Abstract
Cyber security has become increasingly challenging due to the proliferation of the Internet of things (IoT), where a massive number of tiny, smart devices push trillion bytes of data to the Internet. However, these devices possess various security flaws resulting from the lack of defense mechanisms and hardware security support, therefore making them vulnerable to cyber attacks. In addition, IoT gateways provide very limited security features to detect such threats, especially the absence of intrusion detection methods powered by deep learning. Indeed, deep learning models require high computational power that exceeds the capacity of these gateways. In this paper, we introduce Realguard, an DNN-based network intrusion detection system (NIDS) directly operated on local gateways to protect IoT devices within the network. The superiority of our proposal is that it can accurately detect multiple cyber attacks in real time with a small computational footprint. This is achieved by a lightweight feature extraction mechanism and an efficient attack detection model powered by deep neural networks. Our evaluations on practical datasets indicate that Realguard could detect ten types of attacks (e.g., port scan, Botnet, and FTP-Patator) in real time with an average accuracy of 99.57%, whereas the best of our competitors is 98.85%. Furthermore, our proposal effectively operates on resource-constraint gateways (Raspberry PI) at a high packet processing rate reported about 10.600 packets per second.
Highlights
Recent years have seen the proliferation of the Internet of Things (IoT) and its impact on various domains from agriculture, healthcare, transportation to automotive industry.Aiming to bring every physical object into digital worlds, IoT connected billions of devices, which are embedded with sensors, actuators, and other technologies, to the Internet and generated zillions bytes of data
We demonstrate that Realguard can fully operate on resource-constrained IoT gateways, while detecting a wide range of cipher threats (10 attack types) in real time with a very low false-positive rate
Confusion matrix: It is a specific table with two rows and two columns that present the values of true positives (TP), true negatives (TN), false positives (FP), and false negatives (FN)
Summary
Recent years have seen the proliferation of the Internet of Things (IoT) and its impact on various domains from agriculture, healthcare, transportation to automotive industry. One popular approach is employing a deep neural network (DNN) to classify network traffic into normal and abnormal classes [12] This DNN model is first trained by labelled datasets containing both normal and attack traffic before deploying NIDS to detect cyber threats. The proposed NIDS has to identify a large set of attacks from malicious signs in the network traffic To achieve this aim, we proposed a DNN model that effectively detects ten popular attacks in the IoT domain with high accuracy. We demonstrate that Realguard can fully operate on resource-constrained IoT gateways, while detecting a wide range of cipher threats (10 attack types) in real time with a very low false-positive rate.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
