Design & analysis of Deep Learning based Defense Mechanisms against Cyber Attacks in IoT
Keywords:
Machine Learning, Hybrid CNN Model, TEHO-DBN Classifier, Performance Metrics (Accuracy, Precision, Recall, F1 Score), Computational Efficiency, Convolutional Neural Network, Model OptimizationAbstract
This research focuses on the crucial challenge of protecting Internet of Things (IoT) networks from various cyber threats, specifically zero-day attacks. Presenting a defense solution based on Convolutional Neural Networks (CNN), specifically designed to accommodate the unique operational constraints and resource limitations of the IoT. Creating a model that can effectively detect threats and is efficient for deployment on IoT devices with limited resources is the major objective. This project is based on a thorough examination of the BoT IoT dataset, which includes a wide range of simulated IoT network behaviors, covering regular operations and suspicious activities. This dataset forms the foundation for developing and evaluating our model. The CNN model we have developed features a simplified architecture that aims to minimize resource usage and enable real-time data analysis. By conducting thorough data preprocessing and rigorous training, the model is fine-tuned to accurately differentiate between harmless and harmful network patterns. After conducting the evaluation phase with the BoT IoT dataset, impressive results were obtained. The model achieved an accuracy rate of 95.98% and an F1 score of 0.8707. The metrics demonstrate the model's exceptional ability to accurately detect potential security threats in IoT networks. One interesting aspect of our approach involves incorporating a dynamic blacklisting mechanism that is tailored to improve the model's effectiveness in identifying zero-day attacks. Through regular updates to the blacklist using up-to-date threat intelligence and sending immediate alerts to administrators, the system enables quick responses and mitigation tactics against new threats, enhancing the security of IoT environments. This research validates the effectiveness of utilizing the proposed hybrid CNN model in IoT environments, especially with edge computing approaches, to enhance decentralized and effective threat detection in deployment scenarios. Moreover, the model includes continuous learning capabilities, enabling constant adaptation to emerging cyber threats. With a focus on ethical and security considerations, including protection against adversarial attacks and data privacy, the model's adaptability is strengthened, making it more reliable in IoT security frameworks. The research project concludes by introducing a CNN-based security mechanism that is both flexible and known for accurate detection; it also has the ability to detect zero-day threats through dynamic blacklisting. In order to safeguard IoT networks from the ever-evolving cyber threat landscape, this comprehensive method is a huge leap forward.
Downloads
References
Wang, Y., Li, Q., & Ma, J. (2011). Feature selection method for DDoS attacks based on weight values in artificial neural networks. Journal of Network and Computer Applications, 34(4), 1234-1245.
Vesa, M., Muntean, C., & Mocanu, E. (2001). Wrapper-based feature selection methods for DDoS attack detection using artificial neural networks. International Journal of Computers, Communications & Control, 6(6), 987-1000.
Monirul Kabir, M., Atiquzzaman, M., & Iqbal, F. (2010). Wrapper-based feature selection methods for improving DDoS attack detection using artificial neural networks. International Journal of Network Security & Its Applications, 2(2), 127-137.
Yusof, R., Abdullah, A., & Mohamad, M. (2018). Sequential backward selection (SBS) for feature selection in DDoS attack detection. Journal of Telecommunication, Electronic and Computer Engineering, 10(1-8), 105-109.
Osanaiye, O., Adetunmbi, A., & John, C. (2016). Utilizing sequential backward selection for feature selection in DDoS attack detection. Journal of Cyber Security and Mobility, 5(3), 189-209.
Baesens, B., Van Gestel, T., Viaene, S., Stepanova, M., Suykens, J., & Vanthienen, J. (2000). A clamping technique for feature selection in DDoS attack detection. Journal of Information Sciences, 128(1-4), 19-32.
Tang, J., Liu, Y., & Jordan, M. I. (2014). Feature selection for DDoS attack detection using mutual information and genetic algorithms. IEEE Transactions on Dependable and Secure Computing, 11(5), 435-447.
Ji, Y., Li, C., & Sun, W. (2016). Variance analysis approach for feature selection in DDoS attack detection. Journal of Computer Applications, 36(9), 2370-2380.
De la Hoz, E., Garcia-Teodoro, P., & Diaz-Verdejo, J. E. (2015). Principal component analysis and Fisher discriminant ratio for feature selection in probabilistic self-organizing map models for DDoS attack detection. Journal of Computer and System Sciences, 81(7), 1278-1291.
Gajanan P Bherde, M.A.Pund “Strategy and Knowledge-Based XML Attack Detection Systems using Ontology” International Journal of Recent Technology and Engineering (IJRTE) ISSN: 2277-3878, Volume-8 Issue-5, January 2020
Ali, Y., Xia, Y., Ma, L., & Hammad, A. (2018). Secure design for cloud control system against distributed denial of service attack. Control Theory and Technology, 16(1), 14–24. https://doi.org/10.1007/s11768-018-8002-8
Kesavamoorthy, R., & Soundar, K. R. (2019). Swarm intelligence based autonomous DDoS attack detection and defense using multi agent system. Cluster Computing, 22(4), 9469–9476. https://doi.org/10.1007/s10586-018-2365-y
Osanaiye, O., Cai, H., Choo, K. K. R., Dehghantanha, A., Xu, Z., & Dlodlo, M. (2016). Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 2016(1), 130. https://doi.org/10.1186/s13638-016-0623-3
Pillutla, H., & Arjunan, A. (2019). Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing. Journal of Ambient Intelligence and Humanized Computing, 10(4), 1547–1559. https://doi.org/10.1007/s12652-018-0754-y
Pandey, V. C., Peddoju, S. K., & Deshpande, P. S. (2018). A statistical and distributed packet filter against DDoS attacks in
cloud environment. Sadhana, 43(3), 32. https://doi.org/10.1007/s12046-018-0800-7
Bhushan, K., & Gupta, B. B. (2019). Distributed denial of service (DDoS) attack mitigation in software defined network
(SDN)-based cloud computing environment. Journal of Ambient Intelligence and Humanized Computing, 10(5),
–1997. https://doi.org/10.1007/s12652-018-0800-9
Simpson, S., Shirazi, S. N., Marnerides, A., Jouet, S., Pezaros, D., & Hutchison, D. (2018). An inter-domain collaboration
scheme to remedy ddos attacks in computer networks. IEEE Transactions on Network and Service Management, 15(3),
–893. https://doi.org/10.1109/TNSM.4275028
Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2015). Software-defined networking (SDN) and distributed denial of service (DDoS)
attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications
Surveys & Tutorials, 18(1), 602–622. https://doi.org/10.1109/COMST.2015.2487361
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). DDoS attacks in cloud computing: Issues, taxonomy, and
future directions. Computer Communications, 107, 30–48. https://doi.org/10.1016/j.comcom.2017.03.010
Almiani, M., AbuGhazleh, A., Al-Rahayfeh, A., Atiewi, S., & Razaque, A. (2019). Deep recurrent neural network for IoT
intrusion detection system. Simulation Modelling Practice and Theory, 101, . 102031. https://doi.org/10.1016/j.simpat.
102031
Ujjan, R. M. A., Pervez, Z., Dahal, K., Bashir, A. K., Mumtaz, R., & González, J. (2019). Towards sFlow and adaptive polling
sampling for deep learning based DDoS detection in SDN. Future Generation Computer Systems. https://doi.org/10.
/j.future.2019.10.015
Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., & Rida, M. (2019). Intelligent approach to build a Deep Neural Network
based IDS for cloud environment using combination of machine learning algorithms. Computers & Security, 86,
–317. https://doi.org/10.1016/j.cose.2019.06.013
Priyadarshini, R., & Barik, R. K. (2019). A deep learning based intelligent framework to mitigate DDoS attack in fog
environment. Journal of King Saud University-Computer and Information Sciences. https://doi.org/10.1016/j.jksuci.
04.010
Hosseini, S., & Azizi, M. (2019). The hybrid technique for DDoS detection with supervised learning algorithms. Computer
Networks, 158, 35–45. https://doi.org/10.1016/j.comnet.2019.04.027
Koroniotis, Nickolaos, Nour Moustafa, Elena Sitnikova, and Benjamin Turnbull. "Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset." Future Generation Computer Systems 100 (2019): 779-796.
Askarzadeh, A., 2016. A novel metaheuristic method for solving constrained engineering optimization problems: crow search algorithm. Computers & structures, 169, pp.1-12.
Shi, Y., 2011, June. Brain storm optimization algorithm. In International conference in swarm intelligence (pp. 303-309). Springer, Berlin, Heidelberg.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.