Anomaly detection encompasses various applications and techniques, including statistical methods and machine learning. Anomalies are categorized into point, contextual, and collective types. Cumulative anomaly detection shifts focus towards understanding the causes behind anomalous events, such as compromised IoT devices, rather than merely identifying isolated occurrences. To improve IoT security, new detection techniques, including machine learning-based solutions, have emerged; however, many require both benign and attack traffic data for training. This paper introduces the CUMAD system, which advances cumulative anomaly detection by gathering evidence over time to assess the integrity of IoT devices.
Anomaly detection has been studied across application domains with techniques rooted in statistical inference and machine learning, focusing on three categories: point, contextual, and collective anomalies.
Cumulative anomaly detection, as proposed in this paper, emphasizes the accumulation of evidence from individual anomalous events to determine if an IoT device is compromised.
Existing machine learning-based security solutions struggle with new attack detection as they often require training data from both benign and attack traffic.
The CUMAD system offers a new approach to cumulative anomaly detection, focusing on holistic evidence collection to enhance IoT security by identifying compromised devices.
Collection
[
|
...
]