DDoS Attacks Detection based on Machine Learning Algorithms in IoT Environments

Inteligencia Artif. Pub Date : 2024-07-11 DOI:10.4114/intartif.vol27iss74pp152-165

M. Manaa, Saba M. Hussain, Suad A. Alasadi, Hussein A. A. Al-Khamees

{"title":"DDoS Attacks Detection based on Machine Learning Algorithms in IoT Environments","authors":"M. Manaa, Saba M. Hussain, Suad A. Alasadi, Hussein A. A. Al-Khamees","doi":"10.4114/intartif.vol27iss74pp152-165","DOIUrl":null,"url":null,"abstract":"In today’s digital era, most electrical gadgets have become smart, and the great majority of them can connect to the internet. The Internet of Things (IoT) refers to a network comprised of interconnected items. Cloud-based IoT infrastructures are vulnerable to Distributed Denial of Service (DDoS) attacks. Despite the fact that these devices may be accessed from anywhere, they are vulnerable to assault and compromise. DDoS attacks pose a significant threat to network security and operational integrity. DDoS assault in which infected botnets of networks hit the victim’s PC from several systems across the internet, is one of the most popular. In this paper, three prominent datasets: UNSW-NB 15, UNSW-2018 IoT Botnet and recent Edge IIoT are using in an Anomaly-based Intrusion Detection system(AIDS) to detect and mitigate DDoS attacks. AIDS employ machine learning methods and Deep Learning (DL) for attack mitigation. The suggested work employed different types of machine learning and Deep Learning (DL): Random Forest (RF), Support Vector Machine (SVM), Logistic Regression, and Multi-layer perceptron (MLP), deep Artificial Neural Network (ANN), and Long Term Short Memory (LSTM) methods to identify DDoS attacks. Both of these methods are contrasted by the fact that the database stores the trained signatures. As a results, RF shows a promising performance with 100% accuracy and a minimum false positive on testing both datasets UNSW-NB 15 and UNSW-2018 Botnet. In addition, the results for a realistic Edge IIoT dataset show a good performance in accuracy for RF 98.79% and for deep learning LSTM with 99.36% in minimum time compared with other results for multi-class detection.","PeriodicalId":176050,"journal":{"name":"Inteligencia Artif.","volume":"118 2","pages":"152-165"},"PeriodicalIF":0.0000,"publicationDate":"2024-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Inteligencia Artif.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4114/intartif.vol27iss74pp152-165","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In today’s digital era, most electrical gadgets have become smart, and the great majority of them can connect to the internet. The Internet of Things (IoT) refers to a network comprised of interconnected items. Cloud-based IoT infrastructures are vulnerable to Distributed Denial of Service (DDoS) attacks. Despite the fact that these devices may be accessed from anywhere, they are vulnerable to assault and compromise. DDoS attacks pose a significant threat to network security and operational integrity. DDoS assault in which infected botnets of networks hit the victim’s PC from several systems across the internet, is one of the most popular. In this paper, three prominent datasets: UNSW-NB 15, UNSW-2018 IoT Botnet and recent Edge IIoT are using in an Anomaly-based Intrusion Detection system(AIDS) to detect and mitigate DDoS attacks. AIDS employ machine learning methods and Deep Learning (DL) for attack mitigation. The suggested work employed different types of machine learning and Deep Learning (DL): Random Forest (RF), Support Vector Machine (SVM), Logistic Regression, and Multi-layer perceptron (MLP), deep Artificial Neural Network (ANN), and Long Term Short Memory (LSTM) methods to identify DDoS attacks. Both of these methods are contrasted by the fact that the database stores the trained signatures. As a results, RF shows a promising performance with 100% accuracy and a minimum false positive on testing both datasets UNSW-NB 15 and UNSW-2018 Botnet. In addition, the results for a realistic Edge IIoT dataset show a good performance in accuracy for RF 98.79% and for deep learning LSTM with 99.36% in minimum time compared with other results for multi-class detection.

查看原文本刊更多论文

基于物联网环境中机器学习算法的 DDoS 攻击检测

在当今的数字化时代，大多数电气设备都已变得智能化，其中绝大多数都可以连接到互联网。物联网（IoT）是指由相互连接的物品组成的网络。基于云的物联网基础设施很容易受到分布式拒绝服务（DDoS）攻击。尽管可以从任何地方访问这些设备，但它们很容易受到攻击和破坏。DDoS 攻击对网络安全和运行完整性构成重大威胁。DDoS 攻击是最常见的攻击方式之一，在这种攻击中，受感染的僵尸网络会从互联网上的多个系统攻击受害者的个人电脑。本文使用了三个著名的数据集：UNSW-NB 15、UNSW-2018 IoT 僵尸网络和最近的 Edge IIoT 被用于基于异常的入侵检测系统（AIDS），以检测和缓解 DDoS 攻击。AIDS 采用机器学习方法和深度学习（DL）来缓解攻击。建议的工作采用了不同类型的机器学习和深度学习（DL）：随机森林 (RF)、支持向量机 (SVM)、逻辑回归 (Logistic Regression) 和多层感知器 (MLP)、深度人工神经网络 (ANN) 和长期短时记忆 (LSTM) 方法可用于识别 DDoS 攻击。这两种方法的不同之处在于，数据库存储了经过训练的签名。结果表明，RF 在测试 UNSW-NB 15 和 UNSW-2018 Botnet 这两个数据集时表现出良好的性能，准确率达到 100%，误报率最低。此外，与其他多类检测结果相比，针对现实边缘物联网数据集的结果表明，RF 的准确率为 98.79%，深度学习 LSTM 的准确率为 99.36%，且用时最短。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Inteligencia Artif.

自引率

0.00%

发文量