Deakin University
Browse

File(s) under embargo

A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

Version 2 2024-06-03, 02:22
Version 1 2024-01-04, 04:13
journal contribution
posted on 2024-06-03, 02:22 authored by Ansam KhraisatAnsam Khraisat, Iqbal Gondal, Peter Vamplew, Joarder Kamruzzaman, Ammar Alazab
The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

History

Journal

Electronics

Volume

8

Article number

1210

Pagination

1-18

Location

Basel, Switzerland

ISSN

1450-5843

eISSN

2831-0128

Language

eng

Publication classification

C1.1 Refereed article in a scholarly journal

Issue

11

Publisher

MDPI