Design and Development of RNN-based Anomaly Detection Model for IoT Networks

Cybersecurity is important today because of the increasing growth of the Internet of Things (IoT), which has resulted in a variety of attacks on computer systems and networks. As the number of various IoT devices and services grows, cyber security will become an increasingly difficult issue to manage. Malicious traffic identification using deep learning techniques has emerged as a key component of network-based intrusion detection systems (IDS). Deep learning methods have been a research focus in network intrusion detection. A recurrent neural network is useful in a wide range of applications. This paper proposes a novel deep learning model for detecting anomalies in IoT networks using recurrent neural networks. The proposed model is implemented in IoT networks utilizing LSTM, BiLSTM, and GRU-based approaches for anomaly detection. A convolutional neural network can analyze input features without losing important information, making them particularly well suited for feature learning. In addition, we propose a hybrid deep learning model based on convolutional and recurrent neural networks. Finally, employing LSTM, BiLSTM, and GRU-based techniques, we propose a lightweight deep learning model for binary classification. The proposed deep learning models are validated using NSLKDD, BoT-IoT, IoT-NI, MQTT, MQTTset, IoT-23, and IoT-DS2 datasets. Our proposed binary and multiclass classification model achieved high accuracy, precision, recall, and F1 score compared to current deep learning implementations.

[1]  Jitendra Kumar Rout,et al.  A LSTM-FCNN based multi-class intrusion detection using scalable framework , 2022, Comput. Electr. Eng..

[2]  Q. Mahmoud,et al.  An Anomaly Detection Model for IoT Networks based on Flow and Flag Features using a Feed-Forward Neural Network , 2022, 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC).

[3]  Ahmad Al Badawi,et al.  Boost‐Defence for resilient IoT networks: A head‐to‐toe approach , 2022, Expert Syst. J. Knowl. Eng..

[4]  Q. Abu Al-haija,et al.  Attack-Aware IoT Network Traffic Routing Leveraging Ensemble Learning , 2021, Sensors.

[5]  Imrana Yakubu,et al.  A bidirectional LSTM deep learning approach for intrusion detection , 2021, Expert Syst. Appl..

[6]  Bayu Adhi Tama,et al.  Exploring Ensemble-Based Class Imbalance Learners for Intrusion Detection in Industrial Control Networks , 2021, Big Data Cogn. Comput..

[7]  Muhammad Moizuddin,et al.  A bio-inspired hybrid deep learning model for network intrusion detection , 2021, Knowl. Based Syst..

[8]  Suyuan Luo,et al.  A multi-task based deep learning approach for intrusion detection , 2021, Knowl. Based Syst..

[9]  Truong Thu Huong,et al.  Detecting cyberattacks using anomaly detection in industrial control systems: A Federated Learning approach , 2021, Comput. Ind..

[10]  Konstantinos Rantos,et al.  Deep Learning in IoT Intrusion Detection , 2021, Journal of Network and Systems Management.

[11]  Nhien-An Le-Khac,et al.  A novel hybrid model for intrusion detection systems in SDNs based on CNN and a new regularization technique , 2021, J. Netw. Comput. Appl..

[12]  M. Shamim Hossain,et al.  Deep Learning-Enabled Threat Intelligence Scheme in the Internet of Things Networks , 2021, IEEE Transactions on Network Science and Engineering.

[13]  Min Zhang,et al.  Network intrusion detection based on IE-DBN model , 2021, Comput. Commun..

[14]  Theyazn H. H. Aldhyani,et al.  Botnet Attack Detection by Using CNN-LSTM Model for Internet of Things Applications , 2021, Secur. Commun. Networks.

[15]  Mikail Mohammed Salim,et al.  Securing Smart Cities using LSTM algorithm and lightweight containers against botnet attacks , 2021, Appl. Soft Comput..

[16]  Mohamed Abdel-Basset,et al.  IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities , 2021 .

[17]  Dechang Pi,et al.  An Enhanced Multi-Stage Deep Learning Framework for Detecting Malicious Activities From Autonomous Vehicles , 2021, IEEE Transactions on Intelligent Transportation Systems.

[18]  Shrinivasacharya Purohit,et al.  Evaluating Neural Networks using Bi-Directional LSTM for Network IDS (Intrusion Detection Systems) in Cyber Security , 2021, Global Transitions Proceedings.

[19]  Ranjeet Kumar Ranjan,et al.  A Fuzzy Logic based feature engineering approach for Botnet detection using ANN , 2021, J. King Saud Univ. Comput. Inf. Sci..

[20]  John A. Clark,et al.  Grammatical Evolution for Detecting Cyberattacks in Internet of Things Environments , 2021, 2021 International Conference on Computer Communications and Networks (ICCCN).

[21]  S. Erokhin,et al.  Intrusion Detection Using Multilayer Perceptron and Neural Networks with Long Short-Term Memory , 2021, 2021 Systems of Signal Synchronization, Generating and Processing in Telecommunications (SYNCHROINFO.

[22]  Tran Hoang Hai,et al.  A Practical Comparison of Deep Learning Methods for Network Intrusion Detection , 2021, 2021 International Conference on Electrical, Communication, and Computer Engineering (ICECCE).

[23]  Guan Gui,et al.  Stacked recurrent neural network for botnet detection in smart homes , 2021, Comput. Electr. Eng..

[24]  Samira Douzi,et al.  Intrusion detection systems using long short-term memory (LSTM) , 2021, Journal of Big Data.

[25]  Syed Ghazanfar Abbas,et al.  A Framework for Malicious Traffic Detection in IoT Healthcare Environment , 2021, Sensors.

[26]  Qusay H. Mahmoud,et al.  Network Traffic Flow Based Machine Learning Technique for IoT Device Identification , 2021, 2021 IEEE International Systems Conference (SysCon).

[27]  Sambuddha Roy,et al.  Botnet traffic identification using neural networks , 2021, Multimedia Tools and Applications.

[28]  Robert C. Atkinson,et al.  Machine Learning Based IoT Intrusion Detection System: An MQTT Case Study , 2020, Selected Papers from the 12th International Networking Conference.

[29]  Yang Su,et al.  A Deep Hierarchical Network for Packet-Level Malicious Traffic Detection , 2020, IEEE Access.

[30]  Mohamed Amine Ferrag,et al.  DeepCoin: A Novel Deep Learning and Blockchain-Based Energy Exchange Framework for Smart Grids , 2020, IEEE Transactions on Engineering Management.

[31]  Giovanni Chiola,et al.  MQTTset, a New Dataset for Machine Learning Techniques on MQTT , 2020, Sensors.

[32]  Imtiaz Ullah,et al.  A Technique for Generating a Botnet Dataset for Anomalous Activity Detection in IoT Networks , 2020, 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[33]  Nour Moustafa,et al.  Novel Deep Learning-Enabled LSTM Autoencoder Architecture for Discovering Anomalous Events From Intelligent Transportation Systems , 2020, IEEE Transactions on Intelligent Transportation Systems.

[34]  Antonio Robles-Kelly,et al.  Toward a Deep Learning-Driven Intrusion Detection Approach for Internet of Things , 2020, ArXiv.

[35]  Sung Won Kim,et al.  Hybrid Deep Learning: An Efficient Reconnaissance and Surveillance Detection Mechanism in SDN , 2020, IEEE Access.

[36]  Riri Fitri Sari,et al.  Intrusion Detection in IoT Networks Using Deep Learning Algorithm , 2020, Inf..

[37]  Qusay H. Mahmoud,et al.  A Scheme for Generating a Dataset for Anomalous Activity Detection in IoT Networks , 2020, Canadian Conference on AI.

[38]  Dong Hoon Lee,et al.  AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection , 2020, IEEE Access.

[39]  Feng Jiang,et al.  Deep Learning Based Multi-Channel Intelligent Attack Detection for Data Security , 2020, IEEE Transactions on Sustainable Computing.

[40]  Qusay H. Mahmoud,et al.  A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks , 2020, Electronics.

[41]  Abdullah Al-Barakati,et al.  DeepDCA: Novel Network-Based Detection of IoT Attacks Using Artificial Immune System , 2020, Applied Sciences.

[42]  Giancarlo Fortino,et al.  A hybrid deep learning model for efficient intrusion detection in big data environment , 2020, Inf. Sci..

[43]  Kazutoshi Fujikawa,et al.  ID Sequence Analysis for Intrusion Detection in the CAN bus using Long Short Term Memory Networks , 2020, 2020 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[44]  Faisal Hussain,et al.  IoT-Flock: An Open-source Framework for IoT Traffic Generation , 2020, 2020 International Conference on Emerging Trends in Smart Technologies (ICETST).

[45]  Mohamed Amine Ferrag,et al.  Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study , 2020, J. Inf. Secur. Appl..

[46]  María José Erquiaga,et al.  IoT-23: A labeled dataset with malicious and benign IoT network traffic , 2020 .

[47]  Gui Yun Tian,et al.  An Intrusion Detection System Against DDoS Attacks in IoT Networks , 2020, 2020 10th Annual Computing and Communication Workshop and Conference (CCWC).

[48]  Lianbing Deng,et al.  IoT data feature extraction and intrusion detection system for smart cities based on deep migration learning , 2019, Int. J. Inf. Manag..

[49]  Antonio Robles-Kelly,et al.  Deep Learning-Based Intrusion Detection for IoT Networks , 2019, 2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC).

[50]  Asifullah Khan,et al.  Network anomaly detection using channel boosted and residual learning based deep convolutional neural network , 2019, Appl. Soft Comput..

[51]  Ren-Hung Hwang,et al.  An LSTM-Based Deep Learning Approach for Classifying Malicious Traffic at the Packet Level , 2019, Applied Sciences.

[52]  Guangyu Xu,et al.  Machine Learning Techniques for Classifying Network Anomalies and Intrusions , 2019, 2019 IEEE International Symposium on Circuits and Systems (ISCAS).

[53]  D. Arivudainambi,et al.  LION IDS: A meta-heuristics approach to detect DDoS attacks against Software-Defined Networks , 2019, Neural Computing and Applications.

[54]  Erdogan Dogdu,et al.  Intrusion Detection Using Big Data and Deep Learning Techniques , 2019, ACM Southeast Regional Conference.

[55]  Jinlin Wang,et al.  Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection , 2019, IEEE Access.

[56]  Héctor Alaiz-Moretón,et al.  Multiclass Classification Procedure for Detecting Attacks on MQTT-IoT Protocol , 2019, Complex..

[57]  K. P. Soman,et al.  Deep Learning Approach for Intelligent Intrusion Detection System , 2019, IEEE Access.

[58]  Alexander N. Sokolov,et al.  Traffic Modeling by Recurrent Neural Networks for Intrusion Detection in Industrial Control Systems , 2019, 2019 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM).

[59]  Xiang-Yang Li,et al.  System Statistics Learning-Based IoT Security: Feasibility and Suitability , 2019, IEEE Internet of Things Journal.

[60]  Yixian Yang,et al.  Building an Effective Intrusion Detection System Using the Modified Density Peak Clustering Algorithm and Deep Belief Networks , 2019, Applied Sciences.

[61]  Qusay H. Mahmoud,et al.  A Two-Level Hybrid Model for Anomalous Activity Detection in IoT Networks , 2019, 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[62]  Yalei Ding,et al.  Intrusion Detection System for NSL-KDD Dataset Using Convolutional Neural Networks , 2018, CSAI '18.

[63]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[64]  Hon Cheung,et al.  A Deep Learning Approach for Intrusion Detection in Internet of Things using Bi-Directional Long Short-Term Memory Recurrent Neural Network , 2018, 2018 28th International Telecommunication Networks and Applications Conference (ITNAC).

[65]  Naveen K. Chilamkurti,et al.  Leveraging LSTM Networks for Attack Detection in Fog-to-Things Communications , 2018, IEEE Communications Magazine.

[66]  Fan Zhang,et al.  An Intrusion Detection System Using a Deep Neural Network With Gated Recurrent Units , 2018, IEEE Access.

[67]  Muhammad Munwar Iqbal,et al.  Enhanced Network Anomaly Detection Based on Deep Neural Networks , 2018, IEEE Access.

[68]  Jagath Samarabandu,et al.  Comparison of Recurrent Neural Network Algorithms for Intrusion Detection Based on Predicting Packet Sequences , 2018, 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE).

[69]  Samuel Marchal,et al.  DÏoT: A Federated Self-learning Anomaly Detection System for IoT , 2018, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[70]  Qusay H. Mahmoud,et al.  A hybrid model for anomaly-based intrusion detection in SCADA networks , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[71]  Zhiwen Chen,et al.  An Effective Network Attack Detection Method Based on Kernel PCA and LSTM-RNN , 2017, 2017 International Conference on Computer Systems, Electronics and Control (ICCSEC).

[72]  Qusay H. Mahmoud,et al.  A filter-based feature selection model for anomaly-based intrusion detection systems , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[73]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[74]  Qusay H. Mahmoud,et al.  An intrusion detection framework for the smart grid , 2017, 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE).

[75]  Smruti R. Sarangi,et al.  Internet of Things: Architectures, Protocols, and Applications , 2017, J. Electr. Comput. Eng..

[76]  Geoffrey E. Hinton,et al.  Layer Normalization , 2016, ArXiv.

[77]  Yoshua Bengio,et al.  Learning Phrase Representations using RNN Encoder–Decoder for Statistical Machine Translation , 2014, EMNLP.

[78]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[79]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[80]  Q. Mahmoud,et al.  A Framework for Anomaly Detection in IoT Networks using Conditional Generative Adversarial Network , 2021, IEEE Access.

[81]  Lan Liu,et al.  Intrusion Detection of Imbalanced Network Traffic Based on Machine Learning and Deep Learning , 2021, IEEE Access.

[82]  Bayu Adhi Tama,et al.  A Stacking-based Deep Neural Network Approach for Effective Network Anomaly Detection , 2021 .

[83]  Padmalochan Bera,et al.  Attention based multi-agent intrusion detection systems using reinforcement learning , 2021, J. Inf. Secur. Appl..

[84]  Sudip Misra,et al.  Deep Learning-Based Reliable Routing Attack Detection Mechanism for Industrial Internet of Things , 2021, Ad Hoc Networks.

[85]  E. Cambiaso,et al.  Exploiting Internet of Things Protocols for Malicious Data Exfiltration Activities , 2021, IEEE Access.

[86]  Qian Wang,et al.  Intrusion detection algorithm based on image enhanced convolutional neural network , 2021, J. Intell. Fuzzy Syst..

[87]  Thavavel Vaiyapuri,et al.  Deep Learning Approaches for Intrusion Detection in IIoT Networks – Opportunities and Future Directions , 2021 .

[88]  Q. Mahmoud,et al.  Design and Development of a Deep Learning-Based Model for Anomaly Detection in IoT Networks , 2021, IEEE Access.

[89]  Wei Guo,et al.  Hierarchical Long Short-Term Memory Network for Cyberattack Detection , 2020, IEEE Access.

[90]  Bin Sun,et al.  An Intrusion Detection System Based on a Quantitative Model of Interaction Mode Between Ports , 2019, IEEE Access.

[91]  Kehe Wu,et al.  A Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks , 2018, IEEE Access.

[92]  Yiqiang Sheng,et al.  HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection , 2018, IEEE Access.

[93]  Ali A. Ghorbani,et al.  Characterization of Tor Traffic using Time based Features , 2017, ICISSP.