Top

Arabian Journal for Science and Engineering

Published in:

11-01-2021 | Research Article-Computer Engineering and Computer Science

Toward Design of an Intelligent Cyber Attack Detection System using Hybrid Feature Reduced Approach for IoT Networks

Authors: Prabhat Kumar, Govind P. Gupta, Rakesh Tripathi

Published in: Arabian Journal for Science and Engineering | Issue 4/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With simple connectivity and fast-growing demand of smart devices and networks, IoT has become more prone to cyber attacks. In order to detect and prevent cyber attacks in IoT networks, intrusion detection system (IDS) plays a crucial role. However, most of the existing IDS have dimensionality curse that reduces overall IoT systems efficiency. Hence, it is important to remove repetitive and irrelevant features while designing effective IDS. Motivated from aforementioned challenges, this paper presents an intelligent cyber attack detection system for IoT network using a novel hybrid feature reduced approach. This technique first performs feature ranking using correlation coefficient, random forest mean decrease accuracy and gain ratio to obtain three different feature sets. Then, features are combined using a suitably designed mechanism (AND operation), to obtain single optimized feature set. Finally, the obtained reduced feature set is fed to three well-known machine learning algorithms such as random forest, K-nearest neighbor and XGBoost for detection of cyber attacks. The efficiency of the proposed cyber attack detection framework is evaluated using NSL-KDD and two latest IoT-based datasets namely, BoT-IoT and DS2OS. Performance of the proposed framework is evaluated and compared with some recent state-of-the-art techniques found in literature, in terms of accuracy, detection rate (DR), precision and F1 score. Performance analysis using these three datasets shows that the proposed model has achieved DR up to 90%–100%, for most of the attack vectors that has close similarity to normal behaviors and accuracy above 99%.

previous article Requirement Engineering Challenges: A Systematic Mapping Study on the Academic and the Industrial Perspective

next article Boundary-Based Anchor Selection Method for WSNs Node Localization

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Tewari, A.; Gupta, B.: Security, privacy and trust of different layers in internet-of-things (IoTs) framework. Future Gener. Comput. Syst. 108, 909–920 (2020)

Tewari, A.; Gupta, B.: A novel ECC-based lightweight authentication protocol for internet of things devices. Int. J. High Perform. Comput. Netw. 15(1–2), 106–120 (2019)

Stergiou, C.; Psannis, K.E.; Gupta, B.B.; Ishibashi, Y.: Security, privacy and efficiency of sustainable cloud computing for big data and IoT. Sustain. Comput. Inform. Syst. 19, 174–184 (2018)

Stergiou, C.L.; Psannis, K.E.; Gupta, B.B.: IoT-based big data secure management in the fog over a 6G wireless network. IEEE Internet Things J. (2020). https://doi.org/10.1109/JIOT.2020.3033131CrossRef

Olakanmi, O.O.; Dada, A.: An efficient privacy-preserving approach for secure verifiable outsourced computing on untrusted platforms. Int. J. Cloud Appl. Comput. (IJCAC) 9(2), 79–98 (2019)

Etherington, D.; Conger, K.: Large DDoS attacks cause outages at Twitter, Spotify, and other sites. TechCrunch, Np, vol. 21 (2016)

PentaSecurity, “Top 5 shocking IoT security breaches of 2019,” November 22. https://www.pentasecurity.com/blog/top-5-shocking-iot-security-breaches-2019/. Accessed 10 Nov 2019

Jurcut, A.; Niculcea, T.; Ranaweera, P.; Le-Khac, N.-A.: Security considerations for internet of things: a survey. SN Comput. Sci. 1(4), 193 (2020). https://doi.org/10.1007/s42979-020-00201-310.1007/s42979-020-00201-310:1007/s42979-020-00201-3CrossRef

Eustis, A.G.: The Mirai Botnet and the importance of IoT device security. In: Latifi, S. (ed.) 16th International Conference on Information Technology-New Generations (ITNG 2019), pp. 85–89. Springer, Cham (2019)

10.

Sasan, H.P.S.; Sharma, M.: Intrusion detection using feature selection and machine learning algorithm with misuse detection. Int. J. Comput. Sci. Inf. Technol. 8(1), 17–25 (2016)

11.

Sultana, N.; Chilamkurti, N.; Peng, W.; Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Netw. Appl. 12(2), 493–501 (2019)

12.

Chaudhary, P.; Gupta, B. B.: DDoS detection framework in resource constrained internet of things domain. In: IEEE 8th Global Conference on Consumer Electronics (GCCE), pp. 675–678 (2019)

13.

Tahsien, S.M.; Karimipour, H.; Spachos, P.: Machine learning based solutions for security of internet of things (IoT): a survey. J. Netw. Comput. Appl. 161, 102630 (2020)

14.

Sangkatsanee, P.; Wattanapongsakorn, N.; Charnsripinyo, C.: Practical real-time intrusion detection using machine learning approaches. Comput. Commun. 34(18), 2227–2235 (2011)

15.

Ren, J.; Guo, J.; Qian, W.; Yuan, H.; Hao, X.; Jingjing, H.: Building an effective intrusion detection system by using hybrid data optimization based on machine learning algorithms. Secur. Commun. Netw. 2019, 7130868 (2019). https://doi.org/10.1155/2019/7130868CrossRef

16.

Tama, B.A.; Rhee, K.-H.: HFSTE: hybrid feature selections and tree-based classifiers ensemble for intrusion detection system. IEICE Trans. Inf. Syst. 100(8), 1729–1737 (2017)

17.

Gan, X.-S.; Duanmu, J.-S.; Wang, J.-F.; Cong, W.: Anomaly intrusion detection based on PLS feature extraction and core vector machine. Knowl. Based Syst. 40, 1–6 (2013)

18.

Karami, A.; Guerrero-Zapata, M.: A fuzzy anomaly detection system based on hybrid PSO-Kmeans algorithm in content-centric networks. Neurocomputing 149, 1253–1269 (2015)

19.

Chapaneri, R.; Shah, S.: A comprehensive survey of machine learning-based network intrusion detection. In: Satapathy, S.C., Bhateja, V., Das, S. (eds.) Smart Intelligent Computing and Applications, pp. 345–356. Springer, Singapore (2019)

20.

Gupta, R.; Tanwar, S.; Tyagi, S.; Kumar, N.: Machine learning models for secure data analytics: a taxonomy and threat model. Comput. Commun. 153, 406–440 (2020)

21.

Moustafa, N.; Hu, J.; Slay, J.: A holistic review of network anomaly detection systems: a comprehensive survey. J. Netw. Comput. Appl. 128, 33–55 (2019)

22.

Pajouh, H.H.; Javidan, R.; Khayami, R.; Dehghantanha, A.; Choo, K.R.: A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Trans. Emerg. Top. Comput. 7(2), 314–323 (2019)

23.

Eesa, A.S.; Orman, Z.; Brifcani, A.M.A.: A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42(5), 2670–2679 (2015)

24.

Kamarudin, M.H.; Maple, C.; Watson, T.: Hybrid feature selection technique for intrusion detection system. Int. J. High Perform. Comput. Netw. 13(2), 232–240 (2019)

25.

Chandrashekar, G.; Sahin, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16–28 (2014)

26.

Manzoor, I.; Kumar, N.; et al.: A feature reduced intrusion detection system using ANN classifier. Expert Syst. Appl. 88, 249–257 (2017)

27.

Bhuyan, M.H.; Bhattacharyya, D.K.; Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16(1), 303–336 (2013)

28.

Remeseiro, B.; Bolon-Canedo, V.: A review of feature selection methods in medical applications. Comput. Biol. Med. 112, 103375 (2019)

29.

Huang, J.; Cai, Y.; Xu, X.: A hybrid genetic algorithm for feature selection wrapper based on mutual information. Pattern Recogn. Lett. 28(13), 1825–1844 (2007)

30.

Buczak, A.L.; Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2015)

31.

Al-Garadi, M.A.; Mohamed, A.; Al-Ali, A.K.; Du, X.; Ali, I.; Guizani, M.: A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun. Surv. Tutor. 22(3), 1646–1685 (2020)

32.

Tavallaee, M.; Bagheri, E.; Lu, W.; Ghorbani, A. A.: A detailed analysis of the KDD cup 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)

33.

Tavallaee, M.; Bagheri, E.; Lu, W.; Ghorbani, A.: The NSL-KDD data set. https://web.archive.org/web/20150205070216/. http://nsl.cs.unb.ca/NSL-KDD/. Accessed 10 Aug 2019

34.

Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B.: Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset. Future Gener. Comput. Syst. 100, 779–796 (2019)

35.

Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B.: The Bot-IoT dataset. https://cloudstor.aarnet.edu.au/plus/s/umT99TnxvbpkkoE (2018). Accessed 10 Sept 2019

36.

Pahl, M.-O.; Aubet, F.-X.: All eyes on you: distributed multi-dimensional IoT microservice anomaly detection. In: 14th International Conference on Network and Service Management (CNSM), pp. 72–80. IEEE (2018)

37.

Pahl, M.O.; Aubet, F.X.: DS2OS traffic traces. https://www.kaggle.com/francoisxa/ds2ostraffictraces (2018). Accessed 28 Sept 2019

38.

Pajouh, H.H.; Dastghaibyfard, G.; Hashemi, S.: Two-tier network anomaly detection model: a machine learning approach. J. Intell. Inf. Syst. 48(1), 61–74 (2017)

39.

Wu, K.; Chen, Z.; Li, W.: A novel intrusion detection model for a massive network using convolutional neural networks. IEEE Access 6, 50 850–50 859 (2018)

40.

Gao, X.; Shan, C.; Hu, C.; Niu, Z.; Liu, Z.: An adaptive ensemble machine learning model for intrusion detection. IEEE Access 7, 82 512–82 521 (2019)

41.

Yang, Y.; Zheng, K.; Wu, C.; Niu, X.; Yang, Y.: Building an effective intrusion detection system using the modified density peak clustering algorithm and deep belief networks. Appl. Sci. 9(2), 238 (2019)

42.

Zhang, C.; Ruan, F.; Yin, L.; Chen, X.; Zhai, L.; Liu, F.: A deep learning approach for network intrusion detection based on NSL-KDD dataset. In: IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 41–45. IEEE (2019)

43.

Tian, Q.; Han, D.; Li, K.-C.; Liu, X.; Duan, L.; Castiglione, A.: An intrusion detection approach based on improved deep belief network. Appl. Intell. (2020). https://doi.org/10.1007/s10489-020-01694-4CrossRef

44.

Hasan, M.; Islam, M.M.; Zarif, M.I.I.; Hashem, M.: Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Internet Things 7, 100059 (2019)

45.

Shafiq, M.; Tian, Z.; Sun, Y.; Du, X.; Guizani, M.: Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city. Future Gener. Comput. Syst. 107, 433–442 (2020)

46.

Soe, Y.N.; Feng, Y.; Santosa, P.I.; Hartanto, R.; Sakurai, K.: Towards a lightweight detection system for cyber attacks in the IoT environment using corresponding features. Electronics 9(1), 144 (2020)

47.

Kanakarajan, N.K.; Muniasamy, K.: Improving the accuracy of intrusion detection using gar-forest with feature selection. In: Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA) 2015, pp. 539–547. Springer (2016)

48.

Idhammad, M.; Afdel, K.; Belouch, M.: Semi-supervised machine learning approach for DDoS detection. Appl. Intell. 48(10), 3193–3208 (2018)

49.

Latah, M.; Toker, L.: Towards an efficient anomaly-based intrusion detection for software-defined networks. IET Netw. 7(6), 453–459 (2018)

50.

Staudemeyer, R.; Omlin, C.: Feature set reduction for automatic network intrusion detection with machine learning algorithms. In: Proceedings of the Southern African Telecommunication Networks and Applications Conference (SATNAC), p. 105 (2009)

51.

Latah, M.; Toker, L.: An efficient flow-based multi-level hybrid intrusion detection system for software-defined networks. CoRR (2018). arXiv:1806.03875

52.

Al-Qatf, M.; Lasheng, Y.; Al-Habib, M.; Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52 843–52 856 (2018)

53.

Tama, B.A.; Comuzzi, M.; Rhee, K.-H.: TSE-IDS: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access 7, 94 497–94 507 (2019)

54.

Çavuşoğlu, Ü.: A new hybrid approach for intrusion detection using machine learning methods. Appl. Intell. 49(7), 2735–2761 (2019)

55.

Chandak, T.; Shukla, S.; Wadhvani, R.: “An analysis of a feature reduced intrusion detection system using ANN classifier” by Akashdeep et al. expert systems with applications (2017). Expert Syst. Appl. 130, 79–83 (2019)

56.

Kaja, N.; Shaout, A.; Ma, D.: An intelligent intrusion detection system. Appl. Intell. 49(9), 3235–3247 (2019)

57.

Ghazy, R.A.; El-Rabaie, E.-S.M.; Dessouky, M.I.; El-Fishawy, N.A.; Abd El-Samie, F.E.: Feature selection ranking and subset-based techniques with different classifiers for intrusion detection. Wirel. Pers. Commun. 111(1), 375–393 (2020)

58.

Mahfouz, A.M.; Venugopal, D.; Shiva, S.G.: Comparative analysis of ML classifiers for network intrusion detection. In: Fourth International Congress on Information and Communication Technology, pp. 193–207. Springer (2020)

59.

Su, T.; Sun, H.; Zhu, J.; Wang, S.; Li, Y.: BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8, 29 575–29 585 (2020)

60.

Hur, J.-H.; Ihm, S.-Y.; Park, Y.-H.: A variable impacts measurement in random forest for mobile cloud computing. Wirel. Commun. Mob. Comput. 2017, 6817627 (2017). https://doi.org/10.1155/2017/6817627CrossRef

61.

Blessie, E.C.; Karthikeyan, E.: SIGMIS: a feature selection algorithm using correlation based method. J. Algorithms Comput. Technol. 6(3), 385–394 (2012)

62.

Strobl, C.; Boulesteix, A.-L.; Zeileis, A.; Hothorn, T.: Bias in random forest variable importance measures: illustrations, sources and a solution. BMC Bioinform. 8(1), 25 (2007)

63.

Dağ, H.; Sayin, K.E.; Yenidoğan, I.; Albayrak, S.; Acar, C.: Comparison of feature selection algorithms for medical data. In: International Symposium on Innovations in Intelligent Systems and Applications, pp. 1–5. IEEE (2012)

64.

Bao, R.-J.; Rong, H.-J.; Angelov, P.P.; Chen, B.; Wong, P.K.: Correntropy-based evolving fuzzy neural system. IEEE Trans. Fuzzy Syst. 26(3), 1324–1338 (2017)

65.

Svetnik, V.; Liaw, A.; Tong, C.; Culberson, J.C.; Sheridan, R.P.; Feuston, B.P.: Random forest: a classification and regression tool for compound classification and QSAR modeling. J. Chem. Inf. Comput. Sci. 43(6), 1947–1958 (2003)

66.

Louati, F.; Ktata, F.B.: A deep learning-based multi-agent system for intrusion detection. SN Appl. Sci. 2(4), 1–13 (2020)

67.

Chen, T.; Guestrin, C.: XGBoost: a scalable tree boosting system. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 785–794 (2016)

68.

CISA, “Security tip (st04-015) understanding denial-of-service attacks,” November 20. https://www.us-cert.gov/ncas/tips/ST04-015 (2019). Accessed 1 Feb 2020

69.

Letteri, I.; Penna, G.D.; Gasperis, G.D.: Security in the internet of things: botnet detection in software-defined networks by deep learning techniques. Int. J. High Perform. Comput. Netw. 15(3–4), 170–182 (2019)

70.

Abomhara, M.; et al.: Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J. Cyber Secur. Mob. 4(1), 65–88 (2015)

71.

Jesudoss, A.; Subramaniam, N.: A survey on authentication attacks and countermeasures in a distributed environment. Indian J. Comput. Sci. Eng. (IJCSE) 5(2), 71–77 (2014)

72.

Belavagi, M.C.; Muniyal, B.: Performance evaluation of supervised machine learning algorithms for intrusion detection. Procedia Comput. Sci. 89(2016), 117–123 (2016)

73.

Ma, W.; Qu, H.; Zhao, J.: Estimator with forgetting factor of correntropy and recursive algorithm for traffic network prediction. In: 25th Chinese Control and Decision Conference (CCDC), pp. 490–494. IEEE (2013)

Title: Toward Design of an Intelligent Cyber Attack Detection System using Hybrid Feature Reduced Approach for IoT Networks
Authors: Prabhat Kumar
Govind P. Gupta
Rakesh Tripathi
Publication date: 11-01-2021
Publisher: Springer Berlin Heidelberg
Published in: Arabian Journal for Science and Engineering / Issue 4/2021
Print ISSN: 2193-567X
Electronic ISSN: 2191-4281
DOI: https://doi.org/10.1007/s13369-020-05181-3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Other articles of this Issue 4/2021

Research on Understanding the Effect of Deep Learning on User Preferences

Smart Fraud Detection Framework for Job Recruitments

Requirement Engineering Challenges: A Systematic Mapping Study on the Academic and the Industrial Perspective

Probabilistic Neural Network-based Model for Identification of Parkinson’s Disease by using Voice Profile and Personal Data

An Evolutionary-based Random Weight Networks with Taguchi Method for Arabic Web Pages Classification

Weighted Association Rule Mining Over Unweighted Databases Using Inter-Item Link Based Automated Weighting Scheme

Premium Partners