ADVANCED ATTACK MITIGATION IN IOT GATEWAY PROTOCOLS

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-05-23 DOI:10.1016/j.cose.2025.104539

K. Praveen Kumar , Dr. N. Suresh Kumar

{"title":"ADVANCED ATTACK MITIGATION IN IOT GATEWAY PROTOCOLS","authors":"K. Praveen Kumar , Dr. N. Suresh Kumar","doi":"10.1016/j.cose.2025.104539","DOIUrl":null,"url":null,"abstract":"<div><div>With the increasing number of users on the internet, numerous cyberattacks are becoming more and more common. Proper detection of these attacks by Intrusion Detection Systems (IDS) is extremely important, particularly for IoT networks. Deep learning methods have proved to be very promising for enhancing IDS performance. This paper presents an end-to-end system for attack detection and prevention in IoT networks with the use of data augmentation, preprocessing, feature extraction, and deep machine learning algorithms. The class imbalance is resolved using the Enhanced Synthetic Minority Over-Sampling Technique (ESMOTE), and preprocessing operations normalize and clean the data for improved model performance. Feature extraction involves statistical features and Shannon entropy-based features, which are fused and sent through a feature selection process. A new 2D-LICM hyper-chaotic map combined with Walrus Optimization (2D-LICMHy-CM_WO) is used to enhance feature selection through enhanced search diversity, convergence rate, and eliminating redundancy. The Dense Convolutional Spatial Attention-based Enhanced Bi-GRU (DCSAtten_EBi-GRU) effectively extracts attack pattern dependencies for precise detection, and an Enhanced Double Deep Q-Learning Network (DoubleDQN) offers dynamic adaptive real-time countermeasures. Experimental findings prove that the proposed solution can obtain a 99.6% detection accuracy with an F1-score of 0.98 and outperforms current IDS models in false positive rate and detection time.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104539"},"PeriodicalIF":4.8000,"publicationDate":"2025-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002287","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the increasing number of users on the internet, numerous cyberattacks are becoming more and more common. Proper detection of these attacks by Intrusion Detection Systems (IDS) is extremely important, particularly for IoT networks. Deep learning methods have proved to be very promising for enhancing IDS performance. This paper presents an end-to-end system for attack detection and prevention in IoT networks with the use of data augmentation, preprocessing, feature extraction, and deep machine learning algorithms. The class imbalance is resolved using the Enhanced Synthetic Minority Over-Sampling Technique (ESMOTE), and preprocessing operations normalize and clean the data for improved model performance. Feature extraction involves statistical features and Shannon entropy-based features, which are fused and sent through a feature selection process. A new 2D-LICM hyper-chaotic map combined with Walrus Optimization (2D-LICMHy-CM_WO) is used to enhance feature selection through enhanced search diversity, convergence rate, and eliminating redundancy. The Dense Convolutional Spatial Attention-based Enhanced Bi-GRU (DCSAtten_EBi-GRU) effectively extracts attack pattern dependencies for precise detection, and an Enhanced Double Deep Q-Learning Network (DoubleDQN) offers dynamic adaptive real-time countermeasures. Experimental findings prove that the proposed solution can obtain a 99.6% detection accuracy with an F1-score of 0.98 and outperforms current IDS models in false positive rate and detection time.

查看原文本刊更多论文

物联网网关协议中的高级攻击缓解

随着互联网用户数量的不断增加，各种网络攻击也变得越来越普遍。通过入侵检测系统（IDS）正确检测这些攻击非常重要，特别是对于物联网网络。深度学习方法已被证明是非常有希望提高IDS性能的方法。本文提出了一个端到端系统，用于物联网网络中的攻击检测和预防，使用数据增强、预处理、特征提取和深度机器学习算法。使用增强的合成少数派过采样技术（ESMOTE）解决类不平衡问题，预处理操作对数据进行规范化和清理，以提高模型性能。特征提取包括统计特征和基于香农熵的特征，它们通过特征选择过程融合并发送。结合海象优化的2D-LICM超混沌映射（2D-LICMHy-CM_WO）通过增强搜索多样性、收敛速度和消除冗余来增强特征选择。基于密集卷积空间注意力的增强型Bi-GRU （DCSAtten_EBi-GRU）有效提取攻击模式依赖关系以进行精确检测，增强型双深度q -学习网络（DoubleDQN）提供动态自适应实时对策。实验结果表明，该方案的检测准确率为99.6%，f1分数为0.98，在假阳性率和检测时间上优于现有的IDS模型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.