Attack Detection in IoT using Machine Learning
Received: 20 April 2021 | Revised: 7 May 2021 | Accepted: 14 May 2021 | Online: 12 June 2021
Corresponding author: S. M. Khan
Abstract
Many researchers have examined the risks imposed by the Internet of Things (IoT) devices on big companies and smart towns. Due to the high adoption of IoT, their character, inherent mobility, and standardization limitations, smart mechanisms, capable of automatically detecting suspicious movement on IoT devices connected to the local networks are needed. With the increase of IoT devices connected through internet, the capacity of web traffic increased. Due to this change, attack detection through common methods and old data processing techniques is now obsolete. Detection of attacks in IoT and detecting malicious traffic in the early stages is a very challenging problem due to the increase in the size of network traffic. In this paper, a framework is recommended for the detection of malicious network traffic. The framework uses three popular classification-based malicious network traffic detection methods, namely Support Vector Machine (SVM), Gradient Boosted Decision Trees (GBDT), and Random Forest (RF), with RF supervised machine learning algorithm achieving far better accuracy (85.34%). The dataset NSL KDD was used in the recommended framework and the performances in terms of training, predicting time, specificity, and accuracy were compared.
Keywords:
cyber security, artificial intelligence, IoT, machine learningDownloads
References
S. Mendhurwar and R. Mishra, “Integration of social and IoT technologies: architectural framework for digital transformation and cyber security challenges,” Enterprise Information Systems, vol. 15, no. 4, pp. 565–584, Apr. 2021. DOI: https://doi.org/10.1080/17517575.2019.1600041
Z. Allam and Z. A. Dhunny, “On big data, artificial intelligence and smart cities,” Cities, vol. 89, pp. 80–91, Jun. 2019. DOI: https://doi.org/10.1016/j.cities.2019.01.032
K. K. Mohbey, “An Efficient Framework for Smart City Using Big Data Technologies and Internet of Things,” in Progress in Advanced Computing and Intelligent Engineering, Singapore, 2019, pp. 319–328. DOI: https://doi.org/10.1007/978-981-13-0224-4_29
N. T. Archibald, “Cybersecurity and Critical Infrastructure: An Analysis of Securitization Theory,” Undergraduate Journal of Politics, Policy and Society, vol. 3, no. 1, pp. 39–54, 2020.
A. Elsaeidy, I. Elgendi, K. S. Munasinghe, D. Sharma, and A. Jamalipour, “A smart city cyber security platform for narrowband networks,” in 27th International Telecommunication Networks and Applications Conference, Melbourne, VIC, Australia, Nov. 2017, pp. 1–6. DOI: https://doi.org/10.1109/ATNAC.2017.8215388
M. Ghobaei-Arani, A. Souri, and A. A. Rahmanian, “Resource Management Approaches in Fog Computing: a Comprehensive Review,” Journal of Grid Computing, vol. 18, no. 1, pp. 1–42, Mar. 2020. DOI: https://doi.org/10.1007/s10723-019-09491-1
H. Wang, Z. Wang, and J. Domingo-Ferrer, “Anonymous and secure aggregation scheme in fog-based public cloud computing,” Future Generation Computer Systems, vol. 78, pp. 712–719, Jan. 2018. DOI: https://doi.org/10.1016/j.future.2017.02.032
D. Li, L. Deng, W. Liu, and Q. Su, “Improving communication precision of IoT through behavior-based learning in smart city environment,” Future Generation Computer Systems, vol. 108, pp. 512–520, Jul. 2020. DOI: https://doi.org/10.1016/j.future.2020.02.053
A. Churcher et al., “An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks,” Sensors, vol. 21, no. 2, Jan. 2021, Art. no. 446. DOI: https://doi.org/10.3390/s21020446
A. A. Diro and N. Chilamkurti, “Distributed attack detection scheme using deep learning approach for Internet of Things,” Future Generation Computer Systems, vol. 82, pp. 761–768, May 2018. DOI: https://doi.org/10.1016/j.future.2017.08.043
B. K. Mohanta, U. Satapathy, and D. Jena, “Addressing Security and Computation Challenges in IoT Using Machine Learning,” in Advances in Distributed Computing and Machine Learning, Singapore, Asia, 2021, pp. 67–74. DOI: https://doi.org/10.1007/978-981-15-4218-3_7
J. Li and B. Sun, “A Network Attack Detection Method Using SDA and Deep Neural Network Based on Internet of Things,” International Journal of Wireless Information Networks, vol. 27, no. 2, pp. 209–214, Jun. 2020. DOI: https://doi.org/10.1007/s10776-019-00462-7
N. Sahar, R. Mishra, and S. Kalam, “Deep Learning Approach-Based Network Intrusion Detection System for Fog-Assisted IoT,” in Proceedings of International Conference on Big Data, Machine Learning and their Applications, Singapore, 2021, pp. 39–50. DOI: https://doi.org/10.1007/978-981-15-8377-3_4
S. Kavitha, U. Maheswari, and R. Venkatesh, “Network Anomaly Detection for NSL-KDD Dataset Using Deep Learning,” Information Technology in Industry, vol. 9, no. 2, pp. 821–827, Mar. 2021. DOI: https://doi.org/10.17762/itii.v9i2.419
H. Neuschmied, M. Winter, K. Hofer-Schmitz, and B. Stojanovic, “Two Stage Anomaly Detection for Network Intrusion Detection,” in 7th International Conference on Information Systems Security and Privacy, Vienna, Austria, Feb. 2021, pp. 450–457. DOI: https://doi.org/10.5220/0010233404500457
S. Pande, A. Khamparia, D. Gupta, and D. N. H. Thanh, “DDOS Detection Using Machine Learning Technique,” in Recent Studies on Computational Intelligence: Doctoral Symposium on Computational Intelligence, A. Khanna, A. K. Singh, and A. Swaroop, Eds. Singapore, Asia: Springer, 2021, pp. 59–68. DOI: https://doi.org/10.1007/978-981-15-8469-5_5
A. T. Siahmarzkooh, J. Karimpour, and S. Lotfi, “A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks,” Engineering, Technology & Applied Science Research, vol. 6, no. 6, pp. 1227–1234, Dec. 2016. DOI: https://doi.org/10.48084/etasr.937
A. Alrawais, A. Alhothaily, C. Hu, and X. Cheng, “Fog Computing for the Internet of Things: Security and Privacy Issues,” IEEE Internet Computing, vol. 21, no. 2, pp. 34–42, Mar. 2017. DOI: https://doi.org/10.1109/MIC.2017.37
I. Kotenko, I. Saenko, A. Kushnerevich, and A. Branitskiy, “Attack Detection in IoT Critical Infrastructures: A Machine Learning and Big Data Processing Approach,” in 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, Pavia, Italy, Feb. 2019, pp. 340–347. DOI: https://doi.org/10.1109/EMPDP.2019.8671571
M. Hasan, M. M. Islam, M. I. I. Zarif, and M. M. A. Hashem, “Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches,” Internet of Things, vol. 7, Sep. 2019, Art. no. 100059. DOI: https://doi.org/10.1016/j.iot.2019.100059
A. Haldorai, A. Ramu, and M. Suriya, “Organization Internet of Things (IoTs): Supervised, Unsupervised, and Reinforcement Learning,” in Business Intelligence for Enterprise Internet of Things, A. Haldorai, A. Ramu, and S. A. R. Khan, Eds. Cambridge, UK: Springer, 2020, pp. 27–53. DOI: https://doi.org/10.1007/978-3-030-44407-5_2
S. Rathore and J. H. Park, “Semi-supervised learning based distributed attack detection framework for IoT,” Applied Soft Computing, vol. 72, pp. 79–89, Nov. 2018. DOI: https://doi.org/10.1016/j.asoc.2018.05.049
M. Lopez-Martin, B. Carro, and A. Sanchez-Esguevillas, “Application of deep reinforcement learning to intrusion detection for supervised problems,” Expert Systems with Applications, vol. 141, Mar. 2020, Art. no. 112963. DOI: https://doi.org/10.1016/j.eswa.2019.112963
K. Yang, J. Ren, Y. Zhu, and W. Zhang, “Active Learning for Wireless IoT Intrusion Detection,” IEEE Wireless Communications, vol. 25, no. 6, pp. 19–25, Dec. 2018. DOI: https://doi.org/10.1109/MWC.2017.1800079
B. S. Bhati and C. S. Rai, “Analysis of Support Vector Machine-based Intrusion Detection Techniques,” Arabian Journal for Science and Engineering, vol. 45, no. 4, pp. 2371–2383, Apr. 2020. DOI: https://doi.org/10.1007/s13369-019-03970-z
M. M. N. Aboelwafa, K. G. Seddik, M. H. Eldefrawy, Y. Gadallah, and M. Gidlund, “A Machine-Learning-Based Technique for False Data Injection Attacks Detection in Industrial IoT,” IEEE Internet of Things Journal, vol. 7, no. 9, pp. 8462–8471, Sep. 2020. DOI: https://doi.org/10.1109/JIOT.2020.2991693
L. Liu, J. Yang, and W. Meng, “Detecting malicious nodes via gradient descent and support vector machine in Internet of Things,” Computers & Electrical Engineering, vol. 77, pp. 339–353, Jul. 2019. DOI: https://doi.org/10.1016/j.compeleceng.2019.06.013
M. B. Farukee, M. S. Z. Shabit, Md. R. Haque, and A. H. M. S. Sattar, “DDoS Attack Detection in IoT Networks Using Deep Learning Models Combined with Random Forest as Feature Selector,” in Advances in Cyber Security, Singapore, Asia, 2021, pp. 118–134. DOI: https://doi.org/10.1007/978-981-33-6835-4_8
P. A. A. Resende and A. C. Drummond, “A Survey of Random Forest Based Methods for Intrusion Detection Systems,” ACM Computing Surveys, vol. 51, no. 3, pp. 48:1-48:36, May 2018. DOI: https://doi.org/10.1145/3178582
R. Kozik, M. Choras, M. Ficco, and F. Palmieri, “A scalable distributed machine learning approach for attack detection in edge computing environments,” Journal of Parallel and Distributed Computing, vol. 119, pp. 18–26, Sep. 2018. DOI: https://doi.org/10.1016/j.jpdc.2018.03.006
G. Meena and R. R. Choudhary, “A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA,” in 2017 International Conference on Computer, Communications and Electronics (Comptelix), Jaipur, India, Jul. 2017, pp. 553–558. DOI: https://doi.org/10.1109/COMPTELIX.2017.8004032
J. Liu, B. Kantarci, and C. Adams, “Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset,” in 2nd ACM Workshop on Wireless Security and Machine Learning, New York, NY, USA, Jul. 2020, pp. 25–30. DOI: https://doi.org/10.1145/3395352.3402621
Y. N. Soe, Y. Feng, P. I. Santosa, R. Hartanto, and K. Sakurai, “Rule Generation for Signature Based Detection Systems of Cyber Attacks in IoT Environments,” Bulletin of Networking, Computing, Systems, and Software, vol. 8, no. 2, pp. 93–97, Jul. 2019.
M. Aamir and S. M. A. Zaidi, “DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation,” International Journal of Information Security, vol. 18, no. 6, pp. 761–785, Dec. 2019. DOI: https://doi.org/10.1007/s10207-019-00434-1
Y. L. Ng, X. Jiang, Y. Zhang, S. B. Shin, and R. Ning, “Automated Activity Recognition with Gait Positions Using Machine Learning Algorithms,” Engineering, Technology & Applied Science Research, vol. 9, no. 4, pp. 4554–4560, Aug. 2019. DOI: https://doi.org/10.48084/etasr.2952
Z. A. Shaikh, “Keyword Detection Techniques: A Comprehensive Study,” Engineering, Technology & Applied Science Research, vol. 8, no. 1, pp. 2590–2594, Feb. 2018. DOI: https://doi.org/10.48084/etasr.1813
N. F. Syed, Z. Baig, A. Ibrahim, and C. Valli, “Denial of service attack detection through machine learning for the IoT,” Journal of Information and Telecommunication, vol. 4, no. 4, pp. 482–503, Oct. 2020. DOI: https://doi.org/10.1080/24751839.2020.1767484
Downloads
How to Cite
License
Copyright (c) 2021 Authors
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.