A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment

Yutaro Iizawa; Norihiro Okui; Yusuke Akimoto; Shotaro Fukushima; Ayumu Kubota; Takuya Yoshida

doi:10.5220/0013461200003944

A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment

Yutaro Iizawa, Norihiro Okui, Yusuke Akimoto, Shotaro Fukushima, Ayumu Kubota, Takuya Yoshida

2025

Abstract

Research on network-based anomaly detection has been conducted as a countermeasure against cyberattacks from IoT devices. Specifically, anomaly detection based on flow data, such as IPFIX, has garnered increasing attention to address the rising communication volume. In these studies, obtaining flow data from the communication data sent and received by IoT devices is necessary; however, obtaining these data can be difficult when the IoT system is already built in a cloud environment. In this study, we investigated an anomalous communication detection method using VPC Flow Logs, which can be obtained via AWS. VPC Flow Logs record only the number of packets and bytes in a single direction, resulting in less information than that obtained via flow data. For example, session information is divided into multiple records according to the time window. To increase the precision of anomalous communication detection using VPC Flow Logs data, we developed a methodology for the effective conversion of multiple VPC Flow Logs into bidirectional data. The efficacy of this approach was assessed by evaluating its performance on public datasets.

Download

Paper Citation

in Harvard Style

Iizawa Y., Okui N., Akimoto Y., Fukushima S., Kubota A. and Yoshida T. (2025). A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment. In Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS; ISBN 978-989-758-750-4, SciTePress, pages 410-415. DOI: 10.5220/0013461200003944

in Bibtex Style

@conference{iotbds25,
author={Yutaro Iizawa and Norihiro Okui and Yusuke Akimoto and Shotaro Fukushima and Ayumu Kubota and Takuya Yoshida},
title={A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment},
booktitle={Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS},
year={2025},
pages={410-415},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013461200003944},
isbn={978-989-758-750-4},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS
TI - A Study of Anomalous Communication Detection for IoT Devices Using Flow Logs in a Cloud Environment
SN - 978-989-758-750-4
AU - Iizawa Y.
AU - Okui N.
AU - Akimoto Y.
AU - Fukushima S.
AU - Kubota A.
AU - Yoshida T.
PY - 2025
SP - 410
EP - 415
DO - 10.5220/0013461200003944
PB - SciTePress