Development of a Homogeneous Hybrid Machine Learning for Intrusion Detection  in the IOT Network

Kosar  Ibrahim mirza; Dalshad  Jaafar Hussein; Haval  Muhammed Sidqi; Nyaz  Aziz Ali

doi:10.25098/9.1.31

Authors

Kosar Ibrahim mirza Department of Database, Computer Science Institute, Sulaimani Polytechnic University, Sulaimani, Iraq
Dalshad Jaafar Hussein Department of Database, Computer Science Institute, Sulaimani Polytechnic University, Sulaimani, Iraq
Haval Muhammed Sidqi Technical Department of IT, College of Informatics, Sulaimani Polytechnic University, Sulaimani, Iraq
Nyaz Aziz Ali Department of IT, College of Commerce, Sulaimani University, Sulaimani, Iraq

DOI:

https://doi.org/10.25098/9.1.31

Keywords:

Feature Selection via Correlation Analysis, Stacked Ensemble Techniques, Models for Detecting Internet of Things Network, GMMES Model, Gaussian Mixture Model

Abstract

In the rapidly evolving landscape of the Internet of Things (IoT), which underpins advancements in e-health, smart homes, e-commerce, and various other digital domains, fog computing emerges as a pivotal IoT platform, bringing to the forefront significant cybersecurity challenges. Traditional intrusion detection mechanisms falter in the IoT context, hindered by the unique constraints of IoT environments, such as limited-resource devices, data imbalance, and specialized protocol stacks and standards. Particularly, the prevalence of unbalanced data in IoT-related network attack datasets compromises the efficacy of conventional intrusion detection systems. Addressing these challenges, this study introduces a novel Group Intrusion Detection Mechanism (Group-based Machine Learning Mechanism for Enhanced Security) GMMES tailored for IoT networks, specifically designed to mitigate malicious activities, with a focus on botnet attacks targeting DNS, HTTP, and MQTT protocols. The GMMES model innovatively integrates correlation-based feature selection, Gaussian mixture model clustering, and ensemble stacking techniques. When benchmarked against contemporary IoT intrusion detection models using the UNSW-NB 15 dataset, based on Attack Detection Precision (ADP) and Early Warning Precision (EWP) metrics, the GMMES model demonstrates superior performance in identifying Dos, Exploits, and Generic attacks compared to other models, including deep neural networks and Adaboost learning algorithms. However, its efficacy in detecting Worms remains consistent with previous models. Furthermore, the incorporation of correlation-based feature selection and parallel processing in the(Group Intrusion Detection Mechanism GMMES model significantly enhances training efficiency, presenting a promising avenue for efficient and effective IoT cybersecurity measures, and the study of the training time of the proposed model also showed that it could reduce the training time by using correlation-based feature selection and parallel processing.

The limitations are incorporating, heterogeneity, optimization, dynamic learning and adversarial Training.

References

Alghanam, O. A., et al. (2023). "An improved PIO feature selection algorithm for IoT network intrusion detection system based on ensemble learning." Expert Systems with Applications 213: 118745.

Ananthi, P. and V. Parthipan (2022). "An Innovative Method for Detection of Malicious Behaviours in Automated Vehicle System Using Hybrid Fuzzy C-Means Algorithm with Neural Network Algorithm Based Accuracy and Cost." ECS Transactions 107(1): 11765.

Asgharzadeh, H., et al. (2023). "Anomaly-based Intrusion Detection System in the Internet of Things using a Convolutional Neural Network and Multi-Objective Enhanced Capuchin Search Algorithm." Journal of Parallel and Distributed Computing.

Aswad, F. M., et al. (2023). "Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks." Journal of Intelligent Systems 32(1).

Awujoola Olalekan, J., et al. (2020). "Effective and accurate bootstrap aggregating (Bagging) ensemble algorithm model for prediction and classification of hypothyroid disease." Int J Comput Appl 176(39): 41-49.

Bhattacharya, S., et al. (2021). Investigation of Deep Learning Model Based Intrusion Detection in Traditional and Ad Hoc Networks. 2021 5th International Conference on Electronics, Communication and Aerospace Technology (ICECA), IEEE.

Bhavani, T. T., et al. (2019). Network intrusion detection system using random forest and decision tree machine learning techniques. First International Conference on Sustainable Technologies for Computational Intelligence: Proceedings of ICTSCI 2019, Springer.

Bhutamapuram, U. S. and R. Sadam (2022). "With-in-project defect prediction using bootstrap aggregation based diverse ensemble learning technique." Journal of King Saud University-Computer and Information Sciences 34(10): 8675-8691.

Elghamrawy, S. M., et al. (2022). An Intrusion Detection Model Based on Deep Learning and Multi-layer Perceptron in the Internet of Things (IoT) Network. The 8th International Conference on Advanced Machine Learning and Technologies and Applications (AMLTA2022), Springer.

Ismail, N. and S. Abdullah (2016). "Principal component regression with artificial neural network to improve prediction of electricity demand." Int. Arab J. Inf. Technol. 13(1A): 196-202.

Kim, H. and Y. Lim (2022). "Bootstrap aggregated classification for sparse functional data." Journal of Applied Statistics 49(8): 2052-2063.

Louk, M. H. L. and B. A. Tama (2023). "Dual-IDS: A bagging-based gradient boosting decision tree model for network anomaly intrusion detection system." Expert Systems with Applications 213: 119030.

Mhawi, D. N., et al. (2022). "Advanced feature-selection-based hybrid ensemble learning algorithms for network intrusion detection systems." Symmetry 14(7): 1461.

Mostafa, S. A., et al. (2023). "Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks."

Moustafa, N. and J. Slay (2015). UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). 2015 military communications and information systems conference (MilCIS), IEEE.

Roets, A. and B. L. Tait (2023). IoT-Penn: A Security Penetration Tester for MQTT in the IoT Environment. Cybersecurity in the Age of Smart Societies: Proceedings of the 14th International Conference on Global Security, Safety and Sustainability, London, September 2022, Springer.

Sabitha, R., et al. (2022). "Network Based Detection of IoT Attack Using AIS-IDS Model." Wireless Personal Communications: 1-24.

Shaikh, A. and P. Gupta (2022). Advanced Signature-Based Intrusion Detection System. Intelligent Communication Technologies and Virtual Mobile Networks: Proceedings of ICICV 2022, Springer: 305-321.

Talukder, M. A., et al. (2023). "A dependable hybrid machine learning model for network intrusion detection." Journal of Information Security and Applications 72: 103405.

Thakkar, A. and R. Lohiya (2023). "Fusion of statistical importance for feature selection in Deep Neural Network-based Intrusion Detection System." Information Fusion 90: 353-363.

Wang, Y., et al. (2019). "Stacking-based ensemble learning of decision trees for interpretable prostate cancer detection." Applied Soft Computing 77: 188-204.

Yang, Z., et al. (2022). "A systematic literature review of methods and datasets for anomaly-based network intrusion detection." Computers & Security: 102675.