An Intelligent Two-Layer Intrusion Detection System for the Internet of Things

The Internet of Things (IoT) has become an enabler paradigm for different applications, such as healthcare, education, agriculture, smart homes, and recently, enterprise systems. Significant advances in IoT networks have been hindered by security vulnerabilities and threats, which, if not addressed, can negatively impact the deployment and operation of IoT-enabled systems. This article addresses IoT security and presents an intelligent two-layer intrusion detection system for IoT. The system's intelligence is driven by machine learning techniques for intrusion detection, with the two-layer architecture handling flow-based and packet-based features. By selecting significant features, the time overhead is minimized without affecting detection accuracy. The uniqueness and novelty of the proposed system emerge from combining machine learning and selection modules for flow-based and packet-based features. The proposed intrusion detection works at the network layer, and hence, it is device and application transparent. In our experiments, the proposed system had an accuracy of 99.15% for packet-based features with a testing time of 0.357 mu s. The flow-based classifier had an accuracy of 99.66% with a testing time of 0.410 mu s. A comparison demonstrated that the proposed system outperformed other methods described in the literature. Thus, it is an accurate and lightweight tool for detecting intrusions in IoT systems.