The rapid proliferation of Internet of Things devices has introduced significant security challenges, particularly due to their deployment in exposed environments and reliance on unpatched or static firmware, which enables adversaries to exploit various vulnerabilities. In response, artificial intelligence (AI) has emerged as key tools for detecting anomalous behavior and addressing evolving cyber attack threats. This study leverages the NF-CSE-CIC-IDS2018 dataset, a streamlined variant of CSE-CIC-IDS2018 which preserves relevant security events while reducing computational overhead. The paper evaluates the impact of classical outlier-removal techniques and shows that the Grubbs test eliminates outliers that might be attacks. Furthermore, the Principal Component Analysis and t-Distributed Stochastic Neighbour Embedding visualizations are compared across different feature sets, finding that using all NF-CSE-CIC-IDS2018 attributes with t-Distributed Stochastic Neighbour Embedding yields clearer separation of major attack types. Our findings highlight the importance of using security-aware preprocessing and non-linear embeddings to preserve and reveal critical attack patterns.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Exploratory Visualization of IoT Attacks on the NF-CSE-CIC-IDS2018 Dataset

  • Álvaro Villar-Val,
  • Diego Granados-Lopez,
  • Angel Arroyo,
  • Álvaro Herrero

摘要

The rapid proliferation of Internet of Things devices has introduced significant security challenges, particularly due to their deployment in exposed environments and reliance on unpatched or static firmware, which enables adversaries to exploit various vulnerabilities. In response, artificial intelligence (AI) has emerged as key tools for detecting anomalous behavior and addressing evolving cyber attack threats. This study leverages the NF-CSE-CIC-IDS2018 dataset, a streamlined variant of CSE-CIC-IDS2018 which preserves relevant security events while reducing computational overhead. The paper evaluates the impact of classical outlier-removal techniques and shows that the Grubbs test eliminates outliers that might be attacks. Furthermore, the Principal Component Analysis and t-Distributed Stochastic Neighbour Embedding visualizations are compared across different feature sets, finding that using all NF-CSE-CIC-IDS2018 attributes with t-Distributed Stochastic Neighbour Embedding yields clearer separation of major attack types. Our findings highlight the importance of using security-aware preprocessing and non-linear embeddings to preserve and reveal critical attack patterns.