bt-ids: an anomaly-based intrusion detection system for ... · project tasks: overview ptask 1:...
TRANSCRIPT
![Page 1: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/1.jpg)
Cloud and Autonomic Computing Center
Tucson, Arizona
Semi Annual IAB Meeting
Shalaka Satam, Pratik Satam and Salim Hariri
BT-IDS: An anomaly-based Intrusion Detection System for Bluetooth Devices
![Page 2: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/2.jpg)
Project Team Members
n UA Facultyp Salim Hariri
n UA Graduate Studentsp Shalaka Satamp Pratik Satam
2
![Page 3: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/3.jpg)
Background
n IoT devices depend heavily on wirelessnetworks for communications.
n Bluetooth networks have become thewireless network choice for small rangecommunications.
n Bluetooth networks need to be secureagainst cyberattacks like battery drainingattack, DoS, etc.
3
![Page 4: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/4.jpg)
Project Overview
4
![Page 5: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/5.jpg)
Project Tasks: Overviewp Task 1: Develop innovative data structures
(Bluetooth Flow (BTF)) that can accurately model the Bluetooth normal operations
p Task 2: Design an architecture for the Bluetooth Intrusion Detection System (BT-IDS)
p Task 3: Build machine learning models that characterize the normal behavior that can be used to detect any attack against Bluetooth network
5
![Page 6: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/6.jpg)
Task 1: Develop BT Flow data structures that model the Bluetooth normal operations
6
• N-gram - A datastructure that is used torepresent an N statetransitions sequence ofthe BT protocol statediagram into one singleunit (N-gram).
• BT Flow (BTF) - Acollection of Ngramsthat follow one specificflow of Bluetooth traffic.
![Page 7: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/7.jpg)
Task 2: Design a BT-IDS Architecture
7
• Sniffer ModuleIts main function is to collect data frames that are transmitted over the Bluetooth network• BT Behavior Analysis
Unit (BT-BAU)It performs data-driven analytics to detect any abnormal behavior in BT network operations that can be triggered by BT attacks
![Page 8: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/8.jpg)
Task 3: Develop machine learning models that characterize the BT normal operations
8
Preliminary analysis
![Page 9: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/9.jpg)
Activities and outcomes
p The primary goal of this project is to develop an intrusion detection system (IDS) for Bluetooth network that uses anomaly based detection approach.
p The Bluetooth IDS (BT-IDS) can detect and classify accurately new and modified attacks with little or no false positives and false negatives.
9
![Page 10: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/10.jpg)
Deliverables and benefits
10
Deliverables• Midterm and final reports documenting
research methods, and evaluation results• One or two scholarly conference and/or
journal publications
Benefits• Capability to detect and classify attacks
against Bluetooth networks.
![Page 11: BT-IDS: An anomaly-based Intrusion Detection System for ... · Project Tasks: Overview pTask 1: Develop innovative data structures (Bluetooth Flow (BTF)) that can accurately model](https://reader034.vdocuments.site/reader034/viewer/2022052105/6040ffb6f62b032f68626df6/html5/thumbnails/11.jpg)
LIFE Form Input
Please take a moment to fill out your L.I.F.E. forms.http://www.iucrc.com
Select “Cloud and Autonomic Computing Center”then select “IAB” role.
What do you like about this project?What would you change?
(Please include all relevant feedback.)
11