Abstract
Intrusion detection system (IDS) using machine learning approach is getting popularity as it has an advantage of getting updated by itself to defend against any new type of attack. Another emerging technology, called internet of things (IoT) is taking the responsibility to make automated system by communicating the devices without human intervention. In IoT based systems, the wireless communication between several devices through the internet causes vulnerability for different security threats. This paper proposes a novel unified intrusion detection system for IoT environment (UIDS) to defend the network from four types of attacks such as: exploit, DoS, probe, and generic. The system is also able to detect normal category of network traffic. Most of the related works on IDS are based on KDD99 or NSL-KDD 99 data sets which are unable to detect new type of attacks. In this paper, UNSW-NB15 data set is considered as the benchmark dataset to design UIDS for detecting malicious activities in the network. The performance analysis proves that the attack detection rate of the proposed model is higher compared to two existing approaches ENADS and DENDRON which also worked on UNSW-NB15 data set.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Malek Z, Trivedi B (2013) A study of anomaly intrusion detection using machine learning techniques. Int J Enterp Comput Bus Syst 2(1):2230–8849
Haroon A, Shah MA, Asim Y, Naeem W, Kamran M, Javaid Q (2016) Constraints in the IoT: the world in 2020 and beyond. Constraints J 7(11):252
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD CUP 99 data set. In: Computational intelligence for security and defense applications, 2009. CISDA 2009. IEEE Symposium on:1–6
Revathi S, Malathi A (2013) A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. Int J Eng Res Technol 2(12):1848–1853
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military communications and information systems conference (MilCIS), 2015. IEEE:1–6
Moustafa N, Slay J (2016) The evaluation of Network Anomaly Detection Systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 dataset. Inf Secur J A Glob Perspect 25(1–3):18–31
Papamartzivanos D, Mármol FG, Kambourakis G (2018) Dendron: genetic trees driven rule induction for network intrusion detection systems. Future Gener Comput Syst 79:558–574
Ge M, Hong JB, Guttmann W, Kim DS (2017) A framework for automating security analysis of the internet of things. J Netw Comput Appl 83:12–27
Mehare TM, Bhosale S (2017) Design and development of intrusion detection system for internet of things. Int J Innov Res Comput Commun Eng 5(7):13469–13475
Hodo E, Bellekens X, Hamilton A, Dubouilh PL, Iorkyase E, Tachtatzis C, Atkinson R (2016) Threat analysis of IoT networks using artificial neural network intrusion detection system. In: 2016 international symposium on networks, computers and communications (ISNCC). IEEE, 1–6
Koroniotis N, Moustafa N, Sitnikova E, Slay J (2017) Towards develo** network forensic mechanism for botnet activities in the IoT based on machine learning techniques. In: international conference on mobile networks and management, Springer Cham:30–44
Jha J, Ragha L (2013) Intrusion detection system using support vector machine. In: International Journal of Applied Information Systems: Proceedings on International Conference and workshop on Advanced Computing ICWAC, vol 3, Foundation of Computer Science, New York, USA, pp 25–30
Mohammadi M, Akbari A, Raahemi B, Nassersharif B, Asgharian H (2014) A fast anomaly detection system using probabilistic artificial immune algorithm capable of learning new attacks. Evolut Intel 6(3):135–156
Chowdhury MN, Ferens K, Ferens M (2016) Network Intrusion Detection Using Machine Learning. In: Proceedings of the International Conference on Security and Management (SAM):30
Bosman HH, Iacca G, Tejada A, Wörtche HJ, Liotta A (2017) Spatial anomaly detection in sensor networks using neighborhood information. Information Fusion 33:41–56
Hidoussi F, Toral-Cruz H, Boubiche DE, Lakhtaria K, Mihovska A, Voznak M (2015) Centralized IDS based on misuse detection for cluster-based wireless sensors networks. Wireless Pers Commun 85(1):207–224
Patel SK, Sonker A (2016) Rule-based network intrusion detection system for port scanning with efficient port scan detection rules using snort. International Journal of Future Generation Communication and Networking 9(6):339–350
Benmessahel I, **e K, Chellal M, Semong T (2019) A new evolutionary neural networks based on intrusion detection systems using locust swarm optimization. Evol Intell 12(2):131–146
Akshaya P (2016) Intrusion detection system using machine learning approach. Int J Eng Comput Sci 5(10):18249–18254. https://doi.org/10.18535/ijecs/v5i10.05
Agarwal M, Pasumarthi D, Biswas S, Nandi S (2016) Machine learning approach for detection of flooding DoS attacks in 802.11 networks and attacker localization. Int J Mach Learn Cybern 7(6):1035–1051. https://doi.org/10.1007/s13042-014-0309-2
Wattanapongsakorn N, Charnsripinyo C (2015) Web-based monitoring approach for network-based intrusion detection and prevention. Multimed Tools Appl 74(16):6391–6411. https://doi.org/10.1007/s11042-014-2097-9
Mabu S, Chen C, Lu N, Shimada K, Hirasawa K (2011) An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Trans Syst Man Cybern Part C Appl Rev 41(1):130–139
Elhag S, Fernández A, Bawakid A, Alshomrani S, Herrera F (2015) On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems. Expert Syst Appl 42(1):193–202
Sasan HPS, Sharma M (2016) Intrusion detection using feature selection and machine learning algorithm with misuse detection. Int J Comput Sci Inf Technol (IJCSIT) 8(1):17. https://doi.org/10.5121/ijcsit.2016.8102
Weka 3.6.0 tools. http://www.cs.waikato.ac.nz/ml/weka/
Farid DM, Zhang L, Rahman CM, Hossain MA, Strachan R (2014) Hybrid decision tree and naïve Bayes classifiers for multi-class classification tasks. Expert Syst Appl 41(4):1937–1946
Modi C, Patel D (2018) A feasible approach to intrusion detection in virtual network layer of cloud computing. Sādhanā 43(7):114
Raza S, Wallgren L, Voigt T (2013) SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw 11(8):2661–2674
Mehmood A, Mukherjee M, Ahmed SH, Song H, Malik KM (2018) NBC-MAIDS: naïve Bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks. J Supercomput 74(10):5156–5170
Penukonda QS, Paramasivam I (2019) Design and analysis of behaviour based DDoS detection algorithm for data centres in cloud. Evolut Intell. https://doi.org/10.1007/s12065-019-00244-3
Aljawarneh S, Aldwairi M, Yassein MB (2018) Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. J Comput Sci 1(25):152–160
Bostani H, Sheikhan M (2017) Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Comput Commun 15(98):52–71
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst 1(82):761–768
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix
Rights and permissions
About this article
Cite this article
Kumar, V., Das, A.K. & Sinha, D. UIDS: a unified intrusion detection system for IoT environment. Evol. Intel. 14, 47–59 (2021). https://doi.org/10.1007/s12065-019-00291-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12065-019-00291-w