1/2022 - 1 | View TOC | « Previous Article | Next Article » |
A Hybrid Deep Learning Approach for Intrusion Detection in IoT NetworksEMEC, M. , OZCANHAN, M. H. |
Extra paper information in |
Click to see author's profile in SCOPUS, IEEE Xplore, Web of Science |
Download PDF (1,449 KB) | Citation | Downloads: 1,951 | Views: 2,555 |
Author keywords
hybrid intelligent systems, Internet of Things, intrusion detection, learning systems, prediction methods
References keywords
learning(19), detection(17), deep(15), network(14), intrusion(13), link(7), system(6), security(6), neural(6), model(6)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2022-02-28
Volume 22, Issue 1, Year 2022, On page(s): 3 - 12
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2022.01001
Web of Science Accession Number: 000762769600002
SCOPUS ID: 85126801506
Abstract
Internet of Things (IoT) devices have flocked the whole world through the Internet. With increasing mission-critical IoT data traffic, attacks on IoT networks have also increased. Many newly crafted attacks on IoT communication require equally intelligent intrusion detection methods to form the first step of countering the attacks. Our work contributes to intrusion detection in IoT networks, by putting state-of-the-art Deep learning methods into service. A BLSTM-GRU Hybrid (BGH) model has been designed to detect eight known IoT network attacks, based on two well-accepted CIC-IDS-2018 and BoT-IoT IoT network traffic datasets. The results of our BGH model in IoT network traffic intrusion detection have been auspicious. The accuracies of prediction on the two datasets are 98.78% and 99.99%. The f1-scores are 98.64% and 99.99%, respectively. The comparison of our results with similar previous studies showed that our BGH model has the best performance ratio (time/accuracy, time/f1-score), where time is the training time of the model. The performance of our proposed model is proof that hybrid Deep Learning methods can prove to be an innovative perspective on Intrusion Detection in IoT networks. |
References | | | Cited By «-- Click to see who has cited this paper |
[1] B. Javed, M. W. Iqbal and H. Abbas, "Internet of Things (IoT) design considerations for developers and manufacturers," 2017 IEEE International Conference on Communications Workshops (ICC Workshops), IEEE, 2017, pp. 834-839. [CrossRef] [SCOPUS Times Cited 26] [2] K. Xu, X. Wang, W. Wei, H. Song and B. Mao, "Toward software defined smart home," IEEE Communications Magazine, vol. 54, no. 5, May 2016, pp. 116-122. [CrossRef] [Web of Science Times Cited 96] [SCOPUS Times Cited 111] [3] A. Q. Mobark and A. Sidorova, "Consumer acceptance of Internet of Things (IoT): Smart home context," Journal of Computer Information Systems, vol. 60, no. 6, Nov. 2020, pp. 507-517. [CrossRef] [Web of Science Times Cited 89] [SCOPUS Times Cited 113] [4] M. Sendhil, and J. Spiess, "Machine learning: An applied econometric approach," Journal of Economic Perspectives, vol. 31, no. 2, May 2017, pp. 87-106. [CrossRef] [Web of Science Times Cited 753] [SCOPUS Times Cited 926] [5] "Number of IoT Devices 2015-2025," Statista, [Online] Available: Temporary on-line reference link removed - see the PDF document [6] ITU. "ARM Predicts 1 Trillion IoT Devices by 2035 with New End-to-End Platform," ITU News, 6 Aug. 2018, [Online] Available: Temporary on-line reference link removed - see the PDF document [7] J. Wurm, K. Hoang, O. Arias, A. Sadeghi and Y. Jin , "Security analysis on consumer and industrial IoT devices," 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC), IEEE, 2016, pp. 519-524. [CrossRef] [SCOPUS Times Cited 235] [8] What You Need to Know about the Mirai Botnet behind Recent Major DDoS Attacks. [Online] Available: Temporary on-line reference link removed - see the PDF document [9] IDS 2018 | Datasets | Research | Canadian Institute for Cybersecurity | UNB. [Online] Available: Temporary on-line reference link removed - see the PDF document [10] Moustafa, Nour. The Bot-IoT Dataset. Oct. 2019. [Online] Available: Temporary on-line reference link removed - see the PDF document [11] Y. LeCun, et al., "Deep Learning," Nature, vol. 521, no. 7553, May 2015, pp. 436-444. [CrossRef] [Web of Science Times Cited 24147] [SCOPUS Times Cited 59869] [12] M. T. Mahmud et al., "Using machine learning to secure IOT systems," 2020 4th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), IEEE, 2020, pp. 1-7. [CrossRef] [SCOPUS Times Cited 11] [13] "A New Botnet Attack Just Mozied Into Town," Security Intelligence, [Online] Available: Temporary on-line reference link removed - see the PDF document [14] McAfee Labs Threats Report | November 2020. [Online] Available: Temporary on-line reference link removed - see the PDF document [15] J. Kim, et al., "CNN-Based network intrusion detection against denial-of-service attacks," Electronics, vol. 9, no. 6, June 2020, p. 916. [CrossRef] [Web of Science Times Cited 181] [SCOPUS Times Cited 263] [16] S. Aljawarneh M. Aldwairi, M. B. Yassein, "Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model," Journal of Computational Science, vol. 25, Mar. 2018, pp. 152-160. [CrossRef] [Web of Science Times Cited 297] [SCOPUS Times Cited 473] [17] M. Esmalifalak, Nam Tuan Nguyen, R. Zheng and Z. Han, "Detecting stealthy false data injection using machine learning in smart grid," 2013 IEEE Global Communications Conference (GLOBECOM), IEEE, 2013, pp. 808-813. [CrossRef] [SCOPUS Times Cited 40] [18] B. Yan, and H. Guodong, "LA-GRU: Building combined intrusion detection model based on imbalanced learning and gated recurrent unit neural network," Security and Communication Networks, vol. 2018, Aug. 2018, pp. 1-13. [CrossRef] [Web of Science Times Cited 36] [SCOPUS Times Cited 52] [19] M. A. Altuncu, F. K. Gulagiz, H. Ozcan, O. F. Bayir, A. Gezgın, A. Niyazov, M. A. Cavuslu, S. Sahin, "Deep learning based DNS tunneling detection and blocking system," Advances in Electrical and Computer Engineering, vol. 21, no. 3, 2021, pp. 39-48. [CrossRef] [Full Text] [SCOPUS Times Cited 6] [20] T. Su, H. Sun, J. Zhu, S. Wang and Y. Li, "BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset," IEEE Access, vol. 8, 2020, pp. 29575-29585. [CrossRef] [Web of Science Times Cited 204] [SCOPUS Times Cited 289] [21] P. Lin, K. Ye, C.-Z. Xu, "Dynamic network anomaly detection system by using deep learning techniques," Cloud Computing - CLOUD 2019, edited by Dilma Da Silva et al., vol. 11513, Springer International Publishing, 2019, pp. 161-176. [CrossRef] [Web of Science Times Cited 87] [SCOPUS Times Cited 130] [22] M. A. Ferrag, M. Leandros, M. Sotiris, J. Helge, "Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study," Journal of Information Security and Applications, vol. 50, Feb. 2020, p. 102419. [CrossRef] [Web of Science Times Cited 456] [SCOPUS Times Cited 701] [23] M. Tao, et al., "A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks," Sensors, vol. 16, no. 10, Oct. 2016, p. 1701. [CrossRef] [Web of Science Times Cited 140] [SCOPUS Times Cited 188] [24] P. Liu, and J. Liu, "Combined effect of multiple performance shaping factors on human reliability: Multiplicative or additive?," International Journal of Human-Computer Interaction, vol. 36, no. 9, May 2020, pp. 828-838. Taylor and Francis+NEJM, [CrossRef] [Web of Science Times Cited 4] [SCOPUS Times Cited 6] [25] Y. Li, eJ. Huang, H. Chen, "Time series prediction of wireless network traffic flow based on wavelet analysis and BP neural network," Journal of Physics: Conference Series, vol. 1533, no. 3, Apr. 2020, p. 032098. [CrossRef] [SCOPUS Times Cited 12] [26] Q. R. S. Fitni, and R. Kalamullah, "Implementation of ensemble learning and feature selection for performance improvements in anomaly-based intrusion detection systems," 2020 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology (IAICT), IEEE, 2020, pp. 118-124. [CrossRef] [SCOPUS Times Cited 96] [27] F. Zhao, H. Zhang, J. Peng, et al., "A semi-self-taught network intrusion detection system," Neural Computing and Applications, vol. 32, no. 23, Dec. 2020, pp. 17169-79. [CrossRef] [Web of Science Times Cited 22] [SCOPUS Times Cited 28] [28] X. Li, W. Chen, Q. Zhang, L. Wu, "Building auto-encoder intrusion detection system based on random forest feature selection," Computers & Security, vol. 95, Aug. 2020, p. 101851. [CrossRef] [Web of Science Times Cited 183] [SCOPUS Times Cited 249] [29] G. Sunanda, and J. Samarabandu, "Deep learning methods in network intrusion detection: A survey and an objective comparison," Journal of Network and Computer Applications, vol. 169, Nov. 2020, p. 102767., [CrossRef] [Web of Science Times Cited 165] [SCOPUS Times Cited 247] [30] M. Catillo, M. Rak, U. Villano, "2L-ZED-IDS: A two-level anomaly detector for multiple attack classes," Web, Artificial Intelligence and Network Applications, edited by Leonard Barolli et al., vol. 1150, Springer International Publishing, 2020, pp. 687-696. [CrossRef] [SCOPUS Times Cited 41] [31] R. I. Farhan A. T. Maolood, N. Hassan, "Performance analysis of flow-based attacks detection on CSE-CIC-IDS2018 dataset using deep learning," Indonesian Journal of Electrical Engineering and Computer Science, vol. 20, no. 3, Dec. 2020, p. 1413-1418. [CrossRef] [SCOPUS Times Cited 2] [32] G. C. Amaizu, C. I. Nwakanma, J. -M. Lee and D. -S. Kim, "Investigating network intrusion detection datasets using machine learning," 2020 International Conference on Information and Communication Technology Convergence (ICTC), IEEE, 2020, pp. 1325-1328. [CrossRef] [SCOPUS Times Cited 25] [33] S. K. Wanjau, G. M. Wambugu, G. N. Kamau,,"SSH-Brute force attack detection model based on deep learning," International Journal of Computer Applications Technology and Research, vol. 10, no. 01, 2021, pp. 42-50 [34] M. Chhetri, S. Kumar, P. P. Roy, B.-G. Kim, "Deep BLSTM-GRU model for monthly rainfall prediction: A case study of Simtokha, Bhutan," Remote Sensing, vol. 12, no. 19, Sept. 2020, p. 3174. [CrossRef] [Web of Science Times Cited 58] [SCOPUS Times Cited 84] [35] P. Kaushik, A. Gupta, P. P. Roy and D. P. Dogra, "EEG-Based age and gender prediction using deep BLSTM-LSTM network model," IEEE Sensors Journal, vol. 19, no. 7, Apr. 2019, pp. 2634-2641. [CrossRef] [Web of Science Times Cited 51] [SCOPUS Times Cited 68] [36] N. Koroniotis, N. Moustafa, E. Sitnikova, B. Turnbull,, "Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset," Future Generation Computer Systems, vol. 100, Nov. 2019, pp. 779-796. [CrossRef] [Web of Science Times Cited 748] [SCOPUS Times Cited 1033] [37] I. Idrissi, et al., "Toward a deep learning-based intrusion detection system for IoT against botnet attacks," IAES International Journal of Artificial Intelligence (IJ-AI), vol. 10, no. 1, Mar. 2021, p. 110-120. [CrossRef] [38] M. Ge, X. Fu, N. Syed, Z. Baig, G. Teo and A. Robles-Kelly, "Deep learning-based intrusion detection for IoT networks," IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), IEEE, 2019, pp. 256-25609. [CrossRef] [Web of Science Times Cited 110] [SCOPUS Times Cited 183] [39] M. A. Ferrag and L. Maglaras, "DeepCoin: A novel deep learning and blockchain-based energy exchange framework for smart grids," IEEE Transactions on Engineering Management, vol. 67, no. 4, Nov. 2020, pp. 1285-1297. [CrossRef] [Web of Science Times Cited 190] [SCOPUS Times Cited 225] [40] M. Buda, A. Maki, M. A. Mazurowschi, "A systematic study of the class imbalance problem in convolutional neural networks," Neural Networks, vol. 106, Oct. 2018, pp. 249-259. [CrossRef] [Web of Science Times Cited 1416] [SCOPUS Times Cited 1717] [41] A. Mittal, P. Kumar, P. P. Roy, R. Balasubramanian and B. B. Chaudhuri, "A modified LSTM model for continuous sign language recognition using leap motion," IEEE Sensors Journal, vol. 19, no. 16, Aug. 2019, pp. 7056-7063. [CrossRef] [Web of Science Times Cited 96] [SCOPUS Times Cited 178] [42] M. Khan, H. Wang, A. Ngueilbaye, et al., "End-to-end multivariate time series classification via hybrid deep learning architectures," Personal and Ubiquitous Computing, Sept. 2020. [CrossRef] [Web of Science Times Cited 13] [SCOPUS Times Cited 12] [43] K. Cho, et al., "Learning phrase representations using RNN encoder-decoder for statistical machine translation," Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), Association for Computational Linguistics, 2014, pp. 1724-1734. [CrossRef] [SCOPUS Times Cited 11083] [44] D. Chicco, and J. Giuseppe, "The advantages of the Matthews correlation coefficient (MCC) over F1 score and accuracy in binary classification evaluation," BMC Genomics, vol. 21, no. 1, Dec. 2020, p. 6. [CrossRef] [Web of Science Times Cited 2585] [SCOPUS Times Cited 3080] Web of Science® Citations for all references: 32,127 TCR SCOPUS® Citations for all references: 81,802 TCR Web of Science® Average Citations per reference: 714 ACR SCOPUS® Average Citations per reference: 1,818 ACR TCR = Total Citations for References / ACR = Average Citations per Reference We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more Citations for references updated on 2024-11-18 09:50 in 243 seconds. Note1: Web of Science® is a registered trademark of Clarivate Analytics. Note2: SCOPUS® is a registered trademark of Elsevier B.V. Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site. |
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.