An Improved Mutual Information Feature Selection Technique for Intrusion Detection Systems in the Internet of Medical Things

被引:30
作者
Alalhareth, Mousa [1 ,2 ]
Hong, Sung-Chul [2 ]
机构
[1] Najran Univ, Coll Comp Sci & Informat Syst, Dept Informat Syst, Najran 61441, Saudi Arabia
[2] Towson Univ, Dept Comp & Informat Sci, Towson, MD 21204 USA
关键词
IDS; IoMT; LRGU; MIFS; feature selection; machine learning; deep learning; NETWORK; MODEL;
D O I
10.3390/s23104971
中图分类号
O65 [分析化学];
学科分类号
070302 ; 081704 ;
摘要
In healthcare, the Internet of Things (IoT) is used to remotely monitor patients and provide real-time diagnoses, which is referred to as the Internet of Medical Things (IoMT). This integration poses a risk from cybersecurity threats that can harm patient data and well-being. Hackers can manipulate biometric data from biosensors or disrupt the IoMT system, which is a major concern. To address this issue, intrusion detection systems (IDS) have been proposed, particularly using deep learning algorithms. However, developing IDS for IoMT is challenging due to high data dimensionality leading to model overfitting and degraded detection accuracy. Feature selection has been proposed to prevent overfitting, but the existing methods assume that feature redundancy increases linearly with the size of the selected features. Such an assumption does not hold, as the amount of information a feature carries about the attack pattern varies from feature to feature, especially when dealing with early patterns, due to data sparsity that makes it difficult to perceive the common characteristics of selected features. This negatively affects the ability of the mutual information feature selection (MIFS) goal function to estimate the redundancy coefficient accurately. To overcome this issue, this paper proposes an enhanced feature selection technique called Logistic Redundancy Coefficient Gradual Upweighting MIFS (LRGU-MIFS) that evaluates candidate features individually instead of comparing them with common characteristics of the already-selected features. Unlike the existing feature selection techniques, LRGU calculates the redundancy score of a feature using the logistic function. It increases the redundancy value based on the logistic curve, which reflects the nonlinearity of the relationship of the mutual information between features in the selected set. Then, the LRGU was incorporated into the goal function of MIFS as a redundancy coefficient. The experimental evaluation shows that the proposed LRGU was able to identify a compact set of significant features that outperformed those selected by the existing techniques. The proposed technique overcomes the challenge of perceiving common characteristics in cases of insufficient attack patterns and outperforms existing techniques in identifying significant features.
引用
收藏
页数:21
相关论文
共 57 条
[1]   A Weighted Minimum Redundancy Maximum Relevance Technique for Ransomware Early Detection in Industrial IoT [J].
Ahmed, Yahye Abukar ;
Huda, Shamsul ;
Al-rimy, Bander Ali Saleh ;
Alharbi, Nouf ;
Saeed, Faisal ;
Ghaleb, Fuad A. ;
Ali, Ismail Mohamed .
SUSTAINABILITY, 2022, 14 (03)
[2]   A system call refinement-based enhanced Minimum Redundancy Maximum Relevance method for ransomware early detection [J].
Ahmed, Yahye Abukar ;
Kocer, Baris ;
Huda, Shamsul ;
Al-rimy, Bander Ali Saleh ;
Hassan, Mohammad Mehedi .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2020, 167
[3]   Redundancy Coefficient Gradual Up-weighting-based Mutual Information Feature Selection technique for Crypto-ransomware early detection [J].
Al-rimy, Bander Ali Saleh ;
Maarof, Mohd Aizaini ;
Alazab, Mamoun ;
Shaid, Syed Zainudeen Mohd ;
Ghaleb, Fuad A. ;
Almalawi, Abdulmohsen ;
Ali, Abdullah Marish ;
Al-Hadhrami, Tawfik .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2021, 115 :641-658
[4]   Crypto-ransomware early detection model using novel incremental bagging with enhanced semi-random subspace selection [J].
Al-rimy, Bander Ali Saleh ;
Maarof, Mohd Aizaini ;
Shaid, Syed Zainudeen Mohd .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2019, 101 :476-491
[5]   Zero-Day Aware Decision Fusion-Based Model for Crypto-Ransomware Early Detection [J].
Al-rimy, Bander Ali Saleh ;
Maarof, Mohd Aizaini ;
Prasetyo, Yuli Adam ;
Shaid, Syed Zainudeen Mohd ;
Ariffin, Aswami Fadillah Mohd .
INTERNATIONAL JOURNAL OF INTEGRATED ENGINEERING, 2018, 10 (06) :82-88
[6]   A 0-Day Aware Crypto-Ransomware Early Behavioral Detection Framework [J].
Al-rimy, Bander Ali Saleh ;
Maarof, Mohd Aizaini ;
Shaid, Syed Zainuddin Mohd .
RECENT TRENDS IN INFORMATION AND COMMUNICATION TECHNOLOGY, 2018, 5 :758-766
[7]   Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions [J].
Al-rimy, Bander Ali Saleh ;
Maarof, Mohd Aizaini ;
Shaid, Syed Zainudeen Mohd .
COMPUTERS & SECURITY, 2018, 74 :144-166
[8]   An Aggregated Mutual Information Based Feature Selection with Machine Learning Methods for Enhancing IoT Botnet Attack Detection [J].
Al-Sarem, Mohammed ;
Saeed, Faisal ;
Alkhammash, Eman H. ;
Alghamdi, Norah Saleh .
SENSORS, 2022, 22 (01)
[9]   Machine Learning Approaches for Anomaly Detection in IoT: An Overview and Future Research Directions [J].
Alghanmi, Nusaybah ;
Alotaibi, Reem ;
Buhari, Seyed M. .
WIRELESS PERSONAL COMMUNICATIONS, 2022, 122 (03) :2309-2324
[10]   Secure Cloud Infrastructure: A Survey on Issues, Current Solutions, and Open Challenges [J].
Alghofaili, Yara ;
Albattah, Albatul ;
Alrajeh, Noura ;
Rassam, Murad A. ;
Al-rimy, Bander Ali Saleh .
APPLIED SCIENCES-BASEL, 2021, 11 (19)