Two-tier anomaly detection based on traffic profiling of the home automation system


Gajewski M., Batalla J. M., LEVİ A., TOĞAY C., Mavromoustakis C. X., Mastorakis G.

COMPUTER NETWORKS, vol.158, pp.46-60, 2019 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 158
  • Publication Date: 2019
  • Doi Number: 10.1016/j.comnet.2019.04.013
  • Journal Name: COMPUTER NETWORKS
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.46-60
  • Bursa Uludag University Affiliated: Yes

Abstract

Smart building equipment and automation systems often become a target of attacks and are used for attacking other targets located out of the Home Area Network. Attacks are often related to changes in traffic volume, disturbed packet flow or excessive energy consumption. Their symptoms can be recognized and interpreted locally, using software agent at Home Gateway. Although anomalies are detected locally at the Home Gateway, they can be exploited globally. Thus, it is significantly important to detect global attack attempts through anomalies correlation.