Threats Detection in IoT Network

The recent growth in Internet of Things (IoT) deployment has increased the rapidness of integration and extended the reach of the internet from computers, tablets, and phones to countless devices in our physical world. This growth makes our life more convenient and industries more efficient. However, at the same time, it brought numerous challenges in terms of security and expanded the area of cyber-attacks, especially the DoS and DDoS attacks. Moreover, since many IoT devices run custom or outdated operating systems, and most do not have enough resources to run typical intrusion detection systems, it was necessary to search for alternative solutions. Therefore, many researchers have joined the race to develop new lightweight intrusion detection methods. In this study, we have investigated the detection of different DoS attacks on the IoT network using machine learning techniques. The studied attacks are TCP Syn-Flood Attack, UDP Flood Attack, HTTP Slowloris GET Attack, Apache Range Header DoS, and Port Scan attack. We have proposed a new dataset, namely HEIoT21, which was generated in a real smart home environment using a collective of IoT devices and non-IoT devices connected to a wireless network. The proposed dataset included normal and anomaly data, and using the CiCflowmeter application, we extracted 82 network features from the proposed dataset. The dataset was labeled and categorized into binary-class and multi-class. Our dataset underwent multiple feature selection methods to keep only enough features to produce a good detection accuracy; for that, we have used Anova F-value Feature Selection, Random Forest importance feature selection, and Sequential Forward Feature Selection. The feature selection techniques produced three new sub-datasets, which were evaluated using multiple machine learning algorithms like Logistic Regression (LR), J48 Decision Tree (DT), Naïve Bayes, and Artificial Neural Network (ANN). A comparison study was conducted on the result obtained from applying the different machine learning algorithms on the derived sub-datasets, which led to the finding that the most suitable feature selection technique for the proposed dataset was Anova F-value and the best-fit machine learning algorithm for the proposed dataset was The Decision Tree which produced an accuracy result of 99.92% for binary classification and 99.94% for multi-class classification. In the end, our study was compared with other studies in the field of IoT intrusion detection, and we found that the result obtained through this study was higher than most others. Therefore, the proposed dataset could be of great use to those who want to work on the analysis and detection of the existing network security threats. Also, this study can be considered a cornerstone for a proper lightweight intrusion detection system, where the datasets can be expanded to include other types of attacks, new detection rules can be added, and an alert mechanism can be integrated to become a complete detection system.

Keywords:

Internet of things, IoT, machine learning network security, attack detection.,

PDF

___

Butun I, Österberg P, Song H. Security of the Internet of Things: vulnerabilities, attacks and counter measures. IEEE Commun Surv Tutorials 2019; 616-644.
Alotaibi B, Alotaibi M. A stacked deep learning approach for IoT cyber attack detection. J Sens 2020.
Abu Kwaider H. HEIoT2021. [Online]. Available: https://drive.google.com/file/d/1WAHorikhN9fw9T1YpOkH6DwvnbwdjiHC/view?usp=sharing. 2021.
Xu T, Potkonjak M, Wendt J. Security of IoT systems: design challenges and opportunities. ACM International Conference on Computer-Aided Design 2014; IEEE. pp. 417-423.
Bull P, Austin R, Popov E, Sharma M, Watson R. Flow based security for IoT devices using an SDN gateway. IEEE 4th International Conference on Future Internet of Things and Cloud 2016; IEEE. pp. 157-163.
Farahnakian F, Heikkonen JA. Deep auto-encoder based approach for intrusion detection system. 20th International Conference on Advanced Communication Technology 2018; pp. 178-183.
Moukhafi M, El Yassini K, Bri S. A novel hybrid GA and SVM with PSO feature selection for intrusion detection system. Int J Adv Sci Eng Technol 2018; 4(5): 129-134.
Khalvati L, Keshtgary M, Rikhtegar N. Intrusion detection based on a novel hybrid learning approach. J AI Data Mining 2018; 6(1): 157-162.
Ferrag M, Shu L, Hamouda D, Choo R. Deep learning-based intrusion detection for distributed denial of service attack in agriculture 4.0. Electronics 2021; 10(11): 1257.
Latif S, Zou Z, Idrees Z, Ahmad J. A novel attack detection scheme for the industrial Internet of Things using a lightweight random neural network. IEEE Access 2020; (8): 89337- 89350.
Ullah I, Mahmoud Q. An anomaly detection model for IoT networks based on flow and flag features using a feed-forward neural network. IEEE 19th Annual Consumer Communications & Networking Conference 2022; pp. 363-368.
Ullah I, Mahmoud Q. A scheme for generating a dataset for anomalous activity detection in IoT networks. Advances in Artificial Intelligence: 33rd Canadian Conference on Artificial Intelligence, Canadian AI 2020, Ottawa, ON, Canada, 13–15 May 2020, Proceedings: pp. 508–520.
Lopez Alma D, Mohan Asha P, Nair S. Network traffic behavioral analytics for detection of DDoS attacks. SMU Data Science Review 2019; 2(1): Article 14.