Dr. S. Smys,Dr. Haoxiang Wang,Dr. Abul Basar

DOI: https://doi.org/10.36548/JISMAC.2020.4.002

2020-09-30

DECEMBER

Abstract:Internet of things (IoT) is a promising solution to connect and access every device through internet. Every day the device count increases with large diversity in shape, size, usage and complexity. Since IoT drive the world and changes people lives with its wide range of services and applications. However, IoT provides numerous services through applications, it faces severe security issues and vulnerable to attacks such as sinkhole attack, eaves dropping, denial of service attacks, etc., Intrusion detection system is used to detect such attacks when the network security is breached. This research work proposed an intrusion detection system for IoT network and detect different types of attacks based on hybrid convolutional neural network model. Proposed model is suitable for wide range of IoT applications. Proposed research work is validated and compared with conventional machine learning and deep learning model. Experimental result demonstrate that proposed hybrid model is more sensitive to attacks in the IoT network.

Computer Science,Engineering

Magdy M. Fadel,Sally M. El-Ghamrawy,Amr M. T. Ali-Eldin,Mohammed K. Hassan,Ali I. El-Desoky

DOI: https://doi.org/10.1371/journal.pone.0271436

IF: 3.7

2022-07-31

PLoS ONE

Abstract:Throughout the past few years, the Internet of Things (IoT) has grown in popularity because of its ease of use and flexibility. Cyber criminals are interested in IoT because it offers a variety of benefits for users, but it still poses many types of threats. The most common form of attack against IoT is Distributed Denial of Service (DDoS). The growth of preventive processes against DDoS attacks has prompted IoT professionals and security experts to focus on this topic. Due to the increasing prevalence of DDoS attacks, some methods for distinguishing different types of DDoS attacks based on individual network features have become hard to implement. Additionally, monitoring traffic pattern changes and detecting DDoS attacks with accuracy are urgent and necessary. In this paper, using Modified Whale Optimization Algorithm (MWOA) feature extraction and Hybrid Long Short Term Memory (LSTM), shown that DDoS attack detection methods can be developed and tested on various datasets. The MWOA technique, which is used to optimize the weights of the LSTM neural network to reduce prediction errors in the hybrid LSTM algorithm, is used. Additionally, MWOA can optimally extract IP packet features and identify DDoS attacks with the support of MWOA-LSTM model. The proposed MWOA-LSTM framework outperforms standard support vector machines (SVM) and Genetic Algorithm (GA) as well as standard methods for detecting attacks based on precision, recall and accuracy measurements.

multidisciplinary sciences

Lincoln Best,Ernest Foo,Hui Tian

DOI: https://doi.org/10.48550/arXiv.2205.04005

2022-05-09

Abstract:The proliferation and variety of Internet of Things devices means that they have increasingly become a viable target for malicious users. This has created a need for anomaly detection algorithms that can work across multiple devices. This thesis suggests a potential alternative to the current anomaly detection algorithms to be implemented within IoT systems that can be applied across different types of devices. This algorithm is comprised of both unsupverised and supervised machine areas of machine learning combining the strongest facet of each. The algorithm involves the initial k-means clustering of attacks and assigns them to clusters. Next, the clusters are then used by the AdaBoosted Naive Bayes supervised learning algorithm in order to teach itself which piece of data should be clustered to which specific attack. This increases the accuracy of the proposed algorithm by adding clustered data before the final classification step, ensuring a more accurate algorithm. The correct indentification percentage scores for this proposed algorithm range anywhere from 90% to 100%, as well as rating the proposed algorithms accuracy, precision and recall. These high scores achieve an accurate, flexible, scalable, optimised algorithm that could potentially be in different IoT devices, ensuring strong data integrity and privacy.

Cryptography and Security

Vijay Prakash Sharma,Narendra Singh Yadav,Sundar Suhrith Adavi,D. Sikha Datta Reddy,Brij B. Gupta

DOI: https://doi.org/10.47974/jdmsc-1737

2023-01-01

Abstract:Today, almost 90% of the technology in usage is linked with IoT (Internet of Things). which brings the question, what is IoT? Internet of things is a system of co-related computers, electronic devices, and objects. IoT essentially controls almost every online service which we avail without human -to-human interaction. An IDS is a hardware or software system that automatically monitors, identifies, and alerts a computer or network against attacks and intrusions. The proposed hybrid model makes use of genetic algorithm with UNSW NB-15 dataset which contains multiple classes of attack to provide a huge variety of attacks which will help to simulate different kinds of attack which will help train the model better. We have used CNN and LSTM model for extracting features. By detecting the attacks quickly, we can identify potential intruders and limit the damage. Feature selection and classification have been performed using Generic algorithm. This hybrid model helps to check whether the alert is an attack or not, if yes what kind of attack is it. the proposed Hybrid model works better than a conventional intrusion detection system, we got 99.38% accuracy from this model.

Muhammad Zawad Mahmud,Samiha Islam,Shahran Rahman Alve,Al Jubayer Pial

2024-12-04

Abstract:An application of software known as an Intrusion Detection System (IDS) employs machine algorithms to identify network intrusions. Selective logging, safeguarding privacy, reputation-based defense against numerous attacks, and dynamic response to threats are a few of the problems that intrusion identification is used to solve. The biological system known as IoT has seen a rapid increase in high dimensionality and information traffic. Self-protective mechanisms like intrusion detection systems (IDSs) are essential for defending against a variety of attacks. On the other hand, the functional and physical diversity of IoT IDS systems causes significant issues. These attributes make it troublesome and unrealistic to completely use all IoT elements and properties for IDS self-security. For peculiarity-based IDS, this study proposes and implements a novel component selection and extraction strategy (our strategy). A five-ML algorithm model-based IDS for machine learning-based networks with proper hyperparamater tuning is presented in this paper by examining how the most popular feature selection methods and classifiers are combined, such as K-Nearest Neighbors (KNN) Classifier, Decision Tree (DT) Classifier, Random Forest (RF) Classifier, Gradient Boosting Classifier, and Ada Boost Classifier. The Random Forest (RF) classifier had the highest accuracy of 99.39%. The K-Nearest Neighbor (KNN) classifier exhibited the lowest performance among the evaluated models, achieving an accuracy of 94.84%. This study's models have a significantly higher performance rate than those used in previous studies, indicating that they are more reliable.

Cryptography and Security,Machine Learning

Richa Singh,R L Ujjwal

DOI: https://doi.org/10.3389/fdata.2023.1081466

2023-02-01

Abstract:The Internet of Things (IoT) consists of several smart devices equipped with computing, sensing, and network capabilities, which enable them to collect and exchange heterogeneous data wirelessly. The increasing usage of IoT devices in daily activities increases the security needs of IoT systems. These IoT devices are an easy target for intruders to perform malicious activities and make the underlying network corrupt. Hence, this paper proposes a hybridized bio-inspired-based intrusion detection system (IDS) for the IoT framework. The hybridized sine-cosine algorithm (SCA) and salp swarm algorithm (SSA) determines the essential features of the network traffic. Selected features are passed to a machine learning (ML) classifier for the detection and classification of intrusive traffic. The IoT network intrusion dataset determines the performance of the proposed system in a python environment. The proposed hybridized system achieves maximum accuracy of 84.75% with minimum selected features i.e., 8 and takes minimum time of 96.42 s in detecting intrusion for the IoT network. The proposed system's effectiveness is shown by comparing it with other similar approaches for performing multiclass classification.

Rafika Saadouni,Amina Khacha,Z. Aliouat,Yasmine Harbi

DOI: https://doi.org/10.1109/ISIA55826.2022.9993487

2022-11-29

Abstract:The internet of things (IoT) is expected to offer a significant impact on the industry domain leading to the concept of industrial IoT (IIoT). The IIoT comprises machine-to-machine (M2M) and communication technologies with data automation and exchange to improve product quality and decrease pro-duction costs. As a consequence, a large amount of data is collected and smartly processed to provide optimal industrial operations. This growing deployment enables adversaries to con-duct potential and destructive cyber-attacks to accomplish their malicious goals. Therefore, intelligent decision-making actions for cyber-attack detection in IIoT are sorely required. To address this challenge, we propose an intrusion detection system (IDS) using deep learning models. Specifically, the proposed system is based on the combination of convolutional neural network (CNN) and long short-term memory (LSTM) that are excellent techniques for intrusion detection and classification due to their ability in classifying main characteristics and their effectiveness in performing faster computations. We adopt the most recent dataset named Edge-IIoTset that contains a real traffic network of IoT and IIoT applications. The proposed model is evaluated in terms of accuracy, precision, false positive rate, and detection cost within binary and multi-class classifications. The obtained results show that our CNN-LSTM model provides better performance and robustness in cyber security intrusion detection for IIoT applications compared to LSTM and traditional machine learning models. Moreover, it outperforms two recent related models in terms of accuracy rate.

Engineering,Computer Science

Noor Wali Khan,Mohammed S Alshehri,Muazzam A Khan,Sultan Almakdi,Naghmeh Moradpoor,Abdulwahab Alazeb,Safi Ullah,Naila Naz,Jawad Ahmad

DOI: https://doi.org/10.3934/mbe.2023602

2023-06-13

Abstract:The Internet of Things (IoT) is a rapidly evolving technology with a wide range of potential applications, but the security of IoT networks remains a major concern. The existing system needs improvement in detecting intrusions in IoT networks. Several researchers have focused on intrusion detection systems (IDS) that address only one layer of the three-layered IoT architecture, which limits their effectiveness in detecting attacks across the entire network. To address these limitations, this paper proposes an intelligent IDS for IoT networks based on deep learning algorithms. The proposed model consists of a recurrent neural network and gated recurrent units (RNN-GRU), which can classify attacks across the physical, network, and application layers. The proposed model is trained and tested using the ToN-IoT dataset, specifically collected for a three-layered IoT system, and includes new types of attacks compared to other publicly available datasets. The performance analysis of the proposed model was carried out by a number of evaluation metrics such as accuracy, precision, recall, and F1-measure. Two optimization techniques, Adam and Adamax, were applied in the evaluation process of the model, and the Adam performance was found to be optimal. Moreover, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. The results show that the proposed system achieves an accuracy of 99% for network flow datasets and 98% for application layer datasets, demonstrating its superiority over previous IDS models.

Sandhya Ethala,Annapurani Kumarappan

DOI: https://doi.org/10.3390/s22218566

2022-11-07

Abstract:The Internet of Things (IoT) network integrates physical objects such as sensors, networks, and electronics with software to collect and exchange data. Physical objects with a unique IP address communicate with external entities over the internet to exchange data in the network. Due to a lack of security measures, these network entities are vulnerable to severe attacks. To address this, an efficient security mechanism for dealing with the threat and detecting attacks is necessary. The proposed hybrid optimization approach combines Spider Monkey Optimization (SMO) and Hierarchical Particle Swarm Optimization (HPSO) to handle the huge amount of intrusion data classification problems and improve detection accuracy by minimizing false alarm rates. After finding the best optimum values, the Random Forest Classifier (RFC) was used to classify attacks from the NSL-KDD and UNSW-NB 15 datasets. The SVM model obtained accuracy of 91.82%, DT of 98.99%, and RFC of 99.13%, and the proposed model obtained 99.175% for the NSL-KDD dataset. Similarly, SVM obtained accuracy of 85.88%, DT of 88.87%, RFC of 91.65%, and the proposed model obtained 99.18% for the UNSW NB-15 dataset. The proposed model achieved accuracy of 99.175% for the NSL-KDD dataset which is higher than the state-of-the-art techniques such as DNN of 97.72% and Ensemble Learning at 85.2%.

Maryam Mahsal Khan,Mohammed Alkhathami

DOI: https://doi.org/10.1038/s41598-024-56126-x

IF: 4.6

2024-03-13

Scientific Reports

Abstract:Internet of Things (IoT) integration in healthcare improves patient care while also making healthcare delivery systems more effective and economical. To fully realize the advantages of IoT in healthcare, it is imperative to overcome issues with data security, interoperability, and ethical considerations. IoT sensors periodically measure the health-related data of the patients and share it with a server for further evaluation. At the server, different machine learning algorithms are applied which help in early diagnosis of diseases and issue alerts in case vital signs are out of the normal range. Different cyber attacks can be launched on IoT devices which can result in compromised security and privacy of applications such as health care. In this paper, we utilize the publicly available Canadian Institute for Cybersecurity (CIC) IoT dataset to model machine learning techniques for efficient detection of anomalous network traffic. The dataset consists of 33 types of IoT attacks which are divided into 7 main categories. In the current study, the dataset is pre-processed, and a balanced representation of classes is used in generating a non-biased supervised (Random Forest, Adaptive Boosting, Logistic Regression, Perceptron, Deep Neural Network) machine learning models. These models are analyzed further by eliminating highly correlated features, reducing dimensionality, minimizing overfitting, and speeding up training times. Random Forest was found to perform optimally across binary and multiclass classification of IoT Attacks with an approximate accuracy of 99.55% under both reduced and all feature space. This improvement was complimented by a reduction in computational response time which is essential for real-time attack detection and response.

multidisciplinary sciences

Sahar. Soussa,T. Nazmy,M. Hashem,Sahar Selim

Abstract:Intrusion detection is a critical process in network security. Nowadays new intelligent techniques have been used to improve the intrusion detection process. This paper proposes a hybrid intelligent intrusion detection system to improve the detection rate for known and unknown attacks. We examined different neural network & decision tree techniques. The proposed model consists of multi-level based on hybrid neural network and decision tree. Each level is implemented with the technique which gave best experimental results. From our experimental results with different network data, our model achieves correct classification rate of 93.2%, average detection rate about 95.6%; 99.5% for known attacks and 87% for new unknown attacks, and 9.4% false alarm rate. Keywords-component; network intrusion detection; neural network; Decision Tree; NSL-KDD dataset

Engineering,Computer Science

Hao Xu,Zihan Sun,Yuan Cao,Hazrat Bilal

DOI: https://doi.org/10.1007/s00500-023-09037-4

IF: 3.732

2023-07-29

Soft Computing

Abstract:Cyber-attacks and network intrusion have surfaced as major concerns for modern days applications of the Internet of Things (IoT). The existing intrusion detection and prevention techniques have a wide range of limitations and thus are unable to precisely detect any type of attack or anomaly within the network traffic. Many machine learning-based algorithms have also been presented by the researchers, which lack performance in terms of classification accuracy, or in terms of multi-class classification. This research presents a data-driven approach for intrusion and anomaly detection, where the data is processed and filtered using different algorithms. The quality of the training dataset is improved by using Synthetic Minority Oversampling Technique (SMOTE) algorithm and mutual information. Automated machine learning is also used to detect the algorithm with auto-tuned hyper-parameters that best suit to classify the data. This technique not only saves the computational cost to test the data at run-time but also provides an optimal algorithm without the need to run calculations to tune hyper-parameters, manually. The resultant algorithm solves a multi-class classification problem with an accuracy of 99.7%, outperforming the existing algorithms by a decent margin.

computer science, artificial intelligence, interdisciplinary applications

Fazal Wahab,Yuhai Zhao,Danish Javeed,Mosleh Hmoud Al-Adhaileh,Shahab Ahmad Almaaytah,Wasiat Khan,Muhammad Shahid Saeed,Rajeev Kumar Shah

DOI: https://doi.org/10.1155/2022/6096289

IF: 3.12

2022-01-01

Computational Intelligence and Neuroscience

Abstract:E-health has grown into a billion-dollar industry in the last decade. Its device's high throughput makes it an obvious target for cyberattacks, and these environments desperately need protection. In this scientific study, we presented an artificial intelligence (AI)-driven software-defined networking (SDN)-enabled intrusion detection system (IDS) to address increasing cyber threats in the E-health and internet of medical things (IoMT) environments. AI's success in various fields, including big data and intrusion detection systems, has prompted us to develop a flexible and cost-effective approach to protect such critical environments from cyberattacks. We present a hybrid model consisting of long short-term memory (LSTM) and gated recurrent unit (GRU). The proposed model was thoroughly evaluated using the publicly available CICDDoS2019 dataset and conventional evaluation measures. Furthermore, for proper validation, the proposed framework is compared with relevant classifiers, such as cu-GRU+ DNN and cu-BLSTM. We have further compared the proposed model with existing literature to prove its efficacy. Lastly, 10-fold cross-validation is also used to verify that our results are unbiased. The proposed approach has bypassed the current literature with extraordinary performance ramifications such as 99.01% accuracy, 99.04% precision, 98.80 percent recall, and 99.12% F1-score.

Akbar Telikani,Nima Esmi Rudbardeh,Shiva Soleymanpour,Asadollah Shahbahrami,Jun Shen,Georgi Gaydadjiev,Reza Hassanpour

DOI: https://doi.org/10.1109/tii.2023.3314208

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:A problem with machine learning (ML) techniques for detecting intrusions in the Internet of Things (IoT) is that they are ineffective in the detection of low-frequency intrusions. In addition, as ML models are trained using specific attack categories, they cannot recognize unknown attacks. This article integrates strategies of cost-sensitive learning and multitask learning into a hybrid ML model to address these two challenges. The hybrid model consists of an autoencoder for feature extraction and a support vector machine (SVM) for detecting intrusions. In the cost-sensitive learning phase for the class imbalance problem, the hinge loss layer is enhanced to make a classifier strong against low-distributed intrusions. Moreover, to detect unknown attacks, we formulate the SVM as a multitask problem. Experiments on the UNSW-NB15 and BoT-IoT datasets demonstrate the superiority of our model in terms of recall, precision, and F1-score averagely 92.2%, 96.2%, and 94.3%, respectively, over other approaches.

M. Wasim Abbas Ashraf,Arvind R. Singh,A. Pandian,Rajkumar Singh Rathore,Mohit Bajaj,Ievgen Zaitsev

DOI: https://doi.org/10.1038/s41598-024-78976-1

IF: 4.6

2024-11-09

Scientific Reports

Abstract:While the proliferation of the Internet of Things (IoT) has revolutionized several industries, it has also created severe data security concerns. The security of these network devices and the dependability of IoT networks depend on efficient threat detection. Device heterogeneity, computing resource constraints, and the ever-changing nature of cyber threats are a few of the obstacles that make detecting cyber threats in IoT systems difficult. Complex threats often go undetected by conventional security measures, requiring more sophisticated, adaptive detection methods. Therefore, this study presents the Hybrid approach based on the Support Vector Machines Rule-Based Detection (HSVMR-D) method for an all-encompassing approach to identifying cyber threats to the IoT. The HSVMR-D employs SVM to categorize known and unknown threats using attributes acquired from IoT data. Identifying known attack signatures and patterns using rule-based approaches improves detection efficiency without retraining by adapting pre-trained models to new IoT contexts. Moreover, protecting vital infrastructure and sensitive data, HSVMR-D provides a thorough and adaptable solution to improve the security posture of IoT deployments. Comprehensive experiment analysis and simulation results compared to the baseline study have confirmed the efficiency of the proposed HSVMR-D. Furthermore, increased resilience to completely novel changing threats, fewer false positives, and improved accuracy in threat detection are all outcomes that show the proposed work outperforms others. The HSVMR-D approach is helpful where the primary objective is a secure environment in the Internet of Things (IoT) when resources are limited.

multidisciplinary sciences

DOI: https://doi.org/10.1007/s13042-024-02147-x

2024-05-14

International Journal of Machine Learning and Cybernetics

Abstract:The Internet of Things (IoT) connects billions of devices. However, because of its heterogeneous system and broad connectivity, it is vulnerable to various intrusion challenges, resulting in data and financial loss. The IoT environment must be secured from such threats. This research proposes an SDN-enabled Deep-Learning-Driven System for IoT intrusion detection. Intrusion detection can detect unknown threats from network traffic and is a good network security measure. Most current network anomaly detection approaches use standard machine learning models like KNN and SVM. These approaches have some significant advantages, but they are not very accurate and rely on manual traffic design, which is outmoded in the age of big data. Our proposed Hybrid Deep Learning-based Intrusion Detection System (HDLIDS) addresses low accuracy and feature engineering issues. HDLIDS uses a novel Modified Hybrid Deep Belief Network with Weights (MHDBN-W) algorithm to detect existing and new cyberattacks. The MHDBN-W method consists of an MCL, a layer combining the MGBRBM and DNN-W algorithms, and an aggregator layer. The MHDBN-W technique has two phases: UL and SL of traffic features into normal and abnormal classes. The HDLIDS model is evaluated on the CICIDS2018 dataset compared to other conventional learning methods. It outperforms all other models in all performance criteria.

computer science, artificial intelligence

Amit Kumar Balyan,Sachin Ahuja,Umesh Kumar Lilhore,Sanjeev Kumar Sharma,Poongodi Manoharan,Abeer D Algarni,Hela Elmannai,Kaamran Raahemifar

DOI: https://doi.org/10.3390/s22165986

2022-08-10

Abstract:Due to the rapid growth in IT technology, digital data have increased availability, creating novel security threats that need immediate attention. An intrusion detection system (IDS) is the most promising solution for preventing malicious intrusions and tracing suspicious network behavioral patterns. Machine learning (ML) methods are widely used in IDS. Due to a limited training dataset, an ML-based IDS generates a higher false detection ratio and encounters data imbalance issues. To deal with the data-imbalance issue, this research develops an efficient hybrid network-based IDS model (HNIDS), which is utilized using the enhanced genetic algorithm and particle swarm optimization(EGA-PSO) and improved random forest (IRF) methods. In the initial phase, the proposed HNIDS utilizes hybrid EGA-PSO methods to enhance the minor data samples and thus produce a balanced data set to learn the sample attributes of small samples more accurately. In the proposed HNIDS, a PSO method improves the vector. GA is enhanced by adding a multi-objective function, which selects the best features and achieves improved fitness outcomes to explore the essential features and helps minimize dimensions, enhance the true positive rate (TPR), and lower the false positive rate (FPR). In the next phase, an IRF eliminates the less significant attributes, incorporates a list of decision trees across each iterative process, supervises the classifier's performance, and prevents overfitting issues. The performance of the proposed method and existing ML methods are tested using the benchmark datasets NSL-KDD. The experimental findings demonstrated that the proposed HNIDS method achieves an accuracy of 98.979% on BCC and 88.149% on MCC for the NSL-KDD dataset, which is far better than the other ML methods i.e., SVM, RF, LR, NB, LDA, and CART.

Yashar Pourardebil Khah,Mirsaeid Hosseini Shirvani,Homayun Motameni

DOI: https://doi.org/10.1007/s11227-024-06677-7

IF: 3.3

2024-12-08

The Journal of Supercomputing

Abstract:This paper presents a hybrid Machine Learning (ML)-based feature selection algorithm to create an Intrusion Detection Systems (IDS) model in distributed computing environments such as in Internet of Things (IoT) requests. IoT applications need frequent network connections to reach either the cloud or fog resources. Since reliability and trust are very prominent attributes in distributed systems, utilizing the ML-based algorithm is vital to efficiently detect malicious/attack behaviors at the earliest time with high accuracy. To address the issue, a hybrid ML-based algorithm is presented that includes four phases. In the first phase, the pre-processing including cleansing and normalization on the relevant dataset is performed. Then, the two next phases, namely heuristic-based and meta-heuristic-based approaches, are passed for the training step. In the second phase, three effective filter-based heuristic feature rankers are utilized to sort features according to their importance. Afterward, the fuzzy TOPSIS approach is also applied to prepare a consensus among them returning top- K features. In the third phase, to optimize the consensus feature subsets, a novel Discrete Gray Wolf Optimization Algorithm (DGWA) as a meta-heuristic approach is designed. It leads to a balance in exploitation and exploration searching areas. The effectiveness of the proposed hybrid model is tested in the fourth phase on the famous NSL-KDD and UNWS-NB15 datasets against some state of the art. The simulation results of running different scenarios prove that the proposed hybrid ML-based model gives an average 10.60%, 15.85%, 3.30%, 4.39%, and 2.03% improvement in testing datasets in terms of accuracy , precision , recall , F-cost , and specificity against other comparative state of the art in the same conditions.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Sirajuddin Qureshi,Jingsha He,Saima Tunio,Nafei Zhu,Faheem Akhtar,Faheem Ullah,Ahsan Nazir,Ahsan Wajahat

DOI: https://doi.org/10.1109/access.2021.3081069

IF: 3.9

2021-01-01

IEEE Access

Abstract:The astonishing growth of sophisticated ever-evolving cyber threats and attacks throws the entire Internet-of-Things (IoT) infrastructure into chaos. As the IoT belongs to the infrastructure of interconnected devices, it brings along significant security challenges. Cyber threat analysis is an augmentation of a network security infrastructure that primarily emphasizes on detection and prevention of sophisticated network-based threats and attacks. Moreover, it requires the security of network by investigation and classification of malicious activities. In this study, we propose a DL-enabled malware detection scheme using a hybrid technique based on the combination of a Deep Neural Network(DNN) and Long Short-Term Memory(LSTM) for the efficient identification of multi-class malware families in IoT infrastructure. The proposed scheme utilizes latest 2018 dataset named as N_BaIoT. Furthermore, our proposed scheme is evaluated using standard performance metrics such as accuracy, recall, precision, F1-score, and so forth. The DL-based malware detection system achieves 99.96% detection accuracy for IoT based threats. Finally, we also compare our proposed work with other robust and state-of-the-art detection schemes.

Gauri Kalnoor,S. Gowrishankar

DOI: https://doi.org/10.1007/s41870-021-00748-1

2021-09-24

International Journal of Information Technology

Abstract:Significant growth of smart home devices is adopted, which provides security, convenience, and energy efficiency for users, in recent years. As an instance, consider a secured smart camera that detects movements of unauthorized objects, whereas the fire accidents can be detected by smoke sensors. Though, a surface for new cyber threats is some of the most recent examples that are open up in this field. Furthermore, recent examples also show that the distributed denial of service (DDoS) attacks are performed by misusing the smart devices which are hacked violating the privacy rules. In this proposed work, the application of machine learning in an environment of smart homes is explored so that the anomalous activities that occur can be identified. The sensor data at the network level is trained using a model based on the Markov chain known as hidden Markov model (HMM) and is created using smart devices and multiple sensors from a testbed. The model generated using HMM achieves 97% accuracy while detecting potential anomalies where attacks are indicated. In this approach, we construct the model and differentiate the analysed results with existing techniques. The starting step for securing IoT networks is intrusion detection and the next step is the intruders prediction which provides an active defence against the incoming attacks. The model employs an algorithm that does not depend on specific domain knowledge. The work has achieved an improvement in prediction accuracy of 5% for an alert category over the current variable length methods of Markov chain intrusion prediction, as they provided information more for a possible defence. The DDoS attack is considered as a coordinated attack mainly carried out based on a large scale depending on whether the target system’s resources or services are available. Thus, the novel approach also describes a novel machine learning-based technique using an algorithm known as variational dynamic Bayesian algorithm which helps to obtain a HMM with the number of parameters and model states which are optimized for the prediction of a DDoS attack. This procedure conquers the speed of a moderate combination HMM approach.