Fusion-based anomaly detection system using modified isolation forest for internet of things

被引：17

作者：

AbuAlghanam O. ^{[1
]}

Alazzam H. ^{[2
]}

Alhenawi E. ^{[1
]}

Qatawneh M. ^{[1
]}

Adwan O. ^{[1
,3
]}

机构：

[1] Computer Science Department, University of Jordan, Amman

[2] Intelligence Systems Department, Al-Balqa Applied University, Al-Salt

[3] Computer Science Department, Al-Ahliyya Amman University, Amman

来源：

Journal of Ambient Intelligence and Humanized Computing | 2023年 / 14卷 / 01期

关键词：

Cybersecurity; Intrusion detection system; Isolation forest; KDDCUP[!sup]99[!/sup; Network intrusion; NSL-KDD; UNSW-NB15;

D O I：

10.1007/s12652-022-04393-9

中图分类号：

学科分类号：

摘要：

In recent years, advanced threat and zero day attacks are increasing significantly, but the traditional network intrusion detection system based on feature filtering or based on a well known signature has some drawbacks. Accordingly, there is a need for security solutions that are suitable for IoT environment. A network intrusion detection system (NIDS) is a solution that examines network traffic and alerts system administrators if there are security breaches. In this paper, a fusion-based anomaly detection using modified isolation forest for Internet of Things (IoT) is proposed. The proposed NIDS has been evaluated using three benchmark datasets(UNSW-NB15, NLS-KDD and KDDCUP99) in terms of F-score, accuracy and detection rate. Results show that the suggested approach reduces the run time by 28.80% for UNSW-NB15 in the training model and achieves 97.2%, 97.4% accuracy and detection rate respectively. Moreover, M-iForest outperforms other NIDS techniques that are selected from state-of-the-art relevant research found in the literature. © 2022, The Author(s), under exclusive licence to Springer-Verlag GmbH Germany, part of Springer Nature.

引用

页码：131 / 145

页数：14

共 58 条

[1] AbuAlghanam O., Albdour L., Adwan O., Multimodal biometric fusion online handwritten signature verification using neural network and support vector machine, Transactions, 7, (2021)
[2] Abualghanam O., Qatawneh M., Almobaideen W., A survey of key distribution in the context of internet of things, J Theor Appl Inf Technol, 97, pp. 3217-3241, (2019)
[3] AbuAlghanam O., Qatawneh M., Almobaideen W., Saadeh M., A new hierarchical architecture and protocol for key distribution in the context of iot-based smart cities, J Inf Secur Appl, 67, (2022)
[4] Acharya N., Singh S., An iwd-based feature selection method for intrusion detection system, Soft Comput, 22, pp. 4407-4416, (2018)
[5] Ahmad T., Aziz M.N., Data preprocessing and feature selection for machine learning intrusion detection systems, ICIC Express Lett, 13, pp. 93-101, (2019)
[6] Aksu D., Ustebay S., Aydin M.A., Atmaca T., Intrusion detection with comparative analysis of supervised learning techniques and fisher score feature selection algorithm, International Symposium on Computer and Information Sciences, pp. 141-149, (2018)
[7] Al-Safi A.H.S., Hani Z.I.R., Zahra M.M.A., Using a hybrid algorithm and feature selection for network anomaly intrusion detection, J Mech Eng Res Dev, 44, pp. 253-262, (2021)
[8] Alamiedy T.A., Anbar M., Alqattan Z.N., Alzubi Q.M., Anomaly-based intrusion detection system using multi-objective grey wolf optimisation algorithm, J Ambient Intell Hum Comput, 11, pp. 3735-3756, (2020)
[9] Alazzam H., Alsmady A., Shorman A.A., Supervised detection of iot botnet attacks, In: Proceedings of the Second International Conference on Data Science, E-Learning and Information Systems, pp. 1-6, (2019)
[10] Alazzam H., Sharieh A., Sabri K.E., A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer, Expert Syst Appl, 148, (2020)

← 1 2 3 4 5 6 →