Detecting DDoS Attacks in IoT Environment

2021 ◽  
Vol 15 (2) ◽  
pp. 145-180
Author(s):  
Yasmine Labiod ◽  
Abdelaziz Amara Korba ◽  
Nacira Ghoualmi-Zine
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Detection System ◽  
False Positive Rate ◽  
Cyber Attacks ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
High Detection Rate ◽  
Detection Techniques ◽  
Detection Model

With the great potential of internet of things (IoT) infrastructure in different domains, cyber-attacks are also rising commensurately. Distributed denials of service (DDoS) attacks are one of the cyber security threats. This paper will focus on DDoS attacks by adding the design of an intrusion detection system (IDS) tailored to IoT systems. Moreover, machine learning techniques will be investigated to distinguish the data representing flows of network traffic, which include both normal and DDoS traffic. In addition, these techniques will be used to help make a refined detection model for identifying different types of DDoS attacks. Furthermore, the performance of machine learning-based proposed solution is validated using N-BaIoT dataset and compared through different evaluation metrics. The experimental results show that the proposed IDS not only detects DDoS attacks types but also has a high detection rate and low false positive rate, which argues the usefulness of the proposed approach in comparison with several existing DDoS attacks detection techniques.

scholarly journals IntruDTree: A Machine Learning-Based Cyber Security Intrusion Detection Model

2020 ◽  
Author(s):  
Iqbal H. Sarker ◽  
Yoosef B. Abushark ◽  
Fawaz Alsolami ◽  
Asif Irshad Khan
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Security Model ◽  
K Nearest Neighbor ◽  
Detection Model

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

scholarly journals MQTTset, a New Dataset for Machine Learning Techniques on MQTT

Sensors ◽  
2020 ◽  
Vol 20 (22) ◽  
pp. 6578
Author(s):  
Ivan Vaccari ◽  
Giovanni Chiola ◽  
Maurizio Aiello ◽  
Maurizio Mongelli ◽  
Enrico Cambiaso
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Detection System ◽  
Critical Issue ◽  
Cyber Attacks ◽  
Machine Learning Techniques ◽  
Detection Systems ◽  
Learning Techniques ◽  
Iot Devices ◽  
Definition Of

IoT networks are increasingly popular nowadays to monitor critical environments of different nature, significantly increasing the amount of data exchanged. Due to the huge number of connected IoT devices, security of such networks and devices is therefore a critical issue. Detection systems assume a crucial role in the cyber-security field: based on innovative algorithms such as machine learning, they are able to identify or predict cyber-attacks, hence to protect the underlying system. Nevertheless, specific datasets are required to train detection models. In this work we present MQTTset, a dataset focused on the MQTT protocol, widely adopted in IoT networks. We present the creation of the dataset, also validating it through the definition of a hypothetical detection system, by combining the legitimate dataset with cyber-attacks against the MQTT network. Obtained results demonstrate how MQTTset can be used to train machine learning models to implement detection systems able to protect IoT contexts.

scholarly journals Machine Learning-Based Distributed Denial of Service Attack Detection on Intrusion Detection System Regarding to Feature Selection

2020 ◽  
Vol 4 (1) ◽  
Author(s):  
Ahmad Azhari ◽  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Policy Development ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Detection Techniques

Distributed Service Denial (DDoS) is a type of network attack, which each year increases in volume and intensity.  DDoS attacks also form part of the major types of cyber security threats so far. Early detection plays a key role in avoiding the catastrophic effects on server infrastructure from DDoS attacks. Detection techniques in the traditional Intrusion Detection System (IDS) are far from perfect compared to a number of modern techniques and tools used by attackers, because the traditional IDS only uses signature-based detection or anomaly-based detection models and causes a lot of false positive flags, since the flow of computer network data packets has complex properties in terms of both size and source. Based on the  deficiency in the ordinary IDS, this study aims to detect DDoS attacks by using machine learning techniques to enhance IDS policy development.  According to the experiment the selection of features plays an important role in the precision of the detection results and in the performance of machine learning in classification problems. The combination of seven key selected dataset features used as an input neural network classifier in this study provides the highest accuracy value at 97.76%.

scholarly journals IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Model

Symmetry ◽  
2020 ◽  
Vol 12 (5) ◽  
pp. 754 ◽  
Author(s):  
Iqbal H. Sarker ◽  
Yoosef B. Abushark ◽  
Fawaz Alsolami ◽  
Asif Irshad Khan
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Security Model ◽  
K Nearest Neighbor ◽  
Detection Model

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

scholarly journals IoT Dataset Validation Using Machine Learning Techniques for Traffic Anomaly Detection

Electronics ◽  
2021 ◽  
Vol 10 (22) ◽  
pp. 2857
Author(s):  
Laura Vigoya ◽  
Diego Fernandez ◽  
Victor Carneiro ◽  
Francisco Nóvoa
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
False Positive Rate ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
High Detection Rate ◽  
Security Vulnerabilities ◽  
Smart Systems ◽  
Learning Techniques ◽  
Positive Rate

With advancements in engineering and science, the application of smart systems is increasing, generating a faster growth of the IoT network traffic. The limitations due to IoT restricted power and computing devices also raise concerns about security vulnerabilities. Machine learning-based techniques have recently gained credibility in a successful application for the detection of network anomalies, including IoT networks. However, machine learning techniques cannot work without representative data. Given the scarcity of IoT datasets, the DAD emerged as an instrument for knowing the behavior of dedicated IoT-MQTT networks. This paper aims to validate the DAD dataset by applying Logistic Regression, Naive Bayes, Random Forest, AdaBoost, and Support Vector Machine to detect traffic anomalies in IoT. To obtain the best results, techniques for handling unbalanced data, feature selection, and grid search for hyperparameter optimization have been used. The experimental results show that the proposed dataset can achieve a high detection rate in all the experiments, providing the best mean accuracy of 0.99 for the tree-based models, with a low false-positive rate, ensuring effective anomaly detection.

An Intelligent Network Intrusion Detection System Based on Multi-Modal Support Vector Machines

2013 ◽  
Vol 7 (4) ◽  
pp. 37-52
Author(s):  
Srinivasa K G
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Intelligent Network ◽  
Statistical Machine Learning ◽  
High Detection Rate ◽  
Network Intrusion

Increase in the number of network based transactions for both personal and professional use has made network security gain a significant and indispensable status. The possible attacks that an Intrusion Detection System (IDS) has to tackle can be of an existing type or of an entirely new type. The challenge for researchers is to develop an intelligent IDS which can detect new attacks as efficiently as they detect known ones. Intrusion Detection Systems are rendered intelligent by employing machine learning techniques. In this paper we present a statistical machine learning approach to the IDS using the Support Vector Machine (SVM). Unike conventional SVMs this paper describes a milti model approach which makes use of an extra layer over the existing SVM. The network traffic is modeled into connections based on protocols at various network layers. These connection statistics are given as input to SVM which in turn plots each input vector. The new attacks are identified by plotting them with respect to the trained system. The experimental results demonstrate the lower execution time of the proposed system with high detection rate and low false positive number. The 1999 DARPA IDS dataset is used as the evaluation dataset for both training and testing. The proposed system, SVM NIDS is bench marked with SNORT (Roesch, M. 1999), an open source IDS.

scholarly journals Detecting Website Defacements Based on Machine Learning Techniques and Attack Signatures

Computers ◽  
2019 ◽  
Vol 8 (2) ◽  
pp. 35 ◽  
Author(s):  
Xuan Dau Hoang ◽  
Ngoc Tuong Nguyen
Keyword(s):  
Machine Learning ◽  
Web Applications ◽  
False Positive Rate ◽  
Training Data ◽  
Machine Learning Techniques ◽  
Web Pages ◽  
Government Organizations ◽  
Detection Model ◽  
Learning Techniques ◽  
Positive Rate

Defacement attacks have long been considered one of prime threats to websites and web applications of companies, enterprises, and government organizations. Defacement attacks can bring serious consequences to owners of websites, including immediate interruption of website operations and damage of the owner reputation, which may result in huge financial losses. Many solutions have been researched and deployed for monitoring and detection of website defacement attacks, such as those based on checksum comparison, diff comparison, DOM tree analysis, and complicated algorithms. However, some solutions only work on static websites and others demand extensive computing resources. This paper proposes a hybrid defacement detection model based on the combination of the machine learning-based detection and the signature-based detection. The machine learning-based detection first constructs a detection profile using training data of both normal and defaced web pages. Then, it uses the profile to classify monitored web pages into either normal or attacked. The machine learning-based component can effectively detect defacements for both static pages and dynamic pages. On the other hand, the signature-based detection is used to boost the model’s processing performance for common types of defacements. Extensive experiments show that our model produces an overall accuracy of more than 99.26% and a false positive rate of about 0.27%. Moreover, our model is suitable for implementation of a real-time website defacement monitoring system because it does not demand extensive computing resources.

Analysis of Intrusion Detection and Classification using Machine Learning Approaches

2017 ◽  
Vol 3 (10) ◽  
Author(s):  
Anjum Khan ◽  
Anjana Nigam
Keyword(s):  
Machine Learning ◽  
Network Security ◽  
Intrusion Detection ◽  
Detection System ◽  
Real Data ◽  
Machine Learning Techniques ◽  
Learning Approaches ◽  
High Detection Rate ◽  
Learning Techniques ◽  
Result Analysis

 As the network primarily based applications are growing quickly, the network security mechanisms need a lot of attention to enhance speed and preciseness. The ever evolving new intrusion types cause a significant threat to network security. Though varied network security tools are developed, however the quick growth of intrusive activities continues to be a significant issue. Intrusion detection systems (IDSs) are wont to detect intrusive activities on the network. Analysis showed that application of machine learning techniques in intrusion detection might reach high detection rate. Machine learning and classification algorithms facilitate to design “Intrusion Detection Models” which might classify the network traffic into intrusive or traditional traffic. This paper discusses some usually used machine learning techniques in Intrusion Detection System and conjointly reviews a number of the prevailing machine learning IDS proposed by researchers at different times. in this paper an experimental analysis is performed to demonstrate the performance analysis of some existing techniques in order that they will be used further in developing Hybrid Classifier for real data packets classification. The given result analysis shows that KNN, RF and SVM performs best for NSL-KDD dataset.

A Review on Intrusion Detection System using Artificial Intelligence Approach

2018 ◽  
Vol 4 (8) ◽  
pp. 6
Author(s):  
Apoorva Deshpande
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Intrusion Detection ◽  
Computational Intelligence ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Research Progress ◽  
High Detection Rate ◽  
Learning Techniques

Today, intrusion detection system using the neural network is an interested and considerable area for the research community. The computational intelligence systems are defined on the basis of the following parameters: fault tolerance and adaptation; adaptable the requirements of make a better intrusion detection model. In this paper, provide an overview of the research progress using computational intelligence to the problem of intrusion detection. The goal of this paper summarized and compared research contributions of Intrusion detection system using computational intelligence and neural network, define existing research challenges and anticipated solution of machine learning. Research showed that application of machine learning techniques in intrusion detection could achieve high detection rate. Machine learning and classification algorithms help to design "Intrusion Detection Models" which can classify the network traffic into intrusive or normal traffic. This paper discusses some commonly used machine learning techniques in Intrusion Detection System and also reviews some of the existing machine learning IDS proposed by researchers at different times.

scholarly journals Machine Learning for 5G MIMO Modulation Detection

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1556
Author(s):  
Haithem Ben Chikha ◽  
Ahmad Almadhor ◽  
Waqas Khalid
Keyword(s):  
Machine Learning ◽  
Software Defined Radio ◽  
Mimo Systems ◽  
False Positive Rate ◽  
Cognitive Radios ◽  
Machine Learning Techniques ◽  
Destination Node ◽  
Detection Techniques ◽  
Positive Rate ◽  
Modulation Detection

Modulation detection techniques have received much attention in recent years due to their importance in the military and commercial applications, such as software-defined radio and cognitive radios. Most of the existing modulation detection algorithms address the detection dedicated to the non-cooperative systems only. In this work, we propose the detection of modulations in the multi-relay cooperative multiple-input multiple-output (MIMO) systems for 5G communications in the presence of spatially correlated channels and imperfect channel state information (CSI). At the destination node, we extract the higher-order statistics of the received signals as the discriminating features. After applying the principal component analysis technique, we carry out a comparative study between the random committee and the AdaBoost machine learning techniques (MLTs) at low signal-to-noise ratio. The efficiency metrics, including the true positive rate, false positive rate, precision, recall, F-Measure, and the time taken to build the model, are used for the performance comparison. The simulation results show that the use of the random committee MLT, compared to the AdaBoost MLT, provides gain in terms of both the modulation detection and complexity.

Sign in / Sign up

Export Citation Format

Share Document