A conversational agent to detect anomalous traffic in consumer IoT networks is presented. The agent accepts two inputs in the form of user speech received by Amazon Alexa enabled devices, and classified IDS logs stored in a DynamoDB Table. Aural analysis is used to query the database of network traffic, and respond accordingly. In doing so, this paper presents a solution to the problem of making consumers situationally aware when their IoT devices are infected, and anomalous traffic has been detected. The proposed conversational agent addresses the issue of how to present network information to non-technical users, for better comprehension, and improves awareness of threats derived from the mirai botnet malware.
MCDERMOTT, C.D., JEANNELLE, B. and ISAACS, J.P. 2019. Towards a conversational agent for threat detection in the internet of things. In Proceedings of the 2019 International Cyber science on cyber situational awareness, data analytics and assessment (Cyber SA): pioneering research and innovation in cyber situational awareness, 3-4 June 2019, Oxford, UK. Piscataway: IEEE [online], chapter 6. Available from: https://doi.org/10.1109/CyberSA.2019.8899580