Cyber Threat Detection in IoT

Transforming healthcare with AI is only half the mission, the other half is ensuring the security and integrity of the devices powering it. Did you know that monitoring an IoT device’s power consumption alone can reveal whether it is operating normally or has been compromised by a botnet? This insight extends beyond smart home devices to IoMT systems, gateways, and edge nodes that underpin modern health monitoring. I’m excited to share that our paper, “Advancing Machine Learning Strategies for Power Consumption-based IoT Botnet Detection,” is now officially published in Sensors 😊 😊 (CiteScore 8.2, Impact Factor 3.5; Q1 in JCR rankings). 🔗 Article link: https://lnkd.in/e683Hqn8 🔗 DOI: https://lnkd.in/ewhtdH-4 In this work, we show how power-side-channel signals provide a reliable, non-intrusive, and tamper-resistant foundation for intrusion detection across heterogeneous IoT platforms. Our study presents a unified benchmark across routers, cameras, and voice assistants, bringing together: 🔹 Classical ML, deep learning, and hybrid architectures 🔹 Cross-device and leave-one-device-out evaluation 🔹 Latency and throughput analysis for real-world edge deployment 🔹 Multi-class botnet detection under imbalanced scenarios By combining machine learning with power-based behavioral monitoring, this work moves us closer to trustworthy, resilient, and secure IoT and IoMT ecosystems. A sincere thank you to my advisor, Dr. Woosub Jung, and to Dr. Wei Yu, for their mentorship, guidance, and continued support. I am also grateful to my co-authors for their collaboration and dedication. #IoTSecurity #SideChannelAnalysis #MachineLearning #IoMT #CyberSecurity #EdgeAI #SmartDevices #DeepLearning #Sensors #TowsonUniversity #ResearchPublication

🔍 Beyond Detection: Leveraging Large Language Models for Cyber Attack Prediction in IoT Networks This paper proposes a novel network intrusion prediction framework that combines LLMs with Long Short Term Memory (LSTM) networks for IoT cybersecurity. The framework uses two fine-tuned LLMs in a feedback loop: - GPT for predicting network traffic and - BERT for evaluating the quality of predicted traffic An LSTM classifier (a type of recurrent neural network (RNN) architecture) then identifies malicious packets among these predictions. 🎯 Results: Overall accuracy of 98% on the CICIoT2023 IoT attack dataset 93.4% accuracy for BERT in packet-pair classification Near-perfect precision, recall, and F1-scores for most attack types in multi-class classification 🛡️ The Problem: Existing Intrusion Detection Systems (IDSs) are often reactive, responding to specific patterns or observed anomalies. This work proposes a proactive approach to anticipate and mitigate malicious activities before they cause damage in IoT networks. 💡 What can we learn? - This is a great example of where fine-tuning can shine: obscure cyber security data like network packets, think of some others that are not like natural language (remember LLMs are built on the field of natural language processing NLP) - Combining generative (GPT) and discriminative (BERT) LLMs creates a robust system for predicting future network states. - LLMs are great at synthetic data generation, many evals and benchmarks are done using this 📊 My take: - The combination of two different LLM models is a great approach for: having one generate synthetic data (don't use the same model to do the evals on this) or task decomposition: try experimenting with different models for different tasks/agents, same for "LLM as a judge", use smaller fast models for the business logic, then larger, powerful model for quality/evals - its still very difficult to go from PoC or prototype to production. While the results are promising, real-world deployment may face challenges due to computational requirements and the need for extensive fine-tuning. - this also reminded me of a great post by Greynoise on the differences between using BERT vs GPT, highly recommend this read: https://lnkd.in/erVRJZjf 🔗 to paper: https://lnkd.in/ek-43nN7

Catch IoT malware and rootkits using electromagnetic side-channel communication from the microchip. 🐺📟၊၊||၊👨🏻💻 Security researchers Duy-Phuc Pham, Damien Marion, and Annelie Heuser earlier shared their research, which combines offensive research techniques and defensive goals: detecting malware within embedded devices using electromagnetic insights. The theory is simple: each piece of code processed within a microchip emits many signals (see the picture below), including electromagnetic (EM) emanations. Researchers were able to identify specific EM signatures associated with the operation of malware and rootkits. In simple terms - when a microchip processes legitimate code, it "sings" one song; when it is infected with malware or a rootkit, the song is different, and it can be detected and attributed. Interesting indeed! More details: IoT Malware and Rookit Detections Using Electromagnetic Insights: Unveiling the Unseen [PDF]: https://lnkd.in/ddS2yq8v #technology #malware #infosec #cybersecurity #hacking #embedded #IoT #SCADA #cyber #security #rootkit #sidechannel #research

This is a pleasure sharing that one of our 𝐑𝐞𝐬𝐞𝐚𝐫𝐜𝐡 𝐏𝐚𝐩𝐞𝐫 Titled “𝐈𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐞𝐝 𝐌𝐚𝐜𝐡𝐢𝐧𝐞 𝐋𝐞𝐚𝐫𝐧𝐢𝐧𝐠 𝐀𝐩𝐩𝐫𝐨𝐚𝐜𝐡 𝐟𝐨𝐫 𝐀𝐭𝐭𝐚𝐜𝐤 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐢𝐧 𝐌𝐐𝐓𝐓-𝐄𝐧𝐚𝐛𝐥𝐞𝐝 𝐒𝐦𝐚𝐫𝐭 𝐇𝐨𝐦𝐞 𝐒𝐲𝐬𝐭𝐞𝐦𝐬” has been 𝐩𝐮𝐛𝐥𝐢𝐬𝐡𝐞𝐝 included in 𝐈𝐄𝐄𝐄 𝐗𝐩𝐥𝐨𝐫𝐞 with 𝐃𝐎𝐈 : 𝟏𝟎.𝟏𝟏𝟎𝟗/𝐄𝐦𝐞𝐫𝐠𝐈𝐍𝟔𝟑𝟐𝟎𝟕.𝟐𝟎𝟐𝟒.𝟏𝟎𝟗𝟔𝟎𝟗𝟕𝟖 𝐩𝐮𝐛𝐥𝐢𝐬𝐡𝐞𝐝 𝐛𝐲 𝐈𝐄𝐄𝐄. This Paper discusses and explores the MQTT protocol, which is an efficient and lightweight messaging protocol commonly used in IoT systems for communication. To identify and mitigate cyber-attacks in smart home systems, this study applies a set of machine learning algorithms to analyze MQTT attack dataset, which aims to detect and classify various cyber-attacks using multiple machine learning approaches with high accuracy and combine their prediction to find out the final result. The study begins with an introduction of smart home, its components, basic introduction, architecture of MQTT protocol, and major attack vectors targeting MQTT-based systems, highlighting vulnerabilities that can be exploited by attackers. Afterward this research paper proposes and implementing a model which uses a set of machine learning algorithms on MQTT attack dataset to train and test models, these become capable to identify anomalies in MQTT traffic, which enables the detection of attacks such as dos attack, flooding packet attack, SlowITe Attack and brute force attack for unauthorized access of servers or systems. Feature selection and data standardization done, all trained and tested models demonstrate high accuracy and effectiveness in threat detection and classification on a comprehensive MQTT dataset. This study illustrates the effectiveness and good application of AI/ML-driven approaches for security leak prevention which is boosting the smart home environments security attack detection and contributing towards the secure IoT ecosystems.   https://lnkd.in/g8K926tV