Refined LSTM Based Intrusion Detection for Denial-of-Service Attack in Internet of Things

• Main Authors: Abu-Mahfouz, A.M (Author), Alimi, K.O.A (Author), Alimi, O.A (Author), Ouahada, K. (Author), Rimer, S. (Author)
• Format: Article
• Language: English
• Published: MDPI 2022
• Subjects: attacks; CICIDS-2017; deep learning; denial of service; internet of things; intrusion detection system; long short-term memory; machine learning; multilayer perceptron; NSL-KDS; refined long short-term memory
• Online Access: View Fulltext in Publisher

 The Internet of Things (IoT) is a promising technology that allows numerous devices to be connected for ease of communication. The heterogeneity and ubiquity of the various connected devices, openness to devices in the network, and, importantly, the increasing number of connected smart objects (or devices) have exposed the IoT network to various security challenges and vulnerabilities which include manipulative data injection and cyberattacks such as a denial of service (DoS) attack. Any form of intrusive data injection or attacks on the IoT networks can create devastating consequences on the individual connected device or the entire network. Hence, there is a crucial need to employ modern security measures that can protect the network from various forms of attacks and other security challenges. Intrusion detection systems (IDS) and intrusion prevention systems have been identified globally as viable security solutions. Several traditional machine learning methods have been deployed as IoT IDS. However, the methods have been heavily criticized for poor performances in handling voluminous datasets, as they rely on domain expertise for feature extraction among other reasons. Thus, there is a need to devise better IDS models that can handle the IoT voluminous datasets efficiently, cater to feature extraction, and perform reasonably well in terms of overall performance. In this paper, an IDS based on redefined long short-term memory deep learning approach is proposed for detecting DoS attacks in IoT networks. The model was tested on benchmark datasets; CICIDS-2017 and NSL-KDS datasets. Three pre-processing procedures, which include encoding, dimensionality reduction, and normalization were deployed for the datasets. Using key classification metrics, experimental results obtained show that the proposed model can effectively detect DoS attacks in IoT networks as it performs better compared to other methods including models from related works. © 2022 by the authors. Licensee MDPI, Basel, Switzerland.