RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks

被引:144
作者
Ferrag, Mohamed Amine [1 ]
Maglaras, Leandros [2 ]
Ahmim, Ahmed [3 ]
Derdour, Makhlouf [4 ]
Janicke, Helge [5 ]
机构
[1] Guelma Univ, Dept Comp Sci, Guelma 24000, Algeria
[2] De Montfort Univ, Sch Comp Sci & Informat, Leicester LE1 9BH, Leics, England
[3] Mohamed Cherif Messaadia Univ, Dept Math & Comp Sci, Souk Ahras 41000, Algeria
[4] Univ Larbi Tebessi, Dept Math & Comp Sci, Tebessa 12002, Algeria
[5] Edith Cowan Univ, Cyber Secur Cooperat Res Ctr, Perth, WA 6027, Australia
来源
FUTURE INTERNET | 2020年 / 12卷 / 03期
关键词
intrusion detection; IDS; hybrid IDS; learning machine; hierarchical; network security; DETECTION FRAMEWORK; CYBER SECURITY; ENSEMBLE;
D O I
10.3390/fi12030044
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper proposes a novel intrusion detection system (IDS), named RDTIDS, for Internet-of-Things (IoT) networks. The RDTIDS combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset and BoT-IoT dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.
引用
收藏
页数:14
相关论文
共 39 条
[1]   Forest PA: Constructing a decision forest by penalizing attributes used in previous trees [J].
Adnan, Md Nasim ;
Islam, Md Zahidul .
EXPERT SYSTEMS WITH APPLICATIONS, 2017, 89 :389-403
[2]   A Novel Hierarchical Intrusion Detection System based on Decision Tree and Rules-based Models [J].
Ahmim, Ahmed ;
Maglaras, Leandros ;
Ferrag, Mohamed Amine ;
Derdour, Makhlouf ;
Janicke, Helge .
2019 15TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING IN SENSOR SYSTEMS (DCOSS), 2019, :228-233
[3]   An intrusion detection system based on combining probability predictions of a tree of classifiers [J].
Ahmim, Ahmed ;
Derdour, Makhlouf ;
Ferrag, Mohamed Amine .
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2018, 31 (09)
[4]   Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system [J].
Al-Yaseen, Wathiq Laftah ;
Othman, Zulaiha Ali ;
Nazri, Mohd Zakree Ahmad .
EXPERT SYSTEMS WITH APPLICATIONS, 2017, 67 :296-303
[5]   Critical infrastructure protection: Requirements and challenges for the 21st century [J].
Alcaraz, Cristina ;
Zeadally, Sherali .
INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2015, 8 :53-66
[6]   Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model [J].
Aljawarneh, Shadi ;
Aldwairi, Monther ;
Yassein, Muneer Bani .
JOURNAL OF COMPUTATIONAL SCIENCE, 2018, 25 :152-160
[7]   A hybrid method consisting of GA and SVM for intrusion detection system [J].
Aslahi-Shahri, B. M. ;
Rahmani, R. ;
Chizari, M. ;
Maralani, A. ;
Eslami, M. ;
Golkar, M. J. ;
Ebrahimi, A. .
NEURAL COMPUTING & APPLICATIONS, 2016, 27 (06) :1669-1676
[8]   A hybrid intrusion detection system design for computer network security [J].
Aydin, M. Ali ;
Zaim, A. Halim ;
Ceylan, K. Goekhan .
COMPUTERS & ELECTRICAL ENGINEERING, 2009, 35 (03) :517-526
[9]   LIBSVM: A Library for Support Vector Machines [J].
Chang, Chih-Chung ;
Lin, Chih-Jen .
ACM TRANSACTIONS ON INTELLIGENT SYSTEMS AND TECHNOLOGY, 2011, 2 (03)
[10]   A hybrid network intrusion detection system using simplified swarm optimization (SSO) [J].
Chung, Yuk Ying ;
Wahid, Noorhaniza .
APPLIED SOFT COMPUTING, 2012, 12 (09) :3014-3022
1234