Intrusion Detection System for Internet of Things Based on Temporal Convolution Neural Network and Efficient Feature Engineering

In the era of the Internet of Things (IoT), connected objects produce an enormous amount of data traffic that feed big data analytics, which could be used in discovering unseen patterns and identifying anomalous traffic. In this paper, we identify five key design principles that should be considered when developing a deep learning-based intrusion detection system (IDS) for the IoT. Based on these principles, we design and implement Temporal Convolution Neural Network (TCNN), a deep learning framework for intrusion detection systems in IoT, which combines Convolution Neural Network (CNN) with causal convolution. TCNN is combined with Synthetic Minority Oversampling Technique-Nominal Continuous (SMOTE-NC) to handle unbalanced dataset. It is also combined with efficient feature engineering techniques, which consist of feature space reduction and feature transformation. TCNN is evaluated on Bot-IoT dataset and compared with two common machine learning algorithms, i.e., Logistic Regression (LR) and Random Forest (RF), and two deep learning techniques, i.e., LSTM and CNN. Experimental results show that TCNN achieves a good trade-off between effectiveness and efficiency. It outperforms the state-of-the-art deep learning IDSs that are tested on Bot-IoT dataset and records an accuracy of 99.9986% for multiclass traffic detection, and shows a very close performance to CNN with respect to the training time.

[1]  Victor C. M. Leung,et al.  Partial Computation Offloading and Adaptive Task Scheduling for 5G-Enabled Vehicular Networks , 2022, IEEE Transactions on Mobile Computing.

[2]  Zhaolong Ning,et al.  Imitation Learning Enabled Task Scheduling for Online Vehicular Edge Computing , 2022, IEEE Transactions on Mobile Computing.

[3]  Dandan Liu,et al.  DL-IDS: a deep learning-based intrusion detection framework for securing IoT , 2019, Trans. Emerg. Telecommun. Technol..

[4]  Jun Huang,et al.  Intelligent Edge Computing in Internet of Vehicles: A Joint Computation Offloading and Caching Solution , 2021, IEEE Transactions on Intelligent Transportation Systems.

[5]  Tie Qiu,et al.  Mobile Edge Computing Enabled 5G Health Monitoring for Internet of Medical Things: A Decentralized Game Theoretic Approach , 2021, IEEE Journal on Selected Areas in Communications.

[6]  Zhaolong Ning,et al.  Multi-Agent Imitation Learning for Pervasive Edge Computing: A Decentralized Computation Offloading Algorithm , 2021, IEEE Transactions on Parallel and Distributed Systems.

[7]  Bin Hu,et al.  Joint Computing and Caching in 5G-Envisioned Internet of Vehicles: A Deep Reinforcement Learning-Based Traffic Control System , 2020, IEEE Transactions on Intelligent Transportation Systems.

[8]  Quan Qian,et al.  Deep Learning and Visualization for Identifying Malware Families , 2018, IEEE Transactions on Dependable and Secure Computing.

[9]  Mohamed Amine Ferrag,et al.  DeepCoin: A Novel Deep Learning and Blockchain-Based Energy Exchange Framework for Smart Grids , 2020, IEEE Transactions on Engineering Management.

[10]  Abdelouahid Derhab,et al.  Scalable and robust unsupervised Android malware fingerprinting using community-based network partitioning , 2020, Comput. Secur..

[11]  Jinxia Wu,et al.  Recommendation attack detection based on deep learning , 2020, J. Inf. Secur. Appl..

[12]  Yanxia Sun,et al.  A deep learning method with wrapper based feature extraction for wireless intrusion detection system , 2020, Comput. Secur..

[13]  Abdelouahid Derhab,et al.  A review of privacy-preserving techniques for deep learning , 2020, Neurocomputing.

[14]  Abdullah Al-Barakati,et al.  DeepDCA: Novel Network-Based Detection of IoT Attacks Using Artificial Immune System , 2020, Applied Sciences.

[15]  Md Zakirul Alam Bhuiyan,et al.  Deep Irregular Convolutional Residual LSTM for Urban Traffic Passenger Flows Prediction , 2020, IEEE Transactions on Intelligent Transportation Systems.

[16]  Abdelouahid Derhab,et al.  Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues , 2020, Knowl. Based Syst..

[17]  Mohamed Amine Ferrag,et al.  Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study , 2020, J. Inf. Secur. Appl..

[18]  Gui Yun Tian,et al.  An Intrusion Detection System Against DDoS Attacks in IoT Networks , 2020, 2020 10th Annual Computing and Communication Workshop and Conference (CCWC).

[19]  Mohamed Belaoued,et al.  Security in the Internet of Things: Recent Challenges and Solutions , 2021 .

[20]  Farrukh Aslam Khan,et al.  Two-Factor Mutual Authentication Offloading for Mobile Cloud Computing , 2020, IEEE Access.

[21]  Zheng Qin,et al.  Intrusion Detection Using Temporal Convolutional Networks , 2019, ICONIP.

[22]  Antonio Robles-Kelly,et al.  Deep Learning-Based Intrusion Detection for IoT Networks , 2019, 2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC).

[23]  Joarder Kamruzzaman,et al.  A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks , 2019, Electronics.

[24]  Kuo-Ming Chao,et al.  Behaviorial-Based Network Flow Analyses for Anomaly Detection in Sequential Data Using Temporal Convolutional Networks , 2019, ICEBE.

[25]  Paulus Insap Santosa,et al.  DDoS Attack Detection Based on Simple ANN with SMOTE for IoT Environment , 2019, 2019 Fourth International Conference on Informatics and Computing (ICIC).

[26]  Mohamed Amine Ferrag,et al.  Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security , 2019, Sensors.

[27]  Ali A. Ghorbani,et al.  Application of deep learning to cybersecurity: A survey , 2019, Neurocomputing.

[28]  Md Zakirul Alam Bhuiyan,et al.  A Secure IoT Service Architecture With an Efficient Balance Dynamics Based on Cloud and Edge Computing , 2019, IEEE Internet of Things Journal.

[29]  Geethapriya Thamilarasu,et al.  Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things , 2019, Sensors.

[30]  Muhammad Imran,et al.  Toward an optimal solution against Denial of Service attacks in Software Defined Networks , 2019, Future Gener. Comput. Syst..

[31]  Eul Gyu Im,et al.  A Multimodal Deep Learning Method for Android Malware Detection Using Various Features , 2019, IEEE Transactions on Information Forensics and Security.

[32]  Farrukh Aslam Khan,et al.  TSDL: A Two-Stage Deep Learning Model for Efficient Network Intrusion Detection , 2019, IEEE Access.

[33]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[34]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[35]  W. Hager,et al.  and s , 2019, Shallow Water Hydraulics.

[36]  Gui Yun Tian,et al.  Deep Learning Models for Cyber Security in IoT Networks , 2019, 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC).

[37]  Hon Cheung,et al.  A Deep Learning Approach for Intrusion Detection in Internet of Things using Bi-Directional Long Short-Term Memory Recurrent Neural Network , 2018, 2018 28th International Telecommunication Networks and Applications Conference (ITNAC).

[38]  R. Sarpong,et al.  Bio-inspired synthesis of xishacorenes A, B, and C, and a new congener from fuscol† †Electronic supplementary information (ESI) available. See DOI: 10.1039/c9sc02572c , 2019, Chemical science.

[39]  Qiang Liu,et al.  TR-IDS: Anomaly-Based Intrusion Detection through Text-Convolutional Neural Network and Random Forest , 2018, Secur. Commun. Networks.

[40]  Vladlen Koltun,et al.  An Empirical Evaluation of Generic Convolutional and Recurrent Networks for Sequence Modeling , 2018, ArXiv.

[41]  Abdelouahid Derhab,et al.  MalDozer: Automatic framework for android malware detection using deep learning , 2018, Digit. Investig..

[42]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[43]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[44]  Arafat Awajan,et al.  Experimental Evaluation of a Multi-layer Feed-Forward Artificial Neural Network Classifier for Network Intrusion Detection System , 2017, 2017 International Conference on New Trends in Computing Sciences (ICTCS).

[45]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[46]  Ibrar Yaqoob,et al.  Big IoT Data Analytics: Architecture, Opportunities, and Open Research Challenges , 2017, IEEE Access.

[47]  Chandan Guria,et al.  The elitist non-dominated sorting genetic algorithm with inheritance (i-NSGA-II) and its jumping gene adaptations for multi-objective optimization , 2017, Inf. Sci..

[48]  Manoj Kumar Putchala Deep Learning Approach for Intrusion Detection System (IDS) in the Internet of Things (IoT) Network using Gated Recurrent Neural Networks (GRU) , 2017 .

[49]  Mourad Debbabi,et al.  Big Data Behavioral Analytics Meet Graph Theory: On Effective Botnet Takedowns , 2017, IEEE Network.

[50]  Yanfang Ye,et al.  Deep4MalDroid: A Deep Learning Framework for Android Malware Detection Based on Linux Kernel System Call Graphs , 2016, 2016 IEEE/WIC/ACM International Conference on Web Intelligence Workshops (WIW).

[51]  Sebastian Ruder,et al.  An overview of gradient descent optimization algorithms , 2016, Vestnik komp'iuternykh i informatsionnykh tekhnologii.

[52]  Wenjia Li,et al.  DroidDeepLearner: Identifying Android malware using deep learning , 2016, 2016 IEEE 37th Sarnoff Symposium.

[53]  Harish Sharma,et al.  Spider Monkey Optimization algorithm for numerical optimization , 2014, Memetic Computing.

[54]  W. Marsden I and J , 2012 .

[55]  Dimitris Kanellopoulos,et al.  Data Preprocessing for Supervised Leaning , 2007 .

[56]  Neil Genzlinger A. and Q , 2006 .

[57]  Dimitris Kanellopoulos,et al.  Handling imbalanced datasets: A review , 2006 .

[58]  Nitesh V. Chawla,et al.  SMOTE: Synthetic Minority Over-sampling Technique , 2002, J. Artif. Intell. Res..