Khawlah Harahsheh,Rami Al-Naimat,Chung-Hao Chen

DOI: https://doi.org/10.3390/electronics13091678

IF: 2.9

2024-04-27

Electronics

Abstract:The rapid evolution of technology has given rise to a connected world where billions of devices interact seamlessly, forming what is known as the Internet of Things (IoT). While the IoT offers incredible convenience and efficiency, it presents a significant challenge to cybersecurity and is characterized by various power, capacity, and computational process limitations. Machine learning techniques, particularly those encompassing supervised classification techniques, offer a systematic approach to training models using labeled datasets. These techniques enable intrusion detection systems (IDSs) to discern patterns indicative of potential attacks amidst the vast amounts of IoT data. Our investigation delves into various aspects of supervised classification, including feature selection, model training, and evaluation methodologies, to comprehensively evaluate their impact on attack detection effectiveness. The key features selected to improve IDS efficiency and reduce dataset size, thereby decreasing the time required for attack detection, are drawn from the extensive network dataset. This paper introduces an enhanced feature selection method designed to reduce the computational overhead on IoT resources while simultaneously strengthening intrusion detection capabilities within the IoT environment. The experimental results based on the InSDN dataset demonstrate that our proposed methodology achieves the highest accuracy with the fewest number of features and has a low computational cost. Specifically, we attain a 99.99% accuracy with 11 features and a computational time of 0.8599 s.

engineering, electrical & electronic,computer science, information systems,physics, applied

Kamal Bella,Azidine Guezzaz,Said Benkirane,Mourade Azrour,Yasser Fouad,Mbadiwe S. Benyeogor,Nisreen Innab

DOI: https://doi.org/10.7717/peerj-cs.2290

2024-09-09

PeerJ Computer Science

Abstract:The adoption and integration of the Internet of Things (IoT) have become essential for the advancement of many industries, unlocking purposeful connections between objects. However, the surge in IoT adoption and integration has also made it a prime target for malicious attacks. Consequently, ensuring the security of IoT systems and ecosystems has emerged as a crucial research area. Notably, advancements in addressing these security threats include the implementation of intrusion detection systems (IDS), garnering considerable attention within the research community. In this study, and in aim to enhance network anomaly detection, we present a novel intrusion detection approach: the Deep Neural Decision Forest-based IDS (DNDF-IDS). The DNDF-IDS incorporates an improved decision forest model coupled with neural networks to achieve heightened accuracy (ACC). Employing four distinct feature selection methods separately, namely principal component analysis (PCA), LASSO regression (LR), SelectKBest, and Random Forest Feature Importance (RFFI), our objective is to streamline training and prediction processes, enhance overall performance, and identify the most correlated features. Evaluation of our model on three diverse datasets (NSL-KDD, CICIDS2017, and UNSW-NB15) reveals impressive ACC values ranging from 94.09% to 98.84%, depending on the dataset and the feature selection method. Notably, our model achieves a remarkable prediction time of 0.1 ms per record. Comparative analyses with other recent random forest and Convolutional Neural Networks (CNN) based models indicate that our DNDF-IDS performs similarly or even outperforms them in certain instances, particularly when utilizing the top 10 features. One key advantage of our novel model lies in its ability to make accurate predictions with only a few features, showcasing an efficient utilization of computational resources.

computer science, information systems, artificial intelligence, theory & methods

Mohammed Sayeeduddin Habeeb,Tummala Ranga Babu

DOI: https://doi.org/10.1002/ett.4961

IF: 3.6

2024-03-19

Transactions on Emerging Telecommunications Technologies

Abstract:Abstract Network Intrusion Detection Systems (NIDSs) are important in safeguarding networks from known and unknown attacks. Many research efforts have recently been made to create NIDS systems based on Machine Learning (ML) methods, addressing a significant challenge in designing standard NIDS the lack of standardized feature sets in the dataset. Given the recent development of the Internet of Things (IoT) in wireless communication, our proposed method introduces a novel solution to enhance intrusion detection systems. This proposed solution feature selection is carried out in two stages, coarse and fine selection. In the first stage of the coarse selection process, we conduct correlation analysis to identify relationships within the feature set. The second stage employs fine selection using the Whale Optimization Algorithm (WOA) with Genetic Algorithm hybridization (CFWOAGA). The fitness of each selected feature is assessed using the K‐Nearest Neighbors (KNN) algorithm. In our proposed work we integrate WOA with hybrid GA to extend the search space and avoid local optima problems via crossover and mutation operations. These selected features are critical for detecting any intrusion, we use an ML classifier to identify whether there is an attack or normal in the network and we evaluate the performance of each classifier. We evaluate the performance of our classifier using the BoT‐IoT 2020 standard dataset while limiting the selected features to 32 for reduced computational complexity, these selected 32 features are based upon considerations of system optimization and efficiency, making a balance between computational efficiency and model performance. The experimental findings show better model accuracy compared to the WOA technique and a significant drop in the False Alarm Rate (FAR). In conclusion, our proposed CFWOA method achieved an accuracy of 98.9%, while an updated version with the genetic algorithm demonstrated further improvement at 99.5%. Notably, there was a substantial improvement in FAR with our proposed method.

telecommunications

Muhammad Zawad Mahmud,Samiha Islam,Shahran Rahman Alve,Al Jubayer Pial

2024-12-04

Abstract:An application of software known as an Intrusion Detection System (IDS) employs machine algorithms to identify network intrusions. Selective logging, safeguarding privacy, reputation-based defense against numerous attacks, and dynamic response to threats are a few of the problems that intrusion identification is used to solve. The biological system known as IoT has seen a rapid increase in high dimensionality and information traffic. Self-protective mechanisms like intrusion detection systems (IDSs) are essential for defending against a variety of attacks. On the other hand, the functional and physical diversity of IoT IDS systems causes significant issues. These attributes make it troublesome and unrealistic to completely use all IoT elements and properties for IDS self-security. For peculiarity-based IDS, this study proposes and implements a novel component selection and extraction strategy (our strategy). A five-ML algorithm model-based IDS for machine learning-based networks with proper hyperparamater tuning is presented in this paper by examining how the most popular feature selection methods and classifiers are combined, such as K-Nearest Neighbors (KNN) Classifier, Decision Tree (DT) Classifier, Random Forest (RF) Classifier, Gradient Boosting Classifier, and Ada Boost Classifier. The Random Forest (RF) classifier had the highest accuracy of 99.39%. The K-Nearest Neighbor (KNN) classifier exhibited the lowest performance among the evaluated models, achieving an accuracy of 94.84%. This study's models have a significantly higher performance rate than those used in previous studies, indicating that they are more reliable.

Cryptography and Security,Machine Learning

Mohammed Jouhari,Hafsa Benaddi,Khalil Ibrahimi

2024-07-21

Abstract:Intrusion Detection Systems (IDSs) have played a significant role in the detection and prevention of cyber-attacks in traditional computing systems. It is not surprising that this technology is now being applied to secure Internet of Things (IoT) networks against cyber threats. However, the limited computational resources available on IoT devices pose a challenge for deploying conventional computing-based IDSs. IDSs designed for IoT environments must demonstrate high classification performance, and utilize low-complexity models. Developing intrusion detection models in the field of IoT has seen significant advancements. However, achieving a balance between high classification performance and reduced complexity remains a challenging endeavor. In this research, we present an effective IDS model that addresses this issue by combining a lightweight Convolutional Neural Network (CNN) with bidirectional Long Short-Term Memory (BiLSTM). Additionally, we employ feature selection techniques to minimize the number of features inputted into the model, thereby reducing its complexity. This approach renders the proposed model highly suitable for resource-constrained IoT devices, ensuring it meets their computation capability requirements. Creating a model that meets the demands of IoT devices and attains enhanced precision is a challenging task. However, our suggested model outperforms previous works in the literature by attaining a remarkable accuracy rate of 97.90% within a prediction time of 1.1 seconds for binary classification. Furthermore, it achieves an accuracy rate of 97.09% within a prediction time of 2.10 seconds for multiclassification.

Networking and Internet Architecture,Cryptography and Security

Mohanad Sarhan,Siamak Layeghy,Marius Portmann

DOI: https://doi.org/10.48550/arXiv.2108.12732

2022-11-23

Abstract:Internet of Things (IoT) networks have become an increasingly attractive target of cyberattacks. Powerful Machine Learning (ML) models have recently been adopted to implement network intrusion detection systems to protect IoT networks. For the successful training of such ML models, selecting the right data features is crucial, maximising the detection accuracy and computational efficiency. This paper comprehensively analyses feature sets' importance and predictive power for detecting network attacks. Three feature selection algorithms: chi-square, information gain and correlation, have been utilised to identify and rank data features. The attributes are fed into two ML classifiers: deep feed-forward and random forest, to measure their attack detection performance. The experimental evaluation considered three datasets: UNSW-NB15, CSE-CIC-IDS2018, and ToN-IoT in their proprietary flow format. In addition, the respective variants in NetFlow format were also considered, i.e., NF-UNSW-NB15, NF-CSE-CIC-IDS2018, and NF-ToN-IoT. The experimental evaluation explored the marginal benefit of adding individual features. Our results show that the accuracy initially increases rapidly with adding features but converges quickly to the maximum. This demonstrates a significant potential to reduce the computational and storage cost of intrusion detection systems while maintaining near-optimal detection accuracy. This has particular relevance in IoT systems, with typically limited computational and storage resources.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Anjum Nazir,Zulfiqar Memon,Touseef Sadiq,Hameedur Rahman,Inam Ullah Khan

DOI: https://doi.org/10.3390/s23198153

2023-09-28

Abstract:The Internet of Things (IoT) and network-enabled smart devices are crucial to the digitally interconnected society of the present day. However, the increased reliance on IoT devices increases their susceptibility to malicious activities within network traffic, posing significant challenges to cybersecurity. As a result, both system administrators and end users are negatively affected by these malevolent behaviours. Intrusion-detection systems (IDSs) are commonly deployed as a cyber attack defence mechanism to mitigate such risks. IDS plays a crucial role in identifying and preventing cyber hazards within IoT networks. However, the development of an efficient and rapid IDS system for the detection of cyber attacks remains a challenging area of research. Moreover, IDS datasets contain multiple features, so the implementation of feature selection (FS) is required to design an effective and timely IDS. The FS procedure seeks to eliminate irrelevant and redundant features from large IDS datasets, thereby improving the intrusion-detection system's overall performance. In this paper, we propose a hybrid wrapper-based feature-selection algorithm that is based on the concepts of the Cellular Automata (CA) engine and Tabu Search (TS)-based aspiration criteria. We used a Random Forest (RF) ensemble learning classifier to evaluate the fitness of the selected features. The proposed algorithm, CAT-S, was tested on the TON_IoT dataset. The simulation results demonstrate that the proposed algorithm, CAT-S, enhances classification accuracy while simultaneously reducing the number of features and the false positive rate.

Neeraj Kumar,Sanjeev Sharma

DOI: https://doi.org/10.3390/electronics12194050

IF: 2.9

2023-09-27

Electronics

Abstract:With the exponentially evolving trends in technology, IoT networks are vulnerable to serious security issues, allowing intruders to break into networks without authorization and manipulate the data. Their actions can be recognized and avoided by using a system that can detect intrusions. This paper presents a hybrid intelligent system and inverted hour-glass-based layered network classifier for feature selection and classification processes, respectively. To accomplish this task, three different datasets have been utilized in the proposed model for identifying old and new attacks. Moreover, a hybrid optimization feature selection technique has been implemented for selecting only those features that can enhance the accuracy of the detection rate. Finally, the classification is performed by using the inverted hour-glass-based layered network model in which data are up-sampled with the increase in the number of layers for effective training. Data up-sampling is performed when small subset of datapoints are observed for any class, which in turn helps in improving the accuracy of the proposed model. The proposed model demonstrated an accuracy of 99.967%, 99.567%, and 99.726% for NSL-KDD, KDD-CUP99, and UNSW NB15 datasets, respectively, which is significantly better than the traditional CNID model. These results demonstrate that our model can detect different attacks with high accuracy and is expected to show good results for new datasets as well. Additionally, to reduce the computational cost of the proposed model, we have implemented it on CPU-based core i3 processors, which are much cheaper than GPU processors.

engineering, electrical & electronic,computer science, information systems,physics, applied

Louai A. Maghrabi

DOI: https://doi.org/10.1109/access.2024.3369237

IF: 3.9

2024-03-06

IEEE Access

Abstract:Security attacks are becoming more sophisticated and common as connected devices rapidly exchange personal, sensitive, and important data. Security solutions are therefore required for Internet of Things (IoT) environments. System administrators receive alerts through an automatic Network Intrusion Detection (NID) system when security breaches occur. An automatic NID can be an effective tool to protect IoT networks against various attacks. It is possible to detect intrusions using a variety of intrusion detection techniques, but the performance and class imbalance in the dataset make this a difficult process. To improve detection rates and decrease false alarms, intrusion detection accuracy must be improved. In this paper, an automatic NID system is proposed leveraging a renowned machine learning model named Random Forest (RF) on the (UNSW-NB15) dataset collected from Kaggle. The experimental results indicate that the proposed model not only has higher accuracy at 90.17% surpassing the baseline approach by 7.34%, but also has precision, recall, and F1 scores up to 90.14%, 90.17, and 90.14%, respectively. Moreover, 98.83% accuracy is achieved with a balanced class dataset by using random resampling techniques to generate synthetic data of minority attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jahongir Azimjonov,Taehong Kim

DOI: https://doi.org/10.1016/j.cose.2023.103598

IF: 5.105

2024-02-01

Computers & Security

Abstract:Intrusion detection systems (IDSs) play a crucial role in ensuring the security and integrity of Internet of Things (IoT) networks by blocking unwanted packets and facilitating secure traffic flow. However, traditional IDSs based on data mining, fuzzy logic, heuristics, rough sets, or conventional machine learning (ML) techniques often lack accuracy and are not energy efficient, primarily due to inappropriate feature selection or the use of all features in datasets. To address these challenges, this study proposes a lightweight, accurate, and high-performance IDSs for IoT networks using fine-tuned Linear Support Vector Machines (LSVMs) and feature selection methods. Four feature selectors, including Importance Coefficient-, Forward- and Backward-Sequential-, and Correlation Coefficient-based approaches, were applied to identify the most important and efficient features from three datasets: KDD Cup-1999, BotIoT-2018, and N-BaIoT-2021. The fine-tuned LSVMs algorithm was then trained on subsets of the selected and full features of the datasets to detect various IoT botnet attacks. Evaluation results show that the IDS models trained with subsets of relevant features outperform those trained with the full feature sets of the datasets in terms of training and test performance and accuracy. The study concludes that it is possible to develop lightweight IDSs by training them with a reduced number of features (6) instead of using the full features (40, 15, 115) in KDD Cup-1999, BotIoT-2018, and N-BaIoT-2021, respectively. The findings highlight a potential for significantly improving the efficiency and accuracy of IDSs on IoT networks using the fine-tuned feature selectors and LSVMs.

computer science, information systems

R. Geetha,A. Jegatheesan,Rajesh Kumar Dhanaraj,K. Vijayalakshmi,Anand Nayyar,V. Arulkumar,J. Velmurugan,Rajendran Thavasimuthu

DOI: https://doi.org/10.1007/s11042-024-19617-7

IF: 2.577

2024-06-22

Multimedia Tools and Applications

Abstract:The Internet of Things (IoT) is one of the technologies that will be used all over the world in the future, and its security and privacy features are the primary concerns. However, the most critical limitation to overcome before the IoT's widespread use is addressing its security concerns. One of the most critical tasks to address the security problems posed by the IoT is the detection of network intrusions. Intrusion Detection Systems (IDS) for the IoT face substantial challenges because of the functional and physical diversity of the devices. In the rapidly growing IoT industry, the use of IDS is essential for ensuring security since many devices communicate efficiently. IDS are crucial for continual monitoring and responding to any security risks, ensuring the integrity and reliability of interconnected IoT networks. The primary objective of this research is to develop a feature-selection-based intrusion classification model. Therefore, we develop an IoT-IDS feature selection-based classification model to detect intrusions. We propose a metaheuristic algorithm, the Chaotic Vortex Search (CVS) algorithm, for feature selection. The Fast-Learning Network (FLN), an artificial neural network (ANN) model, is additionally proposed for classification. We use the IDS datasets, such as CIC IDS-2017 and BoT-IoT, to evaluate our research model. To test and validate the proposed model, extensive experiments were performed, and the outcomes stated that the CVS-FLN model achieved 99.77% accuracy, 99.92% specificity, 99.60% precision, 99.81% detection rate, and a 99.72% F1-score in the CIC IDS dataset, and 99.68% accuracy, 99.30% precision, 99.83% specificity, 99.11% detection rate, and a 99.21% F1-score in evaluating the BoT-IoT dataset.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Roy, Kaushik,Kelly, John,Olusola, Odeyomi

DOI: https://doi.org/10.1007/s43926-023-00034-5

2023-05-31

Discover Internet of Things

Abstract:Internet-of-Things (IoT) connects various physical objects through the Internet and it has a wide application, such as in transportation, military, healthcare, agriculture, and many more. Those applications are increasingly popular because they address real-time problems. In contrast, the use of transmission and communication protocols has raised serious security concerns for IoT devices, and traditional methods such as signature and rule-based methods are inefficient for securing these devices. Hence, identifying network traffic behavior and mitigating cyber attacks are important in IoT to provide guaranteed network security. Therefore, we develop an Intrusion Detection System (IDS) based on a deep learning model called Pearson-Correlation Coefficient - Convolutional Neural Networks (PCC-CNN) to detect network anomalies. The PCC-CNN model combines the important features obtained from the linear-based extractions followed by the Convolutional Neural Network. It performs a binary classification for anomaly detection and also a multiclass classification for various types of attacks. The model is evaluated on three publicly available datasets: NSL-KDD, CICIDS-2017, and IOTID20. We first train and test five different (Logistic Regression, Linear Discriminant Analysis, K Nearest Neighbour, Classification and Regression Tree,& Support Vector Machine) PCC-based Machine Learning models to evaluate the model performance. We achieve the best similar accuracy from the KNN and CART model of 98%, 99%, and 98%, respectively, on the three datasets. On the other hand, we achieve a promising performance with a better detection accuracy of 99.89% and with a low misclassification rate of 0.001 with our proposed PCC-CNN model. The integrated model is promising, with a misclassification rate (or False alarm rate) of 0.02, 0.02, and 0.00 with Binary and Multiclass intrusion detection classifiers. Finally, we compare and discuss our PCC-CNN model in comparison to five traditional PCC-ML models. Our proposed Deep Learning (DL)-based IDS outperforms traditional methods.

A. E. M. Eljialy,Mohammed Yousuf Uddin,Sultan Ahmad

DOI: https://doi.org/10.26599/tst.2023.9010032

2024-02-13

Tsinghua Science & Technology

Abstract:Intrusion detection systems (IDSs) are deployed to detect anomalies in real time. They classify a network's incoming traffic as benign or anomalous (attack). An efficient and robust IDS in software-defined networks is an inevitable component of network security. The main challenges of such an IDS are achieving zero or extremely low false positive rates and high detection rates. Internet of Things (IoT) networks run by using devices with minimal resources. This situation makes deploying traditional IDSs in IoT networks unfeasible. Machine learning (ML) techniques are extensively applied to build robust IDSs. Many researchers have utilized different ML methods and techniques to address the above challenges. The development of an efficient IDS starts with a good feature selection process to avoid overfitting the ML model. This work proposes a multiple feature selection process followed by classification. In this study, the Software-defined networking (SDN) dataset is used to train and test the proposed model. This model applies multiple feature selection techniques to select high-scoring features from a set of features. Highly relevant features for anomaly detection are selected on the basis of their scores to generate the candidate dataset. Multiple classification algorithms are applied to the candidate dataset to build models. The proposed model exhibits considerable improvement in the detection of attacks with high accuracy and low false positive rates, even with a few features selected.

computer science, information systems,engineering, electrical & electronic, software engineering

Mouaad Mohy-eddine,Azidine Guezzaz,Said Benkirane,Mourade Azrour

DOI: https://doi.org/10.1007/s10586-024-04334-5

2024-03-24

Cluster Computing

Abstract:The Internet of Things (IoT) tunes modern technologies, including wireless sensors and cloud computing, to create a homogeneous and highly effective environment. Therefore, IoT has emerged in various fields of life, such as healthcare, industry, and agriculture. Agriculture is among the primary components of developing nations' financial states and is vital in maintaining human life. However, the human capacity to reproduce far exceeds the capability of our planet to secure the food required for our lives. Hence, the emergence of IoT in this industry has seen essential advancements to help boost agriculture production and quality. In addition, this emergence exposes the smart agriculture environment to considerable cyber threats. This paper presents a network intrusion detection system (NIDS) to mitigate smart agriculture security vulnerabilities. We developed our framework using radial basis functions neural networks (RBFNN) to detect and classify intrusions in the IoT network. To get our model to perform in its best form, we applied crowd wisdom tree-based machine learning (ML) techniques to select relevant features from the datasets, such as random Forrest (RF), AdaBoost (ADA), extra trees (ET), LightGBM (LGBM), and XGBoost (XGB). We implemented a single-class support vector machine (1-CSVM) to detect and remove outliers. We evaluated our model using NF-Bot-IoT and NF-ToN-IoT datasets. It scored 99.25% accuracy (ACC) and 82.97% Matthews correlation coefficient (MCC) and 90.05% MCC and 96.92% ACC on preprocessed NF-Bot-IoT and NF-ToN-IoT, respectively. Our model showed outstanding performance in overcoming the NF-Bot-IoT dataset imbalance.

computer science, information systems, theory & methods

I. Sumaiya Thaseen,J. Saira Banu,K. Lavanya,Muhammad Rukunuddin Ghalib,Kumar Abhishek

DOI: https://doi.org/10.1002/ett.4014

IF: 3.6

2020-06-08

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Serious concerns regarding vulnerability and security have been raised as a result of the constant growth of computer networks. Intrusion detection systems (IDS) have been adopted by network administrators to provide essential network security. Commercial IDS in the market do not have the capability to identify novel attacks but generate false alarms for legitimate user activities. Neural networks can be applied for the solution of these issues and for providing improved accuracy. Correlation‐based attribute selection ranks the features according to the highest correlation between the attributes and class label. In this article, the authors propose a correlation‐based feature selection integrated with neural network for identifying anomalies. Experimental analysis performed on NSL‐KDD and UNSW‐NB datasets, which are benchmark datasets of intrusion detection with current attacks. The results show that the proposed model is superior in terms of accuracy, sensitivity, and specificity in comparison with some of the state‐of‐the‐art techniques. With the emergence of the Internet of Things Technology, such IDS can be deployed for securing the IoT servers in future. Wireless payment systems can be secured by building and deploying IDS. A secure integrated network management can be achieved which is error‐free and thereby improving performance.</p>

telecommunications

Joseph Bamidele Awotunde,Chinmay Chakraborty,Abidemi Emmanuel Adeniyi

DOI: https://doi.org/10.1155/2021/7154587

2021-09-02

Wireless Communications and Mobile Computing

Abstract:The Industrial Internet of Things (IIoT) is a recent research area that links digital equipment and services to physical systems. The IIoT has been used to generate large quantities of data from multiple sensors, and the device has encountered several issues. The IIoT has faced various forms of cyberattacks that jeopardize its capacity to supply organizations with seamless operations. Such risks result in financial and reputational damages for businesses, as well as the theft of sensitive information. Hence, several Network Intrusion Detection Systems (NIDSs) have been developed to fight and protect IIoT systems, but the collections of information that can be used in the development of an intelligent NIDS are a difficult task; thus, there are serious challenges in detecting existing and new attacks. Therefore, the study provides a deep learning-based intrusion detection paradigm for IIoT with hybrid rule-based feature selection to train and verify information captured from TCP/IP packets. The training process was implemented using a hybrid rule-based feature selection and deep feedforward neural network model. The proposed scheme was tested utilizing two well-known network datasets, NSL-KDD and UNSW-NB15. The suggested method beats other relevant methods in terms of accuracy, detection rate, and FPR by 99.0%, 99.0%, and 1.0%, respectively, for the NSL-KDD dataset, and 98.9%, 99.9%, and 1.1%, respectively, for the UNSW-NB15 dataset, according to the results of the performance comparison. Finally, simulation experiments using various evaluation metrics revealed that the suggested method is appropriate for IIOT intrusion network attack classification.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ayman I. Madbouly,Amr M. Gody,Tamer M. Barakat

DOI: https://doi.org/10.14445/22315381/IJETT-V9P296

2014-03-30

Abstract:Network intrusions have become a significant threat in recent years as a result of the increased demand of computer networks for critical systems. Intrusion detection system (IDS) has been widely deployed as a defense measure for computer networks. Features extracted from network traffic can be used as sign to detect anomalies. However with the huge amount of network traffic, collected data contains irrelevant and redundant features that affect the detection rate of the IDS, consumes high amount of system resources, and slowdown the training and testing process of the IDS. In this paper, a new feature selection model is proposed; this model can effectively select the most relevant features for intrusion detection. Our goal is to build a lightweight intrusion detection system by using a reduced features set. Deleting irrelevant and redundant features helps to build a faster training and testing process, to have less resource consumption as well as to maintain high detection rates. The effectiveness and the feasibility of our feature selection model were verified by several experiments on KDD intrusion detection dataset. The experimental results strongly showed that our model is not only able to yield high detection rates but also to speed up the detection process.

Cryptography and Security,Machine Learning

Yakub Kayode Saheed,Oluwadamilare Harazeem Abdulganiyu,Taha Ait Tchakoucht

DOI: https://doi.org/10.1016/j.asoc.2024.111434

IF: 8.7

2024-02-01

Applied Soft Computing

Abstract:The emergence of smart cities is an example of how new technologies, such as the Internet of Things (IoT), have facilitated the creation of extensive interconnected and intelligent ecosystems. The widespread deployment of IoT devices has enabled the provision of constant environmental feedback, thereby facilitating the automated adaptation of associated systems. This has brought about a fundamental transformation in the way contemporary society functions. The security of emerging technologies such as IoT has become a significant challenge due to the added complexities, misconfigurations, and conflicts between modern and legacy systems. This challenge has a notable impact on the reliability and accessibility of existing infrastructure. Edge computing (EC) is a collaborative computing system that brings data processing and analysis closer to the edge of the network, where the data is generated, rather than in a centralized cloud environment. The utilization of the IoT has become more prevalent in both everyday life and the manufacturing sector, with a particular emphasis on critical infrastructure. The IoT is presently being utilized across diverse domains, including but not limited to industrial, agricultural, healthcare, and logistical sectors. The security of IoT networks has implications for the safety of individuals, the security of the nation, and economic development. Notwithstanding, conventional intrusion detection techniques that rely on centralized cloud-based systems that have been suggested in previous studies for IoT network security are insufficient to meet the requirements for data confidentiality, network capacity, and prompt responsiveness. In addition, the integration of IoT applications into smart devices has been shown to augment their functionalities. However, it is important to note that this integration also brings about potential security vulnerabilities. Furthermore, a significant number of contemporary IoT devices exhibit restricted security capabilities, rendering them vulnerable to intricate attacks and impeding the extensive integration of IoT technologies. Also, a lot of IoT network devices have been put in place that don&#x27;t have hardware security measures. This means that traditional intrusion detection systems (IDS) aren&#x27;t enough to protect the IoT network ecosystem. To address these issues, this research suggests the IoT-Defender framework, which combines a Modified Genetic Algorithm (MGA) model with a deep Long Short-Term Memory (LSTM) network to find cyberattacks in IoT networks. This research represents a pioneering attempt to employ the MGA for feature selection and the GA for fine-tuning the LSTM parameters within an EC framework. The parameters of the LSTM model were fine-tuned through the manipulation of the number of hidden layers, utilizing the GA fitness function. The customization of the MGA aimed to enhance its performance in selecting relevant features, optimizing the use of limited resources on IoT devices and edge nodes. The fine-tuning process involved optimizing hyperparameters, architecture, and training strategies to maximize the LSTM network&#x27;s effectiveness in learning and detecting patterns in IoT network traffic. The synergy between the MGA and LSTM aimed at creating a comprehensive and efficient IDS. The feature selection by the MGA contributes to improving the LSTM’s performance by providing it with more relevant and discriminating features. In order to solve the issue of class imbalance, we utilize the focal loss function, which provides greater weights to minority classes, hence improving the model’s capacity to learn from those particular classes. The performance of the IoT-Defender model was assessed on the BoT-IoT, UNSW-NB15, and N-BaIoT datasets utilizing a Raspberry Pi IoT device. The results of our study show that the IoT-Defender model works better than other methods. This is shown by its accuracy score of 99.41%, detection rate of 99.78%, precision score of 98.50%, false alarm rate of 2.56%, mean intersection over union (mIoU) of 0.68, and training time of 81.3 seconds on BoT-IoT. The proposed IoT model is designed to be lightweight and can be installed on edge servers to detect cyber-attacks in real-time, specifically in the context of IoT security.

computer science, artificial intelligence, interdisciplinary applications

Vijay Prakash Sharma,Narendra Singh Yadav,Sundar Suhrith Adavi,D. Sikha Datta Reddy,Brij B. Gupta

DOI: https://doi.org/10.47974/jdmsc-1737

2023-01-01

Abstract:Today, almost 90% of the technology in usage is linked with IoT (Internet of Things). which brings the question, what is IoT? Internet of things is a system of co-related computers, electronic devices, and objects. IoT essentially controls almost every online service which we avail without human -to-human interaction. An IDS is a hardware or software system that automatically monitors, identifies, and alerts a computer or network against attacks and intrusions. The proposed hybrid model makes use of genetic algorithm with UNSW NB-15 dataset which contains multiple classes of attack to provide a huge variety of attacks which will help to simulate different kinds of attack which will help train the model better. We have used CNN and LSTM model for extracting features. By detecting the attacks quickly, we can identify potential intruders and limit the damage. Feature selection and classification have been performed using Generic algorithm. This hybrid model helps to check whether the alert is an attack or not, if yes what kind of attack is it. the proposed Hybrid model works better than a conventional intrusion detection system, we got 99.38% accuracy from this model.

Afrah Gueriani,Hamza Kheddar,Ahmed Cherif Mazari

2024-05-29

Abstract:Protecting Internet of things (IoT) devices against cyber attacks is imperative owing to inherent security vulnerabilities. These vulnerabilities can include a spectrum of sophisticated attacks that pose significant damage to both individuals and organizations. Employing robust security measures like intrusion detection systems (IDSs) is essential to solve these problems and protect IoT systems from such attacks. In this context, our proposed IDS model consists on a combination of convolutional neural network (CNN) and long short-term memory (LSTM) deep learning (DL) models. This fusion facilitates the detection and classification of IoT traffic into binary categories, benign and malicious activities by leveraging the spatial feature extraction capabilities of CNN for pattern recognition and the sequential memory retention of LSTM for discerning complex temporal dependencies in achieving enhanced accuracy and efficiency. In assessing the performance of our proposed model, the authors employed the new CICIoT2023 dataset for both training and final testing, while further validating the model's performance through a conclusive testing phase utilizing the CICIDS2017 dataset. Our proposed model achieves an accuracy rate of 98.42%, accompanied by a minimal loss of 0.0275. False positive rate(FPR) is equally important, reaching 9.17% with an F1-score of 98.57%. These results demonstrate the effectiveness of our proposed CNN-LSTM IDS model in fortifying IoT environments against potential cyber threats.

Cryptography and Security,Artificial Intelligence