Anomaly Detection and Monitoring in Internet of Things Communication Deris Stiawan Department of Computer Engineering, Faculty of Computer Science, Universitas Sriwijaya deris@unsri.ac.id Mohd. Yazid Idris Dept. Soft Engineering Faculty of Computing, Universiti Teknologi Malaysia yazid@utm.my Reza Firsandaya Malik Department of Computer Engineering, Faculty of Computer Science, Universitas Sriwijaya reza.fm@unsri.ac.id Siti Nurmaini Department of Computer Engineering, Faculty of Computer Science, Universitas Sriwijaya siti@unsri.ac.id Rahmat Budiarto College of Computer Science & Inf. Technology, Albaha University, Saudi Arabia rahmat@bu.edu.sa Abstract— The Internet of Things (IoT) presents unique challenges in detecting anomaly and monitoring all connected devices in a network. Moreover, one of the objectives of anonymity in communication is to protect the data traffic of devices. The summary status visualization is indispensable to depict all devices/sensors that are most indicative of a pending failure and a predictive power/energy. Thus, this paper proposes a multi-platform monitoring and anomaly detection system that supports heterogeneous devices. The proposed system addresses the problems of: (i) how to monitor the network to prevent device failures and (ii) how to design a comprehensive feature for the early anomaly detection of IoT communication. Keywords—Monitoring, Detection Anomaly, Internet of Things, Heterogeneous I. INTRODUCTION The Internet of Things (IoT) is currently going through a phase of rapid growth. Analysts have predicted that the IoT will become the “next big thing” in upcoming years. It has also been predicted that, within the next decade, the Internet will exist as a seamless fabric of classic networks and networked objects. The increasing number of IoT users also raises new issues, where various multi-platform devices converge into one centralized, interconnected, shared, multi-user, multi-device and flexible network. Studies done by [1] and [2] state the main issues with the IoT. The growing internetwork has established a heterogeneous network that is more complex than before. With various devices attached in the network, technical problems will increase in monitoring, managing, surveying and early detection of the network itself. On the other hand, because of the number of network devices, there will be a need for a monitoring mechanism of network information, which is designed to visualize the status of IoT infrastructure and ensure the attached devices are in normal and active conditions. Thus, the abilities to visually manage traffic statistics in the form of charts, check the condition of devices and predict potential problems are needed. Even the standard of services provided by the service providers to the end user are normally already arranged in a Service Level Agreement (SLA). However, problems involving the fulfillment of network information services still appear. In fact, this remains a hot topic of discussion because it involves a great number of intertwined attributes and factors. This research proposes an integrated IoT traffic monitoring system with heterogeneous devices with the aim of addressing the problems indicated by [3], such as: (i) how to build an integrated prototype system for multi-platform/protocol on heterogeneous networks information, (ii) how to integrate multiple devices into a dashboard view to provide warning information of early anomaly detection before a failure occurs and (iii) how to develop a proxy as a middleware multi- protocol. The rest of the paper is organized as follows: Section II discusses and reviews related works on the monitoring and anomaly detection issues of IoT; Section III describes the proposed system; Section IV discusses the experimental set up; Section V presents the evaluation results; and Section VI provides concluding remarks. II. RELATED WORK There are some solutions for IoT vendors involving various standards that should be integrated. Unfortunately, due to incompatibility, not all platforms are able to adapt because they use their own proprietary technologies, even though these technologies are claimed to offer multi-platform support. These various technologies have also encouraged the appearance of heterogeneous network information. Studies conducted by [4], [5] and [6] mentioned that the heterogeneous IoT network must have services with the following characteristics: (i) network transparency, (ii) transparency on the location of the service, (iii) transparency of data formats and (iv) transparency of control protocols. Problems involving IoT devices with different Simple Network Management Protocol (SNMP) versions have been discussed in [7] and [8]. The SNMP Protocol is used for capturing the inbound-outbound packet load to a monitoring application. However, the existing monitoring applications only support monitoring in a single version of the SNMP protocol. Thus, an IoT network with a monitoring and early anomaly detection system can prevent system failure, which in turn, will increase the reliability of the IoT network itself. Authors in [8] and [9] proposed a network monitoring application with an SNMP trap. The application is already 2016 8th International Conference on Information Technology and Electrical Engineering (ICITEE), Yogyakarta, Indonesia 978-1-5090-4139-8/16/$31.00 ©2016 IEEE