Network Intrusion Detection in Internet of Things (IoT)

2021 ◽  
Vol 8 (1) ◽  
pp. 49-65
Author(s):  
Winfred Yaokumah ◽  
Richard Nunoo Clottey ◽  
Justice Kwame Appati
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Network Intrusion Detection ◽  
Network Intrusion ◽  
Future Direction ◽  
Public Datasets ◽  
Private Datasets

The open nature of the internet of things network makes it vulnerable to cyber-attacks. Intrusion detection systems aid in detecting and preventing such attacks. This paper offered a systematic review of studies on intrusion detection in IoT, focusing on metrics, methods, datasets, and attack types. This review used 33 network intrusion detection papers in 31 journals and 2 conference proceedings. The results revealed that the majority of the studies used generated or private datasets. Machine learning (ML)-based methods (85%) were used in the studies, while the rest used statistical methods. Eight categories of metrics were identified as prominent in evaluating IoT performance, and 94.9% of the ML-based methods employed average detection rate. Moreover, over 20 attacks on IoT networks were detected, with denial of service (DoS) and sinkhole being the majority. Based on the review, the future direction of research should focus on using public datasets, machine learning-based methods, and metrics such as resource consumption, energy consumption, and power consumption.

Hybrid Network Intrusion Detection System for Smart Environments Based on Internet of Things

2019 ◽  
Author(s):  
Venkatraman Subbarayalu ◽  
B Surendiran ◽  
P Arun Raj Kumar
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Hybrid Network ◽  
Network Intrusion Detection ◽  
Smart Device ◽  
Smart Environments ◽  
Detection Accuracy ◽  
Network Intrusion ◽  
Iot Devices

Abstract The proliferation of Internet of Things (IoT) devices has led to many applications, including smart homes, smart cities and smart industrial control systems. Attacks like Distributed Denial of Service, event control hijacking, spoofing, event replay and zero day attacks are prevalent in smart environments. Conventional Network Intrusion Detection Systems (NIDSs) are tedious to deploy in the smart environment because of numerous communication architectures, manufacturer policies, technologies, standards and application-specific services. To overcome these challenges, we modeled the operational behavior of IoT network events using timed ACs and proposed a novel hybrid NIDS in this paper. A web server is integrated with IoT devices for remote access, and Constrained Application Protocol is employed in inter- and intra-smart device communication. Experiments are conducted in real time to validate our proposal and achieve 99.17% detection accuracy and 0.01% false positives.

scholarly journals Evaluating the performance of machine learning algorithms for network intrusion detection systems in the internet of things infrastructure

2020 ◽  
Vol 9 (1) ◽  
pp. 14
Author(s):  
Yaser M. Banadaki
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

As numerous Internet-of-Things (IoT) devices are deploying on a daily basis, network intrusion detection systems (NIDS) are among the most critical tools to ensure the protection and security of networks against malicious cyberattacks. This paper employs four machine learning algorithms: XGBoost, random forest, decision tree, and gradient boosting, and evaluates their performance in NIDS, considering the accuracy, precision, recall, and F-score. The comparative analysis conducted using the CICIDS2017 dataset reveals that the XGBoost performs better than the other algorithms reaching the predicted accuracy of 99.6% in detecting cyberattacks. XGBoost-based attack detectors also have the largest weighted metrics of F1-score, precision, and recall. The paper also studies the effect of class imbalance and the size of the normal and attack classes. The small numbers of some attacks in training datasets mislead the classifier to bias towards the majority classes resulting in a bottleneck to improving macro recall and macro F1 score. The results assist the network engineers in choosing the most effective machine learning-based NIDS to ensure network security for today’s growing IoT network traffic. 

scholarly journals A predictive model for network intrusion detection using stacking approach

2020 ◽  
Vol 10 (3) ◽  
pp. 2734
Author(s):  
Smitha Rajagopal ◽  
Poornima Panduranga Kundapur ◽  
Hareesh Katiganere Siddaramappa
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Attacks ◽  
Machine Learning Algorithms ◽  
Network Intrusion Detection ◽  
Network Intrusion ◽  
Technological Advances ◽  
No Free Lunch Theorem ◽  
Benchmark Datasets ◽  
Robust Processing

Due to the emerging technological advances, cyber-attacks continue to hamper information systems. The changing dimensionality of cyber threat landscape compel security experts to devise novel approaches to address the problem of network intrusion detection. Machine learning algorithms are extensively used to detect intrusions by dint of their remarkable predictive power. This work presents an ensemble approach for network intrusion detection using a concept called Stacking. As per the popular no free lunch theorem of machine learning, employing single classifier for a problem at hand may not be ideal to achieve generalization. Therefore, the proposed work on network intrusion detection emphasizes upon a combinative approach to improve performance. A robust processing paradigm called Graphlab Create, capable of upholding massive data has been used to implement the proposed methodology. Two benchmark datasets like UNSW NB-15 and UGR’ 16 datasets are considered to demonstrate the validity of predictions. Empirical investigation has illustrated that the performance of the proposed approach has been reasonably good. The contribution of the proposed approach lies in its finesse to generate fewer misclassifications pertaining to various attack vectors considered in the study.

Sign in / Sign up

Export Citation Format

Share Document