Towards an intelligent system to manage IDS for IoT

Abstract

Nowadays, the security of information system has become more and more important in our lives. Indeed, the appearance of 5G see 6G and technological progress which has given rise to the democratization of connected objects, thus increasing the related risks and making the task of information system security administrator more and harder. To remedy this, the researchers focused on several systems including IDS which is an Intrusion Detection System used in host and network security. However, this system generates a large number of alarms which must be managed by a security administrator, something which is not easy to do, but is necessary to guarantee an optimal level of security. In this work, we will present a system that helps the security administrator to properly detect and manage IDS alerts. This system is based on detecting attacks, collecting alerts generated by different IDS in a network of objects, analyzing these alerts and taking appropriate actions. We propose automation of said tasks based on artificial intelligence algorithms, especially Deep Learning. Our choice is directed towards the algorithm of the Artificial Neural Network (ANN) according to several criteria namely the performance and the speed of detection which is our major concern while combining it with the algorithm of Spider Monkey Optimization (SMO) for a good optimization of the entries. Our system aims to strengthen the second line of defense and make it more efficient and intelligent by equipping it with three intelligent engines namely, a detection engine, an analysis engine and an action engine. To illustrate the applicability of the proposed approaches, we begun to test the performance of detection by using different measures for example error of detection, training time and accuracy rate which have been obtained by testing with NSL-KDD dataset.