{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T02:36:41Z","timestamp":1775788601982,"version":"3.50.1"},"reference-count":52,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2024,6,17]],"date-time":"2024-06-17T00:00:00Z","timestamp":1718582400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Cisco Research"},{"name":"NSF","award":["2112471 and 2229876"],"award-info":[{"award-number":["2112471 and 2229876"]}]},{"DOI":"10.13039\/100006377","name":"Purdue University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100006377","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100005320","name":"Xidian University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100005320","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Internet Things"],"published-print":{"date-parts":[[2024,8,31]]},"abstract":"<jats:p>Internet of Things (IoT) cyber threats, exemplified by jackware and crypto mining, underscore the vulnerability of IoT devices. Due to the multi-step nature of many attacks, early detection is vital for a swift response and preventing malware propagation. However, accurately detecting early-stage attacks is challenging, as attackers employ stealthy, zero-day, or adversarial machine learning to evade detection. To enhance security, we propose ARIoTEDef, an Adversarially Robust IoT Early Defense system, which identifies early-stage infections and evolves autonomously. It models multi-stage attacks based on a cyber kill chain and maintains stage-specific detectors. When anomalies in the later action stage emerge, the system retroactively analyzes event logs using an attention-based sequence-to-sequence model to identify early infections. Then, the infection detector is updated with information about the identified infections. We have evaluated ARIoTEDef against multi-stage attacks, such as the Mirai botnet. Results show that the infection detector\u2019s average F1 score increases from 0.31 to 0.87 after one evolution round. We have also conducted an extensive analysis of ARIoTEDef against adversarial evasion attacks. Our results show that ARIoTEDef is robust and benefits from multiple rounds of evolution.<\/jats:p>","DOI":"10.1145\/3660646","type":"journal-article","created":{"date-parts":[[2024,4,20]],"date-time":"2024-04-20T10:23:06Z","timestamp":1713608586000},"page":"1-34","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["ARIoTEDef: Adversarially Robust IoT Early Defense System Based on Self-Evolution against Multi-step Attacks"],"prefix":"10.1145","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3705-7345","authenticated-orcid":false,"given":"Mengdie","family":"Huang","sequence":"first","affiliation":[{"name":"Xidian University, Xi\u2019an, China and Purdue University, West Lafayette, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7490-9936","authenticated-orcid":false,"given":"Hyunwoo","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea Institute of Energy Technology, Naju-si, South Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1499-5558","authenticated-orcid":false,"given":"Ashish","family":"Kundu","sequence":"additional","affiliation":[{"name":"Cisco Systems Inc, San Jose, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5858-5070","authenticated-orcid":false,"given":"Xiaofeng","family":"Chen","sequence":"additional","affiliation":[{"name":"Xidian University, Xi\u2019an, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7148-0000","authenticated-orcid":false,"given":"Anand","family":"Mudgerikar","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8207-9717","authenticated-orcid":false,"given":"Ninghui","family":"Li","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4029-7051","authenticated-orcid":false,"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Purdue University, West Lafayette, United States"}]}],"member":"320","published-online":{"date-parts":[[2024,6,17]]},"reference":[{"key":"e_1_3_1_2_2","first-page":"1093","volume-title":"Proceedings of the USENIX Security Symposium","author":"Antonakakis M.","year":"2017","unstructured":"M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, D. Menscher, C. Seaman, N. Sullivan, K. Thomas, and Y. Zhou. 2017. Understanding the Mirai botnet. In Proceedings of the USENIX Security Symposium. 1093\u20131110."},{"key":"e_1_3_1_3_2","first-page":"1","volume-title":"Proceedings of International Conference on Learning Representations (ICLR\u201915)","author":"Bahdanau D.","year":"2015","unstructured":"D. Bahdanau, K. H. Cho, and Y. Bengio. 2015. Neural machine translation by jointly learning to align and translate. In Proceedings of International Conference on Learning Representations (ICLR\u201915). 1\u201315."},{"key":"e_1_3_1_4_2","first-page":"833","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201912)","author":"Bilge L.","year":"2012","unstructured":"L. Bilge and T. Dumitras. 2012. Before we knew it: An empirical study of zero-day attacks in the real world. In Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201912). ACM, New York, NY, USA, 833\u2013844."},{"key":"e_1_3_1_5_2","first-page":"1","volume-title":"Proceedings of the International Conference on Learning Representations (ICLR\u201918)","author":"Brendel W.","year":"2018","unstructured":"W. Brendel, J. Rauber, and M. Bethge. 2018. Decision-based adversarial attacks: Reliable attacks against black-box machine learning models. In Proceedings of the International Conference on Learning Representations (ICLR\u201918). 1\u201312."},{"key":"e_1_3_1_6_2","doi-asserted-by":"publisher","DOI":"10.1145\/3465055"},{"key":"e_1_3_1_7_2","first-page":"1277","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P\u201920)","author":"Chen J.","year":"2020","unstructured":"J. Chen, M. I. Jordan, and M. J. Wainwright. 2020. HopSkipJumpAttack: A query-efficient decision-based attack. In Proceedings of the IEEE Symposium on Security and Privacy (S&P\u201920). IEEE, 1277\u20131294."},{"key":"e_1_3_1_8_2","first-page":"103","volume-title":"Proceedings of the 8th Workshop on Syntax, Semantics, and Structure in Statistical Translation (SSST\u201914)","author":"Cho K.","year":"2014","unstructured":"K. Cho, B. Van Merrienboer, D. Bahdanau, and Y. Bengio. 2014. On the properties of neural machine translation: Encoder-decoder approaches. In Proceedings of the 8th Workshop on Syntax, Semantics, and Structure in Statistical Translation (SSST\u201914). 103\u2013112."},{"issue":"1","key":"e_1_3_1_9_2","first-page":"1","article-title":"Threat hunting: Open season on the adversary","volume":"1","author":"Cole E.","year":"2016","unstructured":"E. Cole. 2016. Threat hunting: Open season on the adversary. SANS Institute Information Reading Room 1, 1 (2016), 1\u201323.","journal-title":"SANS Institute Information Reading Room"},{"key":"e_1_3_1_10_2","unstructured":"CoreSecurity. 2014. Pcapy. Retrieved April 24 2024 from https:\/\/github.com\/helpsystems\/pcapy"},{"key":"e_1_3_1_11_2","unstructured":"D. Dingee. 2019. IoT Not People Now the Weakest Link in Security. Retrieved April 24 2024 from https:\/\/devops.com\/iot-not-people-now-the-weakest-link-in-security\/"},{"key":"e_1_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1973.9030"},{"issue":"1","key":"e_1_3_1_13_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1155\/2017\/1750637","article-title":"An automata-based intrusion detection method for Internet of Things","volume":"1","author":"Fu Y.","year":"2017","unstructured":"Y. Fu, Z. Yan, J. Cao, O. Kon\u00e9, and X. Cao. 2017. An automata-based intrusion detection method for Internet of Things. Mobile Information Systems 1, 1 (2017), 1\u201313.","journal-title":"Mobile Information Systems"},{"key":"e_1_3_1_14_2","first-page":"1","volume-title":"Proceedings of the International Conference on Learning Representations (ICLR\u201915)","author":"Goodfellow I. J.","year":"2015","unstructured":"I. J. Goodfellow, J. Shlens, and C. Szegedy. 2015. Explaining and harnessing adversarial examples. In Proceedings of the International Conference on Learning Representations (ICLR\u201915). 1\u201311."},{"key":"e_1_3_1_15_2","first-page":"1244","volume-title":"Proceedings of the International Joint Conference on Artificial Intelligence","author":"Goodge A.","year":"2020","unstructured":"A. Goodge, B. Hooi, S. K. Ng, and W. S. Ng. 2020. Robustness of autoencoders for anomaly detection under adversarial impact. In Proceedings of the International Joint Conference on Artificial Intelligence (IJCAI\u201920). 1244\u20131250."},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-24797-2_4"},{"key":"e_1_3_1_17_2","first-page":"1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Gu G.","year":"2007","unstructured":"G. Gu, P. A. Porras, V. Yegneswaran, M. W. Fong, and W. Lee. 2007. BotHunter: Detecting malware infection through IDS-driven dialog correlation. In Proceedings of the USENIX Security Symposium. 1\u201316."},{"key":"e_1_3_1_18_2","doi-asserted-by":"crossref","first-page":"979","DOI":"10.1145\/3167132.3167239","volume-title":"Proceedings of the Annual ACM Symposium on Applied Computing (SAC\u201918)","author":"Haas S.","year":"2018","unstructured":"S. Haas and M. Fischer. 2018. GAC: Graph-based alert correlation for the detection of distributed multi-step attacks. In Proceedings of the Annual ACM Symposium on Applied Computing (SAC\u201918). ACM, New York, NY, USA, 979\u2013988."},{"key":"e_1_3_1_19_2","first-page":"1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Han X.","year":"2020","unstructured":"X. Han, T. Pasquier, A. Bates, J. Mickens, and M. Seltzer. 2020. UNICORN: Runtime provenance-based detector for advanced persistent threats. In Proceedings of the Network and Distributed System Security Symposium (NDSS\u201920). 1\u201318."},{"issue":"1","key":"e_1_3_1_20_2","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins E.","year":"2011","unstructured":"E. Hutchins, M. Cloppert, and R. Amin. 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Information Warfare & Security Research 1, 1 (2011), 80.","journal-title":"Information Warfare & Security Research"},{"issue":"1","key":"e_1_3_1_21_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s40537-020-00346-1","article-title":"Anomaly detection optimization using big data and deep learning to reduce false-positive","volume":"7","author":"Jallad K. A.","year":"2020","unstructured":"K. A. Jallad, M. Aljnidi, and M. S. Desouki. 2020. Anomaly detection optimization using big data and deep learning to reduce false-positive. Journal of Big Data 7, 1 (2020), 1\u201312.","journal-title":"Journal of Big Data"},{"key":"e_1_3_1_22_2","first-page":"85","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS\u201913)","author":"Javed M.","year":"2013","unstructured":"M. Javed and V. Paxson. 2013. Detecting stealthy, distributed SSH brute-forcing. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS\u201913). ACM, New York, NY, USA, 85\u201395."},{"key":"e_1_3_1_23_2","unstructured":"H. Kang D. Ahn G. Lee J. Yoo K. Park and H. Kim. 2019. IoT Network Intrusion Dataset. Retrieved April 24 2024 from https:\/\/ieee-dataport.org\/open-access\/iot-network-intrusion-dataset"},{"key":"e_1_3_1_24_2","unstructured":"Keras. 2016. Home Page. Retrieved April 24 2024 from https:\/\/keras.io\/"},{"key":"e_1_3_1_25_2","unstructured":"F. Klassen and AppNeta. 2018. Tcpreplay. Retrieved April 24 2024 from https:\/\/tcpreplay.appneta.com\/"},{"key":"e_1_3_1_26_2","unstructured":"B. Krebs. 2017. Reaper: Calm Before the IoT Security Storm. Retrieved April 24 2024 from https:\/\/krebsonsecurity.com\/2017\/10\/reaper-calm-before-the-iot-security-storm\/"},{"key":"e_1_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1145\/1868447.1868466"},{"key":"e_1_3_1_28_2","unstructured":"A. H. Lashkari. 2018. CICFlowMeter Features. Retrieved April 24 2024 from https:\/\/github.com\/ahlashkari\/CICFlowMeter\/blob\/master\/ReadMe.txt"},{"key":"e_1_3_1_29_2","first-page":"549","volume-title":"Proceedings of the European Symposium on Research in Computer Security","author":"Lee H.","year":"2022","unstructured":"H. Lee, A. Mudgerikar, A. Kundu, N. Li, and E. Bertino. 2022. An infection-identifying and self-evolving system for IoT early defense from multi-step attacks. In Proceedings of the European Symposium on Research in Computer Security. 549\u2013568."},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2983568"},{"key":"e_1_3_1_31_2","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D15-1166"},{"key":"e_1_3_1_32_2","first-page":"1","volume-title":"Proceedings of the International Conference on Learning Representations (ICLR\u201918)","author":"Madry A.","year":"2018","unstructured":"A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu. 2018. Towards deep learning models resistant to adversarial attacks. In Proceedings of the International Conference on Learning Representations (ICLR\u201918). 1\u201328."},{"key":"e_1_3_1_33_2","doi-asserted-by":"publisher","DOI":"10.1023\/A:1009748302351"},{"key":"e_1_3_1_34_2","first-page":"656","volume-title":"Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS\u201917)","author":"Midi D.","year":"2017","unstructured":"D. Midi, A. Rullo, A. Mudgerikar, and E. Bertino. 2017. Kalis: A system for knowledge-driven adaptable intrusion detection for Internet of Things. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS\u201917). IEEE, 656\u2013666."},{"key":"e_1_3_1_35_2","first-page":"1137","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P\u201919)","author":"Milajerdi S.","year":"2019","unstructured":"S. Milajerdi, R. Gjomemo, B. Eshete, R. Sekar, and V. Venkatakrishnan. 2019. Holmes: Real-time apt detection through correlation of suspicious information flows. In Proceedings of the IEEE Symposium on Security and Privacy (S&P\u201919). IEEE, 1137\u20131152."},{"key":"e_1_3_1_36_2","first-page":"2574","volume-title":"Proceedings of IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201916)","author":"Moosavi-Dezfooli S. M.","year":"2016","unstructured":"S. M. Moosavi-Dezfooli, A. Fawzi, and P. Frossard. 2016. DeepFool: A simple and accurate method to fool deep neural networks. In Proceedings of IEEE\/CVF Conference on Computer Vision and Pattern Recognition (CVPR\u201916). IEEE, 2574\u20132582."},{"key":"e_1_3_1_37_2","unstructured":"Msehgal. 2021. Protect Your IoT Devices from Log4j 2 Vulnerability. Retrieved April 24 2024 from https:\/\/live.paloaltonetworks.com\/t5\/community-blogs\/protect-your-iot-devices-from-log4j-2-vulnerability\/ba-p\/453381"},{"key":"e_1_3_1_38_2","first-page":"493","volume-title":"Proceedings of the ACM Asia Conference on Computer and Communications Security","author":"Mudgerikar A.","year":"2019","unstructured":"A. Mudgerikar, P. Sharma, and E. Bertino. 2019. E-Spion: A system-level intrusion detection system for IoT devices. In Proceedings of the ACM Asia Conference on Computer and Communications Security. ACM, New York, NY, 493\u2013500."},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.03.001"},{"key":"e_1_3_1_40_2","first-page":"756","volume-title":"Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS\u201919)","author":"Nguyen T. D.","year":"2019","unstructured":"T. D. Nguyen, S. Marchal, M. Miettinen, H. Fereidooni, N. Asokan, and A. R. Sadeghi. 2019. D\u00cfoT: A federated self-learning anomaly detection system for IoT. In Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS\u201919). IEEE, 756\u2013767."},{"key":"e_1_3_1_41_2","unstructured":"M. I. Nicolae M. Sinn M. N. Tran B. Buesser A. Rawat M. Wistuba V. Zantedeschi N. Baracaldo B. Chen H. Ludwig Ian M. Molloy and Ben Edwards. 2018. Adversarial Robustness Toolbox v1.0.0. arXiv preprint arXiv:1807.01069 (2018)."},{"key":"e_1_3_1_42_2","unstructured":"C. Osborne. 2021. This Is Why the Mozi Botnet Will Linger On. Retrieved April 24 2024 from https:\/\/www.zdnet.com\/article\/this-is-why-the-mozi-botnet-will-linger-on\/"},{"key":"e_1_3_1_43_2","unstructured":"D. Palmer. 2022. This Sneaky Hacking Group Hid Inside Networks for 18 Months without Being Detected. Retrieved April 24 2024 from https:\/\/www.zdnet.com\/article\/this-sneaky-hacking-group-hid-inside-networks-for-18-months-without-being-detected\/"},{"key":"e_1_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_3_1_45_2","first-page":"161","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201902)","author":"Pinkas B.","year":"2002","unstructured":"B. Pinkas and T. Sander. 2002. Securing passwords against dictionary attacks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS\u201902). ACM, New York, NY, USA, 161\u2013170."},{"key":"e_1_3_1_46_2","unstructured":"Check Point Research. 2017. IoTroop Botnet: The Full Investigation. Retrieved April 24 2024 from https:\/\/research.checkpoint.com\/2017\/iotroop-botnet-full-investigation\/"},{"key":"e_1_3_1_47_2","first-page":"2878","volume-title":"Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (SMC\u201900)","author":"Sarkar M.","year":"2000","unstructured":"M. Sarkar. 2000. Modular pattern classifiers: A brief survey. In Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (SMC\u201900). IEEE, 2878\u20132883."},{"key":"e_1_3_1_48_2","unstructured":"Sqrrl. 2018. A Framework for Cyber Threat Hunting. Retrieved April 24 2024 from https:\/\/www.threathunting.net\/files\/framework-for-threat-hunting-whitepaper.pdf"},{"key":"e_1_3_1_49_2","article-title":"MITRE ATT&CK: Design and Philosophy","author":"Strom B. E.","year":"2018","unstructured":"B. E. Strom, A. Applebaum, D. P. Miller, K. C. Nickels, A. G. Pennington, and C. B. Thomas. 2018. MITRE ATT&CK: Design and Philosophy. Technical Report. MITRE.","journal-title":"Technical Report."},{"key":"e_1_3_1_50_2","first-page":"1","volume-title":"Proceedings of Advances in Neural Information Processing Systems (NeurIPS\u201914)","author":"Sutskever I.","year":"2014","unstructured":"I. Sutskever, O. Vinyals, and Q. V. Le. 2014. Sequence to sequence learning with neural networks. In Proceedings of Advances in Neural Information Processing Systems (NeurIPS\u201914). 1\u20139."},{"key":"e_1_3_1_51_2","doi-asserted-by":"publisher","DOI":"10.3390\/sym12101695"},{"key":"e_1_3_1_52_2","first-page":"1","volume-title":"Proceedings of the IEEE Conference on Computer Communications (INFOCOM\u201921)","author":"Wang N.","year":"2021","unstructured":"N. Wang, Y. Chen, Y. Hu, W. Lou, and Y. T. Hou. 2021. MANDA: On adversarial example detection for network intrusion detection system. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM\u201921). IEEE, 1\u201310."},{"key":"e_1_3_1_53_2","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1007\/978-3-319-22915-7_40","volume-title":"Proceedings of the International Symposium on Security in Computing and Communication (SSCC\u201915)","author":"Yadav T.","year":"2015","unstructured":"T. Yadav and A. M. Rao. 2015. Technical aspects of cyber kill chain. In Proceedings of the International Symposium on Security in Computing and Communication (SSCC\u201915). 438\u2013452."}],"container-title":["ACM Transactions on Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3660646","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3660646","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:50:22Z","timestamp":1750287022000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3660646"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,17]]},"references-count":52,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2024,8,31]]}},"alternative-id":["10.1145\/3660646"],"URL":"https:\/\/doi.org\/10.1145\/3660646","relation":{},"ISSN":["2691-1914","2577-6207"],"issn-type":[{"value":"2691-1914","type":"print"},{"value":"2577-6207","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,6,17]]},"assertion":[{"value":"2023-08-22","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-03-24","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-06-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}