DNNET-Ensemble approach to detecting and identifying attacks in IoT environments

Abstract

Special security techniques like intrusion detection mechanisms are indispensable in modern computer systems. It is important to detect and identify the attack in a category so that specific countermeasures for the threat category are solved. However, most existing multiclass detection approaches have some weaknesses, mainly related to detecting specific categories of attacks and problems with false positives. This article addresses this research problem and advances state-of-the-art, bringing contributions to a two-stage detection architecture called DNNET-Ensemble, combining binary and multiclass detection. The results obtained in experiments with renowned intrusion datasets demonstrate that the approach can achieve superior detection rates and false positives performance compared to other state-of-the-art approaches.