Monitoring and Detection Time Optimization of Man in the Middle Attacks using Machine Learning
Otily Toutsop, Paige Harvey, Kevin Kornegay
Abstract
The Internet of Things (IoT) is growing with the advancement of technology. Many vendors are creating IoT devices to leverage the quality of life of consumers. These devices include smart grids, smart homes, smart health care systems, smart transportation, and many other applications. IoT devices interact with the environment and each other using sensors and actuators. However, the widespread proliferation of IoT devices poses many cybersecurity threats. The IoT devices’ interconnection opens the door to attackers who try to gain unauthorized access to these devices. For many IT networks, establishing trust and security during the device operation is challenging. Further, devices also may leak vital information, which is a significant concern in cybersecurity. Prior research has shown that security breaches have increased by 67% over the past five years, and 95% of HTTPs servers are vulnerable to Man-in-the-middle (MIM) attacks. This paper examines attack datasets from the Hacking and Countermeasure Research Lab (HCRL) collected from real-life IoT devices that include smart cameras, laptops, and smartphones [1]. We present a model using Random Forest, Logistic Regression, and Decision Tree. Results indicate that the overall detection accuracy is 98-100%, which is more promising than traditional Intrusion Detection Systems (IDS).