A Review on IoT Intrusion Detection Systems Using Supervised Machine Learning: Techniques, Datasets, and Algorithms
Keywords:Internet of thing, Intrusion detection, Intrusion detection system techniques, Intrusion detection system datasets, Ranker feature selection, Information gain, Gain Ratio, supervised Machine learning Algorithms, Thoracic Surgery, Cross-Validation.
Physical objects that may communicate with one another are referred to “things” throughout the Internet of Things (IoT) concept. It introduces a variety of services and activities that are both available, trustworthy and essential for human life. The IoT necessitates multifaceted security measures that prioritize communication protected by confidentiality, integrity and authentication services; data inside sensor nodes are encrypted and the network is secured against interruptions and attacks. As a result, the issue of communication security in an IoT network needs to be solved. Even though the IoT network is protected by encryption and authentication, cyber-attacks are still possible. Consequently, it’s crucial to have an intrusion detection system (IDS) technology. In this paper, common and potential security threats to the IoT environment are explored. Then, based on evaluating and contrasting recent studies in the field of IoT intrusion detection, a review regarding the IoT IDSs is offered with regard to the methodologies, datasets and machine learning (ML) algorithms. In This study, the strengths and limitations of recent IoT intrusion detection techniques are determined, recent datasets collected from real or simulated IoT environment are explored, high-performing ML methods are discovered, and the gap in recent studies is identified.
S. Chen, H. Xu, D. Liu, B. Hu and H. Wang. “A vision of IoT: Applications, challenges, and opportunities with china perspective.” IEEE Internet of Things Journal, vol. 1, no. 4, pp. 349-359, 2014.
S. Li, L. D. Xu and S. Zhao. “The internet of things: A survey”. Information Systems Frontiers, vol. 17, no. 2, pp. 243-259, 2015.
T. Sherasiya and H. Upadhyay. “Intrusion detection system for internet of things”. International Journal of Advance Research and Innovative Ideas in Education, vol. 2, no. 3, pp. 2244-2249, 2016.
M. M. Patel and A. Aggarwal. “Security Attacks in Wireless Sensor Networks: A Survey”. In: 2013 International Conference on Intelligent Systems and Signal Processing (ISSP). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 329-333, 2013.
S. N. Kumar. “Review on network security and cryptography”. International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1, pp. 1-11, 2015.
R. S. M. Joshitta, L. Arockiam. “Security in IoT environment: A survey”. International Journal of Information Technology and Mechanical Engineering, vol. 2, no. 7, pp. 1-8, 2016.
M. M. Hossain, M. Fotouhi and R. Hasan. “Towards an Analysis of Security Issues, Challenges, and Open Problems in the Internet of Things”. In: 2015 IEEE World Congress on Services. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 21-28, 2015.
A. Khraisat and A. Alazab. “A critical review of intrusion detection systems in the internet of things: Techniques, deployment strategy, validation strategy, attacks, public datasets and challenges”. Cybersecurity, vol. 4, no. 1, pp. 1-27, 2021.
N. Mishra and S. Pandya. “Internet of things applications, security challenges, attacks, intrusion detection, and future visions: A systematic review”. IEEE Access, vol. 9, pp. 59353-59377, 2021.
L. Atzori, A. Iera and G. Morabito. “The internet of things: A survey,” Journal of Computer Network, vol. 54, no. 15, pp. 2787-2805, 2010.
S. Andreev and Y. Koucheryavy. “Internet of things, smart spaces, and next generation networking”. vol. 7469. In: Lecture Notes in Computer Science. Springer, Berlin, Germany, p. 464, 2012.
S. J. Kumar and D. R. Patel. “A survey on internet of things: Security and privacy issues”. International Journal of Computer Applications, vol. 90, no. 11, pp. 20-26, 2014.
J. Du and S. Chao. “A Study of Information Security for M2M of IOT”. In: 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE). Vol. 3. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. V3-576-V3-579, 2010.
B. Schneier. Secrets and Lies: Digital Security in a Networked World. John Wiley and Sons, Hoboken, New Jersey, 2015.
J. M. Kizza. Guide to computer network security. Springer, Berlin, Germany, 2013.
M. Taneja. “An analytics framework to detect compromised IoT devices using mobility behavior”. In: 2013 International Conference on ICT Convergence (ICTC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 38-43, 2013.
G. M. Koien and V. A. Oleshchuk. “Aspects of Personal Privacy in Communications: Problems, Technology and Solutions”. River Publishers, Denmark, 2013.
N. R. Prasad. “Threat Model Framework and Methodology for Personal Networks (PNs)”. In: 2007 2nd International Conference on Communication Systems Software and Middleware. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-6, 2007.
S. O. Amin, M. S. Siddiqui, C. S. Hong, and J. Choe. “A novel coding scheme to implement signature based IDS in IP based Sensor Networks”. In: 2009 IFIP/IEEE International Symposium on Integrated Network Management-workshops. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 269-274, 2009.
J. Deogirikar and A. Vidhate. “Security Attacks in IoT: A Survey”. In: 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 32-37, 2017.
S. Ansari, S. Rajeev and H. S. Chandrashekar. “Packet sniffing: A brief introduction”. IEEE Potentials, vol. 21, no. 5, pp. 17-19, 2003.
L. Liang, K. Zheng, Q. Sheng and X. Huang. “A Denial of Service Attack Method for an IoT System”. In: 2016 8th International Conference on Information Technology in Medicine and Education (ITME). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 360-364, 2016.
C. Wilson. “Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress”. Library of Congress, Congressional Research Service, Washington, DC, 2008.
K. Tsiknas, D. Taketzis, K. Demertzis, and C. Skianis. “Cyber threats to industrial IoT: A survey on attacks and countermeasures”. IoT, vol. 2, no. 1, pp. 163-186, 2021.
N. Chakraborty and B. Research. “Intrusion detection system and intrusion prevention system: A comparative study”. International Journal of Computing and Business Research, vol. 4, no. 2, pp. 1-8, 2013.
N. Das, T. Sarkar. “Survey on host and network-based intrusion detection system”. International Journal of Advanced Networking and Applications, vol. 6, no. 2, p. 2266, 2014.
S. Raza, L. Wallgren and T. Voigt. “SVELTE: Real-time intrusion detection in the internet of things”. Ad Hoc Networks, vol. 11, no. 8, pp. 2661-2674, 2013.
P. Y. Chen, S. M. Cheng and K. C. Chen. “Information fusion to defend intentional attack in internet of things”. IEEE Internet of Things Journal, vol. 1, no. 4, pp. 337-348, 2014.
P. Pongle and G. Chavan. “Real time intrusion and wormhole attack detection in internet of things”. International Journal of Computer Applications, vol. 121, no. 9, pp. 1-9. 2015.
C. Cervantes, D. Poplade, M. Nogueira and A. Santos. “Detection of Sinkhole Attacks for Supporting Secure Routing on 6LoWPAN for Internet of Things”. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 606-611, 2015.
D. H. Summerville, K. M. Zach and Y. Chen. “Ultra-lightweight Deep Packet Anomaly Detection for Internet of Things devices”. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-8, 2015.
V. Eliseev and A. Gurina. “Algorithms for Network Server Anomaly Behavior Detection without Traffic Content Inspection”. In: Proceedings of the 9th International Conference on Security of Information and Networks. Association for Computing Machinery, New York, pp. 67-71, 2016.
S. O. Amin, M. S. Siddiqui, C. S. Hong and S. Lee. “Implementing signature based IDS in IP-based sensor networks with the help of signature-codes”. IEICE Transactions on Communications, vol. 93, no. 2, pp. 389-391, 2010.
D. Oh, D. Kim and W. W. Ro. “A malicious pattern detection engine for embedded security systems in the internet of things”. Sensors, vol. 14, no. 12, pp. 24188-24211, 2014.
H. Sun, X. Wang, R. Buyya and J. Su. “CloudEyes: Cloud-based malware detection with reversible sketch for resource-constrained internet of things (IoT) devices”. Journal of Software Practice and Experience, vol. 47, no. 3, pp. 421-441, 2017.
L. Santos, C. Rabadao and R. Gonçalves. “Intrusion Detection Systems in Internet of Things: A Literature Review”. In: 2018 13th Iberian Conference on Information Systems and Technologies (CISTI). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-7, 2018.
F. Ahmed, Y. B. Ko. “Mitigation of black hole attacks in routing protocol for low power and lossy networks”. Security and Communication Networks, vol. 9, no. 18, pp. 5143-5154, 2016.
Y. Xia, H. Lin and L. Xu, “An AGV Mechanism Based Secure Routing Protocol for Internet of Things”. In: 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 662-666, 2015.
A. Le, J. Loo, K. K. Chai and M. Aiash. “A specification-based IDS for detecting attacks on RPL-based network topology”. Information, vol. 7, no. 2, p. 25, 2016.
M. Surendar and A. Umamakeswari. “InDReS: An Intrusion Detection and Response System for Internet of Things with 6LoWPAN.” In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1903-1908, 2016.
Q. D. La, T. Q. S. Quek, J. Lee, S. Jin and H. Zhu. “Deceptive attack and defense game in honeypot-enabled networks for the internet of things”. IEEE Internet of Things Journal, vol. 3, no. 6, pp. 1025-1035, 2016.
H. Sedjelmaci, S. M. Senouci and M. Al-Bahri. “A Lightweight Anomaly Detection Technique for Low-resource IoT Devices: A Game-theoretic Methodology”. In: 2016 IEEE International Conference on Communications (ICC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-6 2016.
P. Kasinathan, C. Pastrone, M. A. Spirito and M. Vinkovits. “Denial-of-Service detection in 6LoWPAN based Internet of Things.” In: 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 600-607, 2013.
D. Midi, A. Rullo, A. Mudgerikar, and E. Bertino. “Kalis-a System for Knowledge-driven Adaptable Intrusion Detection for the Internet of Things”. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). IEEE. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 656-666, 2017.
T. Matsunaga, K. Toyoda and I. Sasase. “Low false alarm attackers detection in RPL by considering timing inconstancy between the rank measurements”. IEICE Communications Express, vol. 4, no. 2, pp. 44-49, 2015.
M. Praveena and V. Jaiganesh. “A literature review on supervised machine learning algorithms and boosting process”. International Journal of Computer Applications, vol. 169, no. 8, pp. 32-35, 2017.
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. “A Detailed Analysis of the KDD CUP 99 Data Set”. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-6, 2009.
N. Moustafa and J. Slay. “UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set)”. In: 2015 Military Communications and Information Systems Conference (MilCIS). IEEE. Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-6, 2015.
I. Sharafaldin, A. H. Lashkari and A. A. Ghorbani. “Toward generating a new intrusion detection dataset and intrusion traffic characterization”.In: The International Conference on Information Systems Security and Privacy. vol. 1, pp. 108-116, 2018.
N. Koroniotis, N. Moustafa, E. Sitnikova and B. Turnbull. “Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset”. Future Generation Computer Systems, vol. 100, pp. 779-796, 2019.
F. X. Aubet. “Machine Learning-Based Adaptive Anomaly Detection in Smart Spaces”. B.Sc. Thesis, Department of Informatics, Technische Universität München, Germany, 2018.
I. Ullah and Q. H. Mahmoud. “A Scheme for Generating a Dataset for Anomalous Activity Detection in IoT Networks”. In: Canadian Conference on Artificial Intelligence. Springer, Berlin, Germany, pp. 508-520, 2020.
A. Churcher, R. Ullah, J. Ahmad, S. U. Rehman, F. Masood, M. Gogate, F. Alqahtani, B. Nour and W. J. Buchanan. “An experimental analysis of attack classification using machine learning in IoT networks”. Sensors, vol. 21, no. 2, p. 446, 2021.
R. Olivas. “Decision Trees,” Rafael Olivas, San Francisco, 2007.
M. Ahmad, Q. Riaz, M. Zeeshan, H. Tahir, S. A. Haider, M. S. Khan. “Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set”. Journal on Wireless Communications and Networking, vol. 2021, no. 1, pp. 1-23, 2021.
J. Dou, A. P. Yunus, D. T. Bui, A. Merghadi, M. Sahana, Z. Zhu, C. W. Chen, Z. Han, B. T. Pham. “Improved landslide assessment using support vector machine with bagging, boosting, and stacking ensemble machine learning framework in a mountainous watershed, Japan”. Landslide, vol. 17, no. 3, pp. 641-658, 2020.
T. Saranya, S. Sridevi, C. Deisy, T. D. Chung, and M. K. A. A. Khan. “Performance analysis of machine learning algorithms in intrusion detection system: A review”. Procedia Computer Science, vol. 171, pp. 1251-1260, 2020.
M. Shorfuzzaman. “Detection of Cyber Attacks in IoT using Tree-based Ensemble and Feedforward Neural Network”. In: 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 2601-2606, 2020.
D. L. Streiner and G. R. Norman. “Precision” and “accuracy”: Two terms that are neither”. Journal of Clinical Epidemiology, vol. 59, no. 4, pp. 327-330, 2006.
D. Chicco and G. Jurman. “The advantages of the Matthews correlation coefficient (MCC) over F1 score and accuracy in binary classification evaluation”. BMC Genomics, vol. 21, no. 1, p. 6, 2020.
W. Ma and M. A. Lejeune. “A distributionally robust area under curve maximization model”. Operations Research Letters, vol. 48, no. 4, pp. 460-466, 2020.
M. Hasan, M. M. Islam, M. I. I. Zarif and M. M. A. Hashem. “Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches”. Internet of Things, vol. 7, p. 100059, 2019.
I. Alrashdi, A. Alqazzaz, E. Aloufi, R. Alharthi, M. Zohdy and H. Ming. “Ad-iot: Anomaly Detection of IOT Cyberattacks in Smart City Using Machine Learning”. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 0305-0310, 2019.
S. Fenanir, F. Semchedine and A. Baadache. “A machine learning-based lightweight intrusion detection system for the internet of things”. Revue D Intelligence Artificielle, vol. 33, no. 3, pp. 203- 211, 2019.
I. Ullah and Q. H. Mahmoud. “A Two-level Hybrid Model for Anomalous Activity Detection in IoT Networks”. In: 2019 16th IEEE Annual Consumer Communications and Networking Conference (CCNC). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 1-6, 2019.
A. Verma and V. Ranga. “Machine learning based intrusion detection systems for IoT applications”. Wireless Personal Communications, vol. 111, no. 4, pp. 2287-2310, 2020.
V. Kumar, A. K. Das, and D. Sinha. “UIDS: A unified intrusion detection system for IoT environment”. Evolutionary Intelligence, vol. 14, no. 1, pp. 47-59, 2021.
J. Alsamiri and K. Alsubhi. “Internet of things cyber attacks detection using machine learning”. International Journal of Advanced Computer Science and Applications, vol. 10, no. 12, pp. 628-634, 2019.
A. R. Arko, S. H. Khan, A. Preety and M. H. Biswas. “Anomaly Detection In IoT using Machine Learning Algorithms”. Brac University, Bangladesh, 2019.
K. V. V. N. L. S. Kiran, R. N. K. Devisetty, N. P. Kalyan, K. Mukundini, and R. Karthi. “Building a intrusion detection system for IoT environment using machine learning techniques”. Procedia Computer Science, vol. 171, pp. 2372-2379, 2020.
P. Maniriho, E. Niyigaba, Z. Bizimana, V. Twiringiyimana, L. J. Mahoro and T. Ahmad. “Anomaly-based Intrusion Detection Approach for IOT Networks Using Machine Learning”. In: 2020 International Conference on Computer Engineering, Network, and Intelligent Multimedia (CENIM). Institute of Electrical and Electronics Engineers, Piscataway, New Jersey, pp. 303-308, 2020.
N. P. Owoh, M. M. Singh, Z. F. Zaaba, and Applications. “A hybrid intrusion detection model for identification of threats in internet of things environment”.International Journal of Advanced Computer Science and Applications, vol. 12, no. 9, pp. 689-697, 2021.
K. Albulayhi, A. A. Smadi, F. T. Sheldon and R. K. Abercrombie. “IoT intrusion detection taxonomy, reference architecture, and analyses”. Sensors, vol. 21, no. 19, p. 6432, 2021.
R. Qaddoura, A. M. Al-Zoubi, H. Faris and I. Almomani. “A multi-layer classification approach for intrusion detection in iot networks based on deep learning”. Sensors, vol. 21, no. 9, p. 2987, 2021.
M. Anwer, S. M. Khan, M. U. Farooq and W. Nazir. “Attack detection in IoT using Machine Learning”. Engineering Technology and Applied Science Research, vol. 11, no. 3, pp. 7273-7278, 2021.
S. Roy, J. Li, B. J. Choi and Y. Bai. “A lightweight supervised intrusion detection mechanism for IoT networks”. Future Generation Computer Systems, vol. 127, pp. 276-285, 2022.
J. Su, S. He and Y. Wu. “Features selection and prediction for IoT attacks”. High Confidence Computing, vol. 2, no. 2, p. 100047, 2022.
A. A. Alsulami, Q. Abu Al-Haija, A. Tayeb, and A. Alqahtani, “An Intrusion Detection and Classification System for IoT Traffic with Improved Data Engineering”. Applied Sciences, vol. 12, no. 23, p. 12336, 2022.
K. Albulayhi, Q. A. Al-Haija, S. A. Alsuhibany, A. A. Jillepalli, M. Ashrafuzzaman and F. T. Sheldon. “IoT Intrusion Detection Using Machine Learning with a Novel High Performing Feature Selection Method”. Applied Sciences, vol. 12, no. 10, p. 5015, 2022.
Copyright (c) 2023 Azeez Rahman Abdulla, Noor Ghazi M. Jameel
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.