ML-DDoSnet: IoT Intrusion Detection Based on Denial-of-Service Attacks Using Machine Learning Methods and NSL-KDD (original) (raw)
Related papers
Refined LSTM Based Intrusion Detection for Denial-of-Service Attack in Internet of Things
Journal of Sensor and Actuator Networks
The Internet of Things (IoT) is a promising technology that allows numerous devices to be connected for ease of communication. The heterogeneity and ubiquity of the various connected devices, openness to devices in the network, and, importantly, the increasing number of connected smart objects (or devices) have exposed the IoT network to various security challenges and vulnerabilities which include manipulative data injection and cyberattacks such as a denial of service (DoS) attack. Any form of intrusive data injection or attacks on the IoT networks can create devastating consequences on the individual connected device or the entire network. Hence, there is a crucial need to employ modern security measures that can protect the network from various forms of attacks and other security challenges. Intrusion detection systems (IDS) and intrusion prevention systems have been identified globally as viable security solutions. Several traditional machine learning methods have been deployed...
Sensors
From smart homes to industrial environments, the IoT is an ally to easing daily activities, where some of them are critical. More and more devices are connected to and through the Internet, which, given the large amount of different manufacturers, may lead to a lack of security standards. Denial of service attacks (DDoS, DoS) represent the most common and critical attack against and from these networks, and in the third quarter of 2021, there was an increase of 31% (compared to the same period of 2020) in the total number of advanced DDoS targeted attacks. This work uses the Bot-IoT dataset, addressing its class imbalance problem, to build a novel Intrusion Detection System based on Machine Learning and Deep Learning models. In order to evaluate how the records timestamps affect the predictions, we used three different feature sets for binary and multiclass classifications; this helped us avoid feature dependencies, as produced by the Argus flow data generator, whilst achieving an a...
Zenodo (CERN European Organization for Nuclear Research), 2022
IoT utilizing Machine Learning/Deep Learning technique and various accessible datasets for IoT security in this review of literature. Methodology: The papers in this study were published between 2014 and 2021 and dealt with the use of IDS in IoT security. Various databases such as IEEE, Wiley, Science Direct, MDPI, and others were searched for this purpose, and shortlisted articles used Machine Learning and Deep Learning techniques to handle various IoT vulnerabilities. Findings/Result: In the past few years, the IDS has grown in popularity as a result of their robustness. The main idea behind intrusion detection systems is to detect intruders in a given region. An intruder is a host that tries to connect to other nodes without permission in the world of the Internet of Things. In the field of IDS, there is a research gap. Different ML/DL techniques are used for IDS in IoT. But it does not properly deal with complexity issues. Also, these techniques are limited to some attacks, and it does not provide high accuracy. Originality: A review had been executed from various research works available from online databases and based on the survey derived a structure for the future study. Paper Type: Literature Review.
Machine and Deep Learning Approaches for IoT Attack Classification
IEEE International Conference on Computer Communications 2022 (INFOCOM 2022) - The Tenth International Workshop on Security and Privacy in Big Data (BigSecurity), 2022
In recent years, Internet of Things (IoT) traffic has increased dramatically and is expected to grow further in the next future. Because of their vulnerabilities, IoT devices are often the target of cyber-attacks with dramatic consequences. For this reason, there is a strong need for powerful tools to guarantee a good level of security in IoT networks. Machine and deep learning approaches promise good performance for such a complex task. In this work, we employ state-of-art traffic classifiers based on deep learning and assess their effectiveness in accomplishing IoT attack classification. We aim to recognize different attack classes and distinguish them from benign network traffic. In more detail, we utilize effective and unbiased input data that allow fast (i.e. "early") detection of anomalies and we compare performance with that of traditional (i.e. "postmortem") machine learning classifiers. The experimental results highlight the need for advanced deep learning architectures fed with input data specifically tailored and designed for IoT attack classification. Furthermore, we perform an occlusion analysis to assess the influence on the performance of some network layer fields and the possible bias they may introduce.
Toward a deep learning-based intrusion detection system for IoT against botnet attacks
IAES International Journal of Artificial Intelligence (IJ-AI), 2021
The massive network traffic data between connected devices in the internet of things have taken a big challenge to many traditional intrusion detection systems (IDS) to find probable security breaches. However, security attacks lean towards unpredictability. There are numerous difficulties to build up adaptable and powerful IDS for IoT in order to avoid false alerts and ensure a high recognition precision against attacks, especially with the rising of Botnet attacks. These attacks can even make harmless devices becoming zombies that send malicious traffic and disturb the network. In this paper, we propose a new IDS solution, baptized BotIDS, based on deep learning convolutional neural networks (CNN). The main interest of this work is to design, implement and test our IDS against some well-known Botnet attacks using a specific Bot-IoT dataset. Compared to other deep learning techniques, such as simple RNN, LSTM and GRU, the obtained results of our BotIDS are promising with 99.94% in ...
DDoSLSTM: Detection of Distributed Denial of Service Attacks on IoT Devices using LSTM Model
2022 International Conference on Communication, Computing and Internet of Things (IC3IoT), 2022
Distributed Denial of Service (DDoS) attack is a persistent complication in the network's security. These attacks have been detected by many machine learning algorithms and feature selection methods. This paper chose the Recurrent Neural Network based long short-term memory model that works on time series data and handles long time-dependent inputs, thereby detecting DDoS attacks. In our paper, we focused primarily on increasing the classification performance of the LSTM model. Multi-layer LSTM model has been used for binary and multiclass data and maximum accuracy attained is 99.46% (1- Layer LSTM with Binary data) followed by 99.16% for 2-Layer LSTM with Multiclass Grouped data. The proposed DDoSLSTM model outperforms other state-of-the-art techniques, including deep neural network (DNN), RNN, CNN, Transformers.
LBDMIDS: LSTM Based Deep Learning Model for Intrusion Detection Systems for IoT Networks
2022 IEEE World AI IoT Congress (AIIoT)
In the recent years, we have witnessed a huge growth in the number of Internet of Things (IoT) and edge devices being used in our everyday activities. This demands the security of these devices from cyber attacks to be improved to protect its users. For years, Machine Learning (ML) techniques have been used to develop Network Intrusion Detection Systems (NIDS) with the aim of increasing their reliability/robustness. Among the earlier ML techniques DT performed well. In the recent years, Deep Learning (DL) techniques have been used in an attempt to build more reliable systems. In this paper, a Deep Learning enabled Long Short Term Memory (LSTM) Autoencoder and a 13-feature Deep Neural Network (DNN) models were developed which performed a lot better in terms of accuracy on UNSW-NB15 and Bot-IoT datsets. Hence we proposed LBDMIDS, where we developed NIDS models based on variants of LSTMs namely, stacked LSTM and bidirectional LSTM and validated their performance on the UNSW NB15 and BoTIoT datasets. This paper concludes that these variants in LBDMIDS outperform classic ML techniques and perform similarly to the DNN models that have been suggested in the past.
Enhanced IDS with Deep Learning for IoT-Based Smart Cities Security
Tsinghua science and technology/Tsinghua Science and Technology, 2024
Cyberattacks against highly integrated Internet of Things (IoT) servers, apps, and telecoms infrastructure are rapidly increasing when issues produced by IoT networks go unnoticed for an extended period. IoT interface attacks must be evaluated in real-time for effective safety and security measures. This study implements a smart intrusion detection system (IDS) designed for IoT threats, and interoperability with IoT connectivity standards is offered by the identity solution. An IDS is a common type of network security technology that has recently received increasing interest in the research community. The system has already piqued the curiosity of scientific and industrial communities to identify intrusions. Several IDSs based on machine learning (ML) and deep learning (DL) have been proposed. This study introduces IDS-SIoDL, a novel IDS for IoT-based smart cities that integrates long shortterm memory (LSTM) and feature engineering. This model is tested using tensor processing unit (TPU) on the enhanced BoT-IoT, Edge-IIoT, and NSL-KDD datasets. Compared with current IDSs, the obtained results provide good assessment features, such as accuracy, recall, and precision, with approximately 0.9990 recording time and calculating times of approximately 600 and 6 ms for training and classification, respectively.
Anomaly-based Network Intrusion Detection System for IoT using Deep Learning Model
The Internet of Things (IoT) has emerged as a revolutionary solution that enables seamless connection and access to various devices through the Internet. With each passing day, there is a significant increase in the number of IoT devices, encompassing diverse shapes, sizes, functionalities, and complexities. While IoT technology offers an extensive range of services and applications that greatly enhance people's lives across different domains, it also exposes several security vulnerabilities. These vulnerabilities can be exploited by malicious actors for activities like sinkhole attacks, eavesdropping or denial-of-service attacks, etc. To counter these threats and ensure network security integrity when breaches occur in an IoT environment, intrusion detection systems are employed. Deep learning techniques have proven to be highly effective in enhancing the capabilities of such systems by enabling them to detect IoT-specific attacks and identify novel types of intrusions. This paper presents a model for intrusion detection in the IoT based on edge computing. The model utilizes gated convolution to improve the performance of the convolution neural network (CNN) in detecting anomalies and effectively mitigating DDoS attacks. The feasibility of this approach is evaluated through binary and multi-class classification tasks, including 8-class and 13-class scenarios. Experimental validation using the CICDDoS2019 dataset demonstrates that the proposed intelligent Intrusion Detection System achieves high accuracy rates of 99.68% for binary classes, 99.90% for 8-classes, and 99.95% for 13-classes when identifying various types of DDoS attacks. This research highlights how this method can better fulfill IoT intrusion detection requirements.
Intrusion Detection for IoT Network Security with Deep Neural Network
one of the most important challenges of the Internet of Things is security. Today, the Internet of Things has found an important place in information technology and human daily life. One of the main challenges of the Internet of Things is security. One of the common methods to intervene in Internet of Things services is Denial of Service (DoS) attacks and Distributed Denial of Service (DDoS) attacks. Therefore, intrusion detection systems or IDSs are currently the main and most complete parts of a network monitoring system. This paper uses the CICIDS 2017 data set to present an intrusion detection model in software-driven Internet of Things networks based on deep neural networks to detect distributed denial of service attacks and several other cyber attacks. In addition, we explored effective deep learning models to represent cyber security knowledge in Internet of Things networks, including CNN, DenseNet, CNN and LSTM hybrid models, and our proposed model.