Amrik Singh -,Sukhpreet Singh -,Mohammad Nazmul Alam -,Gurpreet Singh -

DOI: https://doi.org/10.36948/ijfmr.2024.v06i04.24601

2024-07-14

International Journal For Multidisciplinary Research

Abstract:The proliferation of Internet of Things (IoT) devices has revolutionized various sectors by enabling real-time data collection and processing, leading to unprecedented levels of efficiency and convenience. However, this increased connectivity and data flow also introduce significant security risks, particularly in the realm of anomaly detection. This study delves into the use of deep learning techniques for identifying abnormalities in IoT systems, providing a thorough analysis of state-of-the-art methods, assessing their effectiveness across different IoT scenarios, and exploring future research directions. We review current deep learning-based anomaly detection techniques, examine their applications in real-world settings, and discuss potential improvements and innovations. By synthesizing the latest research and developments, this paper aims to offer a comprehensive understanding of how deep learning can bolster the security and performance of IoT systems. Our findings highlight the importance of robust anomaly detection mechanisms in safeguarding IoT networks and underscore the need for continued advancements in this area. Through this study, we seek to contribute valuable insights into the application of deep learning for enhancing IoT system security and reliability, ultimately supporting the sustainable growth and integration of IoT technologies across various domains.

Ishaani Priyadarshini

DOI: https://doi.org/10.3390/bdcc8030021

2024-02-22

Big Data and Cognitive Computing

Abstract:The swift proliferation of the Internet of Things (IoT) devices in smart city infrastructures has created an urgent demand for robust cybersecurity measures. These devices are susceptible to various cyberattacks that can jeopardize the security and functionality of urban systems. This research presents an innovative approach to identifying anomalies caused by IoT cyberattacks in smart cities. The proposed method harnesses federated and split learning and addresses the dual challenge of enhancing IoT network security while preserving data privacy. This study conducts extensive experiments using authentic datasets from smart cities. To compare the performance of classical machine learning algorithms and deep learning models for detecting anomalies, model effectiveness is assessed using precision, recall, F-1 score, accuracy, and training/deployment time. The findings demonstrate that federated learning and split learning have the potential to balance data privacy concerns with competitive performance, providing robust solutions for detecting IoT cyberattacks. This study contributes to the ongoing discussion about securing IoT deployments in urban settings. It lays the groundwork for scalable and privacy-conscious cybersecurity strategies. The results underscore the vital role of these techniques in fortifying smart cities and promoting the development of adaptable and resilient cybersecurity measures in the IoT era.

Joseph Rose,Matthew Swann,Gueltoum Bendiab,Stavros Shiaeles,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/NetSoft51509.2021.9492685

2021-09-06

Abstract:The rapid increase in the use of IoT devices brings many benefits to the digital society, ranging from improved efficiency to higher productivity. However, the limited resources and the open nature of these devices make them vulnerable to various cyber threats. A single compromised device can have an impact on the whole network and lead to major security and physical damages. This paper explores the potential of using network profiling and machine learning to secure IoT against cyber-attacks. The proposed anomaly-based intrusion detection solution dynamically and actively profiles and monitors all networked devices for the detection of IoT device tampering attempts as well as suspicious network transactions. Any deviation from the defined profile is considered to be an attack and is subject to further analysis. Raw traffic is also passed on to the machine learning classifier for examination and identification of potential attacks. Performance assessment of the proposed methodology is conducted on the Cyber-Trust testbed using normal and malicious network traffic. The experimental results show that the proposed anomaly detection system delivers promising results with an overall accuracy of 98.35% and 0.98% of false-positive alarms.

Cryptography and Security,Artificial Intelligence

Piyush Piyush,,,,,,,Akhilesh A. Waoo,Murlidhar Prasad Singh,Piyush Kumar Pareek,Shoaib Kamal,Shraddha V. Pandit

DOI: https://doi.org/10.54216/jisiot.120215

2024-01-01

Journal of Intelligent Systems and Internet of Things

Abstract:This research introduces an algorithmic framework for enhancing the security of Internet of Things (IoT) networks. The Enhanced Anomaly Detection (EAD) algorithm initiates the process by detecting anomalies in real-time IoT data, serving as the foundational layer. The Behavior Analysis for Profiling (BAP) algorithm builds upon EAD, adding behavior analysis for profiling and adaptive identification of abnormal behavior. Signature-Based Detection (SBD) involves pre-identified attack signatures, which supports detection of known attacks and provides proactive defense measures against documented threats. The MLID, or the Machine Learning-Based Intrusion Detection, algorithm uses trained machine learning models in order to detect anomalies and the adaptability to changing security risks. The Real-Time Threat Intelligence Integration (RTI) algorithm integrates updated threat intelligence feeds, which improves the framework's responsiveness to emerging threats. The visual representations illustrate once again the idea of the new framework being very accurate at intergration, applicability, and overal security effectiveness. The research makes a standard solution which proves to be a smart and responsive way guarding the IoT networks reducing and even fighting known and potential threats in a real-time mode.

Chandra Prabha Kaliappan,Kanmani Palaniappan,Devipriya Ananthavadivel,Ushasukhanya Subramanian

DOI: https://doi.org/10.1007/s12083-024-01684-0

IF: 3.488

2024-06-02

Peer-to-Peer Networking and Applications

Abstract:Over the years, the Internet of Things (IoT) devices have shown rapid proliferation and development in various domains. However, the widespread adoption of smart devices significantly ameliorates the possibility of several security challenges. To address these challenges, this research presents an advanced AI-enhanced trust framework for IoT Intrusion detection to safeguard IoT environments from any potential intrusion attempts. The proposed framework integrates cutting-edge AI techniques for intrusion detection which identifies the anomalies based on the device behavior and responds dynamically to emerging threats. Initially, a robust Intrusion Detection System (IDS) is developed based on an Isolation Forest (IF) algorithm and Autoencoders (AE) to promptly identify anomalies in real-time. Then, behavioral Modeling is performed by employing Long Short-Term Memory (LSTM) and Convolutional Neural Networks (CNNs) for precise behavioral understanding of IoT devices. Additionally, the Bayesian Network is used to perform adaptive trust assessment and the Reinforcement Learning based Proximal Policy Optimization (PPO) for providing dynamic responses to the detected anomalies. The proposed framework is practically implemented and evaluated using IoTID20 and N-BaIoT datasets, and compared with baseline intrusion detection methods including, CNN-TSODE, cuLSTMGRU, ELETL-IDS, Fed-Inforce-Fusion, and Conv-LSTM. The results demonstrate that the proposed framework achieves high efficiency and outperformed other baseline methods by obtaining a detection accuracy of 98.25%, recall of 96.8%, and precision of 97.45%. Overall, the proposed AI-Enhanced Trust Framework offers a promising solution by identifying the intrusion endeavors effectively and contributing toward the attainment of secure and trustworthy IoT ecosystems.

computer science, information systems,telecommunications

Abebe Diro,Naveen Chilamkurti,Van-Doan Nguyen,Will Heyne

DOI: https://doi.org/10.3390/s21248320

IF: 3.9

2021-12-13

Sensors

Abstract:The Internet of Things (IoT) consists of a massive number of smart devices capable of data collection, storage, processing, and communication. The adoption of the IoT has brought about tremendous innovation opportunities in industries, homes, the environment, and businesses. However, the inherent vulnerabilities of the IoT have sparked concerns for wide adoption and applications. Unlike traditional information technology (I.T.) systems, the IoT environment is challenging to secure due to resource constraints, heterogeneity, and distributed nature of the smart devices. This makes it impossible to apply host-based prevention mechanisms such as anti-malware and anti-virus. These challenges and the nature of IoT applications call for a monitoring system such as anomaly detection both at device and network levels beyond the organisational boundary. This suggests an anomaly detection system is strongly positioned to secure IoT devices better than any other security mechanism. In this paper, we aim to provide an in-depth review of existing works in developing anomaly detection solutions using machine learning for protecting an IoT system. We also indicate that blockchain-based anomaly detection systems can collaboratively learn effective machine learning models to detect anomalies.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Michael Raj.TF,Moorthy Agoramoorthy,G.Ramesh,D.Sujatha,Ahamed Ali

DOI: https://doi.org/10.1109/ICCSAI59793.2023.10421539

2023-11-23

Abstract:The Internet of Things (IoT) gadgets have completely transformed a number of different businesses by producing enormous amounts of data. A machine learning framework for real-time Internet of Things anomaly detection and self-repair is presented in this research for the first time. Incorporating data preparation, anomaly detection, and selfrepair are all components of the framework. Through the use of data preparation module normalization and dimensionality reduction, Internet of Things data analysis can be improved. Through the utilization of deep neural networks, support vector machines, and several other machine learning models that have been trained on previous data, abnormal behavior can be identified. The reliability of ensemble approaches is increased. The self-repair module is responsible for automatically repairing abnormalities by resetting the settings of the device, upgrading the firmware, and applying patches. Device disruptions are reduced to a minimum by validation. Within the context of smart home and industrial automation tests, events were identified with a high degree of precision and a low percentage of false positives. Because it automatically fixes problems, the self-repair module makes the Internet of Things ecosystem better.

Computer Science,Engineering

Mohd Ahsan Siddiqui,C. Rama Krishna,Mala Kalra

DOI: https://doi.org/10.1007/s10586-024-04461-z

2024-05-02

Cluster Computing

Abstract:Addressing the contemporary complexity inherent in anomaly detection within heterogeneous systems is paramount. This paper presents a novel methodology tailored to pinpoint appliance anomalies within the framework of Internet of Things (IoT) technology. By amalgamating the capabilities of IoT and Machine Learning (ML), this approach not only heightens the precision and dependability of anomaly detection but also serves as a practical solution for industrial applications. To better align with the current industrial landscape, we emphasize the practical implications of our work. Our methodology is designed to cater specifically to industrial needs, offering a solution that can be seamlessly integrated into existing systems, thereby enhancing operational efficiency and reliability. The core of our approach lies in employing a hybrid method, utilizing both the Facebook Prophet and Isolation Forest ML algorithms for robust and intelligent anomaly detection. This dual-layered strategy, integrating forecasting and classification objectives, ensures a comprehensive approach to anomaly detection tailored for industrial settings. Evaluation of our methodology involves rigorous testing against real-time and emulated datasets, as well as comparison with existing methods. MSE has also been calculated using DT, RF, SVM, NB and Logistic supervised regressor. The Facebook Prophet model's accuracy, assessed using Root Mean Squared Error (RMSE), demonstrates its proficiency in forecasting values closely aligned with reference data points. Meanwhile, the IForest Unsupervised ML model excels in identifying anomalies, achieving high accuracy rates across various contamination levels. Through meticulous cross-validation, our proposed method exhibits significant accuracy, with rates of 93.60% and 95.72% on real-time and emulated datasets, respectively. The hybrid model (Fbprophet + iforest) has an average accuracy of 96.35% on (real-time + emulated). These results underscore the efficacy and reliability of our approach in industrial anomaly detection scenarios. In summary, by addressing the present-day challenges in anomaly detection and offering a tailored solution for industrial applications, our methodology stands poised to significantly enhance the efficiency and reliability of systems operating in diverse industrial contexts.

computer science, information systems, theory & methods

Et al. Vaishali V. Raje

DOI: https://doi.org/10.52783/jes.700

2024-01-25

Abstract:Healthcare IoT, a fast-growing field, could revolutionize patient monitoring and intervention. This interconnection raises new security concerns, requiring real-time anomaly detection to protect patient data and device integrity. This study presents a novel security framework that uses combination of Hidden Markov Models (HMM) and Support Vector Machine (SVM) to detect anomalies in real-time healthcare IoT environments with high accuracy. The framework prioritizes real-time strength and efficiency. Sensor data from wearables, medical devices, and other IoT devices is carefully segmented into time intervals. Features are carefully derived from each segment, including statistical summaries, patterns, and frequency domain characteristics. Feature engineering is essential for accurate anomaly detection. Integrating HMM and SVM capabilities is the framework’s core. HMM accurately represent concealed states within divided data sequences and analyze patterns of change over time. After that, an independent-trained SVM examines each state. Using proximity to a decision hyperplane in feature space, this SVM can classify data points as normal or anomalous. This method augments HMM temporal capabilities with SVM classification efficiency, increasing sensitivity to anomalous patterns and reducing false positives. The framework’s exceptional performance is shown by extensive evaluations on the PhysioNet Challenge 2017 dataset, which includes diverse ECG recordings with labeled anomalies. HMM-SVM outperforms Naive Bayes, LSTM, and Random Forest with 98.66% accuracy. The framework also has high precision, recall, and F1-score, indicating a refined ability to detect real anomalies and reduce false alarms. The framework prioritizes real-time understanding and application alongside its remarkable precision. HMM-SVMs reveal hidden data state changes, revealing context and possible causes of anomalies. Modular design and efficient algorithms enable seamless integration of real-time functionality in low-resource IoT devices, enabling quick and effective security responses. To conclude, this study introduces an HMM-SVM framework for fast Healthcare IoT abnormality detection. The framework emphasizes comprehensibility and real-time applicability while achieving high accuracy. This framework can protect patient data, improve device security, and create a more reliable healthcare IoT ecosystem.

Arunan Sivanathan

DOI: https://doi.org/10.48550/arXiv.2001.10632

2020-01-29

Abstract:Smart homes, enterprises, and cities are increasingly being equipped with a plethora of Internet of Things (IoT), ranging from smart-lights to security cameras. While IoT networks have the potential to benefit our lives, they create privacy and security challenges not seen with traditional IT networks. Due to the lack of visibility, operators of such smart environments are not often aware of their IoT assets, let alone whether each IoT device is functioning properly safe from cyber-attacks. This thesis is the culmination of our efforts to develop techniques to profile the network behavioral pattern of IoTs, automate IoT classification, deduce their operating context, and detect anomalous behavior indicative of cyber-attacks. We begin this thesis by surveying IoT ecosystem, while reviewing current approaches to vulnerability assessments, intrusion detection, and behavioral monitoring. For our first contribution, we collect traffic traces and characterize the network behavior of IoT devices via attributes from traffic patterns. We develop a robust machine learning-based inference engine trained with these attributes and demonstrate real-time classification of 28 IoT devices with over 99% accuracy. Our second contribution enhances the classification by reducing the cost of attribute extraction while also identifying IoT device states. Prototype implementation and evaluation demonstrate the ability of our supervised machine learning method to detect behavioral changes for five IoT devices. Our third and final contribution develops a modularized unsupervised inference engine that dynamically accommodates the addition of new IoT devices and/or updates to existing ones, without requiring system-wide retraining of the model. We demonstrate via experiments that our model can automatically detect attacks and firmware changes in ten IoT devices with over 94% accuracy.

Networking and Internet Architecture,Cryptography and Security,Machine Learning

V. Kantharaju,H. Suresh,M. Niranjanamurthy,Syed Immamul Ansarullah,Farhan Amin,Amerah Alabrah

DOI: https://doi.org/10.1038/s41598-024-81535-3

IF: 4.6

2024-12-06

Scientific Reports

Abstract:The Internet of Things (IoT) consist of a network of interconnected nodes constantly communicating, exchanging, and transferring data over various network protocols. Intrusion detection systems using deep learning are a common method used for providing security in IoT. However, traditional deep learning IDS systems do not accurately classify the attack and also require high computation time. Thus, to solve this issue, herein, we propose an advance Intrusion detection framework using Self-Attention Progressive Generative Adversarial Network (SAPGAN) framework for detecting security threats in IoT networks. In our proposed framework, at first, the IoT data are gathered. Then, the data are fed to pre-processing. In pre-processing, it restored the missing value using Local least squares. Then the preprocessing output is fed to feature selection. At feature selection, the optimum features are compiled using a modified War Strategy Optimization Algorithm (WSOA). Based upon the optimum features, the intruders were categorized into two categories named Anomaly and Normal using the proposed framework. Numerous attacks are assembled, including camera-based flood, DDoS, RTSP brute force, etc. We have compared our proposed framework using state of the art model and efficiency of 23.19%, 27.55%, and 18.35% higher accuracy and 14.46%, 26.76%, and 13.65% lower computational time compared to traditional models.

multidisciplinary sciences

Saida Hafsa Rafique,Amira Abdallah,Nura Shifa Musa,Thangavel Murugan

DOI: https://doi.org/10.3390/s24061968

IF: 3.9

2024-03-21

Sensors

Abstract:With its exponential growth, the Internet of Things (IoT) has produced unprecedented levels of connectivity and data. Anomaly detection is a security feature that identifies instances in which system behavior deviates from the expected norm, facilitating the prompt identification and resolution of anomalies. When AI and the IoT are combined, anomaly detection becomes more effective, enhancing the reliability, efficacy, and integrity of IoT systems. AI-based anomaly detection systems are capable of identifying a wide range of threats in IoT environments, including brute force, buffer overflow, injection, replay attacks, DDoS assault, SQL injection, and back-door exploits. Intelligent Intrusion Detection Systems (IDSs) are imperative in IoT devices, which help detect anomalies or intrusions in a network, as the IoT is increasingly employed in several industries but possesses a large attack surface which presents more entry points for attackers. This study reviews the literature on anomaly detection in IoT infrastructure using machine learning and deep learning. This paper discusses the challenges in detecting intrusions and anomalies in IoT systems, highlighting the increasing number of attacks. It reviews recent work on machine learning and deep-learning anomaly detection schemes for IoT networks, summarizing the available literature. From this survey, it is concluded that further development of current systems is needed by using varied datasets, real-time testing, and making the systems scalable.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Amruta V. Pandit,Dipannita Mondal

DOI: https://doi.org/10.52710/rjcse.82

2023-12-31

Abstract:IoT devices' constrained processing capabilities and malware's changing nature make traditional signature-based methods for malware detection ineffective. The focus of our suggested approach, in contrast, is on real-time analysis of IoT device behaviour patterns to find anomalies that might be signs of malicious activity. We can spot differences from typical behaviour on devices by continuously observing how they behave. These differences could indicate the existence of malware. We use deep neural networks to handle and analyse the enormous quantity of data produced by IoT devices in order to do this. Specifically, we use recurrent neural networks (RNNs) and convolutional neural networks (CNNs). These neural networks learn the anticipated behaviours of various IoT devices and their applications through training on historical data. They quickly detect unexpected behaviours that can be a sign of malware infestations or other harmful actions by comparing incoming data streams to these learned patterns in real-time. By reaching high detection rates while preserving low false-positive rates, our experimental results show the efficiency of the suggested approach. We can greatly improve the security posture of IoT devices or gateways by integrating this real-time malware detection technology into them, defending against new attacks in the ever-changing IoT landscape. By protecting the privacy and integrity of IoT-enabled environments, our research will help to mitigate the escalating cybersecurity challenges faced by IoT devices.

Hani Alshahrani,Attiya Khan,Muhammad Rizwan,Mana Saleh Al Reshan,Adel Sulaiman,Asadullah Shaikh

DOI: https://doi.org/10.3390/su15119001

IF: 3.9

2023-06-03

Sustainability

Abstract:The Industrial Internet of Things (IIoT) refers to the employment of the Internet of Things in industrial management, where a substantial number of machines and devices are linked and synchronized with the help of software programs and third platforms to improve the overall productivity. The acquisition of the industrial IoT provides benefits that range from automation and optimization to eliminating manual processes and improving overall efficiencies, but security remains to be forethought. The absence of reliable security mechanisms and the magnitude of security features are significant obstacles to enhancing IIoT security. Over the last few years, alarming attacks have been witnessed utilizing the vulnerabilities of the IIoT network devices. Moreover, the attackers can also sink deep into the network by using the relationships amidst the vulnerabilities. Such network security threats cause industries and businesses to suffer financial losses, reputational damage, and theft of important information. This paper proposes an SDN-based framework using machine learning techniques for intrusion detection in an industrial IoT environment. SDN is an approach that enables the network to be centrally and intelligently controlled through software applications. In our framework, the SDN controller employs a machine-learning algorithm to monitor the behavior of industrial IoT devices and networks by analyzing traffic flow data and ultimately determining the flow rules for SDN switches. We use SVM and Decision Tree classification models to analyze our framework's network intrusion and attack detection performance. The results indicate that the proposed framework can detect attacks in industrial IoT networks and devices with an accuracy of 99.7%.

environmental sciences,environmental studies,green & sustainable science & technology

Hao Xu,Zihan Sun,Yuan Cao,Hazrat Bilal

DOI: https://doi.org/10.1007/s00500-023-09037-4

IF: 3.732

2023-07-29

Soft Computing

Abstract:Cyber-attacks and network intrusion have surfaced as major concerns for modern days applications of the Internet of Things (IoT). The existing intrusion detection and prevention techniques have a wide range of limitations and thus are unable to precisely detect any type of attack or anomaly within the network traffic. Many machine learning-based algorithms have also been presented by the researchers, which lack performance in terms of classification accuracy, or in terms of multi-class classification. This research presents a data-driven approach for intrusion and anomaly detection, where the data is processed and filtered using different algorithms. The quality of the training dataset is improved by using Synthetic Minority Oversampling Technique (SMOTE) algorithm and mutual information. Automated machine learning is also used to detect the algorithm with auto-tuned hyper-parameters that best suit to classify the data. This technique not only saves the computational cost to test the data at run-time but also provides an optimal algorithm without the need to run calculations to tune hyper-parameters, manually. The resultant algorithm solves a multi-class classification problem with an accuracy of 99.7%, outperforming the existing algorithms by a decent margin.

computer science, artificial intelligence, interdisciplinary applications

P. Malini,K.R. Kavitha,Dr. K.R. Kavitha

DOI: https://doi.org/10.1016/j.cose.2024.103818

IF: 5.105

2024-03-29

Computers & Security

Abstract:In recent years, the development of Internet of Things (IoT) applications has increased, resulting in higher demands for sufficient bandwidth, data rates, latency, and quality of service (QoS). In advanced communications, managing network resources for allocating IoT services and identifying the exact IoT devices connected to a network is a major concern. The existing studies have introduced various methods for classifying IoT devices in a network. However, the previous studies faced challenges like limited attributes, low efficiency, inappropriate features, and computational complexities. Also, the existing studies failed to concentrate on IoT/Non-IoT classification along with attack detection. Detecting attacks on IoT devices is critical for making network services more effective. Thus, the proposed study introduces an efficient IoT device classification and attack detection mechanism using Software Defined Networking (SDN)-enabled Fiber-Wireless Access Networks Internet of Things (FiWi IoT) architecture. Initially, an effective resource allocation process is performed to mitigate the delay constraint issues by introducing a hybrid parallel neural network-based dynamic bandwidth allocation (DBA) method. Then, the input traffic information is gathered from the resource-efficient SDN-enabled FiWi IoT network, and the input data is pre-processed to eliminate unwanted noises using min-max normalization and standardization. Next, the essential attributes are extracted to attain enhanced classification performance. To reduce the feature dimensionality problem and thereby solve complexity issues, the most optimal features are selected by a new Chaotic Seagull Optimization (CSO) approach. After that, IoT/non-IoT classification is performed using a transformer-driven deep intelligent model. Finally, the attacks are detected and classified by introducing a novel Slice Attention-based Deep Capsule Autoencoder (SA_DCAE) model. For experimentation, the Python 3.7.0 tool is used in this work, and the performance of proposed classifiers is measured by evaluating varied matrices. Also, the comparison analysis proves the superiority of the proposed techniques to other existing methods.

computer science, information systems

Sapna Sadhwani,Urvi Kavan Modi,Raja Muthalagu,Pranav M Pawar,Pranav M. Pawar

DOI: https://doi.org/10.1109/access.2024.3371996

IF: 3.9

2024-03-12

IEEE Access

Abstract:While the Internet of Things (IoT) paradigm has transformed connectivity, it has also brought with it previously unheard-of security risks. The categorization of IoT attacks using several machine learning techniques and a deep learning method is the main emphasis of this research. In addition to proposing a binary and multiclass classification framework with Machine Learning (ML) algorithms like Random Forest (RF), Decision tree (DT), Extra Tree Classifier (ETC), Support Vector Machine (SVM), and k-Nearest Neighbor (KNN) and Deep Learning (DL) architectures like Deep Neural Network (DNN), the study assesses a wide range of attack types in IoT environments. Benchmark datasets with real-world IoT attack scenarios, such as Edge-IIoTset, are used for experimentation. Preprocessing is done on the dataset using Principal Componenet Analysis (PCA) for feature selection, Synthetic Minority Oversampling Technique to handle class imbalance and Standard Scaling for feature scaling. These approaches' comparative performance and efficacy are examined. The outcomes indicate how successful the DL model in managing intricate attack patterns and the generalization capabilities of ML algorithms across various attack classes. The DNN model yields the best results, with 100% accuracy for binary classification, 96.15% accuracy for 6-class classification, and 94.68% accuracy for 15-class classification. Further, 10-fold cross validation has been applied to make sure that the model does not overfit. This work contributes to the improvement of IoT security mechanisms by offering insights into the selection of appropriate approaches for binary and multiclass classification of threats.

computer science, information systems,telecommunications,engineering, electrical & electronic

Muhammad Aslam,Dengpan Ye,Aqil Tariq,Muhammad Asad,Muhammad Hanif,David Ndzi,Samia Allaoua Chelloug,Mohamed Abd Elaziz,Mohammed A A Al-Qaness,Syeda Fizzah Jilani

DOI: https://doi.org/10.3390/s22072697

2022-03-31

Abstract:The development of smart network infrastructure of the Internet of Things (IoT) faces the immense threat of sophisticated Distributed Denial-of-Services (DDoS) security attacks. The existing network security solutions of enterprise networks are significantly expensive and unscalable for IoT. The integration of recently developed Software Defined Networking (SDN) reduces a significant amount of computational overhead for IoT network devices and enables additional security measurements. At the prelude stage of SDN-enabled IoT network infrastructure, the sampling based security approach currently results in low accuracy and low DDoS attack detection. In this paper, we propose an Adaptive Machine Learning based SDN-enabled Distributed Denial-of-Services attacks Detection and Mitigation (AMLSDM) framework. The proposed AMLSDM framework develops an SDN-enabled security mechanism for IoT devices with the support of an adaptive machine learning classification model to achieve the successful detection and mitigation of DDoS attacks. The proposed framework utilizes machine learning algorithms in an adaptive multilayered feed-forwarding scheme to successfully detect the DDoS attacks by examining the static features of the inspected network traffic. In the proposed adaptive multilayered feed-forwarding framework, the first layer utilizes Support Vector Machine (SVM), Naive Bayes (NB), Random Forest (RF), k-Nearest Neighbor (kNN), and Logistic Regression (LR) classifiers to build a model for detecting DDoS attacks from the training and testing environment-specific datasets. The output of the first layer passes to an Ensemble Voting (EV) algorithm, which accumulates the performance of the first layer classifiers. In the third layer, the adaptive frameworks measures the real-time live network traffic to detect the DDoS attacks in the network traffic. The proposed framework utilizes a remote SDN controller to mitigate the detected DDoS attacks over Open Flow (OF) switches and reconfigures the network resources for legitimate network hosts. The experimental results show the better performance of the proposed framework as compared to existing state-of-the art solutions in terms of higher accuracy of DDoS detection and low false alarm rate.

Esra Altulaihan,Mohammed Amin Almaiah,Ahmed Aljughaiman

DOI: https://doi.org/10.3390/s24020713

IF: 3.9

2024-01-23

Sensors

Abstract:Widespread and ever-increasing cybersecurity attacks against Internet of Things (IoT) systems are causing a wide range of problems for individuals and organizations. The IoT is self-configuring and open, making it vulnerable to insider and outsider attacks. In the IoT, devices are designed to self-configure, enabling them to connect to networks autonomously without extensive manual configuration. By using various protocols, technologies, and automated processes, self-configuring IoT devices are able to seamlessly connect to networks, discover services, and adapt their configurations without requiring manual intervention or setup. Users' security and privacy may be compromised by attackers seeking to obtain access to their personal information, create monetary losses, and spy on them. A Denial of Service (DoS) attack is one of the most devastating attacks against IoT systems because it prevents legitimate users from accessing services. A cyberattack of this type can significantly damage IoT services and smart environment applications in an IoT network. As a result, securing IoT systems has become an increasingly significant concern. Therefore, in this study, we propose an IDS defense mechanism to improve the security of IoT networks against DoS attacks using anomaly detection and machine learning (ML). Anomaly detection is used in the proposed IDS to continuously monitor network traffic for deviations from normal profiles. For that purpose, we used four types of supervised classifier algorithms, namely, Decision Tree (DT), Random Forest (RF), K Nearest Neighbor (kNN), and Support Vector Machine (SVM). In addition, we utilized two types of feature selection algorithms, the Correlation-based Feature Selection (CFS) algorithm and the Genetic Algorithm (GA) and compared their performances. We also utilized the IoTID20 dataset, one of the most recent for detecting anomalous activity in IoT networks, to train our model. The best performances were obtained with DT and RF classifiers when they were trained with features selected by GA. However, other metrics, such as training and testing times, showed that DT was superior.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Khalid A. Alattas,Abbas Mardani

DOI: https://doi.org/10.1007/s10668-021-01835-w

2022-04-15

Abstract:The use of the Internet of things (IoT) devices is growing rapidly in the current industrial market. Integrating these devices into the network system has subjected the information to Cybersecurity attacks putting the market of IoT technology at risk. As a result, accurate protection algorithms and efficient monitoring systems need to be developed. This paper proposes a new framework design relays on a stochastic measurement of determining parameters based on a novel adaptive deep learning (ADL) algorithm for industrial manufacturing such as transportation, energy. The new framework will be designed to incorporate an element of randomness as opposed to deterministic frameworks. The implemented method considered the network forensic systems and intrusion detection (ID); therefore, the prediction model is set up to alert the administrator about the system status. The framework is proposed based on five prioritized protection stages. The developed model tested on the Bot-IoT dataset, which is well-structured and valid for training, as confirmed by literature. The result has shown the ability to simulate the IoT network traffic along with risk assessment against different types of attacks by using the ADL algorithm. The new framework will be designed to improve computational efficiency by being able to adjust their structure based on the inputs. The research contributions are that it will help in the development of an algorithm which can minimize traffic accidents, improve traffic flow, minimize energy wastes, and save costs of controlling traffic flow. Findings show that using this new algorithm has 100% accuracy, which makes it an excellent choice for the detection of threats and errors.