A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT
<p>The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explore...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Published: |
2022
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513536481296384 |
|---|---|
| author | Harun Surej Ilango (17545728) |
| author2 | Maode Ma (16864158) Rong Su (2210740) |
| author2_role | author author |
| author_facet | Harun Surej Ilango (17545728) Maode Ma (16864158) Rong Su (2210740) |
| author_role | author |
| dc.creator.none.fl_str_mv | Harun Surej Ilango (17545728) Maode Ma (16864158) Rong Su (2210740) |
| dc.date.none.fl_str_mv | 2022-09-01T00:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1016/j.engappai.2022.105059 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/A_FeedForward_Convolutional_Neural_Network_to_Detect_Low-Rate_DoS_in_IoT/24720423 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Artificial intelligence Cybersecurity and privacy Distributed computing and systems software Machine learning Internet of Things Software-Defined Networking Deep learning Low-Rate DoS attacks CIC DoS 2017 Anomaly Detection Network Security |
| dc.title.none.fl_str_mv | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p>The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explored. SDN is also plagued by network threats that affect conventional networks. One such threat to a network is the Low-Rate Denial of Service (LR DoS) attack, where the attacker sends precise traffic bursts that force a TCP flow to enter a retransmission timeout state. LR DoS attacks are difficult to detect as their attack signature is similar to benign network traffic. The existing AI-based detection algorithms in the literature are signature-based, and their efficacy in detecting unknown LR DoS attacks was not explored. In this work, an AI-based anomaly detection scheme called FeedForward–Convolutional Neural Network (FFCNN) is proposed to detect LR DoS attacks in IoT-SDN. The Canadian Institute of Cybersecurity Denial of Service 2017 (CIC DoS 2017) dataset is used for the study. An iterative wrapper-based feature selection using Support Vector Machine (SVM) is used to derive the significant features required for detection. The performance of FFCNN is compared to the machine learning algorithms-J48, Random Forest, Random Tree, REP Tree, SVM, and Multi-Layer Perceptron (MLP). The performance of the models is measured using the metrics accuracy, precision, recall, F1 score, detection time per flow, and ROC curves. The empirical analysis shows that FFCNN outperforms other machine learning algorithms on all metrics.</p><h2>Other Information</h2> <p> Published in: Engineering Applications of Artificial Intelligence<br> License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1016/j.engappai.2022.105059" target="_blank">https://dx.doi.org/10.1016/j.engappai.2022.105059</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_00a664b0bab3920212a00ce1364449e1 |
| identifier_str_mv | 10.1016/j.engappai.2022.105059 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/24720423 |
| publishDate | 2022 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoTHarun Surej Ilango (17545728)Maode Ma (16864158)Rong Su (2210740)Information and computing sciencesArtificial intelligenceCybersecurity and privacyDistributed computing and systems softwareMachine learningInternet of ThingsSoftware-Defined NetworkingDeep learningLow-Rate DoS attacksCIC DoS 2017Anomaly DetectionNetwork Security<p>The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explored. SDN is also plagued by network threats that affect conventional networks. One such threat to a network is the Low-Rate Denial of Service (LR DoS) attack, where the attacker sends precise traffic bursts that force a TCP flow to enter a retransmission timeout state. LR DoS attacks are difficult to detect as their attack signature is similar to benign network traffic. The existing AI-based detection algorithms in the literature are signature-based, and their efficacy in detecting unknown LR DoS attacks was not explored. In this work, an AI-based anomaly detection scheme called FeedForward–Convolutional Neural Network (FFCNN) is proposed to detect LR DoS attacks in IoT-SDN. The Canadian Institute of Cybersecurity Denial of Service 2017 (CIC DoS 2017) dataset is used for the study. An iterative wrapper-based feature selection using Support Vector Machine (SVM) is used to derive the significant features required for detection. The performance of FFCNN is compared to the machine learning algorithms-J48, Random Forest, Random Tree, REP Tree, SVM, and Multi-Layer Perceptron (MLP). The performance of the models is measured using the metrics accuracy, precision, recall, F1 score, detection time per flow, and ROC curves. The empirical analysis shows that FFCNN outperforms other machine learning algorithms on all metrics.</p><h2>Other Information</h2> <p> Published in: Engineering Applications of Artificial Intelligence<br> License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1016/j.engappai.2022.105059" target="_blank">https://dx.doi.org/10.1016/j.engappai.2022.105059</a></p>2022-09-01T00:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1016/j.engappai.2022.105059https://figshare.com/articles/journal_contribution/A_FeedForward_Convolutional_Neural_Network_to_Detect_Low-Rate_DoS_in_IoT/24720423CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/247204232022-09-01T00:00:00Z |
| spellingShingle | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT Harun Surej Ilango (17545728) Information and computing sciences Artificial intelligence Cybersecurity and privacy Distributed computing and systems software Machine learning Internet of Things Software-Defined Networking Deep learning Low-Rate DoS attacks CIC DoS 2017 Anomaly Detection Network Security |
| status_str | publishedVersion |
| title | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| title_full | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| title_fullStr | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| title_full_unstemmed | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| title_short | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| title_sort | A FeedForward–Convolutional Neural Network to Detect Low-Rate DoS in IoT |
| topic | Information and computing sciences Artificial intelligence Cybersecurity and privacy Distributed computing and systems software Machine learning Internet of Things Software-Defined Networking Deep learning Low-Rate DoS attacks CIC DoS 2017 Anomaly Detection Network Security |