Rohit Singh,Krishna Pal Sharma,Lalit Kumar Awasthi

DOI: https://doi.org/10.1007/s10586-024-04519-y

2024-05-13

Cluster Computing

Abstract:The rapidly growing number of Internet of Things (IoT) devices has led to a rise in data transfers, which has raised security concerns. Due to the devices' limited processing capabilities and vulnerability to many cyber attacks, securing IoT communications is challenging. Security threats, especially Distributed Denial of Service (DDoS) attacks, take a toll on the network in the form of increased communication overhead. Hence, a centralized unit is required to detect DDoS attacks in IoT networks at the earliest. Software-Defined Networking (SDN) promises a potential solution for better network traffic management and data flow. This paper presents a machine learning-based ensemble model for the detection of DDoS attacks in IoT networks using SDN. The proposed model employs a multi-step approach utilizing various Machine Learning (ML) algorithms. The proposed Ensemble Model (EM) combines Logistic Regression (LR), k-Nearest Neighbors (KNN), Gradient Boosting (GB), Extra-tree (ET), AdaBoost, and XGBoost, with XGBoost as the final estimator classifier. Various metrics, including sensitivity, specificity, precision, accuracy, and others, derived from the confusion matrix, evaluate the proposed model's performance. The EM demonstrates superior performance during comparative analysis with state-of-the-art schemes, with a classification accuracy of 99.8%. Furthermore, the paper evaluates the model based on Receiver Operator Characteristic (ROC) curves, showing its superiority in True Positive Rates (TPR) compared to False Positive Rates (FPR). The AUC analysis supports the EM's effectiveness. Cross-validation results further validate the model's robustness, with a mean accuracy of 97.92%.

computer science, information systems, theory & methods

Vishal Gotarane,Satheesh Abimannan,Shahid Hussain,Reyazur Rashid Irshad

DOI: https://doi.org/10.1109/access.2024.3374691

IF: 3.9

2024-03-15

IEEE Access

Abstract:The rise of smart cities, smart homes, and smart health powered by the Internet of Things (IoT) presents significant challenges in design, deployment, and security. The seamless data processing across a complex network of interconnected devices in unprotected conditions makes it vulnerable to potential breaches, underscoring the need for robust security at various levels of the network. Traditional security methods based on statistics often struggle to comprehend data patterns and provide the desired level of security. This work proposes a novel hybrid framework that combines Whale Optimization and Deep Learning with a trust-index to identify malicious nodes engaging in various attacks such as DoS, DDoS, Drop attack, and Tamper Attacks, thus enhancing IoT node security. The developed framework first calculates a trust-index score for IoT nodes based on drop attack, tamper attack, replay attack, and multiple-max attack. Subsequently, it utilizes the trust index score in the Optimized Neural Network model to effectively identify the malicious IoT node. The neural network optimization is achieved through a fitness function that determines optimal weights using the Whale Optimization Algorithm. The proposed framework has been tested across varying network sizes, comprising 100, 500, and 1000 nodes. The resulting outcomes were evaluated against benchmark security methods such as Logical regression, Random Forest, Support Vector Machine, Bayesian models, ANN, Elephant herding optimization, and Lion algorithm using metrics like specificity, sensitivity, accuracy, precision, False Positive Rate, False Negative Rate, False Discovery Rate, Error, F1 score, Matthews Correlation Coefficient, and Negative Predictive Value. The results reveal a notable enhancement in accuracy (26.63%, 13.04%, 17.78%, 30.52%, 22.45%, 4.26%, and 2.24%) for a 100-node network when compared to the benchmark security methods. Furthermore, the proposed framework consistently demonstrates strong performance even when applied to larger IoT networks with a higher node count.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yara Alghofaili,Murad A Rassam

DOI: https://doi.org/10.3390/s23083814

2023-04-07

Abstract:The integration of the cloud and Internet of Things (IoT) technology has resulted in a significant rise in futuristic technology that ensures the long-term development of IoT applications, such as intelligent transportation, smart cities, smart healthcare, and other applications. The explosive growth of these technologies has contributed to a significant rise in threats with catastrophic and severe consequences. These consequences affect IoT adoption for both users and industry owners. Trust-based attacks are the primary selected weapon for malicious purposes in the IoT context, either through leveraging established vulnerabilities to act as trusted devices or by utilizing specific features of emerging technologies (i.e., heterogeneity, dynamic nature, and a large number of linked objects). Consequently, developing more efficient trust management techniques for IoT services has become urgent in this community. Trust management is regarded as a viable solution for IoT trust problems. Such a solution has been used in the last few years to improve security, aid decision-making processes, detect suspicious behavior, isolate suspicious objects, and redirect functionality to trusted zones. However, these solutions remain ineffective when dealing with large amounts of data and constantly changing behaviors. As a result, this paper proposes a dynamic trust-related attack detection model for IoT devices and services based on the deep long short-term memory (LSTM) technique. The proposed model aims to identify the untrusted entities in IoT services and isolate untrusted devices. The effectiveness of the proposed model is evaluated using different data samples with different sizes. The experimental results showed that the proposed model obtained a 99.87% and 99.76% accuracy and F-measure, respectively, in the normal situation, without considering trust-related attacks. Furthermore, the model effectively detected trust-related attacks, achieving a 99.28% and 99.28% accuracy and F-measure, respectively.

Prabhat Kumar,Govind P. Gupta,Rakesh Tripathi

DOI: https://doi.org/10.1007/s12652-020-02696-3

IF: 3.662

2020-11-27

Journal of Ambient Intelligence and Humanized Computing

Abstract:With the development of internet of things (IoT), capabilities of computing, networking infrastructure, storage of data and management have come very close to the edge of networks. This has accelerated the necessity of Fog computing paradigm. Due to availability of Internet, most of our business operations are integrated with IoT platform. Fog computing has enhanced the strategy of collecting and processing, huge amount of data. On the other hand, attacks and malicious activities has adverse consequences on the development of IoT, Fog, and cloud computing. This has led to development of many security models using fog computing to protect IoT network. Therefore, for dynamic and highly scalable IoT environment, a distributed architecture based intrusion detection system (IDS) is required that can distribute the existing centralized computing to local fog nodes and can efficiently detect modern IoT attacks. This paper proposes a novel distributed ensemble design based IDS using Fog computing, which combines k-nearest neighbors, XGBoost, and Gaussian naive Bayes as first-level individual learners. At second-level, the prediction results obtained from first level is used by Random Forest for final classification. Most of the existing proposals are tested using KDD99 or NSL-KDD dataset. However, these datasets are obsolete and lack modern IoT-based attacks. In this paper, UNSW-NB15 and actual IoT-based dataset namely, DS2OS are used for verifying the effectiveness of the proposed system. The experimental result revealed that the proposed distributed IDS with UNSW-NB15 can achieve higher detection rate upto 71.18% for Backdoor, 68.98% for Analysis, 92.25% for Reconnaissance and 85.42% for DoS attacks. Similarly, with DS2OS dataset, detection rate is upto 99.99% for most of the attack vectors.

computer science, information systems,telecommunications, artificial intelligence

Sami Yaras,Murat Dener

DOI: https://doi.org/10.3390/electronics13061053

IF: 2.9

2024-03-13

Electronics

Abstract:The most significant threat that networks established in IoT may encounter is cyber attacks. The most commonly encountered attacks among these threats are DDoS attacks. After attacks, the communication traffic of the network can be disrupted, and the energy of sensor nodes can quickly deplete. Therefore, the detection of occurring attacks is of great importance. Considering numerous sensor nodes in the established network, analyzing the network traffic data through traditional methods can become impossible. Analyzing this network traffic in a big data environment is necessary. This study aims to analyze the obtained network traffic dataset in a big data environment and detect attacks in the network using a deep learning algorithm. This study is conducted using PySpark with Apache Spark in the Google Colaboratory (Colab) environment. Keras and Scikit-Learn libraries are utilized in the study. 'CICIoT2023' and 'TON_IoT' datasets are used for training and testing the model. The features in the datasets are reduced using the correlation method, ensuring the inclusion of significant features in the tests. A hybrid deep learning algorithm is designed using one-dimensional CNN and LSTM. The developed method was compared with ten machine learning and deep learning algorithms. The model's performance was evaluated using accuracy, precision, recall, and F1 parameters. Following the study, an accuracy rate of 99.995% for binary classification and 99.96% for multiclassification is achieved in the 'CICIoT2023' dataset. In the 'TON_IoT' dataset, a binary classification success rate of 98.75% is reached.

engineering, electrical & electronic,computer science, information systems,physics, applied

Guru Bhandari,Andreas Lyth,Andrii Shalaginov,Tor-Morten Grønli

DOI: https://doi.org/10.3390/electronics12020298

IF: 2.9

2023-01-07

Electronics

Abstract:Cyberattacks always remain the major threats and challenging issues in the modern digital world. With the increase in the number of internet of things (IoT) devices, security challenges in these devices, such as lack of encryption, malware, ransomware, and IoT botnets, leave the devices vulnerable to attackers that can access and manipulate the important data, threaten the system, and demand ransom. The lessons from the earlier experiences of cyberattacks demand the development of the best-practices benchmark of cybersecurity, especially in modern Smart Environments. In this study, we propose an approach with a framework to discover malware attacks by using artificial intelligence (AI) methods to cover diverse and distributed scenarios. The new method facilitates proactively tracking network traffic data to detect malware and attacks in the IoT ecosystem. Moreover, the novel approach makes Smart Environments more secure and aware of possible future threats. The performance and concurrency testing of the deep neural network (DNN) model deployed in IoT devices are computed to validate the possibility of in-production implementation. By deploying the DNN model on two selected IoT gateways, we observed very promising results, with less than 30 kb/s increase in network bandwidth on average, and just a 2% increase in CPU consumption. Similarly, we noticed minimal physical memory and power consumption, with 0.42 GB and 0.2 GB memory usage for NVIDIA Jetson and Raspberry Pi devices, respectively, and an average 13.5% increase in power consumption per device with the deployed model. The ML models were able to demonstrate nearly 93% of detection accuracy and 92% f1-score on both utilized datasets. The result of the models shows that our framework detects malware and attacks in Smart Environments accurately and efficiently.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ricardo Alejandro Manzano Sanchez,Marzia Zaman,Nishith Goel,Kshirasagar Naik,Rohit Joshi

DOI: https://doi.org/10.3390/s22207726

IF: 3.9

2022-10-13

Sensors

Abstract:In recent years, anomaly detection and machine learning for intrusion detection systems have been used to detect anomalies on Internet of Things networks. These systems rely on machine and deep learning to improve the detection accuracy. However, the robustness of the model depends on the number of datasamples available, quality of the data, and the distribution of the data classes. In the present paper, we focused specifically on the amount of data and class imbalanced since both parameters are key in IoT due to the fact that network traffic is increasing exponentially. For this reason, we propose a framework that uses a big data methodology with Hadoop–Spark to train and test multi-class and binary classification with one-vs-rest strategy for intrusion detection using the entire BoT IoT dataset. Thus, we evaluate all the algorithms available in Hadoop–Spark in terms of accuracy and processing time. In addition, since the BoT IoT dataset used is highly imbalanced, we also improve the accuracy for detecting minority classes by generating more datasamples using a Conditional Tabular Generative Adversarial Network (CTGAN). In general, our proposed model outperforms other published models including our previous model. Using our proposed methodology, the F1-score of one of the minority class, i.e., Theft attack was improved from 42% to 99%.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Noor Wali Khan,Mohammed S Alshehri,Muazzam A Khan,Sultan Almakdi,Naghmeh Moradpoor,Abdulwahab Alazeb,Safi Ullah,Naila Naz,Jawad Ahmad

DOI: https://doi.org/10.3934/mbe.2023602

2023-06-13

Abstract:The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

M. K. Nallakaruppan,Siva Rama Krishnan Somayaji,Siddhesh Fuladi,Francesco Benedetto,Senthil Kumaran Ulaganathan,Gokul Yenduri

DOI: https://doi.org/10.1109/access.2024.3355794

IF: 3.9

2024-03-06

IEEE Access

Abstract:The Internet of Things (IoT) infrastructure enables smart devices to learn, think, speak and perform. The facilities of the IoT devices can be enhanced to support an intelligent application through technologies like fog computing, smart networks, federated learning or explainable artificial intelligence infrastructures. In all these cases networking of IoT devices becomes inevitable. Whereever there exists a network, a threat to the network infrastructure is also possible. The proposed work classifies various attacks on the hosts with the support of proven machine learning (ML) algorithms. This work performs the comparative analysis of all these classification parameters of the machine learning algorithms with the use of fuzzy-based recommendation systems. This work also lists out various incidents of intrusions on the IoT hosts in appropriate layers of the interface and proposes an efficient algorithm and framework to overcome the occurrences of intrusions on the host side. In particular, we propose an effective security framework to deal with the intrusions that can deteriorate the host-based systems. The ranking of the algorithms is evaluated using fuzzy-based recommendation systems such as TOPSIS, VIKOR, MORA, WASPAS. The ensemble of machine learning algorithms such as Decision Tree, Lite Gradient Boost, Xtra Gradient Boost and Random Forest provide better values of accuracy (around 99%) with higher precision, re-call and F1-scores, thus proving their efficacy for intrusion detection in IoT networks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ahmad Almadhor,Ali Altalbe,Imen Bouazzi,Abdullah Al Hejaili,Natalia Kryvinska

DOI: https://doi.org/10.1038/s41598-024-76016-6

IF: 4.6

2024-10-18

Scientific Reports

Abstract:Due to the rising use of the Internet of Things (IoT), the connectivity of networks increases the risk of Distributed Denial of Service (DDoS) attacks. Decentralized systems commonly used in centralized security systems fail to adequately prevent potential cyber threats in IoT because of the issues of privacy and scaling. The method proposed in this study seeks to remedy these facts by employing Explainable Artificial Intelligence (XAI) together with Federated Deep Neural Networks (FDNNs) to detect and prevent DDoS attacks. Our approach is thus to use federated learning models that are to be trained on distributed and dissimilar sources of data without compromising on the privacy aspect. FDNNs were trained over three rounds with information from three client gadgets incorporating pre-processed datasets of various types of DDoS attacks. Additionally, for feature selection, we integrated XGBoost with SHapley Additive exPlanations (SHAP) to improve model interpretability. The proposed solution can be considered to be quite robust, privacy-preserving, and highly scalable for the detection of DDoS attacks on the IoT network. The results shown on the server side indicate that this approach accurately detects 99.78% of DDoS attacks with a precision rate as high as 99.80%, recall rate (detection rate) going up to 99.74% and F1 score reaching 99.76%. They emphasize that FL-based IDSs are strong enough to cope with cybersecurity challenges in IoT, thus offering hope for securing modern network infrastructures against ever-growing cyber threats.

multidisciplinary sciences

Pankaj Kumar Keserwani,Mahesh Chandra Govil,Emmanuel S. Pilli,Prajjval Govil

DOI: https://doi.org/10.1007/s40860-020-00126-x

2021-01-18

Journal of Reliable Intelligent Environments

Abstract:The Internet of Things (IoT) is adding the advancement in the technology for creating smart environments to facilitate humans for various works. The technological developments provide many comfort and opportunities to the businesses and open the doors for the intruders or attackers to explore and exploit various attacks to evade the IoT networks’ security. Hence, security and privacy are the key anxiety to the IoT network model. Protection of computer and IoT networks from various types of attacks and threats is necessary. The traditional intrusion detection system (IDS) collects and uses massive data with unnecessary, irrelevant, and inappropriate features, which cause high detection time and low accuracy. This paper proposes an IDS to identify various attacks for IoT networks. A combination of Grey Wolf Optimization (GWO) and Particle Swarm Optimization (PSO) is used to extract relevant IoT network features. The extracted features are fed to a random forest (RF) classifier to achieve high attack detection accuracy. The experiments are conducted in the python programming environment to evaluate the proposed model on KDDCup99, NSL–KDD, and CICIDS-2017 datasets. The proposed GWO–PSO–RF NIDS model has achieved an average accuracy of 99.66% for multiclass classification. The accuracy of the proposed model has been compared with other similar approaches to show its effectiveness. The work presented here also addresses the issue of data imbalance.

English Else

Sushil Shakya,Robert Abbas

2024-11-08

Abstract:This paper presents the detection of DDoS attacks in IoT networks using machine learning models. Their rapid growth has made them highly susceptible to various forms of cyberattacks, many of whose security procedures are implemented in an irregular manner. It evaluates the efficacy of different machine learning models, such as XGBoost, K-Nearest Neighbours, Stochastic Gradient Descent, and Naïve Bayes, in detecting DDoS attacks from normal network traffic. Each model has been explained on several performance metrics, such as accuracy, precision, recall, and F1-score to understand the suitability of each model in real-time detection and response against DDoS threats. This comparative analysis will, therefore, enumerate the unique strengths and weaknesses of each model with respect to the IoT environments that are dynamic and hence moving in nature. The effectiveness of these models is analyzed, showing how machine learning can greatly enhance IoT security frameworks, offering adaptive, efficient, and reliable DDoS detection capabilities. These findings have shown the potential of machine learning in addressing the pressing need for robust IoT security solutions that can mitigate modern cyber threats and assure network integrity.

Cryptography and Security,Machine Learning

Dr. S. Smys,Dr. Haoxiang Wang,Dr. Abul Basar

DOI: https://doi.org/10.36548/JISMAC.2020.4.002

2020-09-30

DECEMBER

Abstract:Internet of things (IoT) is a promising solution to connect and access every device through internet. Every day the device count increases with large diversity in shape, size, usage and complexity. Since IoT drive the world and changes people lives with its wide range of services and applications. However, IoT provides numerous services through applications, it faces severe security issues and vulnerable to attacks such as sinkhole attack, eaves dropping, denial of service attacks, etc., Intrusion detection system is used to detect such attacks when the network security is breached. This research work proposed an intrusion detection system for IoT network and detect different types of attacks based on hybrid convolutional neural network model. Proposed model is suitable for wide range of IoT applications. Proposed research work is validated and compared with conventional machine learning and deep learning model. Experimental result demonstrate that proposed hybrid model is more sensitive to attacks in the IoT network.

Computer Science,Engineering

Albara Awajan

DOI: https://doi.org/10.3390/computers12020034

2023-02-05

Computers

Abstract:The impressive growth rate of the Internet of Things (IoT) has drawn the attention of cybercriminals more than ever. The growing number of cyber-attacks on IoT devices and intermediate communication media backs the claim. Attacks on IoT, if they remain undetected for an extended period, cause severe service interruption resulting in financial loss. It also imposes the threat of identity protection. Detecting intrusion on IoT devices in real-time is essential to make IoT-enabled services reliable, secure, and profitable. This paper presents a novel Deep Learning (DL)-based intrusion detection system for IoT devices. This intelligent system uses a four-layer deep Fully Connected (FC) network architecture to detect malicious traffic that may initiate attacks on connected IoT devices. The proposed system has been developed as a communication protocol-independent system to reduce deployment complexities. The proposed system demonstrates reliable performance for simulated and real intrusions during the experimental performance analysis. It detects the Blackhole, Distributed Denial of Service, Opportunistic Service, Sinkhole, and Workhole attacks with an average accuracy of 93.74%. The proposed intrusion detection system’s precision, recall, and F1-score are 93.71%, 93.82%, and 93.47%, respectively, on average. This innovative deep learning-based IDS maintains a 93.21% average detection rate which is satisfactory for improving the security of IoT networks.

Firas Mohammed Aswad,Ali Mohammed Saleh Ahmed,Nafea Ali Majeed Alhammadi,Bashar Ahmad Khalaf,Salama A. Mostafa

DOI: https://doi.org/10.1515/jisys-2022-0155

2023-01-01

Journal of Intelligent Systems

Abstract:Abstract With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F -measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.

Sapna Sadhwani,Urvi Kavan Modi,Raja Muthalagu,Pranav M Pawar,Pranav M. Pawar

DOI: https://doi.org/10.1109/access.2024.3371996

IF: 3.9

2024-03-12

IEEE Access

Abstract:While the Internet of Things (IoT) paradigm has transformed connectivity, it has also brought with it previously unheard-of security risks. The categorization of IoT attacks using several machine learning techniques and a deep learning method is the main emphasis of this research. In addition to proposing a binary and multiclass classification framework with Machine Learning (ML) algorithms like Random Forest (RF), Decision tree (DT), Extra Tree Classifier (ETC), Support Vector Machine (SVM), and k-Nearest Neighbor (KNN) and Deep Learning (DL) architectures like Deep Neural Network (DNN), the study assesses a wide range of attack types in IoT environments. Benchmark datasets with real-world IoT attack scenarios, such as Edge-IIoTset, are used for experimentation. Preprocessing is done on the dataset using Principal Componenet Analysis (PCA) for feature selection, Synthetic Minority Oversampling Technique to handle class imbalance and Standard Scaling for feature scaling. These approaches' comparative performance and efficacy are examined. The outcomes indicate how successful the DL model in managing intricate attack patterns and the generalization capabilities of ML algorithms across various attack classes. The DNN model yields the best results, with 100% accuracy for binary classification, 96.15% accuracy for 6-class classification, and 94.68% accuracy for 15-class classification. Further, 10-fold cross validation has been applied to make sure that the model does not overfit. This work contributes to the improvement of IoT security mechanisms by offering insights into the selection of appropriate approaches for binary and multiclass classification of threats.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chandra Prabha Kaliappan,Kanmani Palaniappan,Devipriya Ananthavadivel,Ushasukhanya Subramanian

DOI: https://doi.org/10.1007/s12083-024-01684-0

IF: 3.488

2024-06-02

Peer-to-Peer Networking and Applications

Abstract:Over the years, the Internet of Things (IoT) devices have shown rapid proliferation and development in various domains. However, the widespread adoption of smart devices significantly ameliorates the possibility of several security challenges. To address these challenges, this research presents an advanced AI-enhanced trust framework for IoT Intrusion detection to safeguard IoT environments from any potential intrusion attempts. The proposed framework integrates cutting-edge AI techniques for intrusion detection which identifies the anomalies based on the device behavior and responds dynamically to emerging threats. Initially, a robust Intrusion Detection System (IDS) is developed based on an Isolation Forest (IF) algorithm and Autoencoders (AE) to promptly identify anomalies in real-time. Then, behavioral Modeling is performed by employing Long Short-Term Memory (LSTM) and Convolutional Neural Networks (CNNs) for precise behavioral understanding of IoT devices. Additionally, the Bayesian Network is used to perform adaptive trust assessment and the Reinforcement Learning based Proximal Policy Optimization (PPO) for providing dynamic responses to the detected anomalies. The proposed framework is practically implemented and evaluated using IoTID20 and N-BaIoT datasets, and compared with baseline intrusion detection methods including, CNN-TSODE, cuLSTMGRU, ELETL-IDS, Fed-Inforce-Fusion, and Conv-LSTM. The results demonstrate that the proposed framework achieves high efficiency and outperformed other baseline methods by obtaining a detection accuracy of 98.25%, recall of 96.8%, and precision of 97.45%. Overall, the proposed AI-Enhanced Trust Framework offers a promising solution by identifying the intrusion endeavors effectively and contributing toward the attainment of secure and trustworthy IoT ecosystems.

computer science, information systems,telecommunications

Dawit Dejene Bikila,Jan Čapek

DOI: https://doi.org/10.1016/j.future.2024.107630

IF: 7.307

2024-12-03

Future Generation Computer Systems

Abstract:The number of Internet of Things (IoT) device connections is increasing rapidly as IoT applications are vital in any operation. IoT must maintain safe internet access that withstands various malicious attacks for instance Recon, Mirai, Distributed Denial of Service (DDoS), and Spoofing which has gained much attention. Intelligently changing and zero-day attacks are emerging every day. This highlights the need for intelligent security solutions tailored specifically to this technology. Various Machine Learning (ML) based approaches have been utilized for intrusion detection to tackle IoT attacks. However, the flaws of current attack detection and feature extraction techniques result in low detection accuracy. Thus, it hindered their real-world applications and highlighted the need for a lightweight and computationally robust model trained and assessed on a recent datasets. Therefore, this work proposed an attack detection model trained and validated using the CICIoT2023 and CICIDS2017 datasets. Initially, data preprocessing is done then features are extracted by using an unsupervised Elastic Deep Autoencoder (EDA) with optimum hyperparameters. Further, the Extreme Gradient Boosting (XGBoost) binary classifier is tuned by the Grey Wolf Optimizer (GWO) and fed extracted feature sets to classify attacks. The results of the experiments show the effectiveness of our model with a higher detection accuracy in both datasets. Finally, the performance comparison confirmed that the results of the proposed work is competitive with other state-of-the-art method in securing IoT infrastructures.

computer science, theory & methods

Prabhat Kumar,Govind P. Gupta,Rakesh Tripathi

DOI: https://doi.org/10.1007/s13369-020-05181-3

IF: 2.807

2021-01-11

Arabian Journal for Science and Engineering

Abstract:With simple connectivity and fast-growing demand of smart devices and networks, IoT has become more prone to cyber attacks. In order to detect and prevent cyber attacks in IoT networks, intrusion detection system (IDS) plays a crucial role. However, most of the existing IDS have dimensionality curse that reduces overall IoT systems efficiency. Hence, it is important to remove repetitive and irrelevant features while designing effective IDS. Motivated from aforementioned challenges, this paper presents an intelligent cyber attack detection system for IoT network using a novel hybrid feature reduced approach. This technique first performs feature ranking using correlation coefficient, random forest mean decrease accuracy and gain ratio to obtain three different feature sets. Then, features are combined using a suitably designed mechanism (AND operation), to obtain single optimized feature set. Finally, the obtained reduced feature set is fed to three well-known machine learning algorithms such as random forest, K-nearest neighbor and XGBoost for detection of cyber attacks. The efficiency of the proposed cyber attack detection framework is evaluated using NSL-KDD and two latest IoT-based datasets namely, BoT-IoT and DS2OS. Performance of the proposed framework is evaluated and compared with some recent state-of-the-art techniques found in literature, in terms of accuracy, detection rate (DR), precision and F1 score. Performance analysis using these three datasets shows that the proposed model has achieved DR up to 90%–100%, for most of the attack vectors that has close similarity to normal behaviors and accuracy above 99%.

multidisciplinary sciences

Maryam Mahsal Khan,Mohammed Alkhathami

DOI: https://doi.org/10.1038/s41598-024-56126-x

IF: 4.6

2024-03-13

Scientific Reports

Abstract:Internet of Things (IoT) integration in healthcare improves patient care while also making healthcare delivery systems more effective and economical. To fully realize the advantages of IoT in healthcare, it is imperative to overcome issues with data security, interoperability, and ethical considerations. IoT sensors periodically measure the health-related data of the patients and share it with a server for further evaluation. At the server, different machine learning algorithms are applied which help in early diagnosis of diseases and issue alerts in case vital signs are out of the normal range. Different cyber attacks can be launched on IoT devices which can result in compromised security and privacy of applications such as health care. In this paper, we utilize the publicly available Canadian Institute for Cybersecurity (CIC) IoT dataset to model machine learning techniques for efficient detection of anomalous network traffic. The dataset consists of 33 types of IoT attacks which are divided into 7 main categories. In the current study, the dataset is pre-processed, and a balanced representation of classes is used in generating a non-biased supervised (Random Forest, Adaptive Boosting, Logistic Regression, Perceptron, Deep Neural Network) machine learning models. These models are analyzed further by eliminating highly correlated features, reducing dimensionality, minimizing overfitting, and speeding up training times. Random Forest was found to perform optimally across binary and multiclass classification of IoT Attacks with an approximate accuracy of 99.55% under both reduced and all feature space. This improvement was complimented by a reduction in computational response time which is essential for real-time attack detection and response.

multidisciplinary sciences