A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks

With increasing reliance on Internet of Things (IoT) devices and services, the capability to detect intrusions and malicious activities within IoT networks is critical for resilience of the network infrastructure. In this paper, we present a novel model for intrusion detection based on two-layer dimension reduction and two-tier classification module, designed to detect malicious activities such as User to Root (U2R) and Remote to Local (R2L) attacks. The proposed model is using component analysis and linear discriminate analysis of dimension reduction module to spate the high dimensional dataset to a lower one with lesser features. We then apply a two-tier classification module utilizing Naïve Bayes and Certainty Factor version of K-Nearest Neighbor to identify suspicious behaviors. The experiment results using NSL-KDD dataset shows that our model outperforms previous models designed to detect U2R and R2L attacks

A Hybrid Classification Approach for Intrusion Detection in IoT Network

With the increase in number of IoT devices, the capabilities to provide reliable security and detect the malicious activities within the IoT network have become quite challenging. We propose a hybrid classification approach to detect multi-class attacks in the IoT network. In the proposed model, Principle Component Analysis (PCA) is used to extract the useful features and Linear Discriminant Analysis (LDA) is used to reduce the high dimension data set into lower dimension space by keeping less number of important features. This was assisted by use of a combination of neural network and Support Vector Machine (SVM) classifiers to improve the detection rate and decrease the false alarm rate. The neural network, a multi-class classifier, is used to classify the intruders in the network with more accuracy. The SVM is an efficient and fast learner classifier which is used to classify the unmatched behavior. The proposed method needs less computation complexity for intrusion detection. The performance of the proposed model was evaluated on two benchmark datasets for intrusion detection, i.e., NSL-KDD and UNSW-NB15. Results show that our model outperforms existing models

A Hybrid Classification Approach for Intrusion Detection in IoT Network

809-816With the increase in number of IoT devices, the capabilities to provide reliable security and detect the malicious activities within the IoT network have become quite challenging. We propose a hybrid classification approach to detect multi-class attacks in the IoT network. In the proposed model, Principle Component Analysis (PCA) is used to extract the useful features and Linear Discriminant Analysis (LDA) is used to reduce the high dimension data set into lower dimension space by keeping less number of important features. This was assisted by use of a combination of neural network and Support Vector Machine (SVM) classifiers to improve the detection rate and decrease the false alarm rate. The neural network, a multi-class classifier, is used to classify the intruders in the network with more accuracy. The SVM is an efficient and fast learner classifier which is used to classify the unmatched behavior. The proposed method needs less computation complexity for intrusion detection. The performance of the proposed model was evaluated on two benchmark datasets for intrusion detection, i.e., NSL-KDD and UNSW-NB15. Results show that our model outperforms existing models