Adaptive Intrusion Detection in Edge Computing Using Cerebellar Model Articulation Controller and Spline Fit

The security of Internet of Things (IoT) networks has become a integral problem in view of the exponential growth of IoT devices. Intrusion detection and prevention is an approach ,used to identify, analyze, and block cyber threats to protect IoT from unauthorized access or attacks. This paper introduces an adaptive and incremental intrusion detection and prevention system based on RNNs, to the ever changing field of IoT security. IoT networks require advanced intrusion detection systems that can identify emerging threats because of their various and dynamic data sources. The complexity of IoT network data makes it difficult for traditional intrusion detection techniques to detect potential threats. Using the capabilities of RNNs, a model for creating and deploying an intrusion detection and prevention system (IDPS) is proposed in this paper. RNNs work particularly well for sequential data processing, which makes them an appropriate choice for IoT network traffic monitoring. NSL-KDD dataset is taken, pre-processed, features are extracted, and RNN-based model is built as a part of the proposed work. The experimental findings illustrate how effective the suggested approach is at identifying and blocking intrusions in Internet of Things networks. This paper not only demonstrates the effectiveness of RNNs in enhancing IoT network security but also opens avenues for further exploration in this burgeoning field. It presents a scalable, adaptive intrusion detection and prevention solution, responding to the evolving landscape of IoT security. As IoT networks continue to expand, the research enriches the discourse on developing resilient security strategies to combat emerging threats in scalable computing environments.

Internet of things (IoT) is an emerging paradigm that integrates several technologies. IoT network constitutes of many interconnected devices that include various sensors, actu-ators, services and other communicable objects. The increasing demand for IoT and its services have created several security vulnerabilities. Conventional security approaches like intrusion detection systems are not up to the expectation to fulfil the security challenges of IoT networks, due to the conventional technologies used in them. This article presents a survey of intrusion detection and prevention system (IDPS), using state of art technologies, in the context of IoT security. IDPS constitutes of two parts: intrusion detection system and intrusion prevention system. An intrusion detection system (IDS) is used to detect and analyze both inbound and outbound network traffic for malicious activities. An intrusion prevention system (IPS) can be aligned with IDS by proactively inspecting a system’s incoming traffic to mitigate harmful requests. The alignment of IDS and IPS is known as intrusion detection and prevention systems (IDPS). The amalgamation of new technologies, like software-defined network (SDN), machine learning (ML), and manufacturer usage description (MUD), in IDPS is putting the security on the next level. In this study IDPS and its performance benefits are analyzed in the context of IoT security. This survey describes all these prominent technologies in detail and their integrated applications to complement IDPS in the IoT network. Future research directions and challenges of IoT security have been elaborated in the end.

The revolution of computer network technologies and telecommunication technologies increases the number of Internet users enormously around the world. Thus, many companies nowadays produce various devices having network chips, each device becomes part of the Internet of Things and can run on the Internet to achieve various services for its users. This led to the increase in security threats and attacks on these devices. Due to the increased number of devices connected to the Internet, the attackers have more opportunities to perform their attacks in such an environment. Therefore, security has become a big challenge more than before. In addition, confidentiality, integrity, and availability are required components to assure the security of Internet of Things. In this article, an adaptive intrusion detection and prevention system is proposed for Internet of Things (IDPIoT) to enhance security along with the growth of the devices connected to the Internet. The proposed IDPIoT enhances the security including host-based and network-based functionality by examining the existing intrusion detection systems. Once the proposed IDPIoT receives the packet, it examines the behavior, the packet is suspected, and it blocks or drops the packet. The main goal is accomplished by implementing one essential part of security, which is intrusion detection and prevention system.

This research utilizes machine learning (ML), and especially deep learning (DL), techniques for efficient feature extraction of intrusion attacks. We use DL to provide better learning and utilize machine learning multilayer perceptron (MLP) as an intrusion detection (IDS) and intrusion prevention (IPS) system (IDPS) method. We deploy DL and MLP together as DLMLP. DLMLP improves the high detection of all intrusion attack features on the Internet of Things (IoT) device dataset, known as the CICIoT2023 dataset. We reference the CICIoT2023 dataset from the Canadian Institute of Cybersecurity (CIC) IoT device dataset. Our proposed method, the deep learning multilayer perceptron intrusion detection and prevention system model (DLMIDPSM), provides IDPST (intrusion detection and prevention system topology) capability. We use our proposed IDPST to capture, analyze, and prevent all intrusion attacks in the dataset. Moreover, our proposed DLMIDPSM employs a combination of artificial neural networks, ANNs, convolutional neural networks (CNNs), and recurrent neural networks (RNNs). Consequently, this project aims to develop a robust real-time intrusion detection and prevention system model. DLMIDPSM can predict, detect, and prevent intrusion attacks in the CICIoT2023 IoT dataset, with a high accuracy of above 85% and a high precision rate of 99%. Comparing the DLMIDPSM to the other literature, deep learning models and machine learning (ML) models have used decision tree (DT) and support vector machine (SVM), achieving a detection and prevention rate of 81% accuracy with only 72% precision. Furthermore, this research project breaks new ground by incorporating combined machine learning and deep learning models with IDPS capability, known as ML and DLMIDPSMs. We train, validate, or test the ML and DLMIDPSMs on the CICIoT2023 dataset, which helps to achieve higher accuracy and precision than the other deep learning models discussed above. Thus, our proposed combined ML and DLMIDPSMs achieved higher intrusion detection and prevention based on the confusion matrix’s high-rate attack detection and prevention values.

In recent times, Internet of Things (IoT) ecosystem is rapidly expanding, with a flow in various devices being integrated to allow continuous and efficient communication. Most IoT devices are resource-constrained, and without clearly defined security standards, their communications remain exposed to potential risks. As a result, quickly identifying threats within IoT networks is critical, making Intrusion Detection Systems (IDS) an essential component of modern cybersecurity strategies. The unpredictable behavior of IoT traffic demands dynamic and context-sensitive rule configurations. Software Defined Networks (SDN’s) is programmable architecture enables real-time threat justification across heterogeneous IoT environments. The proposed IntruDet-LSTM which is Intrusion Detection with Long Short-Term Memory method introduces a hybrid system for intrusion detection and dynamic rule-based configuration, combining a signature-based SNORT method with a data-driven ensemble model built on LSTM. Fault tolerance is achieved through a dual-layer design, where the intrusion detection and rule configuration models are dissociated, enabling uninterrupted performance even when one layer is compromised. IntruDet-LSTM method effectively reduces false alarms, allowing true IoT traffic to flow continuous and still delivering high detection accuracy. The proposed IntruDet-LSTM achieves accuracy of 99.8%, which is better than existing Deep Integrated Stacking for the IoT (DIS-IoT).

Strong cybersecurity solutions are becoming more and more important as Internet of Things (IoT) technology integration in healthcare settings develops. This study offers a method for feature extraction, selection, and attack classification by fusing the discriminative capacity of feedforward neural networks (FNNs) with the adaptability of fuzzy logic systems. In delicate healthcare database of IoT wearable devices, to reduce false alarm and guaranteeing intrusion detection dependability are the main priorities. The suggested method uses a feature extraction, selection technique, training and testing based on FNN, which allows the model to adjust to the dynamic and varied character of medical data. During the assessment stage, a dataset including a range of healthcare IoT scenarios, including different kinds of attacks, is used to train and evaluate the model, the ToN_IoT dataset was used. Fuzzy logic improves the system's resilience in identifying pertinent features by managing uncertainties and imprecise input. Fuzzy logic is one of the best technique for handling uncertainty, its linguistic representation and rule reasoning helps in better identification and classification. The findings indicate a noteworthy decrease in the frequency of false alarms when juxtaposed with conventional intrusion detection systems. Results obtained from the model are 99.2, 98.8, 99.5, 99.1 & 0.008 for accuracy, precision, recall, F1-Score and False alarm respectively. Promising outcomes in protecting IoT healthcare environments are demonstrated by the suggested system, opening the door to better patient data privacy and system resilience against cyberattacks.

IoT-PRIDS: Leveraging packet representations for intrusion detection in IoT networks

The Internet of Things (IoT) introduces significant security vulnerabilities, raising concerns about cyber-attacks. Attackers exploit these vulnerabilities to launch distributed denial-of-service (DDoS) attacks, compromising availability and causing financial damage to digital infrastructure. This study focuses on mitigating DDoS attacks in corporate local networks by developing a model that operates closer to the attack source. The model utilizes Host Intrusion Detection Systems (HIDS) to identify anomalous behaviors in IoT devices and employs network-based intrusion detection approaches through a Network Intrusion Detection System (NIDS) for comprehensive attack identification. Additionally, a Host Intrusion Detection and Prevention System (HIDPS) is implemented in a fog computing infrastructure for real-time and precise attack detection. The proposed model integrates NIDS with federated learning, allowing devices to locally analyze their data and contribute to the detection of anomalous traffic. The distributed architecture enhances security by preventing volumetric attack traffic from reaching internet service providers and destination servers. This research contributes to the advancement of cybersecurity in local network environments and strengthens the protection of IoT networks against malicious traffic. This work highlights the efficiency of using a federated training and detection procedure through deep learning to minimize the impact of a single point of failure (SPOF) and reduce the workload of each device, thus achieving accuracy of 89.753% during detection and increasing privacy issues in a decentralized IoT infrastructure with a near-real-time detection and mitigation system.

Machine learning (ML)-based Network Intrusion Detection Systems (NIDSs) can classify each network’s flow behavior as benign or malicious by detecting heterogeneous features, including both categorical and numerical features. However, the present ML-based NIDSs are deemed insufficient in terms of their ability to generalize, particularly in changing network environments such as the Internet of Things (IoT)-based smart home. Although IoT devices add so much to home comforts, they also introduce potential risks and vulnerabilities. Recently, many NIDS studies on other IoT scenarios, such as the Internet of Vehicles (IoV) and smart cities, focus on utilizing the telemetry data of IoT devices for IoT intrusion detection. Because when IoT devices are under attack, their abnormal telemetry data values can reflect the anomaly state of those devices. Those telemetry data-based IoT NIDS methods detect intrusion events from a different view, focusing on the attack impact, from the traditional network traffic-based NIDS, which focuses on analyzing attack behavior. The telemetry data-based NIDS is more suitable for IoT devices without built-in security mechanisms. Considering the smart home IoT scenario, which has a smaller scope and a limited number of IoT devices compared to other IoT scenarios, both NIDS views can work independently. This motivated us to propose a novel ML-based NIDS to combine the network traffic-based and telemetry data-based NIDS together. In this paper, we propose a Transformer-based IoT NIDS method to learn the behaviors and effects of attacks from different types of data that are generated in the heterogeneous IoT environment. The proposed method utilizes a self-attention mechanism to learn contextual embeddings for input network features. Based on the contextual embeddings, our method can solve the feature set challenge, including both continuous and categorical features. Our method is the first to utilize both network traffic data and IoT sensors’ telemetry data at the same time for intrusion detection. Experiments reveal the effectiveness of our method on a realistic network traffic intrusion detection dataset named ToN_IoT, with an accuracy of 97.95% for binary classification and 95.78% for multiple classifications on pure network data. With the extra IoT information, the performance of our method has been improved to 98.39% and 97.06%, respectively. A comparative study with existing works shows that our method can achieve state-of-the-art performance on the ToN_IoT dataset.

Internet of things intrusion detection model and algorithm based on cloud computing and multi-feature extraction extreme learning machine

An intellectual intrusion detection system using Hybrid Hunger Games Search and Remora Optimization Algorithm for IoT wireless networks

Blockchain and federated learning-based intrusion detection approaches for edge-enabled industrial IoT networks: a survey

The number of Internet of Things (IoT) devices is increasing rapidly, with estimates predicting more than 41 billion devices by 2025. This growth has also expanded the attack surface, making IoT networks highly vulnerable to cyberattacks. Traditional intrusion detection systems are not suitable for IoT because they depend on known attack signatures, require high computational power, and many false alarms. These limitations make them difficult to deploy on resource-constrained edge devices. The aim of this study is to develop a lightweight and accurate intrusion detection framework specifically designed for IoT environments. We introduce IoT Network Vigilant, a hybrid framework improves intrusion detection performance while remaining efficient enough for real-time use. The framework consists of three key parts. First, we design 27 new IoT-specific features that capture device behavior, traffic asymmetry, and temporal patterns. Second, we apply a two-stage Flower Pollination Algorithm (FPA) to select the most useful features. The first stage ranks features using mutual information, and the second stage removes redundant features using correlation analysis. This process reduces the dataset size by about one-third. Third, we employ Binarized Neural Networks (BNNs), which use binary weights and activations, allowing fast and low-power classification. The model is tested on the IoTID20 dataset, and class imbalance is handled using SMOTE. The results show strong performance, with 98.43% accuracy, 99.03% precision, and 97.32% recall. These scores represent a 4.5% improvement in accuracy compared with existing methods. Overall, this framework offers a robust, efficient, and deployable intrusion detection solution for modern IoT networks.

In the rapidly‐developing Internet of Things (IoT) ecosystem, safeguarding the privacy and accuracy of linked devices and networks is of utmost importance, with the challenge lying in effective implementation of intrusion detection systems on resource‐constrained IoT devices. This study introduces a differential privacy (DP)‐aided DeepFed architecture for intrusion detection in IoT contexts as a novel approach to addressing these difficulties. To build an intrusion detection model, we combined components of a convolutional neural network with bidirectional long short‐term memory. We apply this approach to the Bot‐IoT dataset, which was rigorously curated by the University of New South Wales (UNSW) and N‐BaIoT dataset. Our major goal is to create a model that delivers high accuracy while protecting privacy, an often‐overlooked aspect of IoT security. Intrusion detection tasks are distributed across multiple IoT devices using federated learning principles to protect data privacy, incorporating the DP framework to gauge and minimize information leakage, all while investigating the intricate relationship between privacy and accuracy in pursuit of an ideal compromise. The trade‐off between privacy preservation and model accuracy is investigated by adjusting the privacy loss and noise multiplier. Our research enhances IoT security by introducing a deep learning model for intrusion detection in IoT devices, explores the integration of DP in federated learning framework for IoT and offers guidance on minimizing the accuracy‐privacy trade‐off based on specific privacy and security needs. Our study explores the privacy‐accuracy trade‐off by examining the effects of varying epsilon values on accuracy for various delta values for a range of clients between 5 and 25. We also investigate the influence of several noise multipliers on accuracy and find a consistent accuracy curve, especially around a noise multiplier value of about 0.5. The findings of this study have the possibilities to enhance IoT ecosystem security and privacy, contributing to the IoT landscape's trustworthiness and sustainability.

The increasing occurrence of cyberattacks specifically aimed at critical infrastructure has led to the adoption of network intrusion detection techniques for the Internet of Things (IoT). Securing IoT networks is difficult because of the growing number of connected devices and the advanced methods used by attackers. This study investigates the application of machine learning and neural networks in the prevention of prevalent online fraud and assesses their efficacy. The text discusses important ideas related to email filtering, machine learning, artificial neural networks, and network intrusion techniques. The study discusses the difficulties related to e-fraud detection and suggests methods to improve detection systems. Furthermore, it offers a thorough examination of IoT intrusion detection, emphasizing the risks, weaknesses, assaults, and methods of detection. Securing the billions of autonomous nodes in the Internet of Things (IoT), each with distinct characteristics, poses a significant challenge. Conventional techniques like as encryption, access control, and authentication are inadequate when used individually. Thus, this work utilizes deep learning techniques to detect widespread IoT vulnerabilities, such as Distributed Denial of Service (DDoS) assaults. The models are evaluated using different datasets, including NSL-KDD, DS2OS, and IoT Botnet. The evaluation is based on measures such as accuracy, precision, recall, and F1-score. The deep machine learning intrusion detection system has a high accuracy rate of 96.38%, which shows its efficiency in recognizing risks related to the Internet of Things (IoT) Where the data was trained by 80% and the data was tested by 20.