Detection of DoS Attacks in Smart City Networks With Feature Distance Maps: A Statistical Approach

Smart cities are highly digitalized cities, with a high volume of data stored digitally, as well as a large number of physical objects and Internet of Things (IoT) devices. It is no surprise that security concerns increase as connected IoT devices become more prevalent. There has long been a perception that Denial-of-Service (DoS) attacks give rise to a notable menace to the security of smart city networks. A statistical method based on feature distance maps is suggested in this work for the identification of DoS attacks in smart city networks. This study aims to build a DoS attack detection model that has a low computational complexity and a low rate of false positives (FPs). The performance of the model is arbitrated using smart city network traffic data set. In order to make processing easier, the features are normalized using Min-Max normalization. A subset of features suitable for attack detection can be evaluated with Pearson Correlation Coefficient. A feature distance map method is proposed for extracting correlations between features between records. Manhattan distance measures are used to generate the feature distance maps. The feature distance maps enhance the statistical analysis process. Hellinger distance measure is used to generate the normal traffic profile by calculating the degree of similarity between the feature distance map of each record and the normal traffic profile mean. On the basis of the proposed threshold, the Hellinger distance is used to evaluate whether an unknown traffic data belongs to normal or attack. Compared with Mahalanobis distance-based DoS detection, the Hellinger distance-based attack detection takes less time to execute. Based on the theoretical and experimental results, the proposed DoS attack detection system has a low computational complexity and a low FP rate. Furthermore, the proposed approach outperforms the existing state-of-the-art feature ranking based DoS attack detection systems.

Automated summary

This paper proposes a statistical method for identifying DoS attacks in smart city networks, and develops a DoS attack detection model with low computational complexity and low false positive rate. Using smart city network traffic data set and feature distance map method for statistical analysis, this approach enhances the accuracy of attack detection.