Guest lecture: DÏoT: a self-learning anomaly detection system for IoT

Postdoc Samuel Marchal, Aalto University, Finland.

01.11.2018 | Jens Kargaard Madsen

Dato fre 09 nov
Tid 13:15 14:00
Sted Room 424, building 5125, Finlandsgade 22, 8200 Aarhus N

Abstract
IoT devices are being widely deployed. Many of them are vulnerable due to insecure implementations and configuration. As a result, many networks already have vulnerable devices that are easy to compromise. This has led to a new category of malware specifically targeting IoT devices. Existing intrusion detection techniques are not effective in detecting compromised IoT devices given the massive scale of the problem in terms of the number of different types of devices and manufacturers involved.
In this presentation, I introduce DÏoT, a system for detecting compromised IoT devices effectively. In contrast to prior work, DÏoT uses a novel self-learning approach to classify devices into device types and build normal communication profiles for each of these that can subsequently be used to detect anomalous deviations in communication patterns. DÏoT is completely autonomous and can be trained in a federated manner without requiring human intervention or labeled training data. Consequently, DÏoT can cope with the emergence of new device types as well as new attacks.

Samuel Marchal is currently a Post-Doctoral Researcher in the Secure Systems Research Group at Aalto University, Finland. He is also a associate principal investigator and researcher in the Intel Collaborative Research Institute for Collaborative Autonomous and Resilient Systems (ICRI-CARS) where he leads the “secure machine learning” research pillar. He has been and is currently involved in many industrial collaborations including with Intel, Bell Labs, F-secure, McAfee and Zalando. He received the M.Sc. degree in computer science in 2011 from TELECOM Nancy, France. He received the Ph.D. degree jointly from the University of Luxembourg, Luxembourg and the University of Lorraine, France, in 2015. He conducted his doctoral research at the Interdisciplinary Centre for Security, Reliability and Trust (SnT) in Luxembourg. His research interests lie in system security, Internet of Things security and machine learning.

Forelæsning / foredrag