Influence of Autoencoder Latent Space on Classifying IoT CoAP Attacks
María Teresa García-Ordás, Jose Aveleira-Mata, Isaías García-Rodríguez, José Luis Casteleiro-Roca, Martín Bayón-Gutierrez, Héctor Alaiz-Moretón
TL;DR
The paper addresses CoAP-based attack detection in IoT by using autoencoder-derived latent features to compress high-dimensional traffic data and evaluate three classifiers. A CoAP-focused dataset with DoS, MitM, and cross-protocol attacks is constructed in a simulated IoT environment to test the approach. Ensemble methods (Random Forest and XGBoost) substantially outperform Decision Trees, with Random Forest achieving near-perfect metrics using as few as two latent features. The results demonstrate that aggressive data reduction can enable real-time, accurate IDS for CoAP in IoT, guiding future work toward broader classifier options and alternative dimensionality-reduction techniques.
Abstract
The Internet of Things (IoT) presents a unique cybersecurity challenge due to its vast network of interconnected, resource-constrained devices. These vulnerabilities not only threaten data integrity but also the overall functionality of IoT systems. This study addresses these challenges by exploring efficient data reduction techniques within a model-based intrusion detection system (IDS) for IoT environments. Specifically, the study explores the efficacy of an autoencoder's latent space combined with three different classification techniques. Utilizing a validated IoT dataset, particularly focusing on the Constrained Application Protocol (CoAP), the study seeks to develop a robust model capable of identifying security breaches targeting this protocol. The research culminates in a comprehensive evaluation, presenting encouraging results that demonstrate the effectiveness of the proposed methodologies in strengthening IoT cybersecurity with more than a 99% of precision using only 2 learned features.