A comprehensive deep learning benchmark for IoT IDS

The significance of an intrusion detection system (IDS) in networks security cannot be overstated in detecting and responding to malicious attacks. Failure to detect large-scale attacks like DDoS not only makes the networks vulnerable, but a failure of critical lifesaving medical and industrial equipment can also put human lives at risk. Lack of availability of comprehensive and quality network datasets and the narrow scope to build an IDS based on a single machine learning classifier adds further limitations. Such issues can risk producing inaccurate or biased results in the solutions proposed by various researchers. Toward this end, this paper analyzed several datasets (old, recent, non-IoT, and IoT specific) using several individual and hybrid deep learning classifiers. Our goal is to establish a benchmark that can compare several classification models on several datasets to limit (1) dataset quality issues and (2) possible bias in produced results. We reported our empirical results by revealing exciting findings on some of the classifiers, which took hours to converge but could not successfully detect attacks. In contrast, others quickly converged and were able to produce the best results in terms of accuracy and other performance metrics. We believe that this paper's findings will help build a comprehensive IDS by recognizing that classification or prediction models should be trained beyond a limited scope of one dataset or application. (C) 2021 Elsevier Ltd. All rights reserved.