MLSTL-WSN：在 WSN 中使用 SMOTETomek 进行基于机器学习的入侵检测

IF 2.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Information Security Pub Date : 2024-03-19 DOI:10.1007/s10207-024-00833-z

Md. Alamin Talukder, Selina Sharmin, Md Ashraf Uddin, Md Manowarul Islam, Sunil Aryal

{"title":"MLSTL-WSN：在 WSN 中使用 SMOTETomek 进行基于机器学习的入侵检测","authors":"Md. Alamin Talukder, Selina Sharmin, Md Ashraf Uddin, Md Manowarul Islam, Sunil Aryal","doi":"10.1007/s10207-024-00833-z","DOIUrl":null,"url":null,"abstract":"<p>In the domain of cyber-physical systems, wireless sensor networks (WSNs) play a pivotal role as infrastructures, encompassing both stationary and mobile sensors. These sensors self-organize and establish multi-hop connections for communication, collectively sensing, gathering, processing, and transmitting data about their surroundings. Despite their significance, WSNs face rapid and detrimental attacks that can disrupt functionality. Existing intrusion detection methods for WSNs encounter challenges such as low detection rates, computational overhead, and false alarms. These issues stem from sensor node resource constraints, data redundancy, and high correlation within the network. To address these challenges, we propose an innovative intrusion detection approach that integrates machine learning (ML) techniques with the Synthetic Minority Oversampling Technique Tomek Link (SMOTE-TomekLink) algorithm. This blend synthesizes minority instances and eliminates Tomek links, resulting in a balanced dataset that significantly enhances detection accuracy in WSNs. Additionally, we incorporate feature scaling through standardization to render input features consistent and scalable, facilitating more precise training and detection. To counteract imbalanced WSN datasets, we employ the SMOTE-Tomek resampling technique, mitigating overfitting and underfitting issues. Our comprehensive evaluation, using the wireless sensor network dataset (WSN-DS) containing 374,661 records, identifies the optimal model for intrusion detection in WSNs. The standout outcome of our research is the remarkable performance of our model. In binary classification scenarios, it achieves an accuracy rate of 99.78%, and in multiclass classification scenarios, it attains an exceptional accuracy rate of 99.92%. These findings underscore the efficiency and superiority of our proposal in the context of WSN intrusion detection, showcasing its effectiveness in detecting and mitigating intrusions in WSNs.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"30 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"MLSTL-WSN: machine learning-based intrusion detection using SMOTETomek in WSNs\",\"authors\":\"Md. Alamin Talukder, Selina Sharmin, Md Ashraf Uddin, Md Manowarul Islam, Sunil Aryal\",\"doi\":\"10.1007/s10207-024-00833-z\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>In the domain of cyber-physical systems, wireless sensor networks (WSNs) play a pivotal role as infrastructures, encompassing both stationary and mobile sensors. These sensors self-organize and establish multi-hop connections for communication, collectively sensing, gathering, processing, and transmitting data about their surroundings. Despite their significance, WSNs face rapid and detrimental attacks that can disrupt functionality. Existing intrusion detection methods for WSNs encounter challenges such as low detection rates, computational overhead, and false alarms. These issues stem from sensor node resource constraints, data redundancy, and high correlation within the network. To address these challenges, we propose an innovative intrusion detection approach that integrates machine learning (ML) techniques with the Synthetic Minority Oversampling Technique Tomek Link (SMOTE-TomekLink) algorithm. This blend synthesizes minority instances and eliminates Tomek links, resulting in a balanced dataset that significantly enhances detection accuracy in WSNs. Additionally, we incorporate feature scaling through standardization to render input features consistent and scalable, facilitating more precise training and detection. To counteract imbalanced WSN datasets, we employ the SMOTE-Tomek resampling technique, mitigating overfitting and underfitting issues. Our comprehensive evaluation, using the wireless sensor network dataset (WSN-DS) containing 374,661 records, identifies the optimal model for intrusion detection in WSNs. The standout outcome of our research is the remarkable performance of our model. In binary classification scenarios, it achieves an accuracy rate of 99.78%, and in multiclass classification scenarios, it attains an exceptional accuracy rate of 99.92%. These findings underscore the efficiency and superiority of our proposal in the context of WSN intrusion detection, showcasing its effectiveness in detecting and mitigating intrusions in WSNs.</p>\",\"PeriodicalId\":50316,\"journal\":{\"name\":\"International Journal of Information Security\",\"volume\":\"30 1\",\"pages\":\"\"},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2024-03-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10207-024-00833-z\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00833-z","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

在网络物理系统领域，无线传感器网络（WSN）作为基础设施发挥着举足轻重的作用，其中既包括固定传感器，也包括移动传感器。这些传感器自组织并建立多跳连接进行通信，共同感知、收集、处理和传输有关其周围环境的数据。尽管 WSN 非常重要，但它也面临着可能破坏其功能的快速和有害攻击。现有的 WSN 入侵检测方法面临着低检测率、计算开销和误报等挑战。这些问题源于传感器节点的资源限制、数据冗余和网络内的高度相关性。为了应对这些挑战，我们提出了一种创新的入侵检测方法，它将机器学习（ML）技术与合成少数群体过度采样技术 Tomek Link（SMOTE-TomekLink）算法相结合。这种混合算法可合成少数实例并消除 Tomek 链接，从而产生一个平衡的数据集，显著提高 WSN 的检测准确性。此外，我们还通过标准化将特征扩展纳入其中，使输入特征具有一致性和可扩展性，从而促进更精确的训练和检测。为了应对不平衡的 WSN 数据集，我们采用了 SMOTE-Tomek 重采样技术，以缓解过拟合和欠拟合问题。我们利用包含 374,661 条记录的无线传感器网络数据集（WSN-DS）进行了综合评估，确定了 WSN 入侵检测的最佳模型。我们研究的突出成果是我们的模型性能卓越。在二元分类场景中，它的准确率达到了 99.78%，而在多类分类场景中，它的准确率更是高达 99.92%。这些发现强调了我们的建议在 WSN 入侵检测方面的效率和优越性，展示了它在检测和缓解 WSN 入侵方面的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

MLSTL-WSN: machine learning-based intrusion detection using SMOTETomek in WSNs

查看原文本刊更多论文

MLSTL-WSN: machine learning-based intrusion detection using SMOTETomek in WSNs

In the domain of cyber-physical systems, wireless sensor networks (WSNs) play a pivotal role as infrastructures, encompassing both stationary and mobile sensors. These sensors self-organize and establish multi-hop connections for communication, collectively sensing, gathering, processing, and transmitting data about their surroundings. Despite their significance, WSNs face rapid and detrimental attacks that can disrupt functionality. Existing intrusion detection methods for WSNs encounter challenges such as low detection rates, computational overhead, and false alarms. These issues stem from sensor node resource constraints, data redundancy, and high correlation within the network. To address these challenges, we propose an innovative intrusion detection approach that integrates machine learning (ML) techniques with the Synthetic Minority Oversampling Technique Tomek Link (SMOTE-TomekLink) algorithm. This blend synthesizes minority instances and eliminates Tomek links, resulting in a balanced dataset that significantly enhances detection accuracy in WSNs. Additionally, we incorporate feature scaling through standardization to render input features consistent and scalable, facilitating more precise training and detection. To counteract imbalanced WSN datasets, we employ the SMOTE-Tomek resampling technique, mitigating overfitting and underfitting issues. Our comprehensive evaluation, using the wireless sensor network dataset (WSN-DS) containing 374,661 records, identifies the optimal model for intrusion detection in WSNs. The standout outcome of our research is the remarkable performance of our model. In binary classification scenarios, it achieves an accuracy rate of 99.78%, and in multiclass classification scenarios, it attains an exceptional accuracy rate of 99.92%. These findings underscore the efficiency and superiority of our proposal in the context of WSN intrusion detection, showcasing its effectiveness in detecting and mitigating intrusions in WSNs.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Information Security 工程技术-计算机：理论方法

CiteScore

6.30

自引率

3.10%

发文量

审稿时长

12 months

期刊介绍： The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation. Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.