Mohammed Jouhari,Hafsa Benaddi,Khalil Ibrahimi

2024-07-21

Abstract:Intrusion Detection Systems (IDSs) have played a significant role in the detection and prevention of cyber-attacks in traditional computing systems. It is not surprising that this technology is now being applied to secure Internet of Things (IoT) networks against cyber threats. However, the limited computational resources available on IoT devices pose a challenge for deploying conventional computing-based IDSs. IDSs designed for IoT environments must demonstrate high classification performance, and utilize low-complexity models. Developing intrusion detection models in the field of IoT has seen significant advancements. However, achieving a balance between high classification performance and reduced complexity remains a challenging endeavor. In this research, we present an effective IDS model that addresses this issue by combining a lightweight Convolutional Neural Network (CNN) with bidirectional Long Short-Term Memory (BiLSTM). Additionally, we employ feature selection techniques to minimize the number of features inputted into the model, thereby reducing its complexity. This approach renders the proposed model highly suitable for resource-constrained IoT devices, ensuring it meets their computation capability requirements. Creating a model that meets the demands of IoT devices and attains enhanced precision is a challenging task. However, our suggested model outperforms previous works in the literature by attaining a remarkable accuracy rate of 97.90% within a prediction time of 1.1 seconds for binary classification. Furthermore, it achieves an accuracy rate of 97.09% within a prediction time of 2.10 seconds for multiclassification.

Networking and Internet Architecture,Cryptography and Security

Rafika Saadouni,Amina Khacha,Z. Aliouat,Yasmine Harbi

DOI: https://doi.org/10.1109/ISIA55826.2022.9993487

2022-11-29

Abstract:The internet of things (IoT) is expected to offer a significant impact on the industry domain leading to the concept of industrial IoT (IIoT). The IIoT comprises machine-to-machine (M2M) and communication technologies with data automation and exchange to improve product quality and decrease pro-duction costs. As a consequence, a large amount of data is collected and smartly processed to provide optimal industrial operations. This growing deployment enables adversaries to con-duct potential and destructive cyber-attacks to accomplish their malicious goals. Therefore, intelligent decision-making actions for cyber-attack detection in IIoT are sorely required. To address this challenge, we propose an intrusion detection system (IDS) using deep learning models. Specifically, the proposed system is based on the combination of convolutional neural network (CNN) and long short-term memory (LSTM) that are excellent techniques for intrusion detection and classification due to their ability in classifying main characteristics and their effectiveness in performing faster computations. We adopt the most recent dataset named Edge-IIoTset that contains a real traffic network of IoT and IIoT applications. The proposed model is evaluated in terms of accuracy, precision, false positive rate, and detection cost within binary and multi-class classifications. The obtained results show that our CNN-LSTM model provides better performance and robustness in cyber security intrusion detection for IIoT applications compared to LSTM and traditional machine learning models. Moreover, it outperforms two recent related models in terms of accuracy rate.

Engineering,Computer Science

Mohammed Jouhari,Mohsen Guizani

2024-06-05

Abstract:Intrusion Detection Systems (IDSs) have played a significant role in detecting and preventing cyber-attacks within traditional computing systems. It is not surprising that the same technology is being applied to secure Internet of Things (IoT) networks from cyber threats. The limited computational resources available on IoT devices make it challenging to deploy conventional computing-based IDSs. The IDSs designed for IoT environments must also demonstrate high classification performance, utilize low-complexity models, and be of a small size. Despite significant progress in IoT-based intrusion detection, developing models that both achieve high classification performance and maintain reduced complexity remains challenging. In this study, we propose a hybrid CNN architecture composed of a lightweight CNN and bidirectional LSTM (BiLSTM) to enhance the performance of IDS on the UNSW-NB15 dataset. The proposed model is specifically designed to run onboard resource-constrained IoT devices and meet their computation capability requirements. Despite the complexity of designing a model that fits the requirements of IoT devices and achieves higher accuracy, our proposed model outperforms the existing research efforts in the literature by achieving an accuracy of 97.28\% for binary classification and 96.91\% for multiclassification.

Cryptography and Security,Networking and Internet Architecture,Signal Processing

Nadia Ansar,Mohammad Sadique Ansari,Mohammad Sharique,Aamina Khatoon,Md Abdul Malik,Md Munir Siddiqui

2024-06-18

Abstract:There have been significant issues given the IoT, with heterogeneity of billions of devices and with a large amount of data. This paper proposed an innovative design of the Internet of Things (IoT) Environment Intrusion Detection System (or IDS) using Deep Learning-integrated Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks. Our model, based on the CICIDS2017 dataset, achieved an accuracy of 99.52% in classifying network traffic as either benign or malicious. The real-time processing capability, scalability, and low false alarm rate in our model surpass some traditional IDS approaches and, therefore, prove successful for application in today's IoT networks. The development and the performance of the model, with possible applications that may extend to other related fields of adaptive learning techniques and cross-domain applicability, are discussed. The research involving deep learning for IoT cybersecurity offers a potent solution for significantly improving network security.

Artificial Intelligence,Cryptography and Security

Kamal Bella,Azidine Guezzaz,Said Benkirane,Mourade Azrour,Yasser Fouad,Mbadiwe S. Benyeogor,Nisreen Innab

DOI: https://doi.org/10.7717/peerj-cs.2290

2024-09-09

PeerJ Computer Science

Abstract:The adoption and integration of the Internet of Things (IoT) have become essential for the advancement of many industries, unlocking purposeful connections between objects. However, the surge in IoT adoption and integration has also made it a prime target for malicious attacks. Consequently, ensuring the security of IoT systems and ecosystems has emerged as a crucial research area. Notably, advancements in addressing these security threats include the implementation of intrusion detection systems (IDS), garnering considerable attention within the research community. In this study, and in aim to enhance network anomaly detection, we present a novel intrusion detection approach: the Deep Neural Decision Forest-based IDS (DNDF-IDS). The DNDF-IDS incorporates an improved decision forest model coupled with neural networks to achieve heightened accuracy (ACC). Employing four distinct feature selection methods separately, namely principal component analysis (PCA), LASSO regression (LR), SelectKBest, and Random Forest Feature Importance (RFFI), our objective is to streamline training and prediction processes, enhance overall performance, and identify the most correlated features. Evaluation of our model on three diverse datasets (NSL-KDD, CICIDS2017, and UNSW-NB15) reveals impressive ACC values ranging from 94.09% to 98.84%, depending on the dataset and the feature selection method. Notably, our model achieves a remarkable prediction time of 0.1 ms per record. Comparative analyses with other recent random forest and Convolutional Neural Networks (CNN) based models indicate that our DNDF-IDS performs similarly or even outperforms them in certain instances, particularly when utilizing the top 10 features. One key advantage of our novel model lies in its ability to make accurate predictions with only a few features, showcasing an efficient utilization of computational resources.

computer science, information systems, artificial intelligence, theory & methods

Muhammad Arslan,Muhammad Mubeen,Muhammad Bilal,Saadullah Farooq Abbasi

2024-09-13

Abstract:The demand of the Internet of Things (IoT) has witnessed exponential growth. These progresses are made possible by the technological advancements in artificial intelligence, cloud computing, and edge computing. However, these advancements exhibit multiple challenges, including cyber threats, security and privacy concerns, and the risk of potential financial losses. For this reason, this study developed a computationally inexpensive one-dimensional convolutional neural network (1DCNN) algorithm for cyber-attack classification. The proposed study achieved an accuracy of 99.90% to classify nine cyber-attacks. Multiple other performance metrices have been evaluated to validate the efficacy of the proposed scheme. In addition, comparison has been done with existing state-of-the-art schemes. The findings of the proposed study can significantly contribute to the development of secure intrusion detection for IIoT systems.

Cryptography and Security

Abdul Qaddos,Muhammad Usman Yaseen,Ahmad Sami Al-Shamayleh,Muhammad Imran,Adnan Akhunzada,Salman Z. Alharthi

DOI: https://doi.org/10.1038/s41598-024-72049-z

IF: 4.6

2024-09-21

Scientific Reports

Abstract:The emerging expanding scope of the Internet of Things (IoT) necessitates robust intrusion detection systems (IDS) to mitigate security risks effectively. However, existing approaches often struggle with adaptability to emerging threats and fail to account for IoT-specific complexities. To address these challenges, this study proposes a novel approach by hybridizing convolutional neural network (CNN) and gated recurrent unit (GRU) architectures tailored for IoT intrusion detection. This hybrid model excels in capturing intricate features and learning relational aspects crucial in IoT security. Moreover, we integrate the feature-weighted synthetic minority oversampling technique (FW-SMOTE) to handle imbalanced datasets, which commonly afflict intrusion detection tasks. Validation using the IoTID20 dataset, designed to emulate IoT environments, yields exceptional results with 99.60% accuracy in attack detection, surpassing existing benchmarks. Additionally, evaluation on the network domain dataset, UNSW-NB15, demonstrates robust performance with 99.16% accuracy, highlighting the model's applicability across diverse datasets. This innovative approach not only addresses current limitations in IoT intrusion detection but also establishes new benchmarks in terms of accuracy and adaptability. The findings underscore its potential as a versatile and effective solution for safeguarding IoT ecosystems against evolving security threats.

multidisciplinary sciences

Asmaa Halbouni,Teddy Surya Gunawan,Mohamed Hadi Habaebi,Murad Halbouni,Mira Kartiwi,Robiah Ahmad

DOI: https://doi.org/10.1109/access.2022.3206425

IF: 3.9

2022-09-30

IEEE Access

Abstract:Network security becomes indispensable to our daily interactions and networks. As attackers continue to develop new types of attacks and the size of networks continues to grow, the need for an effective intrusion detection system has become critical. Numerous studies implemented machine learning algorithms to develop an effective IDS; however, with the advent of deep learning algorithms and artificial neural networks that can generate features automatically without human intervention, researchers began to rely on deep learning. In our research, we took advantage of the Convolutional Neural Network's ability to extract spatial features and the Long Short-Term Memory Network's ability to extract temporal features to create a hybrid intrusion detection system model. We added batch normalization and dropout layers to the model to increase its performance. Based on the binary and multiclass classification, the model was trained using three datasets: CIC-IDS 2017, UNSW-NB15, and WSN-DS. The confusion matrix determines the system's effectiveness, which includes evaluation criteria such as accuracy, precision, detection rate, F1-score, and false alarm rate (FAR). The effectiveness of the proposed model was demonstrated by experimental results showing a high detection rate, high accuracy, and a relatively low FAR.

Abdulrahman Mahmoud Eid,Bassel Soudan,Ali Bou Nassif,MohammadNoor Injadat

DOI: https://doi.org/10.1007/s00521-024-09857-x

2024-05-11

Neural Computing and Applications

Abstract:This work introduces an intrusion detection system (IDS) tailored for industrial internet of things (IIoT) environments based on an optimized convolutional neural network (CNN) model. The model is trained on a dataset that was balanced using a novel multi-class implementation of synthetic minority over-sampling technique (SMOTE) that ensures equal representation of all classes. Additionally, systematic optimization will be used to fine tune the hyperparameters of the CNN model and mitigate the effects of the increased size of the training dataset. Evaluation results will demonstrate substantial improvement in performance when the optimized CNN model is trained on the balanced dataset. The proposed IDS will be evaluated using the IIoT-specific WUSTL-IIOT-2021 dataset, and then its generalization capability will be verified using the non-domain specific UNSW_NB15 dataset. The model's performance will be evaluated using accuracy, precision, recall, and F 1-score metrics. The results will demonstrate that the proposed IDS is highly effective with performance exceeding 99.9% on all performance metrics. The IDS is also highly effective in detecting intrusion for generic IT networks achieving improvements in excess of 30% compared to the default baseline model. The results emphasize the versatility and effectiveness of the proposed IDS model, making it a reliable and adaptable solution for enhancing network security across diverse network environments.

computer science, artificial intelligence

Chaimae Hazman,Azidine Guezzaz,Said Benkirane,Mourade Azrour

DOI: https://doi.org/10.26599/tst.2023.9010033

2024-02-13

Tsinghua Science & Technology

Abstract:Cyberattacks against highly integrated Internet of Things (IoT) servers, apps, and telecoms infrastructure are rapidly increasing when issues produced by IoT networks go unnoticed for an extended period. IoT interface attacks must be evaluated in real-time for effective safety and security measures. This study implements a smart intrusion detection system (IDS) designed for IoT threats, and interoperability with IoT connectivity standards is offered by the identity solution. An IDS is a common type of network security technology that has recently received increasing interest in the research community. The system has already piqued the curiosity of scientific and industrial communities to identify intrusions. Several IDSs based on machine learning (ML) and deep learning (DL) have been proposed. This study introduces IDS-SIoDL, a novel IDS for IoT-based smart cities that integrates long shortterm memory (LSTM) and feature engineering. This model is tested using tensor processing unit (TPU) on the enhanced BoT-IoT, Edge-IIoT, and NSL-KDD datasets. Compared with current IDSs, the obtained results provide good assessment features, such as accuracy, recall, and precision, with approximately 0.9990 recording time and calculating times of approximately 600 and 6 ms for training and classification, respectively.

computer science, information systems,engineering, electrical & electronic, software engineering

Martin Kodys,Zhi Lu,Kar Wai Fok,Vrizlynn L. L. Thing

DOI: https://doi.org/10.48550/arXiv.2211.10062

2022-11-18

Cryptography and Security

Abstract:Internet of Things (IoT) has become a popular paradigm to fulfil needs of the industry such as asset tracking, resource monitoring and automation. As security mechanisms are often neglected during the deployment of IoT devices, they are more easily attacked by complicated and large volume intrusion attacks using advanced techniques. Artificial Intelligence (AI) has been used by the cyber security community in the past decade to automatically identify such attacks. However, deep learning methods have yet to be extensively explored for Intrusion Detection Systems (IDS) specifically for IoT. Most recent works are based on time sequential models like LSTM and there is short of research in CNNs as they are not naturally suited for this problem. In this article, we propose a novel solution to the intrusion attacks against IoT devices using CNNs. The data is encoded as the convolutional operations to capture the patterns from the sensors data along time that are useful for attacks detection by CNNs. The proposed method is integrated with two classical CNNs: ResNet and EfficientNet, where the detection performance is evaluated. The experimental results show significant improvement in both true positive rate and false positive rate compared to the baseline using LSTM.

Noor Wali Khan,Mohammed S Alshehri,Muazzam A Khan,Sultan Almakdi,Naghmeh Moradpoor,Abdulwahab Alazeb,Safi Ullah,Naila Naz,Jawad Ahmad

DOI: https://doi.org/10.3934/mbe.2023602

2023-06-13

Abstract:The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

Abdelouahid Derhab,Arwa Aldweesh,Ahmed Z. Emam,Farrukh Aslam Khan

DOI: https://doi.org/10.1155/2020/6689134

2020-12-22

Wireless Communications and Mobile Computing

Abstract:In the era of the Internet of Things (IoT), connected objects produce an enormous amount of data traffic that feed big data analytics, which could be used in discovering unseen patterns and identifying anomalous traffic. In this paper, we identify five key design principles that should be considered when developing a deep learning-based intrusion detection system (IDS) for the IoT. Based on these principles, we design and implement Temporal Convolution Neural Network (TCNN), a deep learning framework for intrusion detection systems in IoT, which combines Convolution Neural Network (CNN) with causal convolution. TCNN is combined with Synthetic Minority Oversampling Technique-Nominal Continuous (SMOTE-NC) to handle unbalanced dataset. It is also combined with efficient feature engineering techniques, which consist of feature space reduction and feature transformation. TCNN is evaluated on Bot-IoT dataset and compared with two common machine learning algorithms, i.e., Logistic Regression (LR) and Random Forest (RF), and two deep learning techniques, i.e., LSTM and CNN. Experimental results show that TCNN achieves a good trade-off between effectiveness and efficiency. It outperforms the state-of-the-art deep learning IDSs that are tested on Bot-IoT dataset and records an accuracy of 99.9986% for multiclass traffic detection, and shows a very close performance to CNN with respect to the training time.

computer science, information systems,telecommunications,engineering, electrical & electronic

Nuruzzaman Faruqui,Mohammad Abu Yousuf,Md Whaiduzzaman,AKM Azad,Salem A. Alyami,Pietro Liò,Muhammad Ashad Kabir,Mohammad Ali Moni

DOI: https://doi.org/10.3390/electronics12173541

IF: 2.9

2023-08-23

Electronics

Abstract:The Internet of Medical Things (IoMT) has become an attractive playground to cybercriminals because of its market worth and rapid growth. These devices have limited computational capabilities, which ensure minimum power absorption. Moreover, the manufacturers use simplified architecture to offer a competitive price in the market. As a result, IoMTs cannot employ advanced security algorithms to defend against cyber-attacks. IoMT has become easy prey for cybercriminals due to its access to valuable data and the rapidly expanding market, as well as being comparatively easier to exploit.As a result, the intrusion rate in IoMT is experiencing a surge. This paper proposes a novel Intrusion Detection System (IDS), namely SafetyMed, combining Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks to defend against intrusion from sequential and grid data. SafetyMed is the first IDS that protects IoMT devices from malicious image data and sequential network traffic. This innovative IDS ensures an optimized detection rate by trade-off between False Positive Rate (FPR) and Detection Rate (DR). It detects intrusions with an average accuracy of 97.63% with average precision and recall, and has an F1-score of 98.47%, 97%, and 97.73%, respectively. In summary, SafetyMed has the potential to revolutionize many vulnerable sectors (e.g., medical) by ensuring maximum protection against IoMT intrusion.

engineering, electrical & electronic,computer science, information systems,physics, applied

Safi Ullah,Jawad Ahmad,Muazzam A. Khan,Eman H. Alkhammash,Myriam Hadjouni,Yazeed Yasin Ghadi,Faisal Saeed,Nikolaos Pitropakis

DOI: https://doi.org/10.3390/s22103607

IF: 3.9

2022-05-11

Sensors

Abstract:The Internet of Things (IoT) is a widely used technology in automated network systems across the world. The impact of the IoT on different industries has occurred in recent years. Many IoT nodes collect, store, and process personal data, which is an ideal target for attackers. Several researchers have worked on this problem and have presented many intrusion detection systems (IDSs). The existing system has difficulties in improving performance and identifying subcategories of cyberattacks. This paper proposes a deep-convolutional-neural-network (DCNN)-based IDS. A DCNN consists of two convolutional layers and three fully connected dense layers. The proposed model aims to improve performance and reduce computational power. Experiments were conducted utilizing the IoTID20 dataset. The performance analysis of the proposed model was carried out with several metrics, such as accuracy, precision, recall, and F1-score. A number of optimization techniques were applied to the proposed model in which Adam, AdaMax, and Nadam performance was optimum. In addition, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. All experimental analysis indicates that the accuracy of the proposed approach is high and more robust than existing DL-based algorithms.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Alireza Mohamadi,Hosna Ghahramani,Seyyed Amir Asghari,Mehdi Aminian

2024-11-20

Abstract:The increasing integration of the Internet of Medical Things (IoMT) into healthcare systems has significantly enhanced patient care but has also introduced critical cybersecurity challenges. This paper presents a novel approach based on Convolutional Neural Networks (CNNs) for detecting cyberattacks within IoMT environments. Unlike previous studies that predominantly utilized traditional machine learning (ML) models or simpler Deep Neural Networks (DNNs), the proposed model leverages the capabilities of CNNs to effectively analyze the temporal characteristics of network traffic data. Trained and evaluated on the CICIoMT2024 dataset, which comprises 18 distinct types of cyberattacks across a range of IoMT devices, the proposed CNN model demonstrates superior performance compared to previous state-of-the-art methods, achieving a perfect accuracy of 99% in binary, categorical, and multiclass classification tasks. This performance surpasses that of conventional ML models such as Logistic Regression, AdaBoost, DNNs, and Random Forests. These findings highlight the potential of CNNs to substantially improve IoMT cybersecurity, thereby ensuring the protection and integrity of connected healthcare systems.

Cryptography and Security,Artificial Intelligence,Machine Learning

Moutaz Alazab,Albara Awajan,Hadeel Alazzam,Mohammad Wedyan,Bandar Alshawi,Ryan Alturki

DOI: https://doi.org/10.3390/s24072188

IF: 3.9

2024-03-30

Sensors

Abstract:The Internet of Things (IoT) is the underlying technology that has enabled connecting daily apparatus to the Internet and enjoying the facilities of smart services. IoT marketing is experiencing an impressive 16.7% growth rate and is a nearly USD 300.3 billion market. These eye-catching figures have made it an attractive playground for cybercriminals. IoT devices are built using resource-constrained architecture to offer compact sizes and competitive prices. As a result, integrating sophisticated cybersecurity features is beyond the scope of the computational capabilities of IoT. All of these have contributed to a surge in IoT intrusion. This paper presents an LSTM-based Intrusion Detection System (IDS) with a Dynamic Access Control (DAC) algorithm that not only detects but also defends against intrusion. This novel approach has achieved an impressive 97.16% validation accuracy. Unlike most of the IDSs, the model of the proposed IDS has been selected and optimized through mathematical analysis. Additionally, it boasts the ability to identify a wider range of threats (14 to be exact) compared to other IDS solutions, translating to enhanced security. Furthermore, it has been fine-tuned to strike a balance between accurately flagging threats and minimizing false alarms. Its impressive performance metrics (precision, recall, and F1 score all hovering around 97%) showcase the potential of this innovative IDS to elevate IoT security. The proposed IDS boasts an impressive detection rate, exceeding 98%. This high accuracy instills confidence in its reliability. Furthermore, its lightning-fast response time, averaging under 1.2 s, positions it among the fastest intrusion detection systems available.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Basharat Ahmad,Zhaoliang Wu,Yongfeng Huang,Sadaqat Ur Rehman

DOI: https://doi.org/10.1016/j.knosys.2024.112614

IF: 8.139

2024-10-21

Knowledge-Based Systems

Abstract:The Internet of Things (IoT) networks, which are defined by their interconnected devices and data streams are an expanding attack surface for cyber adversaries. Industrial Internet of Things (IIoT) is a subset of IoT and has significant importance in-terms of security. Robust intrusion detection systems (IDS) are essential for protecting these critical infrastructures. Our research suggests a novel approach to the detection of anomalies in IoT and IIoT networks that leverages the capabilities of deep transfer learning. Our methodology begins with the EdgeIIoT dataset, which serves as the basis for our data analysis. We convert the data into an appropriate image format to enable Convolutional Neural Network (CNN)-based processing. The hyper-parameters of individual machine learning models are subsequently optimized using a Random Search algorithm. This optimization phase optimizes the performance of each model by modifying the hyper-parameters that are unique to the learning algorithms. The performance of each model is meticulously assessed subsequent to hyper-parameter optimization. The top-performing models are subsequently, strategically selected and combined using the ensemble technique. The IDS scheme's overall detection accuracy and generalizability are improved by the integration of strengths from multiple models. The proposed scheme demonstrates significant effectiveness in identifying a broad spectrum of attacks, encompassing a total of 14 distinct attack types. This comprehensive detection capability contributes to a more secure and resilient IoT ecosystem. Furthermore, application of quantization to our best models reduces resource utilization significantly without compromising accuracy.

computer science, artificial intelligence

Qasem Abu Al-Haija,Charles McCurry,Saleh Zein-Sabatto

DOI: https://doi.org/10.20944/preprints202011.0508.v1

2020-11-19

Abstract:With the rapid expansion of intelligent resource-constrained devices and high-speed communication technologies, Internet of Things (IoT) has earned a wide recognition as the primary standard for low-power lossy networks (LLNs). Nevertheless, IoT infrastructures are vulnerable to cyber-attacks due to the constraints in computation, storage, and communication capacity of the endpoint devices. From one side, the majority of newly developed cyber-attacks are formed by slightly mutating formerly established cyber-attacks to produce a new attack tending to be treated as a normal traffic through the IoT network. From the other side, the influence of coupling the deep learning techniques with cybersecurity field has become a recent inclination of many security applications due to their impressive performance. In this paper, we provide a comprehensive development of a new intelligent and autonomous deep learning-based detection and classification system for cyber-attacks in IoT communication networks leveraging the power of convolutional neural networks, abbreviated as (IoT-IDCS-CNN). The proposed IoT-IDCS-CNN makes use of the high-performance computing employing the robust CUDA based Nvidia GPUs and the parallel processing employing the high-speed I9-Cores based Intel CPUs. In particular, the proposed system is composed of three subsystems: Feature Engineering subsystem, Feature Learning subsystem and Traffic classification subsystem. All subsystems are developed, verified, integrated, and validated in this research. To evaluate the developed system, we employed the NSL-KDD dataset which includes all the key attacks in the IoT computing. The simulation results demonstrated more than 99.3% and 98.2% of cyber-attacks’ classification accuracy for the binary-class classifier (normal vs anomaly) and the multi-class classifier (five categories) respectively. The proposed system was validated using k-fold cross validation method and was evaluated using the confusion matrix parameters (i.e., TN, TP, FN, FP) along with other classification performance metrics including precision, recall, F1-score, and false alarm rate. The test and evaluation results of the IoT-IDCS-CNN system outperformed many recent machine-learning based IDCS systems in the same area of study.

Shalaka Mahadik,Pranav M. Pawar,Raja Muthalagu

DOI: https://doi.org/10.1007/s10922-022-09697-x

2022-10-07

Journal of Network and Systems Management

Abstract:Moving towards a more digital and intelligent world equipped with internet-of-thing (IoT) devices creates many security issues. A distributed denial of service (DDoS) attack is one of the most formidable and challenging security threats that has taken hold with the emergence of the heterogeneous IoT (HetIoT). The massive DDoS attacks have exhibited their impact by continuously destroying a variety of infrastructures, resulting in huge losses, and endangering the overall availability of the digital world. The emphasis of this research is to identify and mitigate various DDoS attacks for HetIoT. The research proposes an intelligent intrusion detection system (IDS) using a convolutional neural network (CNN), i.e., HetIoT-CNN IDS, a novel deep learning-based convolutional neural network for the HetIoT environment. The proposed intelligent IDS successfully identifies and mitigates various DDoS attacks in the HetIoT infrastructure. The feasibility of the new proposed HetIoT-CNN IDS is assessed by considering binary and multi-class (8- and 13-classes) classification. The performance of the proposed intelligent IDS is compared with two state-of-the-art deep learning approaches for HetIoT, and the results reveal that the proposed HetIoT-CNN IDS outperforms it. The proposed HetIoT-CNN IDS successfully identifies various DDoS attacks with an accuracy rate of 99.75% for binary classes, 99.95% for 8-classes, and 99.99% for 13-classes. The work also compares the individual accuracy of binary classes, 8-classes, and 13-classes with state-of-the-art work.

computer science, information systems,telecommunications