A Novel Method for Anomaly Detection in the Internet of Things using Whale Optimization Algorithm

Abstract

The Internet of Things (IoT) is integral to human life due to its pervasive applications in home appliances, surveillance, and environment monitoring. Resource-constrained IoT devices are easily accessible to attackers due to their direct connection to the unsafe Internet. Public access to the Internet makes IoT objects more susceptible to intrusion. As the name implies, anomaly detection systems are designed to identify anomalous traffic patterns that conventional firewalls fail to detect. Effective Intrusion Detection Systems (IDSs) design faces three major problems, including handling high dimensionality, selecting a learning algorithm, and comparing entered observations and traffic patterns using a distance or similarity measure. Considering the dynamic nature of the entities involved and the limited computing resources available, more than traditional anomaly detection approaches is required. This paper proposes a novel method based on Whale Optimization Algorithm (WOA) to detect anomalies in IoT-based networks that conventional firewall systems cannot detect. Experiments are conducted on the KDD dataset. The accuracy of the proposed method is compared for classifiers such as kNN, SVM, and DT approaches. The detection accuracy rate of the proposed method is significantly higher than that of other methods for DoS, probing, normal attacks, R2L attacks, and U2R attacks compared to other methods. This method shows an impressive increase in accuracy when detecting a wide range of malicious activities, from DoS, probing, and privilege escalation attacks, to remote-to-local and user-to-root attacks.