Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do something about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved.

As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to their advantage. So, they created a machine learning pipeline that performs data collection, feature extraction, and binary classification of IoT traffic and designed it so that it can be operated on network middleboxes (e.g., routers, switches, firewalls).

Read more about the system that was deployed on an experimental consumer IoT device network, where it successfully identified attack traffic with an accuracy higher than 0.999, on Help Net Security.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief