Intrusion Detection Systems in Internet of Things and Mobile Ad-Hoc Networks

Ponnusamy, Vasaki; Humayun, Mamoona; Jhanjhi, N. Z.; Aun, Yichiet; Almufareh, Maram Fahhad

doi:10.32604/csse.2022.018518

Cited by 28 publications

(13 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The KDDCup 99 dataset is one of the popular datasets in IoT with cybersecurity [33], [34], [35], [36], [37], [38], [39], [40], [41], [42], [43], [44], [45], [46], [47]. This dataset provides labelled and unlabeled training and testing data, and it originated from the evaluation program DARPA98 IDS with corresponds to seven and two weeks [33], [41], [48], [49], [50], [51], [52], [53], [54], [55], [56], [57], [58], [59], [60], [61], [62], [63], [64], [65], [66], [67], [68], [69], [70], [71], [72], [73], [74]. The UNSW-NB15 dataset was created by perfectStorm (IXIA) in collaboration with the UNSW Cyber Range Lab to generate moderately aggressive activities and attacks.…”

Section: Methodsmentioning

confidence: 99%

“…The studies focused on the issues, challenges, and shortcomings of ML and DL techniques for detecting ICS anomalies and the current ICS-to-cloud infrastructure. ML methods secure ICT on the network and physical levels by managing the information through packets and controlling anomalies [66]. The research on ML-AIDS identifies and efficiently implements the effective and efficient anomalies of networks and computers [70].…”

Section: Related Workmentioning

confidence: 99%

“…The research on ML-AIDS identifies and efficiently implements the effective and efficient anomalies of networks and computers [70]. Recently, many researchers have been dedicated to developing ML with NIDs [41], [50], [51], [52], [53], [54], [55], [56], [57], [58], [59], [60], [61], [62], [63], [64], [65], [66], [67], [68], [69], [70]. The IDS faced challenges in accuracy by reducing false alarm rates.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Detection of Real-Time Malicious Intrusions and Attacks in IoT Empowered Cybersecurity Infrastructures

et al. 2023

View full text Add to dashboard Cite

Computer viruses, malicious, and other hostile attacks can affect a computer network. Intrusion detection is a key component of network security as an active defence technology. Traditional intrusion detection systems struggle with issues like poor accuracy, ineffective detection, a high percentage of false positives, and an inability to handle new types of intrusions. To address these issues, we propose a deep learning-based novel method to detect cybersecurity vulnerabilities and breaches in cyber-physical systems. The proposed framework contrasts the unsupervised and deep learning-based discriminative approaches. This paper presents a generative adversarial network to detect cyber threats in IoT-driven IICs networks. The results demonstrate a performance increase of approximately 95% to 97% in terms of accuracy, reliability, and efficiency in detecting all types of attacks with a dropout value of 0.2 and an epoch value of 25. The output of well-known state-of-the-art DL classifiers achieved the highest true rate (TNR) and highest detection rate (HDR) when detecting the following attacks: (BruteForceXXS, BruteForceWEB, DoS_Hulk_Attack, and DOS_LOIC_HTTP_Attack) on the NSL-KDD, KDDCup99, and UNSW-NB15 datasets. It also maintained the confidentiality and integrity of users' and systems' sensitive information during the training and testing phases.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Detection of Real-Time Malicious Intrusions and Attacks in IoT Empowered Cybersecurity Infrastructures

et al. 2023

View full text Add to dashboard Cite

show abstract

“…The algorithms: image block-matching (Abdullah, 2013) and IoT and Mobile Ad hoc (Vasaki et al, 2022) were applied to NSL-KDD data sets for computer network intrusion detection. However, the ndings are poor in performance and more speci c. It means that intrusion detection for dynamic systems needs combined or integrated techniques to gain better results.…”

Section: Related Workmentioning

confidence: 99%

In-Depth Analysis of Combine Machine Learning and Open Source Security Tools to Enhance Host-Based Intrusion Detection

Kebede

Gebremeskel

2022

Preprint

View full text Add to dashboard Cite

Computer networks made the world a small village. However, this sophisticated and ever-growing communication network suffers from rapidly increasing attacks (intrusions). Various solutions with low detection rates, high false alarms, high processing time, large trace sizes, and other challenges. In this paper, we proposed a model for combining machine learning and open-source security tool for host-based intrusion detection systems based on the anomaly-based technique and the signature or misuse-based approaches. We applied machine learning algorithms using Australia Defense Force Academy Linux Data set for the anomaly-based technique. Features are selected from the ADFA-LD data set using N-gram based feature extraction mechanism. We have configured one of the host-based intrusion detection tools called open-source security for signature-based intrusion detection. The experimental result showed that the performance of the proposed model is promising in terms of detection rate, false-positive rate, and processing time. We applied three machine learning algorithms: SVM, KNN, and RF for binary and multi-classification, and we gained better performance in binary class classification than in multi-class classification. As the experimental result, the accuracy of SVM is 96.26% with a 5.1% false-positive rate (FPR), KNN is 96.71% with 3.28% FPR, and RF is 96.86% with 3.9% FPR.

show abstract

“…An intrusion detection system based on artificial intelligence [1][2][3] is needed to detect new and malicious network attacks that traditional firewalls cannot detect. is system protects against network attacks on vulnerable services, data-driven attacks in applications, and privilege escalation and intruder login/access to major files by intruders/malicious software (computer viruses, Trojan horses, and worms) and hostbased attacks.…”

Section: Introductionmentioning

confidence: 99%

Evolutionary Data Preprocessing to Alleviate Class Imbalance

Seo

2022

Security and Communication Networks

View full text Add to dashboard Cite

Intrusion detection technology for network attacks is developing rapidly with the development of artificial intelligence technology. Recently, machine learning-based methods that can detect new types of attacks have been developed. To improve the classification performance of the rare classes in the intrusion detection dataset, we study the efficient data preprocessing method based on machine learning. The UNSW-NB15, a well-known network intrusion detection dataset, is used in the experiments. The dataset includes 9 attack types and has severe class imbalance and overlap, so it is difficult to improve the classification performance above a certain level. To improve the classification performance by adjusting the number of instances of rare classes is needed. SMOTE techniques and genetic algorithms are used to optimize the ratio between classes in the training dataset. The computation time is reduced by creating a training dataset that samples only a few percent of the UNSW-NB15 dataset. Many new training datasets are generated based on the small training dataset according to the randomly generated SMOTE ratios. The classification experiments are conducted with these new training datasets. A new dataset is generated by combining the results of the experiments, and a regression model is generated by training the dataset. The best tuple of SMOTE ratios is searched by applying the model as a fitness function of the genetic algorithm. The D-S-1G combination exhibited the best performance among the test results. It consists of a decision tree classifier and the support vector regressor (SVR). As a result, the computation time was significantly reduced, and the optimal SMOTE ratios showed better results than the experimental results of the original UNSW-NB15 dataset. It was found that the classification result of each rare class relies heavily on the type of classifier.

show abstract

Intrusion Detection Systems in Internet of Things and Mobile Ad-Hoc Networks

Cited by 28 publications

References 57 publications

Detection of Real-Time Malicious Intrusions and Attacks in IoT Empowered Cybersecurity Infrastructures

Detection of Real-Time Malicious Intrusions and Attacks in IoT Empowered Cybersecurity Infrastructures

In-Depth Analysis of Combine Machine Learning and Open Source Security Tools to Enhance Host-Based Intrusion Detection

Evolutionary Data Preprocessing to Alleviate Class Imbalance

Contact Info

Product

Resources

About