Abstract
Intrusion Detection Systems (IDS) are regarded as an efficient security mechanism in the Internet of Things (IoT). IDSs in the IoT face critical challenges, such as a vast amount of data with many features, limited resources, detection of unknown attacks, and many false alarms. To overcome these issues, this paper proposes a novel framework, namely a Multi-Layer Multi-Classification System (MLMCS). The proposed framework consists of four steps: In the first step, the data collected from information sources are pre-processed. The second step divides the feature space into several subspaces to reduce the model's complexity. The third step proposes a multilayer base classifier called a Multi-Layer Classifier System (MLCS) for each feature subspace. Each MLCS is layered to transform a multi-class classification into several binary classifications so that a specific category of attacks has been detected in each layer based on the Group Method of Data Handling (GMDH) neural network. In the fourth step, the results obtained from MLCSs based on the Dempster-Shafer theory are combined to reduce the problems related to overfitting. The simulation results were gained using three datasets, i.e., NSL-KDD, UNSW-NB15, and TON-IoT. They indicated that the proposed method, compared with other methods, improved F1-score by 5.64%, 0.65%, and 0.11%, respectively. Furthermore, the false alarm rate was reduced by 2.66%, 2.52%, and 0.02%. Moreover, the impact of four well-known adversarial attacks on the dataset was investigated. It was observed that the MLMCS method, with an average 5.21% reduction, could perform well against these attacks.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call