Engineering the application of machine learning in an IDS based on IoT traffic flow
Internet of Things (IoT) devices are now widely used, enabling intelligent services that, in association with new communication technologies like the 5G and broadband internet, boost smart-city environments. Despite their limited resources, IoT devices collect and share large amounts of data and are...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Elsevier
2023-02-01
|
Series: | Intelligent Systems with Applications |
Subjects: | |
Online Access: | http://www.sciencedirect.com/science/article/pii/S2667305323000145 |
_version_ | 1811171013395742720 |
---|---|
author | Nuno Prazeres Rogério Luís de C. Costa Leonel Santos Carlos Rabadão |
author_facet | Nuno Prazeres Rogério Luís de C. Costa Leonel Santos Carlos Rabadão |
author_sort | Nuno Prazeres |
collection | DOAJ |
description | Internet of Things (IoT) devices are now widely used, enabling intelligent services that, in association with new communication technologies like the 5G and broadband internet, boost smart-city environments. Despite their limited resources, IoT devices collect and share large amounts of data and are connected to the internet, becoming an attractive target for malicious actors.This work uses machine learning combined with an Intrusion Detection System (IDS) to detect possible attacks. Due to the limitations of IoT devices and low latency services, the IDS must have a specialized architecture. Furthermore, although machine learning-based solutions have high potential, there are still challenges related to training and generalization, which may impose constraints on the architecture.Our proposal is an IDS with a distributed architecture that relies on Fog computing to run specialized modules and use deep neural networks to identify malicious traffic inside IoT data flows. We compare our IoT-Flow IDS with three other architectures. We assess model generalization using test data from different datasets and evaluate their performance in terms of Recall, Precision, and F1-Score. Results confirm the feasibility of flow-based anomaly detection and the importance of network traffic segmentation and specialized models in the AI-based IDS for IoT. |
first_indexed | 2024-04-10T17:06:26Z |
format | Article |
id | doaj.art-9d409bee7ccd4309a4fadbb1df0e5e9e |
institution | Directory Open Access Journal |
issn | 2667-3053 |
language | English |
last_indexed | 2024-04-10T17:06:26Z |
publishDate | 2023-02-01 |
publisher | Elsevier |
record_format | Article |
series | Intelligent Systems with Applications |
spelling | doaj.art-9d409bee7ccd4309a4fadbb1df0e5e9e2023-02-06T04:06:32ZengElsevierIntelligent Systems with Applications2667-30532023-02-0117200189Engineering the application of machine learning in an IDS based on IoT traffic flowNuno Prazeres0Rogério Luís de C. Costa1Leonel Santos2Carlos Rabadão3School of Technology and Management (ESTG), Polytechnic of Leiria, Leiria, 2411-901, PortugalComputer Science and Communication Research Centre (CIIC), Polytechnic of Leiria, Leiria, 2411-901, Portugal; Corresponding author.School of Technology and Management (ESTG), Polytechnic of Leiria, Leiria, 2411-901, Portugal; Computer Science and Communication Research Centre (CIIC), Polytechnic of Leiria, Leiria, 2411-901, PortugalSchool of Technology and Management (ESTG), Polytechnic of Leiria, Leiria, 2411-901, Portugal; Computer Science and Communication Research Centre (CIIC), Polytechnic of Leiria, Leiria, 2411-901, PortugalInternet of Things (IoT) devices are now widely used, enabling intelligent services that, in association with new communication technologies like the 5G and broadband internet, boost smart-city environments. Despite their limited resources, IoT devices collect and share large amounts of data and are connected to the internet, becoming an attractive target for malicious actors.This work uses machine learning combined with an Intrusion Detection System (IDS) to detect possible attacks. Due to the limitations of IoT devices and low latency services, the IDS must have a specialized architecture. Furthermore, although machine learning-based solutions have high potential, there are still challenges related to training and generalization, which may impose constraints on the architecture.Our proposal is an IDS with a distributed architecture that relies on Fog computing to run specialized modules and use deep neural networks to identify malicious traffic inside IoT data flows. We compare our IoT-Flow IDS with three other architectures. We assess model generalization using test data from different datasets and evaluate their performance in terms of Recall, Precision, and F1-Score. Results confirm the feasibility of flow-based anomaly detection and the importance of network traffic segmentation and specialized models in the AI-based IDS for IoT.http://www.sciencedirect.com/science/article/pii/S2667305323000145Intrusion detection systemsInternet of thingsMachine learningSmart cityCybersecurity |
spellingShingle | Nuno Prazeres Rogério Luís de C. Costa Leonel Santos Carlos Rabadão Engineering the application of machine learning in an IDS based on IoT traffic flow Intelligent Systems with Applications Intrusion detection systems Internet of things Machine learning Smart city Cybersecurity |
title | Engineering the application of machine learning in an IDS based on IoT traffic flow |
title_full | Engineering the application of machine learning in an IDS based on IoT traffic flow |
title_fullStr | Engineering the application of machine learning in an IDS based on IoT traffic flow |
title_full_unstemmed | Engineering the application of machine learning in an IDS based on IoT traffic flow |
title_short | Engineering the application of machine learning in an IDS based on IoT traffic flow |
title_sort | engineering the application of machine learning in an ids based on iot traffic flow |
topic | Intrusion detection systems Internet of things Machine learning Smart city Cybersecurity |
url | http://www.sciencedirect.com/science/article/pii/S2667305323000145 |
work_keys_str_mv | AT nunoprazeres engineeringtheapplicationofmachinelearninginanidsbasedoniottrafficflow AT rogerioluisdeccosta engineeringtheapplicationofmachinelearninginanidsbasedoniottrafficflow AT leonelsantos engineeringtheapplicationofmachinelearninginanidsbasedoniottrafficflow AT carlosrabadao engineeringtheapplicationofmachinelearninginanidsbasedoniottrafficflow |