Anomaly-Based Intrusion Detection Systems in IoT Using Deep Learning: A Systematic Literature Review

Javed Asharf Hasnat Khurshid Abdul Wahab + 3 lainnya

20 Juli 2020

The Internet of Things (IoT) is poised to impact several aspects of our lives with its fast proliferation in many areas such as wearable devices, smart sensors and home appliances. IoT devices are characterized by their connectivity, pervasiveness and limited processing capability. The number of IoT devices in the world is increasing rapidly and it is expected that there will be 50 billion devices connected to the Internet by the end of the year 2020. This explosion of IoT devices, which can be easily increased compared to desktop computers, has led to a spike in IoT-based cyber-attack incidents. To alleviate this challenge, there is a requirement to develop new techniques for detecting attacks initiated from compromised IoT devices. Machine and deep learning techniques are in this context the most appropriate detective control approach against attacks generated from IoT devices. This study aims to present a comprehensive review of IoT systems-related technologies, protocols, architecture and threats emerging from compromised IoT devices along with providing an overview of intrusion detection models. This work also covers the analysis of various machine learning and deep learning-based techniques suitable to detect IoT systems related to cyber-attacks.

E. Shaaban Mohamed Mahmoud Omar Elnakib + 1 lainnya

22 Maret 2023

Internet of Things (IoT) is a disruptive technology for the future decades. Due to its pervasive growth, it is susceptible to cyber-attacks, and hence the significance of Intrusion Detection Systems (IDSs) for IoT is pertinent. The viability of machine learning has encouraged analysts to apply learning techniques to intelligently discover and recognize cyber attacks and unusual behavior among the IoTs. This paper proposes an enhanced anomaly-based Intrusion Detection Deep learning Multi-class classification model (EIDM) that can classify 15 traffic behaviors including 14 attack types with the accuracy of 95% contained in the CICIDS2017 dataset. Four state-of-the-art deep learning models are also customized to classify six classes of network traffic behavior. An extensive comparative study in terms of classification accuracy and efficiency metrics is conducted between EIDM and several state-of-the-art deep learning-based IDSs showing that EIDM has achieved accurate detection results.

I. Ullah Q. Mahmoud

2021

The growing development of IoT (Internet of Things) devices creates a large attack surface for cybercriminals to conduct potentially more destructive cyberattacks; as a result, the security industry has seen an exponential increase in cyber-attacks. Many of these attacks have effectively accomplished their malicious goals because intruders conduct cyber-attacks using novel and innovative techniques. An anomaly-based IDS (Intrusion Detection System) uses machine learning techniques to detect and classify attacks in IoT networks. In the presence of unpredictable network technologies and various intrusion methods, traditional machine learning techniques appear inefficient. In many research areas, deep learning methods have shown their ability to identify anomalies accurately. Convolutional neural networks are an excellent alternative for anomaly detection and classification due to their ability to automatically categorize main characteristics in input data and their effectiveness in performing faster computations. In this paper, we design and develop a novel anomaly-based intrusion detection model for IoT networks. First, a convolutional neural network model is used to create a multiclass classification model. The proposed model is then implemented using convolutional neural networks in 1D, 2D, and 3D. The proposed convolutional neural network model is validated using the BoT-IoT, IoT Network Intrusion, MQTT-IoT-IDS2020, and IoT-23 intrusion detection datasets. Transfer learning is used to implement binary and multiclass classification using a convolutional neural network multiclass pre-trained model. Our proposed binary and multiclass classification models have achieved high accuracy, precision, recall, and F1 score compared to existing deep learning implementations.

O. Moussaoui Idriss Idrissi M. Azizi

21 Oktober 2020

In the recent years, Internet of things (IoT) is rising increasingly to become a big research topic due to the billions of devices dispatched around the world. These devices are connected to the Internet and communicate directly with each other without human intervention. However, this creates new security challenges, which are increasing more and more and becoming relevant research issues. Our study in this paper focuses on the state-of-the-art of IoT security threats and vulnerabilities by conducting a classification of some wellknown security threats according to Cisco IoT reference model architecture. We also make a review of existing works in the area of IoT security targeting more particularly the Intrusion Detection Systems based on Deep Learning (DL) techniques, which are rising as emerging techniques in various fields including cybersecurity. This state-of-the-art and its findings can serve as a potential basis for future research directions.

I. Ullah Q. Mahmoud

2022

Cybersecurity is important today because of the increasing growth of the Internet of Things (IoT), which has resulted in a variety of attacks on computer systems and networks. As the number of various IoT devices and services grows, cyber security will become an increasingly difficult issue to manage. Malicious traffic identification using deep learning techniques has emerged as a key component of network-based intrusion detection systems (IDS). Deep learning methods have been a research focus in network intrusion detection. A recurrent neural network is useful in a wide range of applications. This paper proposes a novel deep learning model for detecting anomalies in IoT networks using recurrent neural networks. The proposed model is implemented in IoT networks utilizing LSTM, BiLSTM, and GRU-based approaches for anomaly detection. A convolutional neural network can analyze input features without losing important information, making them particularly well suited for feature learning. In addition, we propose a hybrid deep learning model based on convolutional and recurrent neural networks. Finally, employing LSTM, BiLSTM, and GRU-based techniques, we propose a lightweight deep learning model for binary classification. The proposed deep learning models are validated using NSLKDD, BoT-IoT, IoT-NI, MQTT, MQTTset, IoT-23, and IoT-DS2 datasets. Our proposed binary and multiclass classification model achieved high accuracy, precision, recall, and F1 score compared to current deep learning implementations.