International Journal on Advanced Science, Engineering and Information Technology

Recently, connected objects have been the subject of cyber-attacks at an alarming rate. These devices connected to a vast volume data stream have insufficient resources and are not manually configured. Typically, attacks target the usability and exploitation of these vulnerabilities. These attacks make the mission of traditional intrusion detection (IDS) systems more challenging to limit intrusion threats. Machine learning (ML) can solve this problem, mainly since the Internet of Things (IoT) can collect and transfer massive amounts of data. This data is the essence of ML, enabling it to build security and privacy models which can predict or classify malicious nodes and network traffic in the IoT. This article looks at the more common forms of cyberattacks, which could lead to an IoT system failure, as well as a countermeasure capable of limiting their damage. First, we present a general review of IDS and these evaluation measures as a solution to limit these attacks. After reviewing the ML domain and these often-used algorithms, on which the IDS can be based to accomplish its mission, we examine the different datasets researchers use to form their IDS. Finally, we look at a practical example of using Python to evaluate ML methods on a current dataset (TON IoT). The research is based on previous research on the topic. The results enable us to choose the appropriate algorithms for the IDS to achieve the best binary and multi-classification based on the evaluation parameters.

IoT security; IDS; evaluation metrics; machine learning algorithms; attacks and threats in IoT; datasets for IDS in IoT; classification

D. C. Nguyen, M. Ding, P. N. Pathirana, A. Seneviratne, J. Li, and H. Vincent Poor, “Federated Learning for Internet of Things: A Comprehensive Survey,†IEEE Commun. Surv. Tutorials, vol. 23, no. 3, pp. 1622–1658, 2021.

K. Rambabu and N. Venkatram, “Ensemble classification using traffic flow metrics to predict distributed denial of service scope in the Internet of Things (IoT) networks,†Comput. Electr. Eng., vol. 96, no. PA, p. 107444, 2021.

N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network Intrusion Detection for IoT Security Based on Learning Techniques,†IEEE Commun. Surv. Tutorials, 2019.

B. B. Gupta, P. Chaudhary, X. Chang, and N. Nedjah, “Smart defense against distributed Denial of service attack in IoT networks using supervised learning classifiers,†Comput. Electr. Eng., vol. 98, no. February, p. 107726, 2022.

N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, “Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,†Futur. Gener. Comput. Syst., vol. 100, pp. 779–796, 2019.

H. Mrabet, S. Belguith, A. Alhomoud, and A. Jemai, “A Survey of IoT Security Based on a Layered Architecture of Sensing and Data Analysis,†Sensors, vol. 20, no. 13, p. 3625, Jun. 2020.

S. M. Tahsien, H. Karimipour, and P. Spachos, “Machine learning based solutions for security of Internet of Things (IoT): A survey,†J. Netw. Comput. Appl., vol. 161, p. 102630, Jul. 2020.

N. Zhang, R. Wu, S. Yuan, C. Yuan, and D. Chen, “RAV: Relay Aided Vectorized Secure Transmission in Physical Layer Security for Internet of Things Under Active Attacks,†IEEE Internet Things J., vol. 6, no. 5, pp. 8496–8506, Oct. 2019.

N. F. Syed, Z. Baig, A. Ibrahim, and C. Valli, “Denial of service attack detection through machine learning for the IoT,†J. Inf. Telecommun., vol. 4, no. 4, pp. 482–503, Oct. 2020.

N. Mishra and S. Pandya, “Internet of Things Applications, Security Challenges, Attacks, Intrusion Detection, and Future Visions: A Systematic Review,†IEEE Access, vol. 9, pp. 59353–59377, 2021.

A. Bamou, M. Khardioui, M. D. El Ouadghiri, and B. Aghoutane, “Implementing and Evaluating an Intrusion Detection System for Denial of Service Attacks in IoT Environments,†in Lecture Notes in Networks and Systems, 2020.

C.-L. Chen and J.-M. Chen, “Use of MARKOV Chain for Early Detecting DDoS Attacks,†Int. J. Netw. Secur. Its Appl., vol. 13, no. 04, pp. 01–11, 2021.

M. M. Salim, S. Rathore, and J. H. Park, “Distributed denial of service attacks and its defenses in IoT: a survey,†J. Supercomput., vol. 76, no. 7, pp. 5320–5363, Jul. 2020.

A. Abdollahi and M. Fathi, “An Intrusion Detection System on Ping of Death Attacks in IoT Networks,†Wirel. Pers. Commun., vol. 112, no. 4, pp. 2057–2070, Jun. 2020.

R. Nath N and H. V Nath, “Critical analysis of the layered and systematic approaches for understanding IoT security threats and challenges,†Comput. Electr. Eng., vol. 100, p. 107997, May 2022.

P. Podder, M. R. H. Mondal, S. Bharati, and P. K. Paul, “Review on the Security Threats of Internet of Things,†Int. J. Comput. Appl., vol. 176, no. 41, pp. 37–45, Jul. 2020.

B. S. Bhati, C. S. Rai, B. Balamurugan, and F. Al-Turjman, “An intrusion detection scheme based on the ensemble of discriminant classifiers,†Comput. Electr. Eng., vol. 86, 2020.

Rachit, S. Bhatt, and P. R. Ragiri, “Security trends in Internet of Things: a survey,†SN Appl. Sci., vol. 3, no. 1, pp. 1–14, 2021.

N. Abosata, S. Al-Rubaye, G. Inalhan, and C. Emmanouilidis, “Internet of Things for System Integrity: A Comprehensive Survey on Security, Attacks and Countermeasures for Industrial Applications,†Sensors, vol. 21, no. 11, p. 3654, May 2021.

R. Yugha and S. Chithra, “A survey on technologies and security protocols: Reference for future generation IoT,†J. Netw. Comput. Appl., vol. 169, no. September 2019, p. 102763, 2020.

M. M. Ogonji, G. Okeyo, and J. M. Wafula, “A survey on privacy and security of Internet of Things,†Comput. Sci. Rev., vol. 38, p. 100312, 2020.

A. Bamou, M. D. E. L. Ouadghiri, and B. Aghoutane, “Intrusion detection in the internet of things,†Int. J. Adv. Trends Comput. Sci. Eng., vol. 9, no. 1.5 Special Issue, pp. 1–7, 2020.

M. Abdel-Basset, N. Moustafa, H. Hawash, I. Razzak, K. M. Sallam, and O. M. Elkomy, “Federated Intrusion Detection in Blockchain-Based Smart Transportation Systems,†IEEE Trans. Intell. Transp. Syst., vol. 23, no. 3, pp. 2523–2537, Mar. 2022.

A. Bamou, M. D. EL Ouadghiri, and B. Aghoutane, “Current Works on IDS Development Strategies for IoT,†2022, pp. 15–24.

J. Roldán, J. Boubeta-Puig, J. Luis Martínez, and G. Ortiz, “Integrating complex event processing and machine learning: An intelligent architecture for detecting IoT security attacks,†Expert Syst. Appl., vol. 149, p. 113251, Jul. 2020.

A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,†Cybersecurity, vol. 2, no. 1, 2019.

S. Sapre, P. Ahmadi, and K. Islam, “A Robust Comparison of the KDDCup99 and NSL-KDD IoT Network Intrusion Detection Datasets Through Various Machine Learning Algorithms,†Dec. 2019.

S. Dwivedi, M. Vardhan, S. Tripathi, and A. K. Shukla, “Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection,†Evol. Intell., vol. 13, no. 1, pp. 103–117, Mar. 2020.

N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),†2015 Mil. Commun. Inf. Syst. Conf. MilCIS 2015 - Proc., 2015.

V. Kumar, D. Sinha, A. K. Das, S. C. Pandey, and R. T. Goswami, “An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset,†Cluster Comput., vol. 23, no. 2, pp. 1397–1418, Jun. 2020.

S. Thakur, A. Chakraborty, R. De, N. Kumar, and R. Sarkar, “Intrusion detection in cyber-physical systems using a generic and domain specific deep autoencoder model,†Comput. Electr. Eng., vol. 91, no. February, p. 107044, 2021.

Z. Pelletier and M. Abualkibash, “Evaluating the CIC IDS-2017 Dataset Using Machine Learning Methods and Creating Multiple Predictive Models in the Statistical Computing Language R,†Int. res. j. adv. eng. sci., vol. 5, no. 2, pp. 187–191, 2020.

N. Moustafa, “A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets,†Sustain. Cities Soc., vol. 72, no. May, 2021.

A. Mihoub, O. Ben Fredj, O. Cheikhrouhou, A. Derhab, and M. Krichen, “Denial of service attack detection and mitigation for internet of things using looking-back-enabled machine learning techniques,†Comput. Electr. Eng., vol. 98, no. December 2021, p. 107716, 2022.

M. Douiba, S. Benkirane, A. Guezzaz, and M. Azrour, “Anomaly detection model based on gradient boosting and decision tree for IoT environments security,†J. Reliab. Intell. Environ., Jul. 2022.

T. Saranya, S. Sridevi, C. Deisy, T. D. Chung, and M. K. A. A. Khan, “Performance Analysis of Machine Learning Algorithms in Intrusion Detection System: A Review,†Procedia Comput. Sci., vol. 171, pp. 1251–1260, 2020.

M. Achir, A. Abdelli, L. Mokdad, and J. Benothman, “Service discovery and selection in IoT: A survey and a taxonomy,†J. Netw. Comput. Appl., vol. 200, no. December 2021, p. 103331, 2022.

A. Alhowaide, I. Alsmadi, and J. Tang, “Ensemble Detection Model for IoT IDS,†Internet of Things, no. March, p. 100435, 2021.

A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, and Adna N Anwar, “TON-IoT telemetry dataset: A new generation dataset of IoT and IIoT for data-driven intrusion detection systems,†IEEE Access, vol. 8, pp. 165130–165150, 2020.

A. Churcher et al., “An experimental analysis of attack classification using machine learning in IoT networks,†Sensors (Switzerland), vol. 21, no. 2, pp. 1–32, 2021.

A. Khraisat, I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab, “A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks,†Electron., vol. 8, no. 11, 2019.

P. Kumar, G. P. Gupta, and R. Tripathi, “An ensemble learning and fog-cloud architecture-driven cyber-attack detection framework for IoMT networks,†Comput. Commun., vol. 166, no. December 2020, pp. 110–124, 2021.

T. M. Booij, I. Chiscop, E. Meeuwissen, N. Moustafa, and F. T. H. den Hartog, “ToN_IoT: The Role of Heterogeneity and the Need for Standardization of Features and Attack Types in IoT Network Intrusion Datasets,†IEEE Internet Things J., no. May, 2021.