An Intelligent Intrusion Detection System for Internet of Things Attack Detection and Identification Using Machine Learning

Othman, Trifa S. and Abdullah, Saman M. (2023) An Intelligent Intrusion Detection System for Internet of Things Attack Detection and Identification Using Machine Learning. ARO-THE SCIENTIFIC JOURNAL OF KOYA UNIVERSITY, 11 (1). pp. 126-137. ISSN 2410-9355

[img] Text (Research Article)
ARO.11124.VOL11.NO1.2023.ISSUE20-PP126-137.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (3MB)
Official URL: http://dx.doi.org/10.14500/aro.11124

Abstract

The usability and scalability of Internet of things (IoT) technology are expanding in such a way that they facilitate human living standards. However, they increase the vulnerabilities and attack vectors over IoT networks as well. Thus, more security challenges could be expected and encountered, and more security services and solutions should be provided. Although many security techniques propose and promise good solutions for that intrusion detection systems IDSs still considered the best. Many works proposed machine learning (ML)-based IDSs for IoT attack detection and classification. Nevertheless, they suffer from two main gaps. First, few of the works utilized or could analyze an up-to-date version of IoT-based attack behaviors. Second, few of the works can be considered as multi-class attack detection and classification. Therefore, this work proposes an intelligent IDS (IIDS) by exploiting the ability of ML algorithms to classify and identify malicious from benign behaviors among IoT network packets. Three ML classifier algorithms are investigated, which are K-Nearest Neighbor, support vector machine, and artificial neural network. The developed models have been trained and tested as binary and multi-class classifiers against 15 types of attacks and benign. This work employs an up-to-date dataset known as IoT23, which covers millions of malicious and benign behaviors of IoT-connected devices. The process of developing the proposed IIDSs goes under different preprocessing phases and methods, such as null value solving, SMOTE method for the imbalanced datasets, data normalization, and feature selections. The results present IIDSs as good binary and multi-class classifiers even for zero-day attacks.

Item Type: Article
Uncontrolled Keywords: Internet of things networks, Intrusion detection system, Machine learning, Intelligent attack classification, Identification
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: ARO-The Scientific Journal of Koya University > VOL 11, NO 1 (2023)
Depositing User: Dr Salah Ismaeel Yahya
Date Deposited: 04 Jun 2023 09:41
Last Modified: 04 Jun 2023 09:41
URI: http://eprints.koyauniversity.org/id/eprint/374

Actions (login required)

View Item View Item