An Intelligent Two-Layer Intrusion Detection System for the Internet of Things

被引:33
作者
Alani, Mohammed M. [1 ,2 ]
Awad, Ali Ismail [3 ,4 ,5 ,6 ]
机构
[1] Seneca Coll Appl Arts & Technol, Sch IT Adm & Secur, Toronto, ON M2J 2X5, Canada
[2] Toronto Metropolitan Univ, Toronto, ON M5B 2H3, Canada
[3] United Arab Emirates Univ, Coll Informat Technol, Al Ain 17551, U Arab Emirates
[4] Lulea Univ Technol, Dept Comp Sci Elect & Space Engn, S-97187 Lulea, Sweden
[5] Al Azhar Univ, Fac Engn, Elect Engn Dept, Qena 83513, Egypt
[6] Univ Plymouth, Ctr Secur Commun & Network Res, Plymouth PL4 8AA, Devon, England
关键词
Internet of Things; Feature extraction; Intrusion detection; Security; Machine learning; Floods; Informatics; Efficiency; flow-based features; Internet of Things (IoT); intrusion detection; machine learning; packet-based features; IOT;
D O I
10.1109/TII.2022.3192035
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The Internet of Things (IoT) has become an enabler paradigm for different applications, such as healthcare, education, agriculture, smart homes, and recently, enterprise systems. Significant advances in IoT networks have been hindered by security vulnerabilities and threats, which, if not addressed, can negatively impact the deployment and operation of IoT-enabled systems. This article addresses IoT security and presents an intelligent two-layer intrusion detection system for IoT. The system's intelligence is driven by machine learning techniques for intrusion detection, with the two-layer architecture handling flow-based and packet-based features. By selecting significant features, the time overhead is minimized without affecting detection accuracy. The uniqueness and novelty of the proposed system emerge from combining machine learning and selection modules for flow-based and packet-based features. The proposed intrusion detection works at the network layer, and hence, it is device and application transparent. In our experiments, the proposed system had an accuracy of 99.15% for packet-based features with a testing time of 0.357 mu s. The flow-based classifier had an accuracy of 99.66% with a testing time of 0.410 mu s. A comparison demonstrated that the proposed system outperformed other methods described in the literature. Thus, it is an accurate and lightweight tool for detecting intrusions in IoT systems.
引用
收藏
页码:683 / 692
页数:10
相关论文
共 27 条
[1]   A multi-device multi-tasks management and orchestration architecture for the design of enterprise IoT applications [J].
Ahmad, Shabir ;
Kim, DoHyeun .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2020, 106 :482-500
[2]  
Alani M.M., 2022, ADV NATURE INSPIRED, P9, DOI [10.1007/978-3-030-90708-2_2, DOI 10.1007/978-3-030-90708-2_2]
[3]   AdStop: Efficient flow-based mobile adware detection using machine learning [J].
Alani, Mohammed M. ;
Awad, Ali Ismail .
COMPUTERS & SECURITY, 2022, 117
[4]   Implementation-Oriented Feature Selection in UNSW-NB15 Intrusion Detection Dataset [J].
Alani, Mohammed M. .
INTELLIGENT SYSTEMS DESIGN AND APPLICATIONS, ISDA 2021, 2022, 418 :548-558
[5]   Queryable Semantics to Detect Cyber-Attacks: A Flow-Based Detection Approach [J].
AlEroud, Ahmed F. ;
Karabatis, George .
IEEE TRANSACTIONS ON SYSTEMS MAN CYBERNETICS-SYSTEMS, 2018, 48 (02) :207-223
[6]   Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes [J].
Ali, Bako ;
Awad, Ali Ismail .
SENSORS, 2018, 18 (03)
[7]  
[Anonymous], 2022, ZEEK NETWORK SECURIT
[8]  
[Anonymous], 2022, TSHARK 1
[9]  
Awad A.I., 2021, SECURITY PRIVACY INT, V1st ed.
[10]   A Critical Review of Practices and Challenges in Intrusion Detection Systems for IoT: Toward Universal and Resilient Systems [J].
Benkhelifa, Elhadj ;
Welsh, Thomas ;
Hamouda, Walaa .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2018, 20 (04) :3496-3509