CEBM: Collaborative Ensemble Blockchain Model for Intrusion Detection in IoT Environment

In recent years, the IoT environment devices have increased drastically, including smart home devices, ad- hoc networks for the automotive industry ( VANET ), healthcare , smart cities, and apparel. In today’s IoT environment, security is a critical topic due to the type of devices, the nature of the architecture, different communication techniques (primarily wireless), and amount of information shared over the network. Unfortunately, due to this diverse nature of IoT devices it is very difficult to analyze the behavior of intrusion traffic, as it suffers from ability of recognizing new attacks. Another issue is that the poisoning attack during training of model as intruder may inject malicious data as benign during training of model to create a backdoor for intrusion. Moreover, it is very difficult to create a good intrusion detection dataset which contains all kind of traces. Therefore, to protect the network including IoT , from various threats and attacks, Intrusion Detection Systems ( IDSs ) are among the best security methods that can be used. However, an isolated IDS node cannot overcome the problems. Therefore, different IDS need to collaborate in order to improve their performance. Thus, in this paper we propose a generic framework of collaborative ensemble blockchain model ( CEBM ) for intrusion detection in IoT environment. The proposed framework enables the IDS modules to securely share information and build an ensemble detection model by combining the different machine learning models with the best performance using blockchain in a confirmable approach in the absence of a trusted intermediary. UNSW _NB15 dataset is used to evaluate the proposed framework, and five different IDS modules are trained. The performance achieved by the collaborative ensemble model is presented in the form of accuracy, recall, precision, and F-score given as 99.113 %, 99.177 %, 99.559 %, and 0.9942, respectively.