Hybrid random forest and synthetic minority over sampling technique for detecting internet of things attacks

Abstract

In recent decades, the internet of things (IoT) is a growing technology in smart applications, where it is highly susceptible to security breaches, due to the resource constrained nature of IoT. Among the available security breaches in IoT, Mirai, denial of service, user to root attack, remote to local attack, and probe attack renounce the networks in several ways such as saturating link bandwidth, consumption of server resources, etc. Hence, the installation of antivirus software cannot be guaranteed, because the IoT devices are equipped only with light weighted operating systems. So, intrusion detection systems are developed for the detection of IoT attacks. In this research, a new model is proposed based on random forest and synthetic minority over-sampling technique (RF-SMOTE) to detect the attacks in an IoT network. In this research, the experimental analysis is performed for IoT attack detection, where the evaluation is done on NSL-KDD dataset and network-based detection of IoT (N-BaIoT) dataset, which are the well-known datasets for IoT attack detection. In the experimental phase, the proposed RF-SMOTE model showed minimum of 0.14% and maximum of 14.25% improvement in accuracy on NSL-KDD dataset for binary class. In addition, the proposed model averagely showed minimum of 0.04% and maximum of 7.35% improvement in accuracy on NSL-KDD dataset for four classes. Additionally, the proposed RF-SMOTE model showed minimum of 0.01% and maximum of 0.04% improvement in accuracy on N-BaIoT dataset related to the existing model’s decision tree, shallow model, etc.