Two-level machine learning driven intrusion detection model for IoT environments

Q3 Engineering

International Journal of Information and Computer Security Pub Date : 2023-01-01 DOI:10.1504/ijics.2023.132708

Yuvraj Singh Malhi, Virendra Singh Shekhawat

引用次数: 0

Abstract

As a consequence of the growing number of cyberattacks on IoT devices, the need for defences like intrusion detection systems (IDSs) has significantly risen. But current IDS implementations for IoT are complex to design, difficult to incorporate, platform-specific, and limited by IoT device's resource constraints. This paper proposes a deployment-ready network IDS for IoT that overcomes the shortcomings of the existing IDS solutions and can detect 22 types of attacks. The proposed IDS provide the flexibility to work in multiple modes as per IoT device computing power, made possible via development of three machine learning-based IDS modules. The intrusion detection task has been divided at two levels: at edge devices (using two light modules based on neural network and decision tree) and at centralised controller (using a random forest and XGBoost combination). To ensure the best working tandem of developed modules, different IDS deployment strategies are also given.

查看原文本刊更多论文

面向物联网环境的两级机器学习驱动入侵检测模型

由于对物联网设备的网络攻击越来越多，对入侵检测系统(ids)等防御的需求显著增加。但目前针对物联网的IDS实现设计复杂，难以整合，平台特定，并且受到物联网设备资源限制的限制。本文提出了一种可部署的物联网网络入侵检测方案，克服了现有入侵检测方案的不足，可检测22种攻击。通过开发三个基于机器学习的IDS模块，拟议的IDS提供了根据物联网设备计算能力在多种模式下工作的灵活性。入侵检测任务分为两个层次:边缘设备(使用基于神经网络和决策树的两个轻模块)和中央控制器(使用随机森林和XGBoost组合)。为了保证所开发模块的最佳串联工作，还给出了不同的IDS部署策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Information and Computer Security Engineering-Safety, Risk, Reliability and Quality

CiteScore

1.40

自引率

0.00%

发文量

期刊介绍： - Assurance and integrity of service. - Computer crime prevention/detection, computer forensics and security. - Confidentiality protection, cryptography and data protection. - Database and data security, denial of service protection. - E-commerce security, e-surveillance. - Fraud/hacker/terrorism detection/prevention, information warfare, national security. - Information ethics. - Information privacy issues, information systems/information security, sharing. - Internet abuse, network intruder prevention, internet/network security. - Malicious code/unauthorised access protection, transaction security, virus/worm controls. - Risk management, safety-critical systems. - Secure communications technology and computer systems. - Security control measures, policy models and mechanisms. - Software and hardware architectures. - Wireless/mobile network security.