IoT Based Intrusion Detection Systems from The Perspective of Machine and Deep Learning: A Survey and Comparative Study

Ashraf, Eman; Areed, Nihal F. F.; Salem, Hanaa; Abdelhady, Ehab; Farouk, Ahmed

doi:10.21608/dusj.2022.275552

Cited by 6 publications

(6 citation statements)

References 91 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This dataset is generated as part of continuing investigation study to construct improved DL and ML techniques for the design of well-organized IDS for SDN. 34,35 For testing and evaluation of SDN DDoS attacks, the dataset in IEEE DataPort dataset is used which access the Internet of Things (IoT) and general SDN-based networks. To identify the distributed and suspicious intrusion in VANET, the DDoS traffic provides observation using the SDN DDoS dataset by integrating SDN.…”

Section: Dataset Descriptionmentioning

confidence: 99%

“…This dataset was developed with the help of the Mininet emulator and offers a DDoS attack examination for detection and disseminated interruptions in SDN‐int‐VANET. For evaluating performance of proposed intrusion detection system, the SDN DDOS attack dataset 34,35 is used.…”

Section: Overview Of Sdn‐int‐vanetmentioning

confidence: 99%

“…For effective AD, in this work, the input data is taken from the SDN DDoS dataset. This dataset is generated as part of continuing investigation study to construct improved DL and ML techniques for the design of well‐organized IDS for SDN 34,35 . For testing and evaluation of SDN DDoS attacks, the dataset in IEEE DataPort dataset is used which access the Internet of Things (IoT) and general SDN‐based networks.…”

Section: Experimental Outcomes Of Rtarf‐cnnmentioning

confidence: 99%

See 2 more Smart Citations

Residual based temporal attention convolutional neural network for detection of distributed denial of service attacks in software defined network integrated vehicular adhoc network

Karthik,

Lakshmi,

Abraham

et al. 2023

Int J Network Mgmt

View full text Add to dashboard Cite

Software defined network (SDN) integrated vehicular ad hoc network (VANET) is a magnificent technique for smart transportation as it raises the efficiency, safety, manageability, and comfort of traffic. SDN‐integrated VANET (SDN‐int‐VANET) has numerous benefits, but it is susceptible to threats like distributed denial of service (DDoS). Several methods were suggested for DDoS attack detection (AD), but the existing approaches to optimization have given a base for enhancing the parameters. An incorrect selection of parameters results in a poor performance and poor fit to the data. To overcome these issues, residual‐based temporal attention red fox‐convolutional neural network (RTARF‐CNN) for detecting DDoS attacks in SDN‐int‐VANET is introduced in this manuscript. The input data is taken from the SDN DDoS attack dataset. For restoring redundancy and missing value, developed random forest and local least squares (DRFLLS) are applied. Then the important features are selected from the pre‐processed data with the help of stacked contractive autoencoders (St‐CAE), which reduces the processing time of the introduced method. The selected features are classified by residual‐based temporal attention‐convolutional neural network (RTA‐CNN). The weight parameter of RTA‐CNN is optimized with the help of red fox optimization (RFO) for better classification. The introduced method is implemented in the PYTHON platform. The RTARF‐CNN attains 99.8% accuracy, 99.5% sensitivity, 99.80% precision, and 99.8% specificity. The effectiveness of the introduced technique is compared with the existing approaches.

show abstract

Section: Dataset Descriptionmentioning

confidence: 99%

Section: Overview Of Sdn‐int‐vanetmentioning

confidence: 99%

Section: Experimental Outcomes Of Rtarf‐cnnmentioning

confidence: 99%

See 1 more Smart Citation

Residual based temporal attention convolutional neural network for detection of distributed denial of service attacks in software defined network integrated vehicular adhoc network

Karthik,

Lakshmi,

Abraham

et al. 2023

Int J Network Mgmt

View full text Add to dashboard Cite

show abstract

“…Detailed systematic overviews of available datasets and state-of-the-art approaches in analyzing network traffic are being actively researched [8][9][10]. Research has focused on investigating the performance of widely-used ML algorithms such as SVM, Naive Bayes, Decision Tree, and Random Forest [11][12][13].…”

Section: Related Workmentioning

confidence: 99%

Machine Learning Based Classification of IoT Traffic

Velichkovska¹,

Cholakoska²,

Atanasovski³

2023

RADIOENGINEERING

View full text Add to dashboard Cite

With the rapid expansion and widespread adoption of the Internet of Things (IoT), maintaining secure connections among active devices can be challenging. Since IoT devices are limited in power and storage, they cannot perform complex tasks, which makes them vulnerable to different types of attacks. Given the volume of data generated daily, detecting anomalous behavior can be demanding. However, machine learning (ML) algorithms have proven successful in extracting complex patterns from big data, which has led to active applications in IoT.In this paper, we perform a comprehensive analysis, including 4 ML algorithms and 3 neural networks (NNs), and propose a pipeline which analyzes the influence data reduction (loss) has on the performance of these algorithms. We use random undersampling as a data reduction technique, which simulates reduced network traffic data. The pipeline investigates several degrees of data loss. The results show that models trained on the original data distribution obtain accuracy that verges on 100%. XGBoost performs best from the classic ML algorithms. From the deep learning models, the 2-layered NN provides excellent results and has sufficient depth for practical application. On the other hand, when the models are trained on the undersampled data, there is a decrease in performance, most notably in the case of NNs. The most prominent change is seen in the 4-layered NN, where the model trained on the original dataset detects attacks with a success of 93.53%, whereas the model trained on the maximally reduced data has a success of only 39.39%.

show abstract

“…In addition, researchers have proposed the use of machine learning and deep learning algorithms and intrusion detection systems to detect and respond to cyber threats in real time [ 25 ]. These systems can analyze network traffic and device behavior to send out an alert and identify potential security incidents, such as unauthorized access attempts or malware infections [ 10 , 26 , 27 ].…”

Section: Introductionmentioning

confidence: 99%

An Improved Mutual Information Feature Selection Technique for Intrusion Detection Systems in the Internet of Medical Things

Alalhareth,

Hong

2023

Sensors

View full text Add to dashboard Cite

In healthcare, the Internet of Things (IoT) is used to remotely monitor patients and provide real-time diagnoses, which is referred to as the Internet of Medical Things (IoMT). This integration poses a risk from cybersecurity threats that can harm patient data and well-being. Hackers can manipulate biometric data from biosensors or disrupt the IoMT system, which is a major concern. To address this issue, intrusion detection systems (IDS) have been proposed, particularly using deep learning algorithms. However, developing IDS for IoMT is challenging due to high data dimensionality leading to model overfitting and degraded detection accuracy. Feature selection has been proposed to prevent overfitting, but the existing methods assume that feature redundancy increases linearly with the size of the selected features. Such an assumption does not hold, as the amount of information a feature carries about the attack pattern varies from feature to feature, especially when dealing with early patterns, due to data sparsity that makes it difficult to perceive the common characteristics of selected features. This negatively affects the ability of the mutual information feature selection (MIFS) goal function to estimate the redundancy coefficient accurately. To overcome this issue, this paper proposes an enhanced feature selection technique called Logistic Redundancy Coefficient Gradual Upweighting MIFS (LRGU-MIFS) that evaluates candidate features individually instead of comparing them with common characteristics of the already-selected features. Unlike the existing feature selection techniques, LRGU calculates the redundancy score of a feature using the logistic function. It increases the redundancy value based on the logistic curve, which reflects the nonlinearity of the relationship of the mutual information between features in the selected set. Then, the LRGU was incorporated into the goal function of MIFS as a redundancy coefficient. The experimental evaluation shows that the proposed LRGU was able to identify a compact set of significant features that outperformed those selected by the existing techniques. The proposed technique overcomes the challenge of perceiving common characteristics in cases of insufficient attack patterns and outperforms existing techniques in identifying significant features.

show abstract

IoT Based Intrusion Detection Systems from The Perspective of Machine and Deep Learning: A Survey and Comparative Study

Cited by 6 publications

References 91 publications

Residual based temporal attention convolutional neural network for detection of distributed denial of service attacks in software defined network integrated vehicular adhoc network

Residual based temporal attention convolutional neural network for detection of distributed denial of service attacks in software defined network integrated vehicular adhoc network

Machine Learning Based Classification of IoT Traffic

An Improved Mutual Information Feature Selection Technique for Intrusion Detection Systems in the Internet of Medical Things

Contact Info

Product

Resources

About