Anomaly detection using ensemble techniques for boosting the security of intrusion detection system

Abstract

IoT-based applications have witnessed a rapid surge in deployment in various domains. IoT infrastructure is the nervous system responsible for the effective functioning of Smart Cities. Nevertheless, the full-fledged deployment of IoT-based applications exposes this infrastructure to a high risk of cyberattacks. Since IoT devices establish communication with cloud services via inbuilt sensors, the probability of sabotaging the communication channel by malicious attacks is always high. This paper aims to explore an anomaly detection method that makes use of techniques like Support Vector Machine (SVM), Artificial Neural Networks (ANN), k- Nearest Neighbor (KNN), Linear Regression (LR), Decision Trees (DT), and Random Forest (RF) to neutralize threats and boost the cybersecurity of a smart city. The paper goes on to examine the role of ensemble techniques like bagging and boosting to provide an additional security layer to the detection architecture. This is where the paper departs from the erstwhile approaches that have revolved around single classifiers to boost the detection system and have not considered the integration of cross-validation and feature selection. The experimental results conducted on the datasets UNSW-BC15 and CICIDS2017 and several measures like Accuracy, Precision, Recall, and F1 Score establish that the proposed approach outperforms various state-of-the-art methods used in detecting rare attacks.