Abstract

The research focuses on designing a predictive model for Internet of Things (IoT) attack identification using historical IoT data from the Global Cyber Alliance's (GCA) Automated IoT Defense Ecosystem (AIDE). This research goes into the design of an enhanced machine-learning model, to predict potential security breaches. The process involved a thorough data science lifecycle, overall data preprocessing, feature selection, and engineering. The study’s main objective is to design a model to classify IoT activities and events, distinctive among normal operations and indicators of potential cyber-attacks. The model design incorporates distinct features like command frequency, login success, geo-distance calculations, credentials tried, and protocol encodings to enhance predictive accuracy. The model uses algorithms like logistic regression and random forests to explore their efficacy in binary and multiclass classifications. The research emphasizes the critical role of the model’s capability to proactively address IoT security challenges. Offering early alerts is crucial in allowing timely countermeasures, herein strengthening IoT ecosystems against cyber threats. The model’s accuracy in predicting IoT attacks, reduces the likelihood of successful breaches, thus safeguarding sensitive data and infrastructure. Furthermore, it assists as a key tool for policymakers and security professionals, providing insight into occurring threat patterns and enabling the development of robust defense strategies.

Statistics