TUM Logo

Graph-based Anomaly Detection for IoT Microservices

The Internet of Things (IoT) consists of distributed devices. The devices are managed by microservices that cooperate in an ad-hoc way for implementing diverse use cases. The opportunistic cooperation, and the heterogeneous distributed computing environments make it difficult to manually keep track of the communication relationships between IoT services. We show how a communication graph can be built autonomously, and how it can be used to identify traffic anomalies. A special focus is on bootstrapping the allowed connections of a service. We provide a quantitative evaluation of the added latency of our security feature, and of the graph changes in a real world scenario.

Graph-based Anomaly Detection for IoT Microservices

Authors: François-Xavier Aubet, Marc-Oliver Pahl, Stefan Liebald, and Mohammad Reza Norouzian
Year/month: 2018/1
Booktitle: Passive and Active Measurement (PAM)
Fulltext: click here

Abstract
The Internet of Things (IoT) consists of distributed devices. The devices are managed by microservices that cooperate in an ad-hoc way for implementing diverse use cases. The opportunistic cooperation, and the heterogeneous distributed computing environments make it difficult to manually keep track of the communication relationships between IoT services. We show how a communication graph can be built autonomously, and how it can be used to identify traffic anomalies. A special focus is on bootstrapping the allowed connections of a service. We provide a quantitative evaluation of the added latency of our security feature, and of the graph changes in a real world scenario.

Bibtex:

@conference {
author = { François-Xavier Aubet and Marc-Oliver Pahl and Stefan Liebald and Mohammad Reza Norouzian },
title = { Graph-based Anomaly Detection for IoT Microservices },
year = { 2018 },
month = { January },
booktitle = { Passive and Active Measurement (PAM) },
url = { https://pam2018.inet.berlin/wp-content/uploads/2018/03/pam18poster-paper7.pdf },

}