A Network Intrusion Detection System Based on Deep Learning Models in IoT Systems

Document Type : Research Article

Authors

Department of Computer Engineering, University of Mazandaran, Mazandaran, Iran.

10.22080/frai.2025.5664

Abstract

The Internet of Things (IoT) has a vital role in the lives of people today. However, as the use of IoT devices becomes more widespread, there is a growing concern about security threats, like botnet attacks. Therefore, the use of inclusive solutions is required.   Intrusion Detection Systems (IDS) can detect and mitigate attacks on IoT devices by analyzing network traffic and device behavior. This paper proposes an IDS that uses Deep Learning (DL) techniques. It is based on an ensemble learning model that employs diversity and F1-score as a performance metric to select the best transfer learning models. It also proposes 20 individual and hybrid DL models, including Convolution Neural Networks (CNN), Recurrent Neural Networks (RNNs), and Deep Neural Networks (DNN), to detect and classify regular and botnet attack classes. The proposed IDS engages a feature engineering method to reduce unnecessary computation. The Bot-IoT dataset used in this paper contained DDoS, DoS, Reconnaissance, and theft attack labels. The proposed IDS was compared with existing methods using the Bot-IoT dataset. Experimental results disclose a high performance of the proposed model for detecting and classifying various attack and regular labels.

Keywords

References

[1]   S. Smith, "IoT Connections To Reach 83 Billion By 2024, Driven By Maturing Industrial Use Cases," Accessed: Apr, vol. 10, 2020. [Online]. Available: https://www.juniperresearch.com/press/iot-connections-to-reach-83-bn-by-2024.
 
[2]   S. Li, L. D. Xu, and S. Zhao, "The internet of things: a survey," Information systems frontiers, vol. 17, pp. 243-259, 2015. doi.org/10.1007/s10796-014-9492-7
 
[3]   J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, "Internet of Things (IoT): A vision, architectural elements, and future directions," Future generation computer systems, vol. 29, no. 7, pp. 1645-1660, 2013. doi.org/10.1016/j.future.2013.01.010
 
[4]   I. H. Sarker, A. I. Khan, Y. B. Abushark, and F. Alsolami, "Internet of things (iot) security intelligence: a comprehensive overview, machine learning solutions and research directions," Mobile Networks and Applications, pp. 1-17, 2022. doi.org/10.1007/s11036-022-01937-3
 
[5]   M. Injadat, A. Moubayed, and A. Shami, "Detecting botnet attacks in IoT environments: An optimized machine learning approach," in 2020 32nd International Conference on Microelectronics (ICM), 2020: IEEE, pp. 1-4. doi.org/ 10.1109/ICM50269.2020.9331794
 
[6]   N. Nokia, "Threat intelligence report 2020," Comput. Fraud Secur, 2020. doi.org/10.1016/S1361-3723(20)30115-9
 
[7]   "Global share of IoT attacks 2021." Statista. https://www.statista.com/statistics/1321250/worldwide-internet-of-things-attacks/ (accessed March 6, 2023.
 
[8]   T. Verdonck, B. Baesens, M. Óskarsdóttir, and S. vanden Broucke, "Special issue on feature engineering editorial," Machine Learning, pp. 1-12, 2021. doi.org/10.1007/s10994-021-06042-2
 
[9]   O. Sagi and L. Rokach, "Ensemble learning: A survey," Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 8, no. 4, p. e1249, 2018. doi.org/10.1002/widm.1249
 
[10] Y. Sun, A. K. Wong, and M. S. Kamel, "Classification of imbalanced data: A review," International journal of pattern recognition and artificial intelligence, vol. 23, no. 04, pp. 687-719, 2009. doi.org/10.1142/S0218001409007326
 
[11] N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, "Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset," Future Generation Computer Systems, vol. 100, pp. 779-796, 2019, doi: 10.1016/j.future.2019.05.041.
 
[12] A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, "Survey of intrusion detection systems: techniques, datasets and challenges," Cybersecurity, vol. 2, no. 1, pp. 1-22, 2019. doi.org/10.1186/s42400-019-0038-7
[13] I. H. Sarker, "Machine learning: Algorithms, real-world applications and research directions," SN computer science, vol. 2, no. 3, p. 160, 2021. doi.org/10.1007/s42979-021-00592-x
 
[14] I. H. Sarker, A. Kayes, S. Badsha, H. Alqahtani, P. Watters, and A. Ng, "Cybersecurity data science: an overview from machine learning perspective," Journal of Big data, vol. 7, pp. 1-29, 2020. doi.org/10.1186/s40537-020-00318-5
 
[15] M. Shafiq, Z. Tian, A. K. Bashir, X. Du, and M. Guizani, "CorrAUC: a malicious bot-IoT traffic detection method in IoT network using machine-learning techniques," IEEE Internet of Things Journal, vol. 8, no. 5, pp. 3242-3254, 2020. doi.org/ 10.1109/JIOT.2020.3002255
 
[16] M. Shafiq, Z. Tian, Y. Sun, X. Du, and M. Guizani, "Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city," Future Generation Computer Systems, vol. 107, pp. 433-442, 2020. doi.org/10.1016/j.future.2020.02.017
 
[17] R. Vijayanand, D. Devaraj, and B. Kannapiran, "Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection," Computers & Security, vol. 77, pp. 304-314, 2018. doi.org/10.1016/j.cose.2018.04.010
 
[18] M. Mohammadi, A. Al-Fuqaha, S. Sorour, and M. Guizani, "Deep learning for IoT big data and streaming analytics: A survey," IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 2923-2960, 2018.doi.org/ 10.1109/COMST.2018.2844341
 
[19] M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, "Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study," Journal of Information Security and Applications, vol. 50, p. 102419, 2020. doi.org/ 10.1016/j.jisa.2019.102419.
 
[20] M. Ge, X. Fu, N. Syed, Z. Baig, G. Teo, and A. Robles-Kelly, "Deep learning-based intrusion detection for IoT networks," in IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC): IEEE, 2020, pp. 256-25609, doi: 10.1109/PRDC47002.2019.00056.
 
[21] M. Ge, N. F. Syed, X. Fu, Z. Baig, and A. Robles-Kelly, "Towards a deep learning-driven intrusion detection approach for Internet of Things," Computer Networks, vol. 186, p. 107784, 2021, doi: doi.org/10.1016/j.comnet.2020.107784.
 
[22] M. A. Ferrag and L. Maglaras, "DeepCoin: A novel deep learning and blockchain-based energy exchange framework for smart grids," IEEE Transactions on Engineering Management, vol. 67, no. 4, pp. 1285-1297, 2019. doi.org/ 10.1109/TEM.2019.2922936
 
[23] S. Aldhaheri, D. Alghazzawi, L. Cheng, B. Alzahrani, and A. Al-Barakati, "Deepdca: novel network-based detection of iot attacks using artificial immune system," Applied Sciences, vol. 10, no. 6, p. 1909, 2020. doi.org/10.3390/app10061909
 
[24] O. Alkadi, N. Moustafa, B. Turnbull, and K.-K. R. Choo, "A deep blockchain framework-enabled collaborative intrusion detection for protecting IoT and cloud networks," IEEE Internet of Things Journal, vol. 8, no. 12, pp. 9463-9472, 2020. doi.org/ 10.1109/JIOT.2020.2996590
 
[25] B. A. NG and S. Selvakumar, "Anomaly detection framework for Internet of things traffic using vector convolutional deep learning approach in fog environment," Future Generation Computer Systems, vol. 113, pp. 255-265, 2020. doi.org/10.1016/j.future.2020.07.020
 
[26] S. I. Popoola, B. Adebisi, R. Ande, M. Hammoudeh, and A. A. Atayero, "Memory-efficient deep learning for botnet attack detection in IoT networks," Electronics, vol. 10, no. 9, p. 1104, 2021. doi.org/10.3390/electronics10091104
 
[27] I. Ullah and Q. H. Mahmoud, "Design and development of a deep learning-based model for anomaly detection in IoT networks," IEEE Access, vol. 9, pp. 103906-103926, 2021, doi: 10.1109/ACCESS.2021.3094024. doi.org/
[28] A. Khraisat, I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab, "A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks," Electronics, vol. 8, no. 11, p. 1210, 2019. doi.org/10.3390/electronics8111210
 
[29] A. Derhab, A. Aldweesh, A. Z. Emam, and F. A. Khan, "Intrusion detection system for internet of things based on temporal convolution neural network and efficient feature engineering," Wireless Communications and Mobile Computing, vol. 2020, 2020. doi.org/10.1155/2020/6689134
 
[30] I. Idrissi, M. Azizi, and O. Moussaoui, "IoT security with Deep Learning-based Intrusion Detection Systems: A systematic literature review," in 2020 Fourth international conference on intelligent computing in data sciences (ICDS), 2020: IEEE, pp. 1-10. doi.org/10.1109/ICDS50568.2020.9268713
 
[31] V. Sze, Y.-H. Chen, T.-J. Yang, and J. S. Emer, "Efficient processing of deep neural networks: A tutorial and survey," Proceedings of the IEEE, vol. 105, no. 12, pp. 2295-2329, 2017.doi.org/ 10.1109/JPROC.2017.2761740
 
[32] K. Simran, S. Sriram, R. Vinayakumar, and K. Soman, "Deep learning approach for intelligent named entity recognition of cyber security," in International Symposium on Signal Processing and Intelligent Recognition Systems, 2020: Springer, pp. 163-172. doi.org/10.1007/978-981-15-4828-4_14
 
[33] Z. Ahmad et al., "Anomaly detection using deep neural network for IoT architecture," Applied Sciences, vol. 11, no. 15, p. 7050, 2021.doi.org/ doi.org/10.3390/app11157050
 
[34] C. Yin, S. Zhang, J. Wang, and N. N. Xiong, "Anomaly detection based on convolutional recurrent autoencoder for IoT time series," IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 52, no. 1, pp. 112-122, 2020, doi: 10.1109/TSMC.2020.2968516.
 
[35] L. Aversano, M. L. Bernardi, M. Cimitile, and R. Pecori, "A systematic review on Deep Learning approaches for IoT security," Computer Science Review, vol. 40, p. 100389, 2021. doi.org/10.1016/j.cosrev.2021.100389
 
[36] R. Vinayakumar, K. Soman, and P. Poornachandran, "Evaluation of recurrent neural network and its variants for intrusion detection system (IDS)," International Journal of Information System Modeling and Design (IJISMD), vol. 8, no. 3, pp. 43-63, 2017.doi.org/ 10.4018/IJISMD.2017070103
 
[37] Y. Bengio, P. Simard, and P. Frasconi, "Learning long-term dependencies with gradient descent is difficult," IEEE transactions on neural networks, vol. 5, no. 2, pp. 157-166, 1994.doi.org/ 10.1109/72.279181
 
[38] S. Hochreiter and J. Schmidhuber, "Long short-term memory," Neural computation, vol. 9, no. 8, pp. 1735-1780, 1997.doi.org/ 10.1162/neco.1997.9.8.1735
 
[39] A. G. Felix, S. Jürgen, and C. Fred, "Learning to forget: Continual prediction with LSTM," Neural computation, vol. 12, no. 10, pp. 2451-2471, 2000.doi.org/ 10.1162/089976600300015015
 
[40] R. Fu, Z. Zhang, and L. Li, "Using LSTM and GRU neural network methods for traffic flow prediction," in 2016 31st Youth Academic Annual Conference of Chinese Association of Automation (YAC), 2016: IEEE, pp. 324-328.doi.org/ 10.1109/YAC.2016.7804912
 
[41] R. Vinayakumar, K. Soman, and P. Poornachandran, "Applying convolutional neural network for network intrusion detection," in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017: IEEE, pp. 1222-1228.doi.org/ 10.1109/ICACCI.2017.8126009
 
[42] M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, "A survey of machine and deep learning methods for internet of things (IoT) security," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1646-1685, 2020.doi.org/ 10.1109/COMST.2020.2988293
 
[43] A. Thakkar and R. Lohiya, "A review on machine learning and deep learning perspectives of IDS for IoT: recent updates, security issues, and challenges," Archives of Computational Methods in Engineering, vol. 28, pp. 3211-3243, 2021. doi.org/10.1007/s11831-020-09496-0
 
[44] P. Branco, L. Torgo, and R. P. Ribeiro, "A survey of predictive modeling on imbalanced domains," ACM Computing Surveys (CSUR), vol. 49, no. 2, pp. 1-50, 2016. doi.org/10.1145/2907070
Future Research on AI and IoT
Volume 1, Issue 2
August 2025
Pages 1-11

Files

History

  • Receive Date: 03 July 2025
  • Accept Date: 05 August 2025
  • First Publish Date: 05 August 2025
  • Publish Date: 01 August 2025

Share

How to cite

Statistics