MACHINE LEARNING BASED TIMELY DETECTION AND DIAGNOSIS OF ABNORMAL BEHAVIORS IN THE INTERNET-OF-THINGS

Abstract

The Internet-of-Things (IoTs) is believed to address social issues and challenges of the modern world to a large extent. For instance, the issues faced by big cities, such as increasing rate of unemployment, economic downfall, the air pollution due to emissions from vehicles or industries, useless energy consumption in homes, or the diculties experienced by handicapped and elderly people, and so on. The IoTs provides opportunities to develop applications and platforms that can be used to regulate and reduce the factors that cause such problems. In addition, the IoTs posses a great potential of providing opportunities to developing new applications that improve the quality of life of citizens. The concept of IoTs is to interconnect the electronic devices (referred as things in the terminology of IoTs) through a cloud network to perform actions without human interaction. These devices include sensors at one end of the network to sense and collect information about the environment. A communication medium with specic protocols is used to transfer this data from sensing nodes to the central units. These units process thecollected data to extract useful information and execute a command or action accordingly. This idea of interconnected things with ability to act independently is approaching toward reality with the increase in number of nodes connected to the internet. The ubiquitous sensing nodes, or simply sensors, deployed in IoTs network are mobile or installed at xed positions spread over a large area. These nodes rely on wireless communication technologies to transfer the collected data to the central unit through cloud platform. Moreover, these nodes are constrained in terms of computational resources, memory and battery to store energy making it impossible to implement the existing computationally expensive cybersecurity techniques used in traditional Wireless Sensor Networks (WSNs). Therefore, the nodes of IoTs are more prone to cyber attacks as compared to the constraintfree immobile nodes of WSNs. This situation is posing a serious challenge of security and data privacy while implementing the IoTs network. Furthermore, the performance of IoTs is highly dependent on the sensed data collected by sensors. A failure originated in these nodes (also known as fault) may corrupt the collected data leading to serious consequences, such as huge economic losses, long delays in the network function, or human safety in some cases. Therefore, it is necessary to develop algorithms for detection or prediction of the fault occurrence in IoTs nodes. In short, the IoTs network should be capable of detecting faults and intrusions in order to implement a reliable network free of disturbances. However, the resource limitation problem of the IoTs nodes and the fact that these nodes are deployed in the remote areas where the environmental conditions may vary rapidly, put limitations on the development of faults and intrusion detection mechanisms. Firstly, the algorithms designed for such sensors should perform well with the given amount of resources in the node. Secondly, these algorithms should be capable of distinguishing the faults or attacks from the behaviors occured due to variations in the environment. This dissertation is related to developing the fault and intrusion detection algorithms for IoTs nodes while consideringthese challenges. Firstly, a fault detection and diagnosis framework is proposed to identify the presence and type of fault originated in sensors. A well-known data-driven supervised machine learning-based classication algorithm, called Support Vector Machine (SVM), is utilized to design this framework. The classier is given input in terms of statistical time-domain features extracted from the raw signal of sensor. The dataset used to analyze the performance of the classier is acquired as follows: normal data signals are obtained from a temperature-to-voltage converter TC1047/1047A by using an arduino Uno microcontroller, and a personal computer with MATLAB. Then, ve types of faults, including drift, gain, precision degradation, spike and stuck fault, are injected in the normal data signals. The performance of the proposed algorithm is presented under dierent scenarios. Furthermore, a comparison with neural network-based algorithm show that the proposed algorithm perform better. Secondly, a novel feature selection scheme is proposed to select most discriminating subset of features among the whole set of features. The features having high mutual information with target class and minimum mutual information with non-target class are selected. This method is veried using the similar dataset. Thirdly, a distributed fault detection and diagnosis approach is proposed using stacked auto-encoder, SVM, and fuzzy deep neural network. The fault detection can be implemented in the resource-constrained sensing nodes to avoid the delays occured due to data transmission between the sensor and the central unit. Nevertheless, the fault diagnosis can be carried out in the central unit to obtain more information about the detected fault. Again, this technique is veried using the similar data with the same types of faults. Moreover, a lightweight intrusion deteciton system is proposed using SVM-based classier with three non-complex features, namely mean, maximum, and median. The denialof- service (DoS) attacks are targetted which have a concomitant increasing or decreasingeect on the trac intensity. The anomaly-based intrusion detection system continuously monitors the trac intensity attribute of the node to detect intrusion. The performance of the proposed system is anayzed using a dataset obtained using simulations with dierent types of DoS attacks, including packets ooding, vulenerability, blackhole, jamming, selective forwarding, sybil, sinkhole, clone, wormhole, and hello ood attacks. Finally, an SVM-based spectrum sensing technique is proposed to detect the presence of primary users in cognitive radio networks. The secondary users start transmission if the channel is sensed idle or free from primary user with a transmission power calculated based on the quantized sensing result and the residual energy in node battery. The objective is to improve the throughput performance of the system. The simulation results shows that the proposed algorithms successfully achieve the objective of improved throughput as compared to the conventional energy detection technique.