A novel deep learning-based intrusion detection system for IoT DDoS security

IF 6 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Selman Hizal , Unal Cavusoglu , Devrim Akgun
{"title":"A novel deep learning-based intrusion detection system for IoT DDoS security","authors":"Selman Hizal ,&nbsp;Unal Cavusoglu ,&nbsp;Devrim Akgun","doi":"10.1016/j.iot.2024.101336","DOIUrl":null,"url":null,"abstract":"<div><p>Intrusion detection systems (IDS) for IoT devices are critical for protecting against a wide range of possible attacks when dealing with Distributed Denial of Service (DDoS) attacks. These attacks have become a primary concern for IoT networks. Intelligent decision-making techniques are required for DDoS attacks, which pose serious threats. The range of devices connected to the IoT ecosystem is growing, and the data traffic they generate is continually changing; the need for models more resistant to new attack types and existing attacks is of research interest. Motivated by this gap, this paper provides an effective IDS powered by deep learning models for IoT networks based on the recently published CICIoT2023 dataset. In this work, we improved the detection and mitigation of potential security threats in IoT networks. To increase performance, we performed preprocessing operations on the dataset, such as random subset selection, feature elimination, duplication removal, and normalization. A two-level IDS using deep-learning models containing binary and multiclass classifiers has been designed to identify DDoS attacks in IoT networks. The effectiveness of several deep-learning models in real-time and detection performance has been evaluated. We trained fully connected, convolutional, and LSTM-based deep learning models for detecting DDoS attacks and sub-classes. According to the results on a partially balanced sub-dataset, two staged models performed better than baseline models such as DNN (Deep Neural Networks), CNN (Convolutional Neural Networks), LSTM (Long Short Term Memory), RNN (Recurrent Neural Network).</p></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101336"},"PeriodicalIF":6.0000,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660524002774","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Intrusion detection systems (IDS) for IoT devices are critical for protecting against a wide range of possible attacks when dealing with Distributed Denial of Service (DDoS) attacks. These attacks have become a primary concern for IoT networks. Intelligent decision-making techniques are required for DDoS attacks, which pose serious threats. The range of devices connected to the IoT ecosystem is growing, and the data traffic they generate is continually changing; the need for models more resistant to new attack types and existing attacks is of research interest. Motivated by this gap, this paper provides an effective IDS powered by deep learning models for IoT networks based on the recently published CICIoT2023 dataset. In this work, we improved the detection and mitigation of potential security threats in IoT networks. To increase performance, we performed preprocessing operations on the dataset, such as random subset selection, feature elimination, duplication removal, and normalization. A two-level IDS using deep-learning models containing binary and multiclass classifiers has been designed to identify DDoS attacks in IoT networks. The effectiveness of several deep-learning models in real-time and detection performance has been evaluated. We trained fully connected, convolutional, and LSTM-based deep learning models for detecting DDoS attacks and sub-classes. According to the results on a partially balanced sub-dataset, two staged models performed better than baseline models such as DNN (Deep Neural Networks), CNN (Convolutional Neural Networks), LSTM (Long Short Term Memory), RNN (Recurrent Neural Network).

基于深度学习的新型物联网 DDoS 安全入侵检测系统
在应对分布式拒绝服务(DDoS)攻击时,物联网设备的入侵检测系统(IDS)对于防范各种可能的攻击至关重要。这些攻击已成为物联网网络的首要问题。针对构成严重威胁的 DDoS 攻击,需要智能决策技术。连接到物联网生态系统的设备越来越多,它们产生的数据流量也在不断变化;因此,研究人员需要建立更能抵御新攻击类型和现有攻击的模型。受这一差距的激励,本文基于最近发布的 CICIoT2023 数据集,为物联网网络提供了一种由深度学习模型驱动的有效 IDS。在这项工作中,我们改进了对物联网网络中潜在安全威胁的检测和缓解。为了提高性能,我们对数据集进行了预处理操作,如随机子集选择、特征消除、重复删除和归一化。我们设计了一种使用包含二元分类器和多分类器的深度学习模型的两级 IDS,以识别物联网网络中的 DDoS 攻击。我们评估了几种深度学习模型的实时有效性和检测性能。我们训练了基于全连接、卷积和 LSTM 的深度学习模型来检测 DDoS 攻击和子类。根据部分平衡子数据集的结果,两个阶段模型的性能优于 DNN(深度神经网络)、CNN(卷积神经网络)、LSTM(长短期记忆)和 RNN(循环神经网络)等基线模型。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Internet of Things
Internet of Things Multiple-
CiteScore
3.60
自引率
5.10%
发文量
115
审稿时长
37 days
期刊介绍: Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信