当前位置:
X-MOL 学术
›
IEEE Internet Things J.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Feature Engineering and Machine Learning Framework for DDoS Attack Detection in the Standardized Internet of Things
IEEE Internet of Things Journal ( IF 10.6 ) Pub Date : 2023-02-15 , DOI: 10.1109/jiot.2023.3245153 Kamaldeep 1 , Manisha Malik 1 , Maitreyee Dutta 1
IEEE Internet of Things Journal ( IF 10.6 ) Pub Date : 2023-02-15 , DOI: 10.1109/jiot.2023.3245153 Kamaldeep 1 , Manisha Malik 1 , Maitreyee Dutta 1
Affiliation
Over the past decade, there has been huge rise in the number of Internet of Things (IoT) devices and networks often characterized by resource constraints on energy, memory, communication, and computation power and, thus, integration of security mechanisms in these networks are often neglected. As the attacks increase, it becomes essential to secure the networks with machine learning (ML)-based intrusion detection system (IDS) for their higher accuracy and reduced false alarms. However, these systems highly rely on data and optimal features for extrapolation and attack detection. Existing benchmark data sets are obsolete and lack IoT compatible traffic data and, therefore, to address this issue, we explore a novel data set, cross layer intrusion detection data set for IoT (IoT-CIDDS) data set with 21 features and single labeling attribute. In this study, we propose a feature engineering and ML framework to detect Distributed Denial-of-Service (DDoS) attacks of IoT-CIDDS data set. The framework consists of two phases. In the first phase, we develop algorithms for data set enrichment and emphasize on advanced feature engineering for statistically analyzing the data set with probability distribution and correlation among features. In the second phase, we propose an ML model and perform complexity analysis of the feature engineered data set with five ML techniques by creating training, validation, and testing data sets from IoT-CIDDS. The ML models are evaluated in terms of accuracy, precision, recall, area under curve, false positive rate, and computational time for training the classifiers. The experimental results show that substantial feature reduction optimizes the performance of ML-based IDS for detecting DDoS attacks in standardized IoT networks employing 6LoWPAN stack.
中文翻译:
用于标准化物联网中 DDoS 攻击检测的特征工程和机器学习框架
在过去十年中,物联网 (IoT) 设备和网络的数量大幅增加,这些设备和网络通常以能源、内存、通信和计算能力等资源限制为特征,因此,在这些网络中集成安全机制经常被忽视。随着攻击的增加,必须使用基于机器学习 (ML) 的入侵检测系统 (IDS) 来保护网络,以提高准确性并减少误报。然而,这些系统高度依赖数据和最佳特征来进行推断和攻击检测。现有的基准数据集已经过时并且缺乏与物联网兼容的流量数据,因此,为了解决这个问题,我们探索了一个新的数据集,即具有 21 个特征和单一标记属性的物联网跨层入侵检测数据集(IoT-CIDDS)数据集. 在这项研究中,我们提出了一个特征工程和 ML 框架来检测 IoT-CIDDS 数据集的分布式拒绝服务 (DDoS) 攻击。该框架包括两个阶段。在第一阶段,我们开发了数据集丰富算法,并强调高级特征工程,用于统计分析数据集的概率分布和特征之间的相关性。在第二阶段,我们提出了一个 ML 模型,并通过从 IoT-CIDDS 创建训练、验证和测试数据集,使用五种 ML 技术对特征工程数据集进行复杂性分析。ML 模型根据准确度、精确度、召回率、曲线下面积、误报率和训练分类器的计算时间进行评估。
更新日期:2023-02-15
中文翻译:
用于标准化物联网中 DDoS 攻击检测的特征工程和机器学习框架
在过去十年中,物联网 (IoT) 设备和网络的数量大幅增加,这些设备和网络通常以能源、内存、通信和计算能力等资源限制为特征,因此,在这些网络中集成安全机制经常被忽视。随着攻击的增加,必须使用基于机器学习 (ML) 的入侵检测系统 (IDS) 来保护网络,以提高准确性并减少误报。然而,这些系统高度依赖数据和最佳特征来进行推断和攻击检测。现有的基准数据集已经过时并且缺乏与物联网兼容的流量数据,因此,为了解决这个问题,我们探索了一个新的数据集,即具有 21 个特征和单一标记属性的物联网跨层入侵检测数据集(IoT-CIDDS)数据集. 在这项研究中,我们提出了一个特征工程和 ML 框架来检测 IoT-CIDDS 数据集的分布式拒绝服务 (DDoS) 攻击。该框架包括两个阶段。在第一阶段,我们开发了数据集丰富算法,并强调高级特征工程,用于统计分析数据集的概率分布和特征之间的相关性。在第二阶段,我们提出了一个 ML 模型,并通过从 IoT-CIDDS 创建训练、验证和测试数据集,使用五种 ML 技术对特征工程数据集进行复杂性分析。ML 模型根据准确度、精确度、召回率、曲线下面积、误报率和训练分类器的计算时间进行评估。
京公网安备 11010802027423号