IoTTPS: Ensemble RKSVM Model-Based Internet of Things Threat Protection System
<p>The workflow of threat protection IoTTPS system proposed based on RKSVM model.</p> "> Figure 2
<p>Dataset presentation according to the first top ten number of categories of threats and normal.</p> "> Figure 3
<p>After the conversion of categorical data into numeric form.</p> "> Figure 4
<p>The mechanism of presented IoTTPS system based on machine learning.</p> "> Figure 5
<p>The architecture of the proposed ensemble RKSVM model.</p> "> Figure 6
<p>Experimental results of machine learning models to detect DoS attacks.</p> "> Figure 7
<p>Experimental results of machine learning models to detect Probe attacks.</p> "> Figure 8
<p>Experimental results of machine learning models to detect U2R attacks.</p> "> Figure 9
<p>Experimental results of machine learning models to detect R2L attacks.</p> ">
Abstract
:1. Introduction
- The proposed IoT threat protection system (IoTTPS) is based on an ensemble RKSVM machine learning model. The proposed approach enhances the threat detection accuracy in the IoT network and the security authentication.
- The machine learning models such as decision tree (DT), Naive Bayes (NB), logistic regression (LR), support vector machine (SVM), random forest (RF), gradient boosting (GB), K nearest neighbor (KNN), and proposed ensemble RKSVM model are used for experiments.
- The grid search hyperparameter optimization and cross-fold validation are used to enhance the performance of the ensemble RKSVM model and prediction accuracy.
- The evaluation parameters used to evaluate the performance of employed models include accuracy, precision, recall, and F1 score.
- In addition, performance comparison with state-of-the-art models is carried out. In addition, two datasets are used to validate the performance of the models.
2. Related Work
3. Material and Methods
3.1. NSL-KDD Dataset Presentation
3.2. Methodology
3.2.1. Decision Tree
3.2.2. Support Vector Machine
3.2.3. Gradient Boosting Machine
3.2.4. Random Forest
3.2.5. Naive Bayes
3.2.6. K-Nearest Neighbors Classifier
3.2.7. Proposed Ensemble RKSVM Model
3.3. Performance Evaluation Metrics
4. Results and Discussion
4.1. Experimental Results
4.2. Discussions
4.3. Validation of Proposed Approach
4.4. Computational Complexity of Models
4.5. Comparison with Existing Approaches
5. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Ande, R.; Adebisi, B.; Hammoudeh, M.; Saleem, J. Internet of Things: Evolution and technologies from a security perspective. Sustain. Cities Soc. 2020, 54, 101728. [Google Scholar] [CrossRef]
- Xing, L.; Yan, X.; Ren, S. Real time monitoring of medical images and nursing intervention after heart valve replacement. Microprocess. Microsyst. 2021, 82, 103766. [Google Scholar] [CrossRef]
- Wang, J.; Sun, B.; Zhu, Z. Biochip Systems for Intelligence and Integration. Systems 2023, 11, 43. [Google Scholar] [CrossRef]
- Fahmi, F.; Nurmayadi, F.; Siregar, B.; Yazid, M.; Susanto, E. Design of hardware module for the vehicle condition monitoring system based on the internet of things. IOP Conf. Ser. 2019, 648, 12039. [Google Scholar] [CrossRef]
- Rathi, S.; Nagpal, R.; Mehrotra, D.; Srivastava, G. A metric focused performance assessment of fog computing environments: A critical review. Comput. Electr. Eng. 2022, 103, 108350. [Google Scholar] [CrossRef]
- Ingemarsdotter, E.; Jamsin, E.; Balkenende, R. Opportunities and challenges in IoT-enabled circular business model implementation—A case study. Resour. Conserv. Recycl. 2020, 162, 105047. [Google Scholar] [CrossRef]
- Ghorbani, H.R.; Ahmadzadegan, M.H. Security challenges in internet of things: Survey. In Proceedings of the 2017 IEEE Conference on Wireless Sensors (ICWiSe), Miri, Malaysia, 13–14 November 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 1–6. [Google Scholar]
- Costa, L.; Barros, J.P.; Tavares, M. Vulnerabilities in IoT Devices for Smart Home Environment. In Proceedings of the 5th International Conference on Information Systems Security and Privacy, ICISSP 2019, Prague, Czech Republic, 23–25 February 2019; SciTePress; Springer: Berlin/Heidelberg, Germany, 2019; Volume 1, pp. 615–622. [Google Scholar]
- Mousavi, S.K.; Ghaffari, A.; Besharat, S.; Afshari, H. Security of internet of things based on cryptographic algorithms: A survey. Wirel. Netw. 2021, 27, 1515–1555. [Google Scholar] [CrossRef]
- Keerthika, M.; Shanmugapriya, D. Wireless Sensor Networks: Active and Passive attacks Vulnerabilities and Countermeasures. Glob. Transit. Proc. 2021, 2, 362–367. [Google Scholar] [CrossRef]
- Xenofontos, C.; Zografopoulos, I.; Konstantinou, C.; Jolfaei, A.; Khan, M.K.; Choo, K.K.R. Consumer, commercial and industrial iot (in) security: Attack taxonomy and case studies. IEEE Internet Things J. 2021, 9, 199–221. [Google Scholar] [CrossRef]
- Kumar, V.; Das, A.K.; Sinha, D. UIDS: A unified intrusion detection system for IoT environment. Evol. Intell. 2021, 14, 47–59. [Google Scholar] [CrossRef]
- Haji, S.H.; Ameen, S.Y. Attack and anomaly detection in iot networks using machine learning techniques: A review. Asian J. Res. Comput. Sci. 2021, 9, 30–46. [Google Scholar] [CrossRef]
- Ghasemi, M.; Saadaat, M.; Ghollasi, O. Threats of social engineering attacks against security of Internet of Things (IoT). In Fundamental Research in Electrical Engineering; Springer: Berlin/Heidelberg, Germany, 2019; pp. 957–968. [Google Scholar]
- Alladi, T.; Chamola, V.; Sikdar, B.; Choo, K.K.R. Consumer IoT: Security vulnerability case studies and solutions. IEEE Consum. Electron. Mag. 2020, 9, 17–25. [Google Scholar] [CrossRef]
- Varga, P.; Plosz, S.; Soos, G.; Hegedus, C. Security threats and issues in automation IoT. In Proceedings of the 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS), Trondheim, Norway, 31 May–2 June 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 1–6. [Google Scholar]
- Ammar, M.; Russello, G.; Crispo, B. Internet of Things: A survey on the security of IoT frameworks. J. Inf. Secur. Appl. 2018, 38, 8–27. [Google Scholar] [CrossRef] [Green Version]
- Gupta, S.S.; Khan, M.S.; Sethi, T. Latest Trends in Security, Privacy and Trust in IOT. In Proceedings of the 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA), Coimbatore, India, 12–14 June 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 382–385. [Google Scholar]
- Emami-Naeini, P.; Dixon, H.; Agarwal, Y.; Cranor, L.F. Exploring how privacy and security factor into IoT device purchase behavior. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, Glasgow, Scotland, 4–9 May 2019; pp. 1–12. [Google Scholar]
- Chen, L.; Hu, W.; Jamieson, K.; Chen, X.; Fang, D.; Gummeson, J. Pushing the physical limits of iot devices with programmable metasurfaces. In Proceedings of the 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21), Virtual, 12–14 April 2021; pp. 425–438. [Google Scholar]
- Li, D.; Peng, W.; Deng, W.; Gai, F. A blockchain-based authentication and security mechanism for iot. In Proceedings of the 2018 27th International Conference on Computer Communication and Networks (ICCCN), Hangzhou, China, 30 July–2 August 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–6. [Google Scholar]
- Tama, B.A.; Lim, S. Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation. Comput. Sci. Rev. 2021, 39, 100357. [Google Scholar] [CrossRef]
- Burhanuddin, M.; Mohammed, A.A.J.; Ismail, R.; Basiron, H. Internet of things architecture: Current challenges and future direction of research. Int. J. Appl. Eng. Res. 2017, 12, 11055–11061. [Google Scholar]
- Farhan, L.; Kharel, R. Internet of things: Vision, future directions and opportunities. In Modern Sensing Technologies; Springer: Cham, Switzerland, 2019; pp. 331–347. [Google Scholar]
- Hajjaji, Y.; Boulila, W.; Farah, I.R.; Romdhani, I.; Hussain, A. Big data and IoT-based applications in smart environments: A systematic review. Comput. Sci. Rev. 2021, 39, 100318. [Google Scholar] [CrossRef]
- Pavlović, N.; Šarac, M.; Adamović, S.; Saračević, M.; Ahmad, K.; Maček, N.; Sharma, D.K. An approach to adding simple interface as security gateway architecture for IoT device. Multimed. Tools Appl. 2021, 81, 36931–36946. [Google Scholar] [CrossRef]
- Babun, L.; Denney, K.; Celik, Z.B.; McDaniel, P.; Uluagac, A.S. A survey on IoT platforms: Communication, security, and privacy perspectives. Comput. Netw. 2021, 192, 108040. [Google Scholar] [CrossRef]
- Yurekten, O.; Demirci, M. SDN-based cyber defense: A survey. Future Gener. Comput. Syst. 2021, 115, 126–149. [Google Scholar] [CrossRef]
- Aldabbas, H.; Amin, R. A novel mechanism to handle address spoofing attacks in SDN based IoT. Clust. Comput. 2021, 24, 3011–3026. [Google Scholar] [CrossRef]
- Rubí, J.N.S.; de Lira Gondim, P.R. IoT-based platform for environment data sharing in smart cities. Int. J. Commun. Syst. 2021, 34, e4515. [Google Scholar] [CrossRef]
- Salem, O.; Alsubhi, K.; Shaafi, A.; Gheryani, M.; Mehaoua, A.; Boutaba, R. Man in the Middle Attack Mitigation in Internet of Medical Things. IEEE Trans. Ind. Inform. 2021, 18, 2053–2062. [Google Scholar] [CrossRef]
- Javanmardi, S.; Shojafar, M.; Mohammadi, R.; Nazari, A.; Persico, V.; Pescapè, A. FUPE: A security driven task scheduling approach for SDN-based IoT—Fog networks. J. Inf. Secur. Appl. 2021, 60, 102853. [Google Scholar] [CrossRef]
- Shafi, Q.; Qaisar, S.; Basit, A. Software Defined Machine Learning Based Anomaly Detection in Fog Based IoT Network. In Proceedings of the International Conference on Computational Science and Its Applications, St. Petersburg, Russia, 1–4 July 2019; Springer: Berlin/Heidelberg, Germany, 2019; pp. 611–621. [Google Scholar]
- Ahmed, S.M.; Rajput, A. Threats to patients’ privacy in smart healthcare environment. In Innovation in Health Informatics; Elsevier: Amsterdam, The Netherlands, 2020; pp. 375–393. [Google Scholar]
- Anthi, E.; Williams, L.; Javed, A.; Burnap, P. Hardening machine learning denial of service (DoS) defences against adversarial attacks in IoT smart home networks. Comput. Secur. 2021, 108, 102352. [Google Scholar] [CrossRef]
- Oladimeji, T.O.; Ayo, C.; Adewumi, S. Insider Threat Detection using Binary Classification Algorithms. IOP Conf. Ser. 2021, 1107, 12031. [Google Scholar] [CrossRef]
- Doshi, R.; Apthorpe, N.; Feamster, N. Machine learning ddos detection for consumer internet of things devices. In Proceedings of the 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 24 May 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 29–35. [Google Scholar]
- Junejo, K.N.; Goh, J. Behaviour-based attack detection and classification in cyber physical systems using machine learning. In Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, Xi’an, China, 30 May 2016; pp. 34–43. [Google Scholar]
- Nayak, J.; Naik, B.; Dash, P.B.; Vimal, S.; Kadry, S. Hybrid Bayesian optimization hypertuned catboost approach for malicious access and anomaly detection in IoT nomalyframework. Sustain. Comput. 2022, 36, 100805. [Google Scholar] [CrossRef]
- Jaafar, G.A.; Abdullah, S.M.; Ismail, S. Review of Recent Detection Methods for HTTP DDoS Attack. J. Comput. Netw. Commun. 2019, 2019, 1283472. [Google Scholar] [CrossRef] [Green Version]
- Santos, R.; Souza, D.; Santo, W.; Ribeiro, A.; Moreno, E. Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. 2020, 32, 1–14. [Google Scholar] [CrossRef]
- Singh, K.; Singh, P.; Kumar, K. User behavior analytics-based classification of application layer HTTP-GET flood attacks. J. Netw. Comput. Appl. 2018, 112, 97–114. [Google Scholar] [CrossRef]
- Hameed, S.; Ali, U. HADEC: Hadoop-based live DDoS detection framework. EURASIP J. Inf. Secur. 2018, 2018, 11. [Google Scholar] [CrossRef] [Green Version]
- Zhao, Y.; Zhang, W.; Feng, Y.; Yu, B. A Classification Detection Algorithm Based on Joint Entropy Vector against Application-Layer DDoS Attack. Secur. Commun. Netw. 2018, 2018, 9463653. [Google Scholar] [CrossRef]
- Sreeram, I.; Vuppala, V.P.K. HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm. Appl. Comput. Inform. 2019, 15, 59–66. [Google Scholar] [CrossRef]
- Priyadarshini, R.; Barik, R.K. A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J. King Saud Univ. 2019, 34, 825–831. [Google Scholar] [CrossRef]
- Praseed, A.; Thilagam, P.S. Modelling Behavioural Dynamics for Asymmetric Application Layer DDoS Detection. IEEE Trans. Inf. Forensics Secur. 2020, 16, 617–626. [Google Scholar] [CrossRef]
- Ashraf, I.; Park, Y.; Hur, S.; Kim, S.W.; Alroobaea, R.; Zikria, Y.B.; Nosheen, S. A survey on cyber security threats in IoT-enabled maritime industry. IEEE Trans. Intell. Transp. Syst. 2022, 24, 2677–2690. [Google Scholar] [CrossRef]
- Ashraf, I.; Narra, M.; Umer, M.; Majeed, R.; Sadiq, S.; Javaid, F.; Rasool, N. A deep learning-based smart framework for cyber-physical and satellite system security threats detection. Electronics 2022, 11, 667. [Google Scholar] [CrossRef]
- Ullah, F.; Naeem, H.; Jabbar, S.; Khalid, S.; Latif, M.A.; Al-Turjman, F.; Mostarda, L. Cyber security threats detection in internet of things using deep learning approach. IEEE Access 2019, 7, 124379–124389. [Google Scholar] [CrossRef]
- Anyanwu, M.N.; Shiva, S.G. Comparative analysis of serial decision tree classification algorithms. Int. J. Comput. Sci. Secur. 2009, 3, 230–240. [Google Scholar]
- Troiano, L.; Scibelli, G. A time-efficient breadth-first level-wise lattice-traversal algorithm to discover rare itemsets. Data Min. Knowl. Discov. 2014, 28, 773–807. [Google Scholar] [CrossRef]
- Byers, J.; Flatté, M.; Scalapino, D. Influence of gap extrema on the tunneling conductance near an impurity in an anisotropic superconductor. Phys. Rev. Lett. 1993, 71, 3363. [Google Scholar] [CrossRef] [Green Version]
- Phyu, T.N. Survey of classification techniques in data mining. In Proceedings of the International MultiConference of Engineers and Computer Scientists, Hong Kong, 18–20 March 2009; Volume 1. [Google Scholar]
- Kulkarni, V.Y.; Sinha, P.K. Pruning of random forest classifiers: A survey and future directions. In Proceedings of the 2012 International Conference on Data Science & Engineering (ICDSE), Cochin, India, 18–20 July 2012; IEEE: Piscataway, NJ, USA, 2012; pp. 64–68. [Google Scholar]
- Breiman, L. Random forests. Mach. Learn. 2001, 45, 5–32. [Google Scholar] [CrossRef] [Green Version]
- Breiman, L. Bagging Predictors (Technical Report 421); University of California: Berkeley, CA, USA, 1994. [Google Scholar]
- Lewis, D.D. Naive (Bayes) at forty: The independence assumption in information retrieval. In European Conference on Machine Learning; Springer: Berlin/Heidelberg, Germany, 1998; pp. 4–15. [Google Scholar]
- Domingos, P.; Pazzani, M. Beyond independence: Conditions for the optimality of the simple bayesian classifier. In Proceedings of the 13th International Conference on Machine Learning, Bari, Italy, 3–6 July 1996; pp. 105–112. [Google Scholar]
- Tan, S. An effective refinement strategy for KNN text classifier. Expert Syst. Appl. 2006, 30, 290–298. [Google Scholar] [CrossRef]
- Onan, A.; Korukoğlu, S.; Bulut, H. A multiobjective weighted voting ensemble classifier based on differential evolution algorithm for text sentiment classification. Expert Syst. Appl. 2016, 62, 1–16. [Google Scholar] [CrossRef]
- Esmaeili, M.; Goki, S.H.; Masjidi, B.H.K.; Sameh, M.; Gharagozlou, H.; Mohammed, A.S. ML-DDoSnet: IoT Intrusion Detection Based on Denial-of-Service Attacks Using Machine Learning Methods and NSL-KDD. Wirel. Commun. Mob. Comput. 2022, 2022, 8481452. [Google Scholar] [CrossRef]
- Devarakonda, A.; Sharma, N.; Saha, P.; Ramya, S. Network intrusion detection: A comparative study of four classifiers using the NSL-KDD and KDD’99 datasets. Ournal Phys. 2022, 2161, 12043. [Google Scholar] [CrossRef]
- Revathi, S.; Malathi, A. A Detailed Analysis on NSL-KDD Dataset using various Machine Learning Techniques for Intrusion Detection. Int. J. Eng. Res. Technol. IJERT 2013, 2, 1848–1853. [Google Scholar]
- Liu, L.; Wang, P.; Lin, J.; Liu, L. Intrusion Detection of Imbalanced Network Traffic Based on Machine Learning and Deep Learning. IEEE Access 2021, 9, 7550–7563. [Google Scholar] [CrossRef]
- Ma, X.; Shi, W. Aesmote: Adversarial reinforcement learning with smote for anomaly detection. IEEE Trans. Netw. Sci. Eng. 2020, 8, 943–956. [Google Scholar] [CrossRef]
- Bedi, P.; Gupta, N.; Jindal, V. I-SiamIDS: An improved Siam-IDS for handling class imbalance in network-based intrusion detection systems. Appl. Intell. 2021, 51, 1133–1151. [Google Scholar] [CrossRef]
- Chkirbene, Z.; Erbad, A.; Hamila, R.; Mohamed, A.; Guizani, M.; Hamdi, M. TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection. IEEE Access 2020, 8, 95864–95877. [Google Scholar] [CrossRef]
- Vinayakumar, R.; Alazab, M.; Soman, K.P.; Poornachandran, P.; Al-Nemrat, A.; Venkatraman, S. Deep Learning Approach for Intelligent Intrusion Detection System. IEEE Access 2019, 7, 41525–41550. [Google Scholar] [CrossRef]
- Gao, X.; Shan, C.; Hu, C.; Niu, Z.; Liu, Z. An Adaptive Ensemble Machine Learning Model for Intrusion Detection. IEEE Access 2019, 7, 82512–82521. [Google Scholar] [CrossRef]
- Caminero, G.; Lopez-Martin, M.; Carro, B. Adversarial environment reinforcement learning algorithm for intrusion detection. Comput. Netw. 2019, 159, 96–109. [Google Scholar] [CrossRef]
- Abrar, I.; Ayub, Z.; Masoodi, F.; Bamhdi, A.M. A machine learning approach for intrusion detection system on NSL-KDD dataset. In Proceedings of the 2020 International Conference on Smart Electronics and Communication (ICOSEC), Trichy, India, 10–12 September 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 919–924. [Google Scholar]
- Fuat, T. Analysis of Intrusion Detection Systems in UNSW-NB15 and NSL-KDD Datasets with Machine Learning Algorithms. Bitlis Eren Univ. Bilim. Derg. 2023, 12, 465–477. [Google Scholar]
- Siva Shankar, S.; Hung, B.T.; Chakrabarti, P.; Chakrabarti, T.; Parasa, G. A novel optimization based deep learning with artificial intelligence approach to detect intrusion attack in network system. In Education and Information Technologies; Springer: Cham, Switzerland, 2023; pp. 1–25. [Google Scholar]
Ref. | Summary | Features | Evaluation |
---|---|---|---|
[40] | Entropy-based early detection mechanism of DDOS attack and flash events. | Packet header, time window size, and other generalized parameters. Dataset from CAIDA, MIT Lincoln, and FIFA | F measure, precision, false positive rate, and accuracy |
[41] | Detection mechanism to detect a flow-table attack, bandwidth attack, and controller attack in SDN environment using machine learning techniques and scapy tool for attack simulation. | Byte_count, flow alive in nanoseconds, port ID, type of service, maximum length to send the controller. | Accuracy, time to process. |
[42] | Four behavioral features show specific behavior to differentiate normal and malicious traffic. | The dataset is from Clarknet, worldcup98, and NASA | False positive, false negative, true positive, true negative. |
[43] | Hadoop-based real-time detection scheme to detect DDOS traffic using Map Reduce and HDFS | Experimental dataset based on Source IP, destination IP, packet protocol, timestamp, and packet header. | CPU utilization and memory |
[44] | URL entropy-based DOS detection algorithm was used to analyze attack traffic and a mapping matrix of joint entropy vector is contracted. | MIT Lincoln dataset based on source IP address, time window size, and other generalized parameters. | Space complexity, relative strength, time |
[45] | Bio-inspired approach to detect HTTP flood attack with minimal process complexity. | Dataset of CAIDA based on minimum time interval, number of sessions, and page access count. | Recall, precision, true positive, false positive, true positive, true negative. |
[46] | An LSTM network model is used to analyze malicious and legitimate traffic using H-ping tool for simulation | ISCX 2012, CTU 13, and experimental dataset | Accuracy, error rate |
[47] | Asymmetric detection mechanism is designed by annotated probabilistic timed automata and suspicion scoring algorithm to recognize the DDOS traffic. | Existing server logs, access traces, think time. Experimental dataset. | Precision, F1 measure, detection, false positive, false negative |
Classes | Numeric Representation |
---|---|
Normal | 0 |
Dos | 1 |
Probe | 2 |
Remote-to-Local (R2L) | 3 |
User-to-Root (USR) | 4 |
Classes | Training Data Dimensions | Testing Data Dimensions |
---|---|---|
Dos | 113,270 | 17,171 |
Probe | 78,999 | 12,132 |
R2L | 68,338 | 12,596 |
USR | 67,395 | 9778 |
Models | Parameter | Values |
---|---|---|
RF | n_estimators | 10 |
n_jobs | 2 | |
criterion | Gini | |
KNN | n_neighbors | 5 |
leaf_size | 30 | |
P | 2 | |
metric | Minkowski | |
SVM | kernal | linear |
C | 1.0 | |
random_state | 0 |
Classes | DT | NB | LG | GB | RF | SVM | KNN | IoTTPS |
---|---|---|---|---|---|---|---|---|
DoS | 89.2 | 86.7 | 99.4 | 99.5 | 99.7 | 99.3 | 99.7 | 99.7 |
Probe | 96.5 | 97.8 | 98.3 | 98.7 | 99.2 | 98.4 | 99.0 | 99.2 |
U2R | 99.5 | 97.2 | 99.6 | 99.5 | 99.6 | 99.6 | 99.7 | 99.7 |
R2L | 87.3 | 93.5 | 96.5 | 97.2 | 97.1 | 96.7 | 96.7 | 97.2 |
Classes | DT | NB | LG | GB | RF | SVM | KNN | IoTTPS |
---|---|---|---|---|---|---|---|---|
DoS | 88.0 | 98.8 | 99.1 | 99.2 | 99.7 | 99.1 | 99.6 | 99.8 |
Probe | 92.7 | 97.3 | 97.04 | 97.4 | 98.3 | 96.9 | 98.6 | 98.7 |
U2R | 90.6 | 60.1 | 93.0 | 87.7 | 94.2 | 91.0 | 93.1 | 94.3 |
R2L | 87.55 | 89.0 | 94.4 | 95.3 | 96.3 | 94.8 | 95.3 | 95.8 |
Classes | DT | NB | LG | GB | RF | SVM | KNN | IoTTPS |
---|---|---|---|---|---|---|---|---|
DOS | 87.8 | 70.3 | 99.5 | 99.6 | 99.6 | 99.4 | 99.6 | 99.6 |
Probe | 97.5 | 96.0 | 97.9 | 98.8 | 98.7 | 98.3 | 98.5 | 98.9 |
U2R | 72.7 | 97.9 | 83.7 | 80.6 | 84.5 | 82.9 | 85.0 | 86.5 |
R2L | 74.9 | 95.5 | 96.0 | 95.6 | 96.3 | 96.2 | 95.4 | 96.2 |
Classes | DT | NB | LG | GB | RF | SVM | KNN | IoTTPS |
---|---|---|---|---|---|---|---|---|
DoS | 87.5 | 82.1 | 99.3 | 99.4 | 99.7 | 99.2 | 99.6 | 99.7 |
Probe | 94.8 | 96.6 | 97.4 | 98.1 | 98.9 | 97.6 | 98.5 | 98.7 |
U2R | 78.0 | 66.0 | 86.4 | 82.1 | 85.1 | 84.8 | 87.8 | 89.1 |
R2L | 78.8 | 91.6 | 95.2 | 96.0 | 96.9 | 95.5 | 95.3 | 96.0 |
Parameter | Classes | NSL-KDD Dataset | KDD Dataset | CIC-IDS 2017 Dataset |
---|---|---|---|---|
Accuracy | DOS | 99.7 | 93.4 | 99.3 |
Probe | 99.2 | 96.6 | 97.4 | |
U2R | 99.7 | 92.0 | 94.6 | |
R2L | 97.2 | 91.6 | 95.2 | |
Precision | DOS | 99.8 | 82.1 | 99.3 |
Probe | 98.7 | 97.2 | 95.8 | |
U2R | 94.3 | 86.7 | 89.1 | |
R2L | 95.8 | 93.9 | 91.3 | |
Recall | DOS | 99.6 | 94.3 | 96.7 |
Probe | 98.9 | 97.3 | 95.3 | |
U2R | 86.5 | 92.4 | 89.9 | |
R2L | 96.2 | 93.4 | 95.2 | |
F1 score | DOS | 99.7 | 82.1 | 99.3 |
Probe | 98.7 | 96.6 | 96.4 | |
U2R | 89.1 | 64.0 | 86.4 | |
R2L | 96.0 | 97.6 | 96.2 |
Metrics | Units |
---|---|
Detection Time | Time (seconds) taken by model to predict testing data based on threats |
Throughput | Number of threats detected per second |
Latency | Time (seconds) taken by detection of the single attack |
Models | Classes | Detection Time | Throughput | Latency |
---|---|---|---|---|
GBM | DOS | 0.126007 | 136,270.1206 | 0.0156266 |
Probe | 0.0370032 | 327,862.83852 | 0.016377 | |
R2L | 0.0330026 | 381,666.7257 | 0.0260016 | |
U2R | 0.0240008 | 407,401.6759 | 0.0156264 | |
DT | DOS | 0.0170013 | 1,009,976.2159 | 0.015991 |
Probe | 0.011001 | 1,102,797.8008 | 0.0156259 | |
R2L | 0.01200175 | 1,049,513.36307 | 0.01562595 | |
U2R | 0.01000189 | 977,614.4671 | 0.0157036 | |
NB | DOS | 0.2400138 | 71,541.70841 | 0.0161867 |
Probe | 0.0830039 | 146,161.6346 | 0.0159137 | |
R2L | 0.092005 | 186,631.1321 | 0.01562643 | |
U2R | 0.0710043 | 137,709.7937 | 0.0158147 | |
LR | DOS | 0.0130021 | 1,320,627.0098 | 0.01770687 |
Probe | 0.00800156 | 1,516,203.2158 | 0.0159666 | |
R2L | 0.0140025 | 899,549.6957 | 0.01583218 | |
U2R | 0.0070016 | 1,396,530.2724 | 0.038001775 | |
RF | DOS | 0.038001 | 451,852.9759 | 0.32101 |
Probe | 0.041002 | 295,887.7518 | 0.24401 | |
R2L | 0.030002 | 419,837.0379 | 0.06249 | |
U2R | 0.021001 | 465,578.7906 | 0.060003 | |
KNN | DOS | 881.4291 | 19.48086 | 0.046877 |
Probe | 645.59371 | 18.792004 | 0.046875 | |
R2L | 489.99926 | 25.70616 | 0.04687 | |
U2R | 379.42463 | 25.77059 | 0.038002 | |
SVM | DOS | 2.379104 | 7217.4211 | 0.015735 |
Probe | 3.45194 | 3514.54465 | 0.015835 | |
R2L | 2.25552 | 5584.5189 | 0.060129 | |
U2L | 0.203546 | 48,038.2138 | 0.015887 | |
Ensemble RKSVM | DOS | 859.04686 | 19.98843 | 0.062499 |
Probe | 599.36881 | 20.24129 | 0.0468778 | |
R2L | 515.34198 | 24.44202 | 0.046875 | |
U2R | 379.880803 | 25.73965 | 0.046874 |
Ref. | Year | Dataset | Model | Accuracy | Precision | Recall | F1-Score |
---|---|---|---|---|---|---|---|
IoTTPS | 2023 | NSL-KDD | Ensembled RKSVM model | 99.7% | 99.8% | 99.6% | 99.7% |
[62] | 2022 | NSL-KDD | Multilayer Perceptron | 97.6% | 97.9% | 67.3% | - |
[63] | 2022 | NSL-KDD | RF | - | 99.4% | 99.3% | 99.6% |
[64] | 2021 | NSL-KDD Test+ | Hybrid classifier | 85.2% | 86.5% | 85.2% | 84.9% |
[65] | 2021 | NSL-KDD | DSSTE-AlexNet | 82.8% | 83.9% | 82.7% | 81.6% |
[66] | 2020 | NSL-KDD | AESMOTE | 82.0% | - | - | 82.4% |
[67] | 2021 | NSL-KDD | I-SiamIDS | 80.0% | - | - | 68.3% |
[68] | 2020 | NSL-KDD | TIDCS | 98.0% | - | - | - |
[69] | 2019 | NSL-KDD | Adaboost classifier | 93.4% | 96.1% | 91.4% | 93.7% |
[70] | 2019 | NSL-KDD | Multi tree classifier | 84.23% | 86.4% | 84.23% | 83.6% |
[71] | 2019 | NSL-KDD | AE-RL | 80.1% | - | - | 79.4% |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Akram, U.; Sharif, W.; Shahroz, M.; Mushtaq, M.F.; Aray, D.G.; Thompson, E.B.; Diez, I.d.l.T.; Djuraev, S.; Ashraf, I. IoTTPS: Ensemble RKSVM Model-Based Internet of Things Threat Protection System. Sensors 2023, 23, 6379. https://doi.org/10.3390/s23146379
Akram U, Sharif W, Shahroz M, Mushtaq MF, Aray DG, Thompson EB, Diez IdlT, Djuraev S, Ashraf I. IoTTPS: Ensemble RKSVM Model-Based Internet of Things Threat Protection System. Sensors. 2023; 23(14):6379. https://doi.org/10.3390/s23146379
Chicago/Turabian StyleAkram, Urooj, Wareesa Sharif, Mobeen Shahroz, Muhammad Faheem Mushtaq, Daniel Gavilanes Aray, Ernesto Bautista Thompson, Isabel de la Torre Diez, Sirojiddin Djuraev, and Imran Ashraf. 2023. "IoTTPS: Ensemble RKSVM Model-Based Internet of Things Threat Protection System" Sensors 23, no. 14: 6379. https://doi.org/10.3390/s23146379