Tarek Gaber,Joseph B. Awotunde,Sakinat O. Folorunso,Sunday A. Ajagbe,Esraa Eldesouky

DOI: https://doi.org/10.1155/2023/3939895

2023-05-01

Wireless Communications and Mobile Computing

Abstract:The emergence of the Internet of Things (IoT) has witnessed immense growth globally with the use of various devices found in home, transportation, healthcare, and industry. The deployment and implementation of the IoT paradigm in industrial settings lead to the architectural changes of Industrial Automation and Control Systems (IACS) plus the countless connectivity of industrial systems. This resulted in what is referred to as the Industrial Internet of Things (IIoT), which removes the barrier of connecting IACS to isolated conventional ICT platforms. In recent times, the IoT has started hacking our personal lives and not only our world, thus creating a platform for impending IoT cyberattacks. The widespread use of the IoT has created a rich platform for possible IoT cyberattacks. Machine learning (ML) algorithms have been driven solutions to secure wireless communication in IIoT-based systems, and their use in solving various cybersecurity challenges. Therefore, this paper proposes a novel intrusion detection model based on the Particle Swarm Optimization (PSO) and Bat algorithm (BA) for feature selection, and the Random Forest (RF) classifier for the classification of malicious behaviors in IIoT-based network traffic. An IIoT-based cybersecurity dataset, WUSTL-IIOT-2021 Dataset, was used to evaluate the performance of the proposed model using accuracy, recall, precision, and F1-score. The results of the two feature selection were compared to identify the most promising one. The results were compared with other recent state-of-the-art ML and multiobjective algorithms, and the results showed better performance. The RF along with BA classifier had proved to be the best classifier.

computer science, information systems,telecommunications,engineering, electrical & electronic

Muhammad Bisri Musthafa,Samsul Huda,Yuta Kodera,Md Arshad Ali,Shunsuke Araki,Jedidah Mwaura,Yasuyuki Nogami

DOI: https://doi.org/10.3390/s24134293

2024-07-01

Abstract:Internet of Things (IoT) devices are leading to advancements in innovation, efficiency, and sustainability across various industries. However, as the number of connected IoT devices increases, the risk of intrusion becomes a major concern in IoT security. To prevent intrusions, it is crucial to implement intrusion detection systems (IDSs) that can detect and prevent such attacks. IDSs are a critical component of cybersecurity infrastructure. They are designed to detect and respond to malicious activities within a network or system. Traditional IDS methods rely on predefined signatures or rules to identify known threats, but these techniques may struggle to detect novel or sophisticated attacks. The implementation of IDSs with machine learning (ML) and deep learning (DL) techniques has been proposed to improve IDSs' ability to detect attacks. This will enhance overall cybersecurity posture and resilience. However, ML and DL techniques face several issues that may impact the models' performance and effectiveness, such as overfitting and the effects of unimportant features on finding meaningful patterns. To ensure better performance and reliability of machine learning models in IDSs when dealing with new and unseen threats, the models need to be optimized. This can be done by addressing overfitting and implementing feature selection. In this paper, we propose a scheme to optimize IoT intrusion detection by using class balancing and feature selection for preprocessing. We evaluated the experiment on the UNSW-NB15 dataset and the NSL-KD dataset by implementing two different ensemble models: one using a support vector machine (SVM) with bagging and another using long short-term memory (LSTM) with stacking. The results of the performance and the confusion matrix show that the LSTM stacking with analysis of variance (ANOVA) feature selection model is a superior model for classifying network attacks. It has remarkable accuracies of 96.92% and 99.77% and overfitting values of 0.33% and 0.04% on the two datasets, respectively. The model's ROC is also shaped with a sharp bend, with AUC values of 0.9665 and 0.9971 for the UNSW-NB15 dataset and the NSL-KD dataset, respectively.

Muhammad Zawad Mahmud,Samiha Islam,Shahran Rahman Alve,Al Jubayer Pial

2024-12-04

Abstract:An application of software known as an Intrusion Detection System (IDS) employs machine algorithms to identify network intrusions. Selective logging, safeguarding privacy, reputation-based defense against numerous attacks, and dynamic response to threats are a few of the problems that intrusion identification is used to solve. The biological system known as IoT has seen a rapid increase in high dimensionality and information traffic. Self-protective mechanisms like intrusion detection systems (IDSs) are essential for defending against a variety of attacks. On the other hand, the functional and physical diversity of IoT IDS systems causes significant issues. These attributes make it troublesome and unrealistic to completely use all IoT elements and properties for IDS self-security. For peculiarity-based IDS, this study proposes and implements a novel component selection and extraction strategy (our strategy). A five-ML algorithm model-based IDS for machine learning-based networks with proper hyperparamater tuning is presented in this paper by examining how the most popular feature selection methods and classifiers are combined, such as K-Nearest Neighbors (KNN) Classifier, Decision Tree (DT) Classifier, Random Forest (RF) Classifier, Gradient Boosting Classifier, and Ada Boost Classifier. The Random Forest (RF) classifier had the highest accuracy of 99.39%. The K-Nearest Neighbor (KNN) classifier exhibited the lowest performance among the evaluated models, achieving an accuracy of 94.84%. This study's models have a significantly higher performance rate than those used in previous studies, indicating that they are more reliable.

Cryptography and Security,Machine Learning

Adel Binbusayyis,Haya Alaskar,Thavavel Vaiyapuri,M Dinesh

DOI: https://doi.org/10.1007/s11227-022-04568-3

Abstract:Internet of Medical Things (IoMT) is network of interconnected medical devices (smart watches, pace makers, prosthetics, glucometer, etc.), software applications, and health systems and services. IoMT has successfully addressed many old healthcare problems. But it comes with its drawbacks essentially with patient's information privacy and security related issues that comes from IoMT architecture. Using obsolete systems can bring security vulnerabilities and draw attacker's attention emphasizing the need for effective solution to secure and protect the data traffic in IoMT network. Recently, intrusion detection system (IDS) is regarded as an essential security solution for protecting IoMT network. In the past decades, machines learning (ML) algorithms have demonstrated breakthrough results in the field of intrusion detection. Notwithstanding, to our knowledge, there is no work that investigates the power of machines learning algorithms for intrusion detection in IoMT network. This paper aims to fill this gap of knowledge investigating the application of different ML algorithms for intrusion detection in IoMT network. The investigation analysis includes ML algorithms such as K-nearest neighbor, Naïve Bayes, support vector machine, artificial neural network and decision tree. The benchmark dataset, Bot-IoT which is publicly available with comprehensive set of attacks was used to train and test the effectiveness of all ML models considered for investigation. Also, we used comprehensive set of evaluation metrics to compare the power of ML algorithms with regard to their detection accuracy for intrusion in IoMT networks. The outcome of the analysis provides a promising path to identify the best the machine learning approach can be used for building effective IDS that can safeguard IoMT network against malicious activities.

Sahar Soliman,Wed Oudah,Ahamed Aljuhani

DOI: https://doi.org/10.1016/j.aej.2023.09.023

2023-09-21

AEJ - Alexandria Engineering Journal

Abstract:The widespread deployment of the Internet of Things (IoT) into critical sectors such as industrial and manufacturing has resulted in the Industrial Internet of Things (IIoT). The IIoT consists of sensors, actuators, and smart devices that communicate with one another to optimize manufacturing and industrial processes. Although IIoT provides various benefits to both service providers and consumers, security and privacy remain a big challenge. An intrusion detection system (IDS) has been utilized to mitigate cyberattacks in such a connected network. However, many existing solutions for IDS in IIoT suffer from the lack of comprehensiveness of the types of attack the network is exposed to, high feature dimension, models built on out-of-date datasets, and a lack of focus on the problem of imbalanced datasets. To address the aforementioned issues, we propose an intelligent detection system for identifying cyberattacks in Industrial IoT networks. The proposed model uses the singular value decomposition (SVD) technique to reduce data features and improve detection results. We use the synthetic minority over-sampling (SMOTE) technique to avoid over-fitting and under-fitting issues that result in biased classification. Several machine learning and deep learning algorithms have been implemented to classify data for binary and multi-class classification. We evaluate the efficacy of the proposed intelligent model on ToN_IoT dataset. The proposed approach achieved an accuracy rate of 99.99% and a reduced error rate of 0.001% for binary classification, and an accuracy rate of 99.98% and a reduced error rate of 0.016% for multi-class classification.

Mohanad Sarhan,Siamak Layeghy,Marius Portmann

DOI: https://doi.org/10.48550/arXiv.2108.12732

2022-11-23

Abstract:Internet of Things (IoT) networks have become an increasingly attractive target of cyberattacks. Powerful Machine Learning (ML) models have recently been adopted to implement network intrusion detection systems to protect IoT networks. For the successful training of such ML models, selecting the right data features is crucial, maximising the detection accuracy and computational efficiency. This paper comprehensively analyses feature sets' importance and predictive power for detecting network attacks. Three feature selection algorithms: chi-square, information gain and correlation, have been utilised to identify and rank data features. The attributes are fed into two ML classifiers: deep feed-forward and random forest, to measure their attack detection performance. The experimental evaluation considered three datasets: UNSW-NB15, CSE-CIC-IDS2018, and ToN-IoT in their proprietary flow format. In addition, the respective variants in NetFlow format were also considered, i.e., NF-UNSW-NB15, NF-CSE-CIC-IDS2018, and NF-ToN-IoT. The experimental evaluation explored the marginal benefit of adding individual features. Our results show that the accuracy initially increases rapidly with adding features but converges quickly to the maximum. This demonstrates a significant potential to reduce the computational and storage cost of intrusion detection systems while maintaining near-optimal detection accuracy. This has particular relevance in IoT systems, with typically limited computational and storage resources.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Yazeed Alotaibi,Mohammad Ilyas

DOI: https://doi.org/10.3390/s23125568

2023-06-14

Abstract:The Internet of Things (IoT) comprises a network of interconnected nodes constantly communicating, exchanging, and transferring data over various network protocols. Studies have shown that these protocols pose a severe threat (Cyber-attacks) to the security of data transmitted due to their ease of exploitation. In this research, we aim to contribute to the literature by improving the Intrusion Detection System (IDS) detection efficiency. In order to improve the efficiency of the IDS, a binary classification of normal and abnormal IoT traffic is constructed to enhance the IDS performance. Our method employs various supervised ML algorithms and ensemble classifiers. The proposed model was trained on TON-IoT network traffic datasets. Four of the trained ML-supervised models have achieved the highest accurate outcomes; Random Forest, Decision Tree, Logistic Regression, and K-Nearest Neighbor. These four classifiers are fed to two ensemble approaches: voting and stacking. The ensemble approaches were evaluated using the evaluation metrics and compared for their efficacy on this classification problem. The accuracy of the ensemble classifiers was higher than that of the individual models. This improvement can be attributed to ensemble learning strategies that leverage diverse learning mechanisms with varying capabilities. By combining these strategies, we were able to enhance the reliability of our predictions while reducing the occurrence of classification errors. The experimental results show that the framework can improve the efficiency of the Intrusion Detection System, achieving an accuracy rate of 0.9863.

João Vitorino,Rui Andrade,Isabel Praça,Orlando Sousa,Eva Maia

DOI: https://doi.org/10.1007/978-3-031-08147-7_13

2022-06-01

Abstract:The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considering both binary and multi-class classification scenarios. The developed models consisted of Support Vector Machine (SVM), Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), Isolation Forest (iForest), Local Outlier Factor (LOF) and a Deep Reinforcement Learning (DRL) model based on a Double Deep Q-Network (DDQN), adapted to the intrusion detection context. The most reliable performance was achieved by LightGBM. Nonetheless, iForest displayed good anomaly detection results and the DRL model demonstrated the possible benefits of employing this methodology to continuously improve the detection. Overall, the obtained results indicate that the analyzed techniques are well suited for IoT intrusion detection.

Cryptography and Security,Artificial Intelligence,Machine Learning

Abdulrahman Mahmoud Eid,Bassel Soudan,Ali Bou Nassif,MohammadNoor Injadat

DOI: https://doi.org/10.1007/s00521-024-09857-x

2024-05-11

Neural Computing and Applications

Abstract:This work introduces an intrusion detection system (IDS) tailored for industrial internet of things (IIoT) environments based on an optimized convolutional neural network (CNN) model. The model is trained on a dataset that was balanced using a novel multi-class implementation of synthetic minority over-sampling technique (SMOTE) that ensures equal representation of all classes. Additionally, systematic optimization will be used to fine tune the hyperparameters of the CNN model and mitigate the effects of the increased size of the training dataset. Evaluation results will demonstrate substantial improvement in performance when the optimized CNN model is trained on the balanced dataset. The proposed IDS will be evaluated using the IIoT-specific WUSTL-IIOT-2021 dataset, and then its generalization capability will be verified using the non-domain specific UNSW_NB15 dataset. The model's performance will be evaluated using accuracy, precision, recall, and F 1-score metrics. The results will demonstrate that the proposed IDS is highly effective with performance exceeding 99.9% on all performance metrics. The IDS is also highly effective in detecting intrusion for generic IT networks achieving improvements in excess of 30% compared to the default baseline model. The results emphasize the versatility and effectiveness of the proposed IDS model, making it a reliable and adaptable solution for enhancing network security across diverse network environments.

computer science, artificial intelligence

Salma Elhag,Amal Mahmoud Alghamdi,Norah Ahmad Al-Shomrani

DOI: https://doi.org/10.1007/s42979-022-01566-3

2022-12-29

SN Computer Science

Abstract:The Internet of Things (IoT) has evolved to the point that modern enterprises may now deploy large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT) (IIoT). The IIoT is susceptible to many cyber-attacks that hacker may use to cause significant reputational and financial harm to businesses. An anomaly-based intrusion detection system (IDS) may offer secure, dependable, and efficient IIoT ecosystems by preserving the confidentiality, integrity, and availability of IIoT networks. This study investigates the application of a security model for the IIoT that uses machine learning techniques to improve network and communication security by preventing malicious and infected nodes from spreading and infecting other nodes in the network. In this, four machine learning classifiers (SVM, DT, RF, and kNN) have been used to classify the attacks with three main attack scenarios. The results show that RF has a stable performance and accuracy of 99.5%, while the other classifiers show differences in accuracy and performance with each attack scenario.

Hao Xu,Zihan Sun,Yuan Cao,Hazrat Bilal

DOI: https://doi.org/10.1007/s00500-023-09037-4

IF: 3.732

2023-07-29

Soft Computing

Abstract:Cyber-attacks and network intrusion have surfaced as major concerns for modern days applications of the Internet of Things (IoT). The existing intrusion detection and prevention techniques have a wide range of limitations and thus are unable to precisely detect any type of attack or anomaly within the network traffic. Many machine learning-based algorithms have also been presented by the researchers, which lack performance in terms of classification accuracy, or in terms of multi-class classification. This research presents a data-driven approach for intrusion and anomaly detection, where the data is processed and filtered using different algorithms. The quality of the training dataset is improved by using Synthetic Minority Oversampling Technique (SMOTE) algorithm and mutual information. Automated machine learning is also used to detect the algorithm with auto-tuned hyper-parameters that best suit to classify the data. This technique not only saves the computational cost to test the data at run-time but also provides an optimal algorithm without the need to run calculations to tune hyper-parameters, manually. The resultant algorithm solves a multi-class classification problem with an accuracy of 99.7%, outperforming the existing algorithms by a decent margin.

computer science, artificial intelligence, interdisciplinary applications

Andrew Churcher,Rehmat Ullah,Jawad Ahmad,Sadaqat ur Rehman,Fawad Masood,Mandar Gogate,Fehaid Alqahtani,Boubakr Nour,William J. Buchanan

DOI: https://doi.org/10.3390/s21020446

2021-01-10

Abstract:In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems (IDS) to cope with these attacks efficiently. In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS. In this work, ML algorithms are compared for both binary and multi-class classification on Bot-IoT dataset. Based on several parameters such as accuracy, precision, recall, F1 score, and log loss, we experimentally compared the aforementioned ML algorithms. In the case of HTTP distributed denial-of-service (DDoS) attack, the accuracy of RF is 99%. Furthermore, other simulation results-based precision, recall, F1 score, and log loss metric reveal that RF outperforms on all types of attacks in binary classification. However, in multi-class classification, KNN outperforms other ML algorithms with an accuracy of 99%, which is 4% higher than RF.

Cryptography and Security,Machine Learning

Hosam El-Sofany,Samir A. El-Seoud,Omar H. Karam,Belgacem Bouallegue

DOI: https://doi.org/10.1038/s41598-024-62861-y

IF: 4.6

2024-05-29

Scientific Reports

Abstract:The term "Internet of Things" (IoT) refers to a system of networked computing devices that may work and communicate with one another without direct human intervention. It is one of the most exciting areas of computing nowadays, with its applications in multiple sectors like cities, homes, wearable equipment, critical infrastructure, hospitals, and transportation. The security issues surrounding IoT devices increase as they expand. To address these issues, this study presents a novel model for enhancing the security of IoT systems using machine learning (ML) classifiers. The proposed approach analyzes recent technologies, security, intelligent solutions, and vulnerabilities in ML IoT-based intelligent systems as an essential technology to improve IoT security. The study illustrates the benefits and limitations of applying ML in an IoT environment and provides a security model based on ML that manages autonomously the rising number of security issues related to the IoT domain. The paper proposes an ML-based security model that autonomously handles the growing number of security issues associated with the IoT domain. This research made a significant contribution by developing a cyberattack detection solution for IoT devices using ML. The study used seven ML algorithms to identify the most accurate classifiers for their AI-based reaction agent's implementation phase, which can identify attack activities and patterns in networks connected to the IoT. The study used seven ML algorithms to identify the most accurate classifiers for their AI-based reaction agent's implementation phase, which can identify attack activities and patterns in networks connected to the IoT. Compared to previous research, the proposed approach achieved a 99.9% accuracy, a 99.8% detection average, a 99.9 F1 score, and a perfect AUC score of 1. The study highlights that the proposed approach outperforms earlier machine learning-based models in terms of both execution speed and accuracy. The study illustrates that the suggested approach outperforms previous machine learning-based models in both execution time and accuracy.

multidisciplinary sciences

Md Rashed Buiya,A K M Nuruzzaman Laskar,Md Rafiqul Islam,Sanjib Kumar Shil Sawalmeh,Muhammad Shoyaibur Rahman Chowdhury Roy,Reza E Rabbi Shawon Roy,Md Sumsuzoha

DOI: https://doi.org/10.32996/jcsts.2024.6.4.16

2024-10-18

Journal of Computer Science and Technology Studies

Abstract:The IoT is one of the most revolutionary technological advancements of the contemporary era, embedding networked devices into nearly every aspect of human life, from smart homes and wearables to industrial systems and healthcare applications in the U.S.A. The immediate need for better cybersecurity in the U.S.A. arises from the increasing sophistication and frequency of cyberattacks on IoT systems. Machine learning and AI have emerged as promising technologies to deal with the security challenges IoT systems pose. Unlike traditional rule-based systems, ML models learn from large datasets to identify deviations from the normal behavior pattern that signifies malicious activity. The prime objective of this research is to design, curate, evaluate, and deploy state-of-the-art machine learning models that improve the detection of cyberattacks over IoT network traffic. This research used a well-established dataset that emulates IoT network traffic consisting of benign and malicious activities. Benchmarks like the UNSW-NB15, CICIDS2017, and TON_IoT have been in extensive use by researchers in this domain because they contain a rich variety of network traffic created by various IoT devices and systems along with corresponding labels that classify normal and associated with specific types of cyberattacks: DDOS, MITM, and botnet attacks. Data preprocessing and cleaning ensured that the dataset was consistent, complete, and in a format that helps machine learning algorithms learn from it. Imputation techniques used the feature's mean/median/mode to handle missing values. In this research project, two machine learning algorithms were used in the experiment, notably, Logistic Regression and Random Forest. In this study, the machine learning algorithms used in the experiment undertaken for the current research project are Logistic Regression and Random Forest. The performance of Random Forest was superior to Logistic Regression in almost all metrics. While Logistic Regression provided a strong baseline, it struggled with detecting attacks, as evidenced by its lower recall and higher number of false negatives. This implied that Logistic Regression was less reliable in detecting cyberattacks, which could be critical in real-world cybersecurity settings. By contrast, Random Forest attained impressive accuracy and significantly diminished the number of false negatives. Its higher precision and recall demonstrate that it is better suited for detecting attacks in this dataset, offering a more reliable solution for cyberattack detection.

Mazin S. Mohammed,Hasanien Ali Talib

DOI: https://doi.org/10.25130/tjps.v29i3.1553

2024-06-25

Tikrit Journal of Pure Science

Abstract:Intrusion Detection Systems (IDS) are essential for identifying and mitigating security threats in Internet of Things (IoT) networks. This paper explores the unique challenges of IoT environments and presents machine learning (ML) algorithms as powerful solutions for IoT-IDS, encompassing supervised, unsupervised, and semi-supervised learning. Notable algorithms, including decision trees, random forests, support vector machines, and deep learning architectures, are discussed. Emphasis is placed on the critical role of feature selection in developing efficient IDS, addressing challenges such as heterogeneity, limited resources, real-time detection, privacy concerns, and adversarial attacks. Future research directions include advanced ML algorithms for IoT data, integration of anomaly detection, exploration of federated learning, and combining ML with other cybersecurity techniques. The paper advocates for benchmark datasets and evaluation frameworks to standardize the assessment of ML-based IoT-IDS approaches, ultimately contributing to heightened security and integrity in IoT systems..

Joseph Bamidele Awotunde,Chinmay Chakraborty,Abidemi Emmanuel Adeniyi

DOI: https://doi.org/10.1155/2021/7154587

2021-09-02

Wireless Communications and Mobile Computing

Abstract:The Industrial Internet of Things (IIoT) is a recent research area that links digital equipment and services to physical systems. The IIoT has been used to generate large quantities of data from multiple sensors, and the device has encountered several issues. The IIoT has faced various forms of cyberattacks that jeopardize its capacity to supply organizations with seamless operations. Such risks result in financial and reputational damages for businesses, as well as the theft of sensitive information. Hence, several Network Intrusion Detection Systems (NIDSs) have been developed to fight and protect IIoT systems, but the collections of information that can be used in the development of an intelligent NIDS are a difficult task; thus, there are serious challenges in detecting existing and new attacks. Therefore, the study provides a deep learning-based intrusion detection paradigm for IIoT with hybrid rule-based feature selection to train and verify information captured from TCP/IP packets. The training process was implemented using a hybrid rule-based feature selection and deep feedforward neural network model. The proposed scheme was tested utilizing two well-known network datasets, NSL-KDD and UNSW-NB15. The suggested method beats other relevant methods in terms of accuracy, detection rate, and FPR by 99.0%, 99.0%, and 1.0%, respectively, for the NSL-KDD dataset, and 98.9%, 99.9%, and 1.1%, respectively, for the UNSW-NB15 dataset, according to the results of the performance comparison. Finally, simulation experiments using various evaluation metrics revealed that the suggested method is appropriate for IIOT intrusion network attack classification.

computer science, information systems,telecommunications,engineering, electrical & electronic

MohammadNoor Injadat

2024-01-11

Abstract:The continued growth in the deployment of Internet-of-Things (IoT) devices has been fueled by the increased connectivity demand, particularly in industrial environments. However, this has led to an increase in the number of network related attacks due to the increased number of potential attack surfaces. Industrial IoT (IIoT) devices are prone to various network related attacks that can have severe consequences on the manufacturing process as well as on the safety of the workers in the manufacturing plant. One promising solution that has emerged in recent years for attack detection is Machine learning (ML). More specifically, ensemble learning models have shown great promise in improving the performance of the underlying ML models. Accordingly, this paper proposes a framework based on the combined use of Bayesian Optimization-Gaussian Process (BO-GP) with an ensemble tree-based learning model to improve the performance of intrusion and attack detection in IIoT environments. The proposed framework's performance is evaluated using the Windows 10 dataset collected by the Cyber Range and IoT labs at University of New South Wales. Experimental results illustrate the improvement in detection accuracy, precision, and F-score when compared to standard tree and ensemble tree models.

Cryptography and Security,Artificial Intelligence

Jisha JoseJ. E. JudithDepartment of Computer Science and Engineering,Noorul Islam Centre for Higher Education,Kumarakovil,India

DOI: https://doi.org/10.1080/00051144.2024.2304369

IF: 1.79

2024-02-10

Automatika

Abstract:The growing Internet of Things (IoT) landscape requires robust security; traditional rule-based systems are insufficient, driving the integration of machine learning (ML) for effective intrusion detection. This paper provides an inclusive overview of research efforts focused on harnessing ML methodologies to fortify intrusion detection within IoT. Tailored feature extraction techniques are pivotal for achieving high detection accuracy while minimizing false positives. The study employs the IoT23 dataset from Kaggle and incorporates four optimization algorithms – Particle Swarm Optimizer, Whale-Pearson optimization algorithm, Harris-Hawks Optimizer, and Support Vector Machine with Particle Swarm optimization algorithm (SVM-PSO) – for feature extraction and selection. A comparison with ML algorithms such as logistic regression, decision tree and naïve Bayes classifier highlights Harris-Hawks Optimizer as the most effective. Furthermore, ensemble methods, particularly the fusion of random forest with HHO optimization, yield an impressive accuracy of 99.97%, surpassing AdaBoost and XGBoost approaches. This paper underscores the application of diverse ensemble learning techniques to enhance intrusion detection precision and efficiency within the intricate IoT landscape, effectively tackling the challenges posed by its complex and ever-changing nature.

automation & control systems,engineering, electrical & electronic

Ghaida Balhareth,Mohammad Ilyas

DOI: https://doi.org/10.3390/s24175712

2024-09-02

Abstract:The Internet of Medical Things (IoMTs) is a network of connected medical equipment such as pacemakers, prosthetics, and smartwatches. Utilizing the IoMT-based system, a huge amount of data is generated, offering experts a valuable resource for tasks such as prediction, real-time monitoring, and diagnosis. To do so, the patient's health data must be transferred to database storage for processing because of the limitations of the storage and computation capabilities of IoMT devices. Consequently, concerns regarding security and privacy can arise due to the limited control over the transmitted information and reliance on wireless transmission, which leaves the network vulnerable to several kinds of attacks. Motivated by this, in this study, we aim to build and improve an efficient intrusion detection system (IDS) for IoMT networks. The proposed IDS leverages tree-based machine learning classifiers combined with filter-based feature selection techniques to enhance detection accuracy and efficiency. The proposed model is used for monitoring and identifying unauthorized or malicious activities within medical devices and networks. To optimize performance and minimize computation costs, we utilize Mutual Information (MI) and XGBoost as filter-based feature selection methods. Then, to reduce the number of the chosen features selected, we apply a mathematical set (intersection) to extract the common features. The proposed method can detect intruders while data are being transferred, allowing for the accurate and efficient analysis of healthcare data at the network's edge. The system's performance is assessed using the CICIDS2017 dataset. We evaluate the proposed model in terms of accuracy, F1 score, recall, precision, true positive rate, and false positive rate. The proposed model achieves 98.79% accuracy and a low false alarm rate 0.007 FAR on the CICIDS2017 dataset according to the experimental results. While this study focuses on binary classification for intrusion detection, we are planning to build a multi-classification approach for future work which will be able to not only detect the attacks but also categorize them. Additionally, we will consider using our proposed feature selection technique for different ML classifiers and evaluate the model's performance empirically in real-world IoMT scenarios.

Suchet Sapre,Pouyan Ahmadi,Khondkar Islam

DOI: https://doi.org/10.48550/arXiv.1912.13204

2019-12-31

Abstract:In recent years, as intrusion attacks on IoT networks have grown exponentially, there is an immediate need for sophisticated intrusion detection systems (IDSs). A vast majority of current IDSs are data-driven, which means that one of the most important aspects of this area of research is the quality of the data acquired from IoT network traffic. Two of the most cited intrusion detection datasets are the KDDCup99 and the NSL-KDD. The main goal of our project was to conduct a robust comparison of both datasets by evaluating the performance of various Machine Learning (ML) classifiers trained on them with a larger set of classification metrics than previous researchers. From our research, we were able to conclude that the NSL-KDD dataset is of a higher quality than the KDDCup99 dataset as the classifiers trained on it were on average 20.18% less accurate. This is because the classifiers trained on the KDDCup99 dataset exhibited a bias towards the redundancies within it, allowing them to achieve higher accuracies.

Machine Learning,Cryptography and Security,Networking and Internet Architecture