Network intrusion detection system for IoT security using machine learning and statistical based hybrid feature selection

IF 1.5 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Security and Privacy Pub Date : 2024-06-05 DOI:10.1002/spy2.429

Supongmen Walling, Sibesh Lodh

{"title":"Network intrusion detection system for IoT security using machine learning and statistical based hybrid feature selection","authors":"Supongmen Walling, Sibesh Lodh","doi":"10.1002/spy2.429","DOIUrl":null,"url":null,"abstract":"The widespread adoption of Internet of Things (IoT) devices has revolutionized daily life, offering convenience and efficiency. However, this growth has also brought new security challenges. With the escalating use of Internet and network technology, the number of cyber‐attacks has increased, intensifying the focus on Intrusion Detection Systems (IDS) among researchers. Network intrusion detection (NID) plays a crucial role in securing IoT networks, becoming essential for modern security infrastructure. Recently, machine learning algorithms have shown promise in providing IDS solutions. Yet, IoT IDS systems face challenges due to their functional and physical diversity, making comprehensive feature utilization impractical. Therefore, effective feature selection becomes imperative. In this research, a novel feature selection methodology for anomaly‐based NIDS is proposed. The methodology commences by employing two filter‐based techniques, namely 1‐way ANOVA and the Pearson correlation coefficient, to meticulously identify and extract pertinent features from the dataset. These methods serve as initial filters to discern the most relevant attributes, ensuring that only the most informative features are retained for subsequent analysis. Subsequently, the most optimal features identified by both methodologies are extracted utilizing the principles of union and intersection in mathematical set theory. Using the NSL‐KDD and UNSW‐NB15 datasets, we exemplify how our model can outperform conventional ML classifiers in terms of detection rate, precision, recall. In our study, intrusion detection is carried out by SVM, kNN, Decision Tree, Logistic Regression and Random Forest using trained attack patterns. The demonstrated results highlight the exceptional performance of the proposed system, with an impressive accuracy rate of 99.6% on the NSL‐KDD dataset and a substantial 97.7% on the UNSW‐NB15 dataset, clearly surpassing the performance of contemporary methods.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5000,"publicationDate":"2024-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.429","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The widespread adoption of Internet of Things (IoT) devices has revolutionized daily life, offering convenience and efficiency. However, this growth has also brought new security challenges. With the escalating use of Internet and network technology, the number of cyber‐attacks has increased, intensifying the focus on Intrusion Detection Systems (IDS) among researchers. Network intrusion detection (NID) plays a crucial role in securing IoT networks, becoming essential for modern security infrastructure. Recently, machine learning algorithms have shown promise in providing IDS solutions. Yet, IoT IDS systems face challenges due to their functional and physical diversity, making comprehensive feature utilization impractical. Therefore, effective feature selection becomes imperative. In this research, a novel feature selection methodology for anomaly‐based NIDS is proposed. The methodology commences by employing two filter‐based techniques, namely 1‐way ANOVA and the Pearson correlation coefficient, to meticulously identify and extract pertinent features from the dataset. These methods serve as initial filters to discern the most relevant attributes, ensuring that only the most informative features are retained for subsequent analysis. Subsequently, the most optimal features identified by both methodologies are extracted utilizing the principles of union and intersection in mathematical set theory. Using the NSL‐KDD and UNSW‐NB15 datasets, we exemplify how our model can outperform conventional ML classifiers in terms of detection rate, precision, recall. In our study, intrusion detection is carried out by SVM, kNN, Decision Tree, Logistic Regression and Random Forest using trained attack patterns. The demonstrated results highlight the exceptional performance of the proposed system, with an impressive accuracy rate of 99.6% on the NSL‐KDD dataset and a substantial 97.7% on the UNSW‐NB15 dataset, clearly surpassing the performance of contemporary methods.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

利用机器学习和基于统计的混合特征选择实现物联网安全的网络入侵检测系统

物联网（IoT）设备的广泛应用彻底改变了人们的日常生活，为人们提供了便利和效率。然而，这种增长也带来了新的安全挑战。随着互联网和网络技术应用的不断升级，网络攻击的数量也随之增加，研究人员更加关注入侵检测系统（IDS）。网络入侵检测（NID）在确保物联网网络安全方面发挥着至关重要的作用，已成为现代安全基础设施的关键。最近，机器学习算法有望提供 IDS 解决方案。然而，物联网 IDS 系统因其功能和物理多样性而面临挑战，使得全面利用特征变得不切实际。因此，有效的特征选择势在必行。本研究为基于异常的 NIDS 提出了一种新颖的特征选择方法。该方法首先采用两种基于筛选的技术，即单向方差分析和皮尔逊相关系数，从数据集中仔细识别和提取相关特征。这些方法可作为识别最相关属性的初始过滤器，确保只保留信息量最大的特征用于后续分析。随后，利用数学集合论中的联合和交集原理，提取这两种方法识别出的最佳特征。利用 NSL-KDD 和 UNSW-NB15 数据集，我们举例说明了我们的模型如何在检测率、精确度和召回率方面优于传统的 ML 分类器。在我们的研究中，利用训练有素的攻击模式，通过 SVM、kNN、决策树、逻辑回归和随机森林进行了入侵检测。演示结果凸显了所提系统的卓越性能，在 NSL-KDD 数据集上的准确率高达 99.6%，在 UNSW-NB15 数据集上的准确率也高达 97.7%，明显超越了当代方法的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Security and Privacy Multiple-

自引率

5.30%

发文量