Suite5 by Spiros Kousouris
AI-Based Misbehavior Detection within REWIRE manages the successful integration of AI-based misbehavior detection models as an additional trust source. This advancement complements the traditional attestation methods by providing insights into application behavior for the experimentation in smart satellites and smart cities Use Cases.
As far as the Misbehavior Detection Fundamentals the role of detection in embedded systems and its importance for reliability, safety, and security has been long recognized by the research community and practitioners. Nowadays, all stakeholders highlight the emerging security challenges in large-scale IoT deployments, emphasizing the need for timely anomaly detection. In complex systems, the misbehavior definition entails several aspects, including functional anomalies, performance degradation, security breaches, and
communication issues.
The REWIRE AI-based Misbehavior Detection Engine (AIMDE), represents a cloud-based solution operating on a two-phase framework (training and near real-time detection). The engine’s architecture and its core innovations; being mainly the utilization of flexible classification models and support of trustworthy AI, facilitated the integration and implementation in the two concrete Use Cases.
More specifically for the Smart Satellites Use Case a synthetic dataset including satellite telemetry was produced by our partner LSF and imported in the AIMDE to identify the various types of anomalies occurred, while the misbehavior checks undertaken included unsupervised anomaly detection using analytic envelope and CNN autoencoders, and supervised classification using XGBoost. Overall, the evaluation of the model’s results reported high accuracy (0.96), F1 score (0.96), precision (96.6%), and recall (0.96),indicating the model’s effectiveness in identifying anomalies and having a low rate of false positives. Similarly, for the Smart Satellites Use Case, sensor measurements from an agroclimatic facility were utilized in the AIMDE to identify and flag deviations from normal agroclimatic patterns or sensor failures indicating malfunctions or threats. In this case, the misbehavior checks undertaken included unsupervised outlier detection focusing on soil electric conductivity and soil humidity sensor measurements using Isolation Forest, Supervised anomaly detection utilizing experts’ input to train an XGB classifier, as well as supervised contextual anomaly detection (incorporating temporal features -hour of the day and month of the year) to train an XGB classifier. The evaluation of the results reported again high accuracy (0.90), F1 score (0.87), precision (0.84), and recall (0.91), indicating the model’s effectiveness and suggesting that these features (still provide useful context for anomaly detection.