Machine learning-based detection of DDoS attacks on IoT devices in multi-energy systems

IF 5 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2024-09-21 DOI:10.1016/j.eij.2024.100540

Hesham A. Sakr , Mostafa M. Fouda , Ahmed F. Ashour , Ahmed Abdelhafeez , Magda I. El-Afifi , Mohamed Refaat Abdellah

{"title":"Machine learning-based detection of DDoS attacks on IoT devices in multi-energy systems","authors":"Hesham A. Sakr , Mostafa M. Fouda , Ahmed F. Ashour , Ahmed Abdelhafeez , Magda I. El-Afifi , Mohamed Refaat Abdellah","doi":"10.1016/j.eij.2024.100540","DOIUrl":null,"url":null,"abstract":"<div><p>With the growing integration of IoT devices in critical infrastructure, cybersecurity threats such as Distributed Denial of Service (DDoS) attacks on Energy Hubs (EH) have become a significant concern. This study aims to address these challenges by evaluating the effectiveness of various supervised machine learning (ML) algorithms in predicting DDoS attacks targeting EH systems through IoT devices. Using the CICDDOS2019 and KDD-CUP datasets, a comprehensive analysis was conducted on several classifiers, including Decision Tree (DT), Gradient Boosting, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Random Forest. The results highlight Gradient Boosting as the most effective model, particularly for the CICDDOS2019 dataset, demonstrating superior accuracy and predictive capability. Additionally, hybrid models combining Gradient Boosting with SVM or DT showed strong performance, though with varying precision and recall. This study provides valuable insights into the selection and tailoring of ML models for specific security challenges, emphasizing the need for ongoing research to enhance the resilience of EH systems and IoT devices against evolving DDoS threats.</p></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"28 ","pages":"Article 100540"},"PeriodicalIF":5.0000,"publicationDate":"2024-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1110866524001038/pdfft?md5=c152411211f2d1ecb3239e35c09f18be&pid=1-s2.0-S1110866524001038-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866524001038","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

With the growing integration of IoT devices in critical infrastructure, cybersecurity threats such as Distributed Denial of Service (DDoS) attacks on Energy Hubs (EH) have become a significant concern. This study aims to address these challenges by evaluating the effectiveness of various supervised machine learning (ML) algorithms in predicting DDoS attacks targeting EH systems through IoT devices. Using the CICDDOS2019 and KDD-CUP datasets, a comprehensive analysis was conducted on several classifiers, including Decision Tree (DT), Gradient Boosting, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Random Forest. The results highlight Gradient Boosting as the most effective model, particularly for the CICDDOS2019 dataset, demonstrating superior accuracy and predictive capability. Additionally, hybrid models combining Gradient Boosting with SVM or DT showed strong performance, though with varying precision and recall. This study provides valuable insights into the selection and tailoring of ML models for specific security challenges, emphasizing the need for ongoing research to enhance the resilience of EH systems and IoT devices against evolving DDoS threats.

查看原文本刊更多论文

基于机器学习的多能源系统物联网设备 DDoS 攻击检测

随着物联网设备越来越多地集成到关键基础设施中，对能源中枢（EH）的分布式拒绝服务（DDoS）攻击等网络安全威胁已成为一个重大问题。本研究旨在通过评估各种有监督的机器学习（ML）算法在预测通过物联网设备针对 EH 系统的 DDoS 攻击方面的有效性来应对这些挑战。利用 CICDDOS2019 和 KDD-CUP 数据集，对决策树 (DT)、梯度提升 (Gradient Boosting)、支持向量机 (SVM)、K-近邻 (KNN) 和随机森林 (Random Forest) 等分类器进行了全面分析。结果表明，梯度提升是最有效的模型，尤其是在 CICDDOS2019 数据集上，显示出卓越的准确性和预测能力。此外，将梯度提升与 SVM 或 DT 相结合的混合模型也表现出很强的性能，尽管精度和召回率各不相同。这项研究为针对特定安全挑战选择和定制 ML 模型提供了宝贵的见解，强调了持续研究的必要性，以提高 EH 系统和 IoT 设备对不断演变的 DDoS 威胁的抵御能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.