Enhanced Deep Learning Intrusion Detection in IoT Heterogeneous Network with Feature Extraction

Heterogeneous network is one of the challenges that must be overcome in Internet of Thing Intrusion Detection System (IoT IDS). The difficulty of the IDS significantly is caused by various devices, protocols, and services, that make the network becomes complex and difficult to monitor. Deep learning is one algorithm for classifying data with high accuracy. This research work incorporated Deep Learning into IDS for IoT heterogeneous networks. There are two concerns on IDS with deep learning in heterogeneous IoT networks, i.e.: limited resources and excessive training time. Thus, this paper uses Principle Component Analysis (PCA) as features extraction method to deal with data dimensions so that resource usage and training time will be significantly reduced. The results of the evaluation show that PCA was successful reducing resource usage with less training time of the proposed IDS with deep learning in heterogeneous networks environment. Experiment results show the proposed IDS achieve overall accuracy above 99%

LSTM deep learning method for network intrusion detection system

The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services or steal information, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-TermMemory (LSTM) to recognize menaces and to obtain a long-term memory on them, inorder to stop the new attacks that are like the existing ones, and at the sametime, to have a single mean to block intrusions. According to the results of the experiments of detections that we have carried out, the Accuracy reaches upto 99.98 % and 99.93 % for respectively the classification of two classes and several classes, Also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is very effective, it has a great ability to memorize and differentiate between normal traffic and attack traffic and its identification is more accurate than other Machine Learning classifiers

Edge-Detect: Edge-centric Network Intrusion Detection using Deep Neural Network

Edge nodes are crucial for detection against multitudes of cyber attacks on Internet-of-Things endpoints and is set to become part of a multi-billion industry. The resource constraints in this novel network infrastructure tier constricts the deployment of existing Network Intrusion Detection System with Deep Learning models (DLM). We address this issue by developing a novel light, fast and accurate 'Edge-Detect' model, which detects Distributed Denial of Service attack on edge nodes using DLM techniques. Our model can work within resource restrictions i.e. low power, memory and processing capabilities, to produce accurate results at a meaningful pace. It is built by creating layers of Long Short-Term Memory or Gated Recurrent Unit based cells, which are known for their excellent representation of sequential data. We designed a practical data science pipeline with Recurring Neural Network to learn from the network packet behavior in order to identify whether it is normal or attack-oriented. The model evaluation is from deployment on actual edge node represented by Raspberry Pi using current cybersecurity dataset (UNSW2015). Our results demonstrate that in comparison to conventional DLM techniques, our model maintains a high testing accuracy of 99% even with lower resource utilization in terms of cpu and memory. In addition, it is nearly 3 times smaller in size than the state-of-art model and yet requires a much lower testing time

Cloud Computing for Effective Cyber Security Attack Detection in Smart Cities

An astute metropolis is an urbanized region that accumulates data through diverse numerical and experiential understanding. Cloud-connected Internet of Things (IoT) solutions have the potential to aid intelligent cities in collecting data from inhabitants, devices, residences, and alternative origins. The monitoring and administration of carrying systems, plug-in services, reserve managing, H2O resource schemes, excess managing, illegal finding, safety actions, ability, numeral collection, healthcare abilities, and extra openings all make use of the processing and analysis of this data. This study aims to improve the security of smart cities by detecting attacks using algorithms drawn from the UNSW-NB15 and CICIDS2017 datasets and to create advanced strategies for identifying and justifying cyber threats in the context of smart cities by leveraging real-world network traffic data from UNSW-NB15 and labelled attack actions from CICIDS2017. The research aims to underwrite the development of more effective intrusion detection systems tailored to the unique problems of safeguarding networked urban environments, hence improving the flexibility and safety of smart cities by estimating these datasets

Seagull Optimization-based Feature Selection with Optimal Extreme Learning Machine for Intrusion Detection in Fog Assisted WSN

On the internet, various devices that are connected to the Internet of Things (IoT) and Wireless Sensor Networks (WSNs) share the resources that they have in accordance with their respective needs. The information gathered from these Internet of Things devices was preserved in the cloud. The problem of latency is made significantly worse by the proliferation of Internet of Things devices and the accessing of real-time data. In order to solve this issue, the fog layer, which was previously an adjunct layer between the cloud layer and the user, is now being utilised. As the data could be retrieved from the fog layer even if it was close to the edge of the network, it made the experience more convenient for the user. The lack of security in the fog layer is going to be an issue. The simple access to sources provided by the fog layer architecture makes it vulnerable to a great number of assaults. Consequently, the purpose of this work is to build a seagull optimization-based feature selection approach with optimum extreme learning machine (SGOFS-OELM) for the purpose of intrusion detection in a fog-enabled WSN. The identification of intrusions in the fog-enabled WSN is the primary focus of the SGOFS-OELM approach that has been presented here. The given SGOFS-OELM strategy is designed to accomplish this goal by designing the SGOFS approach to choose the best possible subset of attributes. In this work, the ELM classification model is applied for the purpose of intrusion detection. In conclusion, the political optimizer (PO) is utilised in order to accomplish automatic parameter adjustment of the ELM technique, which ultimately leads to enhanced classification performance. In order to demonstrate the usefulness of the SGOFS-OELM approach, a number of simulations were carried out. As compared to the other benchmark models that were employed for this research, the suggested SGOFS-OELM models give the best accuracy, which is 99.97 percent. The simulation research demonstrates that the SGOFS-OELM approach has the potential to deliver a good performance in the intrusion detection process

Ransomware protection in IoT using software defined networking

Internet of things (IoT) is the network of physical objects connected to provide various services. IoT is expanding rapidly, and is positively influencing many areas. The impact of IoT is evident in medical field, manufacturing units and livestock. The IoT is also vulnerable to many cyber threats, owing to its limited resources and battery operation. In contemporary times the security threats like DDoS, botnet malware, man in the middle, flood attacks and ransomware are affecting the smooth functioning of IoT. Ransomware has emerged as one of the biggest threat in cyber world. Ransomware is a type of malware that stops the access to files by encrypting them and decrypts the files only when a ransom is paid. The negligence towards the IoT ransomware can result in disastrous outcomes. In this paper, the growth of ransomware attacks for past few years is shown with special focus on ransomwares threatening IoT. A detection mechanism for IoT ransomware attack is presented that is designed after study of ransomware for IoT. The proposed model monitors the incoming IoT traffic through Software Defined Network (SDN) gateway. It uses policies framed in SDN controller for detection and alleviation of ransomware in IoT