Machine Learning-based Intrusion Detection Technique for IoT: Simulation with Cooja

Q1 Mathematics

International Journal of Computer Network and Information Security Pub Date : 2024-02-08 DOI:10.5815/ijcnis.2024.01.01

A. H. Farea, Kerem Küçük

{"title":"Machine Learning-based Intrusion Detection Technique for IoT: Simulation with Cooja","authors":"A. H. Farea, Kerem Küçük","doi":"10.5815/ijcnis.2024.01.01","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) is one of the promising technologies of the future. It offers many attractive features that we depend on nowadays with less effort and faster in real-time. However, it is still vulnerable to various threats and attacks due to the obstacles of its heterogeneous ecosystem, adaptive protocols, and self-configurations. In this paper, three different 6LoWPAN attacks are implemented in the IoT via Contiki OS to generate the proposed dataset that reflects the 6LoWPAN features in IoT. For analyzed attacks, six scenarios have been implemented. Three of these are free of malicious nodes, and the others scenarios include malicious nodes. The typical scenarios are a benchmark for the malicious scenarios for comparison, extraction, and exploration of the features that are affected by attackers. These features are used as criteria input to train and test our proposed hybrid Intrusion Detection and Prevention System (IDPS) to detect and prevent 6LoWPAN attacks in the IoT ecosystem. The proposed hybrid IDPS has been trained and tested with improved accuracy on both KoU-6LoWPAN-IoT and Edge IIoT datasets. In the proposed hybrid IDPS for the detention phase, the Artificial Neural Network (ANN) classifier achieved the highest accuracy among the models in both the 2-class and N-class. Before the accuracy improved in our proposed dataset with the 4-class and 2-class mode, the ANN classifier achieved 95.65% and 99.95%, respectively, while after the accuracy optimization reached 99.84% and 99.97%, respectively. For the Edge IIoT dataset, before the accuracy improved with the 15-class and 2-class modes, the ANN classifier achieved 95.14% and 99.86%, respectively, while after the accuracy optimized up to 97.64% and 99.94%, respectively. Also, the decision tree-based models achieved lightweight models due to their lower computational complexity, so these have an appropriate edge computing deployment. Whereas other ML models reach heavyweight models and are required more computational complexity, these models have an appropriate deployment in cloud or fog computing in IoT networks.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"39 6","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-02-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Network and Information Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5815/ijcnis.2024.01.01","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Mathematics","Score":null,"Total":0}

引用次数: 0

Abstract

The Internet of Things (IoT) is one of the promising technologies of the future. It offers many attractive features that we depend on nowadays with less effort and faster in real-time. However, it is still vulnerable to various threats and attacks due to the obstacles of its heterogeneous ecosystem, adaptive protocols, and self-configurations. In this paper, three different 6LoWPAN attacks are implemented in the IoT via Contiki OS to generate the proposed dataset that reflects the 6LoWPAN features in IoT. For analyzed attacks, six scenarios have been implemented. Three of these are free of malicious nodes, and the others scenarios include malicious nodes. The typical scenarios are a benchmark for the malicious scenarios for comparison, extraction, and exploration of the features that are affected by attackers. These features are used as criteria input to train and test our proposed hybrid Intrusion Detection and Prevention System (IDPS) to detect and prevent 6LoWPAN attacks in the IoT ecosystem. The proposed hybrid IDPS has been trained and tested with improved accuracy on both KoU-6LoWPAN-IoT and Edge IIoT datasets. In the proposed hybrid IDPS for the detention phase, the Artificial Neural Network (ANN) classifier achieved the highest accuracy among the models in both the 2-class and N-class. Before the accuracy improved in our proposed dataset with the 4-class and 2-class mode, the ANN classifier achieved 95.65% and 99.95%, respectively, while after the accuracy optimization reached 99.84% and 99.97%, respectively. For the Edge IIoT dataset, before the accuracy improved with the 15-class and 2-class modes, the ANN classifier achieved 95.14% and 99.86%, respectively, while after the accuracy optimized up to 97.64% and 99.94%, respectively. Also, the decision tree-based models achieved lightweight models due to their lower computational complexity, so these have an appropriate edge computing deployment. Whereas other ML models reach heavyweight models and are required more computational complexity, these models have an appropriate deployment in cloud or fog computing in IoT networks.

查看原文本刊更多论文

基于机器学习的物联网入侵检测技术：使用 Cooja 进行仿真

物联网（IoT）是未来大有可为的技术之一。它以更小的工作量和更快的实时速度提供了许多我们如今所依赖的极具吸引力的功能。然而，由于其异构生态系统、自适应协议和自配置等障碍，它仍然容易受到各种威胁和攻击。本文通过 Contiki 操作系统在物联网中实施了三种不同的 6LoWPAN 攻击，以生成反映物联网中 6LoWPAN 特征的拟议数据集。为分析攻击，共实施了六种场景。其中三个场景没有恶意节点，其他场景包括恶意节点。典型场景是恶意场景的基准，用于比较、提取和探索受攻击者影响的特征。这些特征将作为标准输入，用于训练和测试我们提出的混合入侵检测和防御系统（IDPS），以检测和预防物联网生态系统中的 6LoWPAN 攻击。在 KoU-6LoWPAN-IoT 和 Edge IIoT 数据集上对所提出的混合 IDPS 进行了训练和测试，提高了准确性。在拟议的混合 IDPS 检测阶段，人工神经网络（ANN）分类器在 2 类和 N 类模型中都达到了最高准确率。在我们提出的 4 类和 2 类模式数据集中，准确率提高前，ANN 分类器的准确率分别为 95.65% 和 99.95%，而准确率优化后分别达到了 99.84% 和 99.97%。对于 Edge IIoT 数据集，在使用 15 类和 2 类模式提高准确率之前，ANN 分类器的准确率分别为 95.14% 和 99.86%，而优化后的准确率分别达到 97.64% 和 99.94%。此外，基于决策树的模型由于计算复杂度较低而实现了轻量级模型，因此适合边缘计算部署。而其他 ML 模型则达到了重量级模型，需要更高的计算复杂度，这些模型适合部署在物联网网络的云或雾计算中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Computer Network and Information Security Social Sciences-Safety Research

CiteScore

4.10

自引率

0.00%

发文量