Abstract:
Internet of Things (IoT) enables a myriad of applications by interconnecting software to physical objects. The objects range from wireless sensors to robots and include surveillance cameras. The applications are often critical (e.g. physical intrusion detection, fire fighting) and latency-sensitive. On the one hand, such applications rely on specific protocols (e.g. MQTT, COAP) and the network to communicate with the objects under very tight timeframe. On the other hand, anomalies (e.g. communication noise, sensors' failures, security attacks) are likely to occur in open IoT systems and can result by sending false alerts or the failure to properly detect critical events. To address that, IoT systems have to be equipped with anomaly detection processing in addition to the required event detection capability. This is a key feature that enables reliability and efficiency in IoT. However, anomaly detection systems can be themselves object of failures and attacks, and then can easily fall short to accomplish their mission. This paper introduces a Reliable Event and Anomaly Detection Framework for the Internet of Things (READ-IoT for short). The designed framework integrates events and anomalies detection into a single and common system that centralizes the management of both concepts. To enforce its reliability, the system relies on a reputation-aware provisioning of detection capabilities that takes into account the vulnerability of the deployment hosts. As for validation, READ-IoT was implemented and evaluated using two real life applications, i.e. a fire detection and an unauthorized person detection applications. Several scenarios of anomalies and events were conducted using NSL-KDD public dataset, as well as, generated data to simulate routing attacks. The obtained results and performance measurements show the efficiency of READ-IoT in terms of event detection accuracy and real-time processing