Abstract
The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.
Highlights
Internet of Things (IoT) is an interconnected system of devices that facilitate seamless information exchange between physical devices
Experiments show that the proposed hybrid Intrusion Detection System (IDS) provide higher detection rate and lower false positive rate compared to the Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS) techniques
Intrusion Detection System (IDS) technology has originally been developed for traditional networks, and the current techniques IDSs for IoT are insufficient to detect different types of attacks for the following reasons [6]
Summary
Internet of Things (IoT) is an interconnected system of devices that facilitate seamless information exchange between physical devices. Intrusion Detection System (IDS) technology has originally been developed for traditional networks, and the current techniques IDSs for IoT are insufficient to detect different types of attacks for the following reasons [6]. Applying traditional IDS detection system to IoT ecosystem is hard because of its specific features, such as limited resource, particular protocol stacks, and network requirements For these reasons, an innovative hybrid IDS model has been proposed in this paper integrating SIDS and AIDS that can provide robust intrusion detection. Development of Hybrid Intrusion Detection System (HIDS) for IoT devices and gateways that uses a C5 classifier in the first stage and one class SVM in the second stage to create an effective ensemble architecture for improved accuracy.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have