A rapid increase in the use of the Internet of Things (IoT) devices by corporates and consumers is changing the topography of the Internet. The design of IoT devices has often been centered on completing functional requirements (e.g. observing, remote controlling), but has sporadically ignored security requirements.
Recently, due to the increase of cyber-attacks on IoT devices, researchers have focused on finding alternative machine learning solutions. LogBERT  is a new deep learning approach based on BERT  algorithm, which has shown promising results in identifying anomalies on computer logs. LogBERT incorporates two self-learning tasks, Masked Log Key Prediction (MLKP) and Volume of Hypersphere Minimization (VHM). MLKP predicts random log keys and learns contextual information about log sequences while VHM maps the data in a hypersphere where the normal data are concentrated around the center and the abnormal data far from the center. After training LogBERT on normal data, the algorithm can identify the abnormal data which deviate from the normal learned path.
In light of the positive results shown in computer logs, we propose to extend the usage of the LogBERT algorithm in IoT data. Our experiment is based on real-life data which we generated through the six most common IoT devices; an indoor camera, outdoor camera, DVR, two different home routers, and a smart light bulb. We exploited the six IoT devices with three different malware that have different architectures but similar exploitation techniques; Mirai botnet, RouterSploit, and UFONet. Our experiment showed that LogBERT can be used for anomaly detection in IoT devices and that it achieves better results than some existing machine or dee`p learning approaches.