Title: Two-level machine learning driven intrusion detection model for IoT environments

Authors: Yuvraj Singh Malhi; Virendra Singh Shekhawat

Addresses: Department of Electrical and Electronics, Birla Institute of Technology and Science, Pilani, Rajasthan, India ' Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani, New Academic Block, 6121-R, Pilani, Rajasthan, India

Abstract: As a consequence of the growing number of cyberattacks on IoT devices, the need for defences like intrusion detection systems (IDSs) has significantly risen. But current IDS implementations for IoT are complex to design, difficult to incorporate, platform-specific, and limited by IoT device's resource constraints. This paper proposes a deployment-ready network IDS for IoT that overcomes the shortcomings of the existing IDS solutions and can detect 22 types of attacks. The proposed IDS provide the flexibility to work in multiple modes as per IoT device computing power, made possible via development of three machine learning-based IDS modules. The intrusion detection task has been divided at two levels: at edge devices (using two light modules based on neural network and decision tree) and at centralised controller (using a random forest and XGBoost combination). To ensure the best working tandem of developed modules, different IDS deployment strategies are also given.

Keywords: deep learning; machine learning; intrusion detection system; IDS; random forest; network security; internet of things; IoT; denial-of-service; DoS; soft computing; modular detection; IoT security.

DOI: 10.1504/IJICS.2023.132708

International Journal of Information and Computer Security, 2023 Vol.21 No.3/4, pp.229 - 261

Received: 11 Jul 2021
Accepted: 10 Oct 2021

Published online: 09 Aug 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article