Skip to main content
Thesis defences

MCS Thesis Examination: Eniela Vela

Anomaly Detection in IoT Devices Using LogBERT


Date & time
Monday, September 26, 2022
3 p.m. – 4:30 p.m.
Cost

This event is free

Organization

Department of Computer Science and Software Engineering

Contact

Leila Kosseim

Where

Online

Abstract

    A rapid increase in the use of the Internet of Things (IoT) devices by corporates and consumers is changing the topography of the Internet. The design of IoT devices has often been centered on completing functional requirements (e.g. observing, remote controlling), but has sporadically ignored security requirements.

    Recently, due to the increase of cyber-attacks on IoT devices, researchers have focused on finding alternative machine learning solutions. LogBERT [45] is a new deep learning approach based on BERT [28] algorithm, which has shown promising results in identifying anomalies on computer logs. LogBERT incorporates two self-learning tasks, Masked Log Key Prediction (MLKP) and Volume of Hypersphere Minimization (VHM). MLKP predicts random log keys and learns contextual information about log sequences while VHM maps the data in a hypersphere where the normal data are concentrated around the center and the abnormal data far from the center. After training LogBERT on normal data, the algorithm can identify the abnormal data which deviate from the normal learned path.

    In light of the positive results shown in computer logs, we propose to extend the usage of the LogBERT algorithm in IoT data. Our experiment is based on real-life data which we generated through the six most common IoT devices; an indoor camera, outdoor camera, DVR, two different home routers, and a smart light bulb. We exploited the six IoT devices with three different malware that have different architectures but similar exploitation techniques; Mirai botnet, RouterSploit, and UFONet. Our experiment showed that LogBERT can be used for anomaly detection in IoT devices and that it achieves better results than some existing machine or dee`p learning approaches.

Examining Committee

  • Dr. Yann-Gael Gueheneuc (Chair) 
  • Dr. Brigitte Jaumard (Supervisor)
  • Dr. Olga Ormandjieva (Examiner)
  • Dr. Yann-Gael Gueheneuc (Examiner)
     
Back to top

© Concordia University