An improved PIO feature selection algorithm for IoT network intrusion detection system based on ensemble learning

Alghanam, Orieb Abu; Almobaideen, Wesam; Saadeh, Maha; Adwan, Omar

doi:10.1016/j.eswa.2022.118745

Cited by 43 publications

(22 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Shen et al [ 24 ] combined the KNN, random forest, and decision tree algorithms to realize the classification of encrypted web page data based on the features extracted from the two-way interactions between client and server. Alghanam et al [ 25 ] proposed an ensemble learning approach based on LS-PIO (Local Search with a Pigeon-Inspired Optimizer) by integrating multiple machine learning algorithms and enhancing the feature extraction algorithm, the Pigeon-Inspired Optimizer (PIO). Reference [ 26 ] proposes an LSTM network for classifying VPN data flows based on an attention mechanism.…”

Section: Related Workmentioning

confidence: 99%

“…To evaluate the performance of the proposed algorithm in terms of its identification accuracy, we carried out experiments to make a comparison between the proposed algorithm and seven other typical malicious-traffic-identification algorithms, namely iForest [ 14 ], the OC-SVM [ 15 ], LOF [ 16 ], DNNs [ 19 ], FNNs [ 22 ], SNNs [ 22 ], and LS-PIO-based ensemble [ 25 ]. These methods were introduced in Section 2 .…”

Section: Experiments and Analysismentioning

confidence: 99%

“…These methods were introduced in Section 2 . According to the classification of traditional machine learning and deep learning, the traditional machine learning methods include iForest [ 14 ], the OC-SVM [ 15 ], LOF [ 16 ], and LS-PIO-based ensemble [ 25 ]. The deep learning methods comprise DNNs [ 19 ], FNNs [ 22 ], SNNs [ 22 ], and the proposed method.…”

Section: Experiments and Analysismentioning

confidence: 99%

“…For example, the OC-SVM [ 15 ], which is based on traditional machine learning algorithms, produces a 77.79% ACC and 76.28% Macro-F1 score, whereas the SNN [ 22 ], which is based on deep learning, produces a 91% ACC and 91% Macro-F1, which is significantly better than the OC-SVM [ 15 ]. By integrating multiple traditional machine learning methods, [ 25 ] obtained a 98.73% ACC and 96.70% Macro-F1, which was the best result of all the traditional machine learning algorithms. However, its performance is easily surpassed by the deep-learning-based DNN [ 19 ], where the DNN achieves a 98.99% ACC.…”

Section: Experiments and Analysismentioning

confidence: 99%

See 3 more Smart Citations

Malicious Traffic Identification with Self-Supervised Contrastive Learning

Yang,

Jiang,

Liang

et al. 2023

Sensors

View full text Add to dashboard Cite

As the demand for Internet access increases, malicious traffic on the Internet has soared also. In view of the fact that the existing malicious-traffic-identification methods suffer from low accuracy, this paper proposes a malicious-traffic-identification method based on contrastive learning. The proposed method is able to overcome the shortcomings of traditional methods that rely on labeled samples and is able to learn data feature representations carrying semantic information from unlabeled data, thus improving the model accuracy. In this paper, a new malicious traffic feature extraction model based on a Transformer is proposed. Employing a self-attention mechanism, the proposed feature extraction model can extract the bytes features of malicious traffic by performing calculations on the malicious traffic, thereby realizing the efficient identification of malicious traffic. In addition, a bidirectional GLSTM is introduced to extract the timing features of malicious traffic. The experimental results show that the proposed method is superior to the latest published methods in terms of accuracy and F1 score.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Experiments and Analysismentioning

confidence: 99%

Section: Experiments and Analysismentioning

confidence: 99%

Section: Experiments and Analysismentioning

confidence: 99%

See 2 more Smart Citations

Malicious Traffic Identification with Self-Supervised Contrastive Learning

Yang,

Jiang,

Liang

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…Moreover, the process of setting inference rules in the previous research works depends on either the analysis of the systems' vulnerabilities and threats, or it depends on userdefined rules. In our approach, we have proposed the use of ML to set inference rules based on the superiority of artificial intelligence and ML in the security during the last years [21][22] [23].…”

Section: Ontologies Consideringmentioning

confidence: 99%

Toward an Ontological Cyberattack Framework to Secure Smart Cities with Machine Learning Support

Malkawi¹,

Obaid²,

Almobaideen³

2022

IJACSA

View full text Add to dashboard Cite

With the emergence and the movement toward the Internet of Things (IoT), one of the most significant applications that have gained a great deal of concern is smart cities. In smart cities, IoT is leveraged to manage life and services within a minimal, or even no, human intervention. IoT paradigm has created opportunities for a wide variety of cyberattacks to threaten systems and users. Many challenges have been faced in order to encounter IoT cyberattacks, such as the diversity of attacks and the frequent appearance of new attacks. This raises the need for a general and uniform representation of cyberattacks. Ontology proposed in this paper can be used to develop a generalized framework, and to provide a comprehensive study of potential cyberattacks in a smart city system. Ontology can serve in building this intended general framework by developing a description and a knowledge base for cyberattacks as a set of concepts and relation between them. In this article we have proposed an ontology to describe cyberattacks, we have identified the benefits of such ontology, and discussed a case study to show how we can we utilize the proposed ontology to implement a simple intrusion detection system with the assistance of Machine Learning (ML). The ontology is implemented using protégé ontology editor and framework, WEKA is utilized as well to construct the inference rules of the proposed ontology. Results show that intrusion detection system developed using the ontology has shown a good performance in revealing the occurrence of different cyberattacks, accuracy has reached 97% in detecting cyber-attacks in a smart city system.

show abstract