SecMa: A Novel Multimodal Autoencoder Framework for Encrypted IoT Traffic Analysis and Attack Detection

The exponential growth of encrypted Internet of Things (IoT) traffic has introduced significant cybersecurity challenges, including the complexity of analyzing encrypted payload data, managing heterogeneous device behavior, and addressing resource constraints. Traditional methods achieve low detecti...

Full description

Saved in:
Bibliographic Details
Published in:Engineering, technology & applied science research Vol. 15; no. 3; pp. 23020 - 23026
Main Authors: Ravi, V., Poornima, A. S.
Format: Journal Article
Language:English
Published: 04.06.2025
ISSN:2241-4487, 1792-8036
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The exponential growth of encrypted Internet of Things (IoT) traffic has introduced significant cybersecurity challenges, including the complexity of analyzing encrypted payload data, managing heterogeneous device behavior, and addressing resource constraints. Traditional methods achieve low detection rates (45-60%) and struggle to balance accuracy, efficiency, and privacy. This paper proposes SecMa, a novel multimodal autoencoder framework designed to address these limitations in encrypted IoT traffic analysis and attack detection. SecMa processes three complementary feature modalities—network flow characteristics, device behavior patterns, and contextual information—using specialized neural network branches to generate compact and meaningful latent representations. The proposed framework demonstrates superior performance across diverse IoT environments with over 150 device types, achieving 97.2% attack detection accuracy with an average processing time of 1.2 ms per flow and a memory footprint of 2.4 GB. Comparative evaluations on benchmark datasets (NTLFlowLyzer, UNSW-NB15, IoT-23, and Bot-IoT) reveal a 3-8% improvement in detection accuracy across multiple security metrics. SecMa's robustness is further evidenced by its 96.5% precision in detecting data exfiltration attacks and 97.5% attack coverage. Statistical validation using paired t-tests (p < 0.01) and cross-validation underscores its reliability. By achieving an optimal balance between detection accuracy, computational efficiency, and privacy preservation, SecMa offers a transformative solution for secure IoT environments, particularly in resource-constrained settings.
ISSN:2241-4487
1792-8036
DOI:10.48084/etasr.10336