Document Type : Research Article


Department of Computer Engineering, Shahid Chamran University of Ahvaz, Ahvaz, Iran.



Due to the increasing development and applications of the Internet of Things (IoT), detection and prevention of intruders into the network and devices has gained much attention in the past decade. For this challenge, traditional solutions of Intrusion Detection Systems (IDS) are not responsive in IoT environments or at least may not be very efficient. In this article, we deeply investigate the previous methods of using machine learning methods for intrusion detection in IoT, and two methods for feature extraction and classification are proposed. The first method is feature extraction and classification using Logistic Regression (LR) and the second method is to use an Artificial Neural Network (ANN) for classification. To evaluate the performance of the proposed method, six devices of the N_BaIoT dataset, which consists of data samples related to nine devices IoT and several attacks are used according to some criteria for evaluating the performance of the proposed methods. Simulation results in comparison with some other deep learning methods in terms of accuracy, precision, recall and F1-score show that using logistic regression, is more efficient and above 90% classification accuracy is achieved.


[1] D. Mendez Mena, I. Papapanagiotou, and B. Yang. Internet of things: Survey on security. Information Security Journal: A Global Perspective, 27(3):162--182, 2018. [ bib | DOI ]
[2] J. Hou, L. Qu, , and W. Shi. A Survey on Internet of Things Security from Data Perspectives. Computer Networks, 148:295--306, 2019. [ bib | DOI ]
[3] B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and de S. C. Alvarenga. A survey of intrusion detection in Internet of Things. Journal of Network and Computer Applications, 84:25--37, 2017. [ bib | DOI ]
[4] E. Besharati, M. Naderan, and E. Namjoo. LR-HIDS: Logistic Regression Host-based Intrusion Detection System for Cloud Environments. Journal of Ambient Intelligence and Humanized Computing, 10(9):3669--3692, 2019. [ bib | DOI ]
[5] W. Hatcher Grant and W. Yu. A Survey of deep learning: platforms, applications, and emerging research trends. IEEE Access, 6:24411 -- 24432, 2018. [ bib | DOI ]
[6] D. Kwon, H. Kim, J. Kim, S. C. Suh, I. Kim, and K. J. Kim. A survey of deep learning-based network anomaly detection. Cluster Computing, 22(1):949--961, 2019. [ bib | DOI ]
[7] F. Farahnakian and J. Heikkonen. A deep auto-encoder based approach for intrusion detection system. In 2018 20th International Conference on Advanced Communication Technology (ICACT), pages 178--183. IEEE, 2018. [ bib | DOI ]
[8] N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi. A Deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1):41 -- 50, 2018. [ bib | DOI ]
[9] Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacher, and Y. Elovici. N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders. IEEE Pervasive Computing, 17(3):12--22, 2018. [ bib | DOI ]
[10] J. Kim, M. Shim, S. Hong, Y. Shin, and E. Choi. Intelligent Detection of IoT Botnets Using Machine Learning and Deep Learning. Applied Sciences, 10(19):7009, 2020. [ bib | DOI ]
[11] Y. Fu, F. Lou, F. Meng, Z. Tian, H. Zhang, and F. Jiang. An Intelligent Network Attack Detection Method Based on RNN. In 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pages 483--489. IEEE, 2018. [ bib | DOI ]
[12] K. Alrawashdeh and C. Purdy. Toward an Online Anomaly Intrusion Detection System Based on Deep Learning. In 2016 15th IEEE international conference on machine learning and applications (ICMLA), pages 195--200. IEEE, 2019. [ bib | DOI ]
[13] UCL Machine Learning Repository: detection_of_IoT_botnet_attacks_N_BaIoT Data Set. The n-baiot dataset., Date Accessed: 8 October 2020. [ bib ]
[14] GitHub. Mirai-source-code., Date Accessed: 8 October 2020. [ bib ]
[15] M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, D. Menscher, C. Seaman, N. Sullivan, K. Thomas, and Y. Zhou. Understanding the Mirai Botnet. In 26th {USENIX} security symposium ({USENIX} Security 17), pages 1093--1110, 2017. [ bib | DOI ]
[16] A. Marzano, D. Alexander, O. Fonseca, E. Fazzion, C. Hoepers, K. Steding-Jessen, M. H. Chaves, Í. Cunha, D. Guedes, and W. Meira. The Evolution of Bashlite and Mirai IoT Botnets. In 2018 IEEE Symposium on Computers and Communications (ISCC), pages 00813--00818. IEEE, 2018. [ bib | DOI ]
[17] Z. Khandezamin, M. N. Tahan, and M. J. Rashti. Intelligent detection of breast cancer with feature selection based on logistic regression and support vector machine Classification. Journal of Soft Computing and Information Technology (JSCIT), 9(2):115--123, 2020. [ bib | DOI ]
[18] C.Nwankpa, W. Ijomah, A. Gachagan, and S. Marshall. Activation Functions: Comparison of Trends in Practice and Research for Deep Learning. In 2nd International Conference on Computational Sciences and Technology, (INCCST), 2020. [ bib | DOI ]
[19] Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Network and Distributed System Security Symposium, 2018. [ bib | DOI ]
[20] Project jupyter., Date Accessed: 8 October 2020. [ bib ]
[21] Broadcom Inc. Symantec. internet security threat report (istr)., Date Accessed: 8 October 2020. [ bib ]
[22] S. Alabdulsalam, K. Schaefer, T. Kechadi, and N. Le-Khac. Internet of Things Forensics – Challenges and a Case Study. In IFIP International Conference on Digital Forensics, pages 35--48. Springer, 2018. [ bib | DOI ]
[23] Pwc’s global economic crime and fraud survey., Date Accessed: 8 October 2020. [ bib ]
[24] G. Lally and D. Sgandurra. Towards a Framework for Testing the Security of IoT Devices Consistently. In International Workshop on Emerging Technologies for Authorization and Authentication, pages 35--48. Springer, 2018. [ bib | DOI ]
[25] M. Stoyanova, Y. Nikoloudakis, S. Panagiotakis, E. Pallis, and E. K. Markakis. A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues. IEEE Communications Surveys & Tutorials, 22(2):1191--1221, 2020. [ bib | DOI ]
[26] IoT security market. IoT security market watch-key market needs and solution providers in the IoT landscape. In Global Digital Transformation Research Team at Frost & Sullivan, 2017. [ bib | DOI ]
[27] A. H. M. Aman, E. Yadegaridehkordi, Z. S. Attarbashi, R. Hassan, and Y. Park. A Survey on Trend and Classification of Internet of Things Reviews. IEEE Access, 8:111763 -- 111782, 2020. [ bib | DOI ]
[28] E. Tsogbaatar, M. H. Bhuyan, Y. Taenaka, D. Fall, K. Gonchigsumlaa, E. Elmroth, and Y. Kadobayashi. DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT. Internet of Things, 14:100391, 2021. [ bib | DOI ]
[29] I. Andrea, C. Chrysostomou, and G. Hadjichristofi. Internet of things: Security vulnerabilities and challenges. In 2015 IEEE Symposium on Computers and Communication (ISCC), pages 180--187. IEEE, 2015. [ bib | DOI ]
[30] A. L. Buczak and E. Guven. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection. IEEE Communications surveys & tutorials, 18(2):1153 -- 1176, 2015. [ bib | DOI ]
[31] H. Bahsi, S. Nõmm, and F. B. La Torre. Dimensionality Reduction for Machine Learning Based IoT Botnet Detection. In 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV), pages 1857--1862. IEEE, 2018. [ bib | DOI ]
[32] M. M. U. Chowdhury, F. Hammond, G. Konowicz, C. Xin, H. Wu, and J. Li. A few-shot deep learning approach for improved intrusion detection. In 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), pages 456--462. IEEE, 2017. [ bib | DOI ]
[33] A. Javaid, Q. Niyaz, W. Sun, and M. Alam. A Deep Learning Approach for Network Intrusion Detection System. 9th EAI International Conference on Bio-inspired Information and Communications Technologies, 3(9), 2016. [ bib | DOI ]
[34] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho. Deep learning approach for Network Intrusion Detection in Software Defined Networking. In 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), pages 258--263. IEEE, 2016. [ bib | DOI ]
[35] J. Zhang and M. Zulkernine. A hybrid network intrusion detection technique using random forests. In First International Conference on Availability, Reliability and Security (ARES'06). IEEE, 2006. [ bib | DOI ]
[36] N. B. Amor, S. Benferhat, and Z. Elouedi. Naive Bayes vs decision trees in intrusion detection systems. In Proceedings of the 2004 ACM symposium on Applied computing, pages 420--424. IEEE, 2004. [ bib | DOI ]
[37] S. Mukkamala, G. Janoski, and A. Sung. Intrusion detection using neural networks and support vector machines. In Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No. 02CH37290), pages 1702--1707. IEEE, 2002. [ bib | DOI ]
[38] S. Nõmm and H. Bahsi. Unsupervised Anomaly Based Botnet Detection in IoT Networks. In 2018 17th IEEE international conference on machine learning and applications (ICMLA), pages 1048--1053. IEEE, 2018. [ bib | DOI ]