Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)

Articles uri icon

authors

  • GUTIERREZ PORTELA, FERNANDO
  • Arteaga Arteaga, Harold
  • ALMENARES MENDOZA, FLORINA
  • CALDERON BENAVIDES, LILIANA
  • Acosta Mesa, Hector
  • Tabares Soto, Reinel

publication date

  • July 2023

start page

  • 70542

end page

  • 70559

volume

  • 11

Electronic International Standard Serial Number (EISSN)

  • 2169-3536

abstract

  • One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.

subjects

  • Computer Science
  • Telecommunications

keywords

  • deep learning,internet of things; intrusion detection system; machine learning; wireless sensor network.