004 DOI: https://doi.org/10.1016/j.jnca.2012.09.004

Michelena, A., Díaz-Longueira, A., Timiraos, M., Jove, E., Aveleira-Mata, J., García-Rodiguez, I., García-Ordás, M. T., Calvo-Rolle, J. L., Alaiz-Moretón, H., 2023. One-class reconstruction methods for categorizing dos attacks on coap. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 14001 LNAI, 3–14. DOI: 10.1007/978-3-031-40725-3_1 DOI: https://doi.org/10.1007/978-3-031-40725-3_1

Mika, 2024. Creating a wireshark dissector in lua - part 1 (the basics) — mika’s tech blog. URL: https://mika-s.github.io/wireshark/lua/dissector/2017/11/04/creating-a-wireshark-dissector-in-lua-1.html

Moustafa, N., 2017. Designing an online and reliable statistical anomaly detection framework for dealing with large high-speed network traffic. DOI: 10.26190/UNSWORKS/3298

MQTT UAD, 2019. Mqtt uad: Mqtt under attack dataset. a public dataset for the detection of attacks in iot networks using mqtt. URL: https://figshare.com/s/2036c5c56ce6a3fc1191

Naidu, G. A., Kumar, J., 2019. Wireless protocols: Wi-fi son, bluetooth, zigbee, z-wave, and wi-fi. Lecture Notes in Networks and Systems 65, 229–239. URL: https://www.researchgate.net/publication/330927333_ DOI: https://doi.org/10.1007/978-981-13-3765-9_24

Otoum, Y., Nayak, A., 123. As-ids: Anomaly and signature based ids for the internet of things keywords internet of things (iot) security · anomaly-based ids · signature-based ids · deep q-learning · lightweight neural network (lightnet). Journal of Network and Systems Management 29, 23. DOI: 10.1007/s10922-021-09589-6 DOI: https://doi.org/10.1007/s10922-021-09589-6

Rizos, A., Bastos, D., Saracino, A., Martinelli, F., 2020. Distributed ucon in coap and mqtt protocols. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 11980 LNCS, 35–52. DOI: 10.1007/978-3-030-42048-2_3 DOI: https://doi.org/10.1007/978-3-030-42048-2_3

Security group CNR-IEIIT, N., 2021. Mqttset. URL: https://www.kaggle.com/datasets/cnrieiit/mqttset

Shelby, Z., Hartke, K., Bormann, C., 6 2014. The constrained application pro-tocol (coap). URL:https://www.rfc-editor.org/info/rfc7252 DOI:10.17487/RFC7252 DOI: https://doi.org/10.17487/rfc7252

Singh, G., Khare, N., 2022. A survey of intrusion detection from the perspective of intrusion datasets and machine learning techniques. International Journal of Computers and Applications 44, 659–669. DOI: 10.1080/1206212X.2021.1885150 DOI: https://doi.org/10.1080/1206212X.2021.1885150

Timiraos, M., Michelena, Á., Díaz-Longueira, A., Jove, E., Aveleira-Mata,J., García-Rodiguez, I., Bayón-Gutiérrez, M., Alaiz-Moretón, H., Calvo-Rolle, J. L., 2023. Categorization of coap dos attack based on one-classboundary methods. In: García Bringas, P., Pérez García, H., Martínez de Pisón, F. J., Martínez ́Alvarez, F., Troncoso Lora, A., Herrero, ́A., Calvo Rolle, J. L., Quintián, H., Corchado, E. (Eds.), 18th International Con-ference on Soft Computing Models in Industrial and Environmental Appli-cations (SOCO 2023). Springer Nature Switzerland, Cham, pp. 112–121 DOI: https://doi.org/10.1007/978-3-031-42529-5_11

U. of California, 1999. Kdd cup 1999 data. URL: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

Wireless_Protocols_Wi-Fi_SON_Bluetooth_ZigBee_Z-Wave_and_Wi-Fi DOI: 10.1007/978-981-13-3765-9 24 DOI: https://doi.org/10.1007/978-981-13-3765-9

Wireshark, 2024. Wireshark · display filter reference: Index. URL: https://www.wireshark.org/docs/dfref/

Barra lateral del artículo

Contenido principal del artículo

Resumen

Palabras clave:

Detalles del artículo

Citas